The 30-second version: The native security capabilities of AWS, Azure, and GCP are roughly 80% equivalent in 2026 - each provider ships identity, posture management, key management, audit logging, WAF, DDoS protection, and dozens of compliance attestations. The 20% delta is where the choice matters: GCP leads on VPC Service Controls and the BeyondCorp / Zero Trust story; Azure leads on Entra ID, Defender for Cloud multi-cloud reach, and Microsoft-stack integration; AWS leads on service breadth, regional depth, and the longest-running operational playbooks.
This page enumerates the delta. Choose the cloud, don't fight it - and where you must run all three, run a third-party CNAPP over the top to normalize the view. The tables below are designed to be skimmable; the narrative sections cover the conceptual differences that don't fit in a grid.
On this page
Choose the cloud, don't fight it
The most expensive mistake in cloud security is treating the cloud you're on as if it were one of the others. Teams that came up on AWS look at Azure RBAC and try to write JSON allow/deny policies against it; teams from Azure land in GCP and look for management groups that aren't there; GCP-native teams move to AWS and miss VPC Service Controls so badly they re-implement it in flawed software. Each cloud has a coherent security model. The model is internally consistent. The cost of fighting it is paid in unintended permissions, misconfigurations the CSPM doesn't flag, and architectures the auditor doesn't recognize.
This page is built on the premise that you've already picked your cloud (or had it picked for you), and you want to know - concretely - what the security delta is to the others. Or you're picking between them and want a practitioner's read rather than the marketing matrix. Or you're running on more than one and want to understand the gaps between the native tools well enough to fill them with a CNAPP or a thin internal abstraction.
The framing for everything below: capability parity is high; operational ergonomics differ; the integration story differs more; and the pricing model differs the most. A capability that's free on one cloud and metered on another can quietly drive a six-figure spend variance with no functional difference. The pricing section gets disproportionate attention here for that reason.
Quick verdict by category
Skim this once, then jump to the relevant table. Every line is opinionated and contestable; the tables below show the reasoning.
- Identity & access: AWS leads on policy expressiveness (IAM JSON conditions are the richest); Azure leads on identity governance (Entra ID PIM + Access Reviews + Conditional Access is the deepest IGA story); GCP leads on workload identity (the federated workload-identity model is the cleanest of the three).
- Detection & response: Tie between Azure and GCP on integrated CNAPP (Defender for Cloud and Security Command Center Premium are both mature and unified); AWS leads on aggregation breadth (Security Hub pulls from a dozen specialist services and a long list of third parties).
- Data protection: Tie on KMS / HSM / BYOK / confidential compute; GCP leads on DLP (Sensitive Data Protection's coverage and accuracy is the strongest); Azure leads on data classification (Purview Information Protection's reach into M365 is unmatched).
- Network security: GCP leads - VPC Service Controls is unique, the global VPC model is the cleanest, and the network telemetry depth (VPC Flow Logs + Packet Mirroring + Firewall Insights) is mature. AWS and Azure both shipped equivalents to most of GCP's network primitives but they don't compose as elegantly.
- Compliance: AWS leads on breadth (the longest attestation list, the most regional accreditations); Azure leads on Microsoft-stack regulated workloads; GCP leads on Zero-Trust-shaped frameworks (Assured Workloads with deep Zero Trust enforcement). For most commercial workloads, all three clear the bar.
- Pricing: It's complicated. AWS is generally cheapest for log retention if you stay on CloudTrail + S3 Glacier; Azure is most expensive on Log Analytics ingest; GCP is in the middle on logs but cheapest on KMS per-request operations. Egress is roughly equivalent across the three and remains the largest single line item for most workloads.
- Customer identity (B2C / external): Azure leads - Entra External ID has the most mature B2C / CIAM offering. Cognito has the longest pedigree; GCP Identity Platform is the newest and most JavaScript-ergonomic.
- Compute hardening defaults: AWS leads since IMDSv2 became default-on; Azure and GCP each have credible metadata-service defenses but the AWS model is the most thoroughly battle-tested.
- Container security: GCP leads on GKE (Autopilot, Binary Authorization, Workload Identity); Azure leads on registry scanning depth (Defender for Containers reach into ACR); AWS leads on ecosystem (EKS has the longest list of third-party integrations).
- Serverless: AWS leads on maturity (Lambda has the deepest security feature set - signed code, VPC integration without the cold-start penalty since Hyperplane, IAM-based event filtering); GCP Cloud Run leads on ergonomics; Azure Functions leads on Microsoft-stack integration.
Comparison tables by category
Each table compares the named capability across AWS, Azure, and GCP. Where a cell links to provider docs, those are first-party authoritative references. Where a cell links to another CSOH page, that page goes deeper than this comparison allows.
Identity & access
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| Primary identity service | IAM (users, roles, groups, policies) + IAM Identity Center for SSO | Entra ID (formerly Azure AD) - users, groups, applications, devices | Cloud IAM + Cloud Identity (separate IdP and resource-IAM layers) |
| Policy language | JSON Allow / Deny statements with Action, Resource, Condition - the richest condition language of the three |
RBAC role assignments (built-in or custom roles) scoped to management group / subscription / RG / resource | Member → role → resource bindings with inheritance down the org hierarchy; IAM Conditions add expression-based constraints |
| Federation / SSO | IAM Identity Center; SAML 2.0 + OIDC; AWS-managed or external IdP | Entra ID is the IdP; federation to other tenants and external IdPs via OIDC / SAML | Cloud Identity or Workspace as IdP; SAML / OIDC federation; Workforce Identity Federation |
| Just-in-time elevation / PIM | IAM Identity Center temporary credentials + session policies; AWS Identity Center "permission sets" elevation; no built-in time-bound role-activation workflow comparable to PIM | Entra ID Privileged Identity Management (PIM) - time-bound, approval-gated role activation; the deepest of the three | IAM Conditions + Just-in-Time Access (via Privileged Access Manager, currently in preview/GA staged) and Access Approval for provider personnel |
| Workload identity | IAM roles for EC2 / ECS / Lambda; IAM Roles for Service Accounts (IRSA) on EKS; pod identity for EKS | Managed identities (system-assigned, user-assigned); Workload Identity Federation for external workloads | Service accounts as first-class principals; Workload Identity (GKE) and Workload Identity Federation (external) - the cleanest model of the three |
| Permission analysis / least privilege | IAM Access Analyzer (external access, unused access, policy generation); CloudTrail-based action-last-used | Entra ID + Microsoft Defender for Cloud Permissions Management (formerly CloudKnox) - multi-cloud CIEM | IAM Recommender; Policy Analyzer; Policy Intelligence; Asset Inventory queries |
| Identity governance (IGA) | Limited native IGA; rely on third-party (SailPoint, Saviynt) or IAM Identity Center + access reviews via custom tooling | Entra ID Governance - access reviews, entitlement management, lifecycle workflows - the most complete native IGA in any cloud | Access Reviews and group-based access patterns; less feature-complete than Entra; third-party for full IGA |
| Trust between accounts / projects | Cross-account trust via role assumption (sts:AssumeRole with explicit trust policies) |
Implicit trust within a tenant; cross-tenant via guest invitations or B2B collaboration | IAM bindings can cross projects; the org hierarchy makes most cross-project access a single grant, not a trust dance |
| Service-control / preventive policy | Service Control Policies (SCPs) at AWS Organizations level; Resource Control Policies (RCPs) | Azure Policy at management group level (deny effect); Azure Blueprints (deprecated, migrating to Deployment Stacks) |
Organization Policy constraints - the most consistent enforcement model, since constraints inherit cleanly down the hierarchy |
See IAM & Identity for the conceptual deep-dive that sits under this table.
Detection & response
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| Native CSPM | Security Hub (aggregator) + AWS Config Rules + Inspector + IAM Access Analyzer + Macie | Microsoft Defender for Cloud - full CSPM, integrated, multi-cloud | Security Command Center Standard / Premium / Enterprise - full CSPM and CNAPP at Premium+ |
| Native CWPP / workload protection | GuardDuty (network + DNS + runtime), GuardDuty Malware Protection, Inspector (vulns) | Defender for Servers / Containers / Storage / SQL - each workload type its own SKU | SCC Premium / Enterprise - Container Threat Detection, Virtual Machine Threat Detection, Event Threat Detection |
| SIEM | Amazon Security Lake (OCSF schema, queryable from Athena / partner SIEMs); no native SIEM SaaS | Microsoft Sentinel - full SaaS SIEM / SOAR with KQL, deep Microsoft-stack integration | Google Security Operations (formerly Chronicle) - full SaaS SIEM with petabyte ingest and YARA-L rules |
| Threat detection signals | GuardDuty findings (VPC Flow, DNS, CloudTrail, EKS audit, RDS login, runtime, malware) | Defender XDR (endpoint + identity + cloud + email) - the broadest signal aggregation across an org's whole estate | Event Threat Detection (Cloud Audit Logs), Container Threat Detection (eBPF), VM Threat Detection (hypervisor signal) |
| Audit logging defaults | CloudTrail management events on by default in every account; data events opt-in (and the most expensive log class) | Activity Log (subscription scope) on by default; Microsoft Entra audit logs separate; Diagnostic Settings opt-in per resource | Cloud Audit Logs - Admin Activity always on, free; Data Access opt-in, paid; System Event always on, free |
| Default log retention (free tier) | CloudTrail management events free for 90 days in the console; permanent retention requires S3 (cheap) or CloudWatch Logs (paid by GB) | Activity Log retained 90 days free; export to Log Analytics is paid by GB ingested + retained | Admin Activity free for 400 days; Data Access opt-in + paid; sinks to BigQuery / GCS make long-term retention cheap |
| Log retention pricing model | S3 + Glacier tiers - cheapest cold-storage tier; per-GB ingest into CloudWatch Logs adds up fast | Log Analytics priced per-GB ingest with retention tiers; can be the most expensive on the three at scale | Sinks to BigQuery / Storage are cheap; Cloud Logging itself paid by ingested volume |
| Cross-cloud detection support | Security Hub partner integrations; Security Lake OCSF makes cross-cloud query feasible | Defender for Cloud connects natively to AWS and GCP - the strongest first-party multi-cloud story | SCC Enterprise + Mandiant integration; native AWS / Azure connector support growing |
See Cloud SOC and Detection Engineering for the operator's view of these tools.
Data protection
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| KMS (customer-managed keys) | AWS KMS - symmetric, asymmetric, HMAC; AWS-managed and customer-managed keys; per-region | Key Vault (vault tier) - keys, secrets, certificates; Premium tier adds HSM-backed | Cloud KMS - symmetric, asymmetric, MAC; HSM and software protection levels; per-location |
| HSM | CloudHSM (dedicated FIPS 140-2 Level 3 cluster) - separate from KMS | Key Vault Managed HSM (FIPS 140-3 Level 3) - integrated with the KMS abstraction | Cloud HSM (FIPS 140-2 Level 3) - integrated into Cloud KMS as a protection level |
| External / hold-your-own-key | AWS KMS External Key Store (XKS) - keys live outside AWS, KMS calls out | Azure Key Vault Managed HSM with BYOK; Customer Lockbox for personnel access | External Key Manager (EKM) - the most mature of the three; EKM with VPC Service Controls is the gold-standard sovereign pattern |
| Secrets management | AWS Secrets Manager (rotating secrets, IAM-controlled) + SSM Parameter Store | Key Vault (secrets tier) - the same object model as keys/certs | Secret Manager - versioned, IAM-controlled secrets; cleanest API of the three |
| BYOK | KMS supports importing key material (CMK with imported keys) | Key Vault supports BYOK via HSM-to-HSM transfer | Cloud KMS supports import via key-wrapping protocol |
| Confidential compute | AWS Nitro Enclaves (isolated VMs); Graviton with confidential computing; SEV-SNP and TDX instances | Azure Confidential VMs (AMD SEV-SNP + Intel TDX); Confidential Containers on AKS | Confidential VMs (SEV, SEV-SNP, TDX); Confidential GKE Nodes; Confidential Space (workload attestation) |
| DLP / data classification | Macie (S3-focused, classifier-based) | Purview Information Protection (broad - M365, files, databases) + Defender for Storage | Sensitive Data Protection (formerly Cloud DLP) - the most accurate detector library; covers BigQuery, GCS, Datastore, and arbitrary text |
| Encryption-in-use / tokenization | Field-level via Lambda + KMS pattern; Macie classifies but doesn't tokenize | Always Encrypted (SQL); Purview can apply labels with encryption | Sensitive Data Protection's de-identification (format-preserving encryption, tokenization, masking, bucketing) - the only native tokenization service of the three |
See Data Security & KMS for the architectural patterns these services are used in.
Network security
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| WAF | AWS WAF (CloudFront, ALB, API Gateway, App Runner, AppSync); managed rule groups + custom rules | Azure WAF (Application Gateway and Front Door variants); Microsoft + OWASP managed rule sets | Cloud Armor - the most flexible rule language (CEL); preconfigured WAF rules for OWASP Top 10 |
| DDoS - free tier | AWS Shield Standard - free, automatic, all-customer baseline | Azure DDoS Protection - Basic tier auto-enabled at the platform level (free) | Cloud Armor - free Standard tier with always-on baseline DDoS protection |
| DDoS - paid tier | AWS Shield Advanced - paid per protected resource group; 24x7 Shield Response Team access; cost-protection | Azure DDoS Network Protection - paid per protected resource; engineering rapid-response | Cloud Armor Managed Protection Plus - paid; named "adaptive protection" with ML-based detection |
| Network firewall | Security Groups (instance-level, stateful) + NACLs (subnet, stateless) + AWS Network Firewall (Suricata-based) | NSGs (stateful) + Azure Firewall (managed, FQDN filtering, threat intel) + Firewall Manager | VPC firewall rules (stateful) + Cloud NGFW Standard / Enterprise (Palo Alto-powered IDPS) |
| Microsegmentation primitive | Security Groups + IAM-based service authorization; ECS task SGs for container-level isolation | NSGs + Application Security Groups; service tags; AKS network policies | Firewall rules + service-attached tags; firewall policies hierarchical at the org level |
| Service mesh (managed) | AWS App Mesh (Envoy); third-party Istio / Linkerd on EKS | Azure Service Fabric Mesh (limited); AKS with Open Service Mesh (deprecated) or third-party | Anthos Service Mesh / Cloud Service Mesh - managed Istio with deep IAM integration |
| Private endpoint pattern | VPC Endpoints (Interface = PrivateLink, Gateway = S3/DynamoDB); Resource Access Manager for sharing | Private Link / Private Endpoint - per-resource private IP into your VNet; broader service coverage than AWS PrivateLink | Private Service Connect - endpoint, backend, and producer flavors; the most flexible model |
| Egress filtering | NAT Gateway + Network Firewall FQDN allow-listing; VPC endpoints for service-internal egress | Azure Firewall FQDN tags + Private Endpoints for first-party egress | Cloud NAT + Secure Web Proxy + VPC Service Controls (egress rules) |
| VPC isolation primitive | VPC (regional); peering, Transit Gateway, RAM for sharing | VNet (regional); VNet peering, Virtual WAN, hub-spoke patterns | VPC (global by default); Shared VPC across projects; VPC Peering - the cleanest of the three at multi-region scale |
| Network telemetry | VPC Flow Logs, Traffic Mirroring (Nitro instances), GuardDuty network detections | NSG Flow Logs (v2), Virtual Network TAP (preview/regional), Network Watcher | VPC Flow Logs, Packet Mirroring, Firewall Insights, Network Intelligence Center |
See Network Security for the architectural patterns and Zero Trust for how these compose into a zero-trust posture.
Compliance
| Framework / standard | AWS | Azure | GCP |
|---|---|---|---|
| FedRAMP Moderate | Yes - most US regions; the deepest catalog of in-scope services | Yes - Azure Commercial (a subset of services) | Yes - GCP Assured Workloads US Regions |
| FedRAMP High | AWS GovCloud (US) + select commercial-region services | Azure Government | GCP Assured Workloads - IL2 / IL4 / IL5 boundaries |
| DoD IL5 / IL6 | AWS GovCloud + Secret Region (IL6); the deepest DoD coverage | Azure Government Secret / Top Secret | GCP Assured Workloads IL5 (growing); IL6 limited |
| HIPAA-eligible services | ~150+ eligible services | Comparable coverage with BAA | ~100+ HIPAA-covered services |
| PCI DSS 4.0 | Service Provider Level 1; full attestation | Service Provider Level 1; full attestation | Service Provider Level 1; full attestation |
| ISO 27001 / 27017 / 27018 | All three certified across most regions | All three certified across most regions | All three certified across most regions |
| SOC 2 Type 2 | Available; published annually | Available; published annually | Available; published annually |
| Sovereign cloud (EU) | AWS European Sovereign Cloud (planned, Brandenburg region build-out) | Microsoft Cloud for Sovereignty + EU Data Boundary | GCP Sovereign Controls (T-Systems Germany, S3NS France, Telecom Italia) |
| Country-specific (sample) | IRAP (AU), C5 (DE), ENS (ES), TISAX, K-ISMS | IRAP (AU), C5 (DE), ENS (ES), TISAX, K-ISMS, China-21V partner | IRAP (AU), C5 (DE), ENS (ES), HKMA, K-ISMS |
| Continuous compliance dashboard | Security Hub + AWS Audit Manager (framework-mapped evidence) | Defender for Cloud regulatory-compliance dashboard + Microsoft Purview Compliance Manager | Security Command Center compliance posture + Assured Workloads attestations |
See Compliance Frameworks for the framework-by-framework deep dive and GRC for how these certifications fit into a compliance program.
Pricing models
The line item where the clouds differ most. Functional capability is similar; pricing structure can swing a workload's annual security bill by 5-10×. The patterns below are the load-bearing ones.
| Pricing dimension | AWS | Azure | GCP |
|---|---|---|---|
| Threat detection | GuardDuty priced per event (CloudTrail, VPC Flow, DNS) + per protected workload; features (Malware Protection, EKS Audit, Runtime, S3 Protection) bill separately | Defender plans priced per resource per month (servers, containers, storage, SQL each their own SKU) | SCC Premium / Enterprise priced per asset / per workload; transparent tiering |
| CSPM | Security Hub priced per check per month + per security finding ingested | Included in Defender for Cloud plans (free CSPM Foundational, paid Defender CSPM) | SCC Standard free for basic posture; Premium adds compliance + workload protection |
| KMS - per key | $1 / month per CMK | $1 / month per software key; $5 / month per HSM key (Premium vault) | $0.06 / month per active key version (software); $1-$2.50 per key version (HSM) |
| KMS - per request | $0.03 per 10,000 requests (some operations free) | $0.03 per 10,000 transactions | $0.03 per 10,000 operations (symmetric); cheaper than AWS / Azure once the per-key savings are included |
| Audit log retention | CloudTrail management events free in console for 90 days; S3 / Glacier for cheap long-term; CloudWatch Logs paid by GB ingest + retention | Activity Log free 90 days; export to Log Analytics priced per GB ingested + retained; the highest at-scale log cost of the three | Admin Activity free 400 days; sinks to BigQuery / GCS are cheap; Logging itself by GB ingested |
| Egress (the big one) | Tiered: typically $0.09 / GB to internet at low volume, dropping with discounts; same-region cross-AZ also chargeable | Tiered: typically $0.087 / GB to internet; cross-region within Azure also chargeable | Tiered: typically $0.12 / GB to internet at low volume (premium tier); cheaper standard tier; egress to peered or VPC-connected destinations cheaper |
| DDoS protection | Shield Standard free; Shield Advanced $3,000 / month flat + data-processing fees | Basic free; Network Protection ~$2,944 / month for first 100 protected resources + data-processed | Cloud Armor Standard free baseline; Managed Protection Plus subscription tier |
| Free tier / commitment | 30-day Security Hub free trial; GuardDuty 30-day free trial per account | 30-day Defender for Cloud free trial; free CSPM Foundational stays free | 30-day SCC Premium free trial; SCC Standard always free at basic posture |
Egress dominates almost every multi-cloud bill. The fastest way to lose money in cloud security is to architect cross-cloud data flows where logs, backups, or threat-intel feeds traverse provider boundaries hot. Keep telemetry where the workload runs; export aggregates, not raw events.
Customer identity (CIAM / B2C / external)
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| Primary service | Amazon Cognito (User Pools + Identity Pools) | Microsoft Entra External ID (formerly Azure AD B2C) - unified with Entra ID in 2024+ | Google Identity Platform (Firebase Authentication for consumer apps) |
| Federation / social providers | Google, Facebook, Apple, Amazon, OIDC, SAML | Google, Facebook, Twitter, Apple, OIDC, SAML; broader social provider library | Google, Facebook, Twitter, GitHub, Microsoft, Apple, OIDC, SAML, phone, anonymous |
| MFA / passwordless | SMS, TOTP, WebAuthn (passkeys); SDK-level enforcement | Conditional Access policies including passwordless; Authenticator app; FIDO2; SMS | SMS, TOTP, multi-factor enrollment APIs; passkeys via Firebase |
| Customer experience / UX | Hosted UI customizable; SDK-driven custom flows | Custom policies (XML-based) or User Flows (UI-driven); the most flexible CIAM-tier branding | Firebase Auth UI; React / iOS / Android SDKs; the most JavaScript-ergonomic |
| Pricing model | Per monthly active user (MAU); free tier up to 50K MAU (Lite tier) | Per MAU; free tier; Premium for advanced features | Per MAU + per SMS; generous free tier on Firebase |
| Maturity verdict | Longest pedigree; idiosyncratic API; many production users | The most mature CIAM offering of the three; the strongest enterprise B2C integration | Newest entry; cleanest SDK; weaker enterprise B2C features |
Compute platform security
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| VM service | EC2 | Azure Virtual Machines | Compute Engine |
| Metadata service hardening | IMDSv2 - session-token, hop-limit-1, default-on for new instances since 2024 | Azure IMDS - header-required for v1; non-routable IP; no hop-limit by default | GCP metadata server - header-required; no hop-limit by default; Metadata-Flavor: Google mandatory |
| Default disk encryption | EBS default encryption (region-level setting); KMS-managed | Server-side encryption with platform-managed keys (PMK) default; CMK opt-in | Default encryption with Google-managed keys; CMEK opt-in; field-level CSEK rare |
| Secure boot / measured boot | Nitro System with attestation; UEFI Secure Boot on supported instance families | Trusted Launch (Secure Boot, vTPM, integrity monitoring) - default for Gen 2 VMs | Shielded VMs (Secure Boot, vTPM, integrity monitoring) - default-on for most images |
| Default networking exposure | EC2 in default VPC has public IP; security group default-deny inbound; common misstep is overly broad SG rules | VM Network Interface optionally public; default NSG denies inbound; common misstep is RDP/SSH open to internet | Compute Engine default network often public; "default-allow-ssh / icmp / internal" firewall rules common misstep |
| Patch management | Systems Manager Patch Manager; Inspector for vuln scanning | Azure Update Manager; Defender for Servers for vuln assessment | OS Patch Management (Compute Engine); Container OS Config; SCC vuln findings |
| Runtime protection | GuardDuty Runtime Monitoring (EC2 + EKS + ECS); third-party EDR via Marketplace | Defender for Servers (P1 / P2) with MDE integration | VM Threat Detection (hypervisor-level); Container Threat Detection (eBPF) |
Container security
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| Managed Kubernetes | EKS (self-managed nodes, Fargate, or EKS Auto Mode) | AKS | GKE (Standard and Autopilot - the most opinionated, secure-by-default managed Kubernetes) |
| Container registry | ECR + ECR Public | Azure Container Registry (ACR) | Artifact Registry (Container Registry deprecated) |
| Registry vuln scanning | ECR scanning (basic) + Inspector enhanced scanning (continuous, OS + language) | Defender for Containers - registry + runtime; the deepest registry-side reach | Artifact Analysis (continuous container scanning) + on-push scan |
| Signed-image enforcement | Sigstore / cosign-based via third-party admission controllers; AWS Signer for Lambda | Cosign + Notation; ACR supports signed images; Defender for Containers admission policy | Binary Authorization - native, declarative, attestation-based; the most mature signed-image enforcement |
| Managed container runtimes (no K8s) | ECS (Fargate or EC2); App Runner | Azure Container Instances (ACI); Container Apps | Cloud Run (the most ergonomic of the three for stateless services) |
| Workload identity in K8s | IRSA (IAM Roles for Service Accounts) - OIDC-based, the original pattern | Microsoft Entra Workload ID for AKS - OIDC federation | GKE Workload Identity - the cleanest of the three (KSA ↔ GSA binding) |
| Pod / cluster posture | EKS conformance built-in; Inspector + GuardDuty EKS Audit Logs / Runtime monitoring | Defender for Containers CSPM (runtime + posture); Azure Policy for Kubernetes | SCC Premium Container Threat Detection + Policy Controller (Anthos Config Management) |
| Network policy enforcement | VPC CNI + Calico (or Cilium since 2024) for NetworkPolicy | Azure CNI + Calico / Cilium | Dataplane V2 (Cilium-based) - Kubernetes NetworkPolicy + FQDN policies + observability |
See Kubernetes security and Containers security for the implementation patterns these services compose into.
Serverless security
| Capability | AWS | Azure | GCP |
|---|---|---|---|
| FaaS service | Lambda | Azure Functions | Cloud Functions (Gen 2) and Cloud Run for service-shaped workloads |
| Per-function IAM | Execution role per function - IAM-controlled, fine-grained | Managed identity per function - RBAC-scoped | Service account per function - IAM-scoped |
| VPC integration | Hyperplane ENIs - fast cold-start in VPC since 2019 | Premium / Dedicated plans for VNet integration; Consumption plan limited | VPC Connector or Direct VPC Egress (Cloud Run); Cloud Functions VPC connector |
| Secrets handling | Lambda + Secrets Manager (cached via extension); KMS-encrypted env vars | Functions + Key Vault references; managed identity for retrieval | Functions / Cloud Run + Secret Manager mounted as env or volume |
| Code signing | AWS Signer for Lambda (mandatory signed code policy) | Code signing via standard pipelines; no native Functions-level enforcement | Binary Authorization for Cloud Run (signed container) |
| Cold-start security model | Firecracker microVMs - strong isolation; warm-pool patterns for latency | Hyper-V-isolated containers (Premium plan); shared on Consumption | gVisor sandbox (Cloud Run / Cloud Functions Gen 2) - defense-in-depth runtime |
| Runtime protection / observability | Lambda Insights, GuardDuty for Lambda, Datadog / Lumigo / others via Extension | Application Insights + Defender for App Service | Cloud Logging + Cloud Trace + SCC Premium |
See Serverless security for the architectural patterns and pitfalls.
Conceptual differences that bite you
The tables above are easy to skim. The differences below are the ones that quietly cost multi-cloud teams the most - because they don't show up in a feature matrix at all. They're model differences: how each cloud organizes the world.
IAM policy models - three different ways to think about access
AWS uses an identity-and-resource policy model. Policies are JSON documents with Effect (Allow/Deny), Action, Resource, and Condition blocks. Both identities (users, roles) and resources (S3 buckets, KMS keys, SQS queues) can carry policies. The evaluation engine runs every applicable policy, and an explicit Deny anywhere wins. The expressiveness is enormous - you can pin a permission to a tag on a resource, the time of day, the source IP, the MFA-authenticated state of the session. The cost is complexity: nobody fully understands how cross-account access composes with SCPs, RCPs, identity-based policies, resource-based policies, and permission boundaries without sitting down for a few hours with the evaluation flowchart.
Azure uses RBAC: a role (a named bundle of operations) is assigned to a principal (user, group, service principal, managed identity) at a scope (management group, subscription, resource group, or resource). There are no resource-side policies; the resource just lives inside a scope. Inheritance is straightforward - a role at a management group cascades down to every subscription beneath it. Custom roles let you define the operation list, but there's nothing equivalent to AWS's per-resource condition language. Azure Policy (different from RBAC) layers audit / deny / append effects on resource configurations - that's where Azure approximates AWS's IAM Condition expressiveness, but for shapes of resources rather than for granted permissions.
GCP uses a member → role → resource binding model, where the resource is anywhere in the org hierarchy (organization, folder, project, individual resource) and bindings inherit downward. Roles bundle permissions just like Azure RBAC, but the resource hierarchy is more uniform than Azure's mix of management groups, subscriptions, and resource groups. IAM Conditions (since 2020) add a CEL-expression layer on top of bindings for attribute-based access. The most distinctive bit: everything in GCP - workloads, users, groups, service accounts - is a principal in the same namespace, and the binding system is uniform across them.
Practical impact: an AWS-trained engineer reaches for a JSON policy on a GCP resource and finds the model rejects the framing. A GCP-trained engineer reaches for "just inherit from the folder" on AWS and gets blocked by the fact that SCPs only restrict and IAM grants only grant - there is no single inheritance tree. An Azure-trained engineer expects management-group-style cascade and is surprised that AWS SCPs only restrict (never grant) and that GCP's hierarchical inheritance combines additively in a way Azure RBAC doesn't.
Organization / boundary models
The unit of isolation differs:
- AWS: the account. Strong boundary - separate IAM, separate billing, separate API endpoints, separate VPCs. AWS Organizations groups accounts into OUs with SCPs / RCPs. Best-practice landing zones (Control Tower) typically have dozens of accounts per workload group.
- Azure: the subscription. Lighter-weight boundary than an AWS account - same tenant (Entra ID), same identity plane, billing separation. Management Groups group subscriptions; Azure Policy and RBAC inherit through the tree.
- GCP: the project. Lightest-weight of the three - projects share an organization, identity, and (usually) Shared VPC. Org → folders → projects forms the hierarchy.
The implication: AWS forces stronger boundaries by default (the account is the answer to most "what's the blast radius?" questions). GCP makes cross-project access trivially easy (sometimes too easy - a misclick in IAM at the org level can grant something across every project). Azure sits between.
Default log retention and pricing
This is the line item that surprises every newly-multi-cloud team. AWS CloudTrail management events are free for 90 days in the console and cheap to retain forever in S3 + Glacier - most AWS-native shops have a default of "all CloudTrail to S3 forever, partitioned by date and account." Azure Activity Log retention beyond 90 days requires export to Log Analytics, which is priced per GB ingested and retained - this is the most expensive log retention model of the three, especially with verbose Diagnostic Settings turned on for paranoia. GCP Cloud Audit Logs retain Admin Activity for 400 days free; Data Access opt-in; sinks to BigQuery / GCS are cheap. If you treat all three the same - "verbose logs everywhere, retain 7 years" - Azure can be 5-10× the others on logging.
Practical: budget log ingestion explicitly per cloud. Cap Log Analytics ingest; route the firehose to cheap storage; reserve premium ingest for the signals your detection rules actually use.
VPC Service Controls - GCP's killer feature
GCP's VPC Service Controls establish a service perimeter around a set of projects and resources, blocking traffic across the perimeter even for fully-authorized identities. Read that again: even if your IAM is misconfigured and a foreign service account has Storage Object Viewer on your bucket, a VPC Service Controls perimeter denies the access if the request didn't originate from inside the perimeter. It's an additional second factor for the resource access decision - IAM says yes, perimeter says yes, only then does the call succeed.
AWS and Azure have nothing comparable as a unified construct. The closest AWS analog is a combination of SCPs (aws:SourceVpce conditions), resource policies, and S3 access points - workable but you assemble it from three primitives and re-verify the composition each time. Azure approximates it with Private Endpoints + service-level firewalls per resource - but the perimeter isn't a first-class concept that crosses services. For regulated workloads where data exfiltration is the headline risk (PHI, classified data, financial PII), this is one of the single biggest reasons teams pick GCP.
PrivateLink vs Private Link vs Private Service Connect
All three clouds offer "private endpoint for a managed service" capability. They look similar; they aren't quite the same:
- AWS PrivateLink (Interface VPC Endpoint): gives you an ENI in your VPC that resolves to a regional managed service. Per-service, per-region. Gateway endpoints (S3, DynamoDB) are a separate, free, route-table-based pattern.
- Azure Private Link / Private Endpoint: gives you a NIC in your VNet with a private IP for a specific resource (not just a service). Broader service coverage than AWS - almost every PaaS service supports it. Private Link Service lets you publish your own service to other tenants.
- GCP Private Service Connect: the most flexible of the three. Endpoints connect to Google APIs or third-party / first-party producers; backends extend regional managed services into your VPC; can publish your own services as PSC producers.
The pricing also differs in subtle ways (per-endpoint-hour + data-processing on AWS; per-endpoint + per-GB on Azure; per-endpoint + traffic on GCP). The conceptual difference that bites: AWS PrivateLink is per-service; Azure Private Endpoint is per-resource; GCP PSC is per-published-target. When you "make it private" on each cloud, the granularity of what's privatized differs.
Account / project sprawl
An idiomatic AWS landing zone has dozens to hundreds of accounts; an idiomatic GCP environment has dozens to hundreds of projects; an idiomatic Azure environment has dozens of subscriptions and many more resource groups inside each. The right level of sprawl for each cloud is different. Moving an AWS-shaped account topology onto Azure produces too many subscriptions; moving an Azure-shaped subscription model onto AWS produces too few accounts. Build the topology for the cloud you're on; don't replicate the wrong granularity.
Auditor familiarity
An under-discussed delta: auditor familiarity. North American SOC 2 auditors have run thousands of AWS audits and find AWS evidence formats familiar; their Azure muscle memory is solid; their GCP fluency is sometimes weaker. EU auditors are increasingly fluent in Azure (the Microsoft Cloud for Sovereignty push) and AWS. For FedRAMP, 3PAOs have the deepest experience with AWS GovCloud, growing experience with Azure Government, and the newest experience with GCP Assured Workloads. The cost differential of an auditor going through their first GCP engagement vs their hundredth AWS one is real.
Which cloud should you pick for…
Opinionated guidance. Where two clouds are close, the table above is the better tool - these are the cases where one provider is clearly differentiated for the scenario.
Highly regulated workloads (US federal)
AWS GovCloud for FedRAMP High / DoD IL5+ where the longest catalog of in-scope services is the deciding factor. GCP Assured Workloads for newer workloads that benefit from the policy-driven boundary enforcement and VPC Service Controls. Azure Government is a close third - and the obvious pick if the rest of the agency runs on Microsoft.
Microsoft-ecosystem shops
Azure. The Entra ID + Microsoft 365 + Defender XDR + Sentinel + Intune story is the most coherent identity-to-endpoint-to-cloud telemetry pipeline of the three. If your endpoints are Microsoft-managed, your collaboration is on M365, and your SaaS posture is via Defender for Cloud Apps, going elsewhere for cloud security leaves substantial value on the table.
Best detection-engineering ergonomics
Depends on the team. GCP if you have a detection engineering team that loves Chronicle / Google SecOps's YARA-L and the petabyte-scale ingestion model. AWS if your team prefers a SIEM-agnostic approach with Security Hub aggregating findings into a system you bring (Splunk, Panther, Elastic, etc.) plus Security Lake as the OCSF normalization layer. Azure if your team is already in Sentinel - KQL is a fine query language and the rule library is enormous.
Greatest native CSPM / CNAPP maturity
Effective tie between Microsoft Defender for Cloud and Google Security Command Center Premium / Enterprise. Both have evolved into full CNAPP-shaped platforms with multi-cloud reach. AWS Security Hub is an excellent aggregator but more loosely coupled - the per-service findings (GuardDuty, Inspector, Macie, IAM Access Analyzer) compose into Security Hub but each has its own UX. See CSPM vs CNAPP for the broader category context.
Most aggressive Zero Trust posture
GCP. BeyondCorp was Google's own zero-trust architecture before "Zero Trust" was a common phrase; the patterns that became BeyondCorp Enterprise - Identity-Aware Proxy, context-aware access, deep IAM-workload identity integration - are still the most production-tested implementation. Azure with Entra ID Conditional Access + Continuous Access Evaluation is a strong second. See Zero Trust for the architecture.
Largest pool of cloud-security talent
AWS, by a wide margin. The market for AWS security engineers is several times larger than for Azure or GCP. If hiring is a constraint, optimize for that - even if the technical fit is closer to one of the others.
Strongest greenfield Kubernetes posture
GKE Autopilot. The opinionated, secure-by-default managed-Kubernetes mode (no node access, hardened workloads, default network policies, default Workload Identity) is the cleanest starting point of the three. EKS Auto Mode (2024) closes much of the gap; AKS is the most flexible but requires the most explicit hardening up front.
Cheapest log retention at scale
AWS, generally - CloudTrail to S3 + Glacier, plus selective CloudWatch ingest, is the cheapest combination at scale. GCP is competitive with sinks to BigQuery / GCS. Azure Log Analytics ingest costs require active management to keep down at multi-TB scale.
Best for AI/ML security
Trending toward GCP for the Vertex AI safety / governance integration and Azure for the Azure OpenAI Service governance (Content Filters, Customer-Managed Key, Private Endpoint). AWS Bedrock + Guardrails is a strong third. See AI/ML Security for the cross-cloud comparison of model-security primitives.
The third-party normalizer
The longer your organization runs on more than one cloud, the more attractive a single CNAPP looking at all of them becomes. The reason isn't that the native tools are bad - the previous sections argue the opposite. The reason is that each cloud's native tool produces findings in that cloud's idiom: AWS GuardDuty in CloudTrail terms, Defender for Cloud in ARM-resource terms, SCC in GCP-asset terms. Cross-cloud correlation, cross-cloud risk ranking, and a single dashboard for a single incident-response team are work the native tools each only do well for their own cloud.
The third-party CNAPP layer normalizes:
- Asset inventory across clouds - every VM, container image, identity, secret, datastore in one queryable graph.
- Risk model - combine an exposed asset on AWS with an over-permissioned identity on Azure that has access to a vulnerable workload on GCP into a single attack-path finding. The native tools don't see across each other.
- Policy library - one CIS / NIST / SOC 2 / PCI policy pack, applied uniformly to all three clouds with cloud-specific translation under the hood.
- Detection - runtime / agentless threat detection that doesn't care which cloud the workload runs on.
- Workflow - one ticketing, one Slack notifications, one severity rubric, one on-call rotation.
The major options in 2026: Wiz, Orca Security, Lacework / Fortinet, Sysdig, Prisma Cloud, CrowdStrike Falcon Cloud Security, Check Point CloudGuard, and others. Microsoft Defender for Cloud is also a credible cross-cloud choice if you're Azure-heavy. None of these is a substitute for the native primitives - they sit above them, querying APIs and consuming logs.
The hybrid pattern that works for most multi-cloud orgs:
- Native tools as the enforcement plane - SCPs, Azure Policy, Org Policy, native IAM. The control runs where the resource runs.
- Native detection (GuardDuty, Defender, SCC threat detection) as the per-cloud signal source. The cloud sees its own anomalies first.
- Third-party CNAPP as the system of record for posture, asset inventory, risk ranking, and the cross-cloud attack-path view.
- Cloud-agnostic SIEM (Splunk, Panther, Elastic, Sumo, Google SecOps, Sentinel) as the investigation / hunting plane.
- GRC platform (Vanta, Drata, ServiceNow GRC, etc.) as the auditor-facing layer.
This stack is more expensive than going all-in on one cloud's native tooling. It's also the only way a 4-person security team operates 800 cloud accounts across three providers without losing sleep.
Comparison summary scorecard
The full set of categories, one row each, one-word verdicts. Use this as the executive-friendly one-pager; everything that supports the verdict is in the tables above.
| Category | AWS | Azure | GCP |
|---|---|---|---|
| Identity (IAM expressiveness) | Leader | Solid | Solid |
| Identity governance (IGA / PIM) | Catching up | Leader | Solid |
| Workload identity | Solid | Solid | Leader |
| CSPM / CNAPP (native) | Solid | Leader | Leader |
| SIEM (native) | Catching up | Leader | Leader |
| Audit logging defaults | Solid | Solid | Leader |
| KMS / HSM | Solid | Solid | Solid |
| DLP / data classification | Catching up | Solid | Leader |
| WAF / DDoS | Solid | Solid | Solid |
| Private connectivity | Solid | Solid | Leader |
| VPC perimeter (data-exfil prevention) | Catching up | Catching up | Leader |
| Compliance breadth (attestations) | Leader | Leader | Solid |
| FedRAMP High / DoD IL5+ | Leader | Leader | Catching up |
| Container security (managed K8s) | Solid | Solid | Leader |
| Serverless security maturity | Leader | Solid | Solid |
| Zero Trust heritage / depth | Catching up | Solid | Leader |
| Log retention pricing | Leader | Catching up | Solid |
| Talent market | Leader | Solid | Catching up |
| Microsoft-stack integration | Catching up | Leader | Catching up |
| Service breadth | Leader | Solid | Solid |
Reading the scorecard: "Leader" means the provider is meaningfully ahead in this category for most teams in 2026. "Solid" means it's a strong, production-grade offering - close enough that the choice rarely hinges on it. "Catching up" means it's behind the leaders today but on a credible roadmap. Every row is contestable; the goal is a defensible starting point, not the final word.
FAQ
Which cloud is most secure?
None of them, and all of them. Baseline capabilities are 80% equivalent. The 20% delta matters for specific workloads (regulated workloads, Zero-Trust-shaped architectures, Microsoft-stack shops), but for most commercial workloads any of the three is well past the bar. The cloud that's most secure for you is the one your team operates with the most fluency.
Should I avoid one cloud for security reasons?
Rarely. The cases where the cloud choice itself is a security decision are narrow: sovereign-cloud requirements with provider-specific regional offerings, certain FedRAMP High / DoD IL5+ workloads (AWS / Azure currently deeper than GCP), and Microsoft-stack shops where giving up Entra ID is non-starter. Outside those, the cost of fighting a cloud you're already on dwarfs the security benefit of switching.
Is multi-cloud more or less secure than single-cloud?
Less, at the same headcount - multi-cloud doubles or triples the surface area your team has to operate. The "multi-cloud for resilience" argument rarely survives contact with reality; the providers themselves are far more reliable than a multi-cloud failover engineered by humans. Multi-cloud is a fine strategic outcome when it serves real business drivers (acquired companies, regulatory requirements, customer demand), but it should not be picked for its own sake.
How do I compare a specific AWS service to its Azure or GCP equivalent?
Start with the capability, not the service. "I need a managed Kubernetes with private control plane, signed-image admission, and a network policy enforcement layer" maps to EKS + IRSA on AWS, AKS + Workload Identity on Azure, and GKE + Binary Authorization + Workload Identity on GCP. Each provider has equivalent primitives; the integration story differs. Two or three end-to-end scenarios are more useful than a side-by-side feature checklist.
Which cloud has the most mature native CSPM?
Effective tie between Microsoft Defender for Cloud and Google Security Command Center Premium / Enterprise. AWS Security Hub is a strong aggregator but more loosely coupled. Most multi-cloud organizations run a third-party CNAPP over all three rather than relying solely on native tooling - see CSPM vs CNAPP.
Which cloud is best for highly regulated workloads?
For US federal: AWS GovCloud (deepest catalog), Azure Government (Microsoft-stack integration), GCP Assured Workloads (newest but moves fastest on Zero Trust). For most commercial regulated workloads (HIPAA, PCI DSS, ISO 27001, SOC 2), all three are well past the bar; choose on team fit.
Does one cloud have better Zero Trust than the others?
GCP, by heritage - the BeyondCorp model is the most mature implementation of zero-trust principles in a public cloud. Azure is a close second on Entra ID + Conditional Access. AWS has the building blocks (Verified Access, Verified Permissions) but the assembly is more do-it-yourself. See Zero Trust.
What about cost - which cloud is cheapest for security?
Not a single answer. AWS is generally cheapest for log retention; GCP is cheapest for per-key KMS; Azure can be the most expensive on Log Analytics ingest at scale. The dominant security-related cost on every cloud is egress and CSPM scaling - neither of which differs by more than 10-20% across providers for equivalent workloads. The cost of running a less-fluent team on a "cheaper" cloud almost always exceeds the price differential.
Where next
- AWS Security - the AWS-only deep dive (services, defaults, gotchas).
- Azure Security - Azure-specific patterns, Entra ID architecture, Defender for Cloud.
- GCP Security - GCP-specific patterns, VPC Service Controls, BeyondCorp.
- CSPM vs CNAPP - the category context for the third-party normalizer layer.
- IAM & Identity - the cross-cloud identity architecture deep dive.
- Zero Trust - how Zero Trust composes from the three clouds' primitives.
- Network Security - the architectural patterns behind the network-security table.
- Data Security & KMS - KMS, HSM, BYOK, and confidential compute across the three.
- Kubernetes security - EKS, AKS, and GKE side by side at the implementation level.
- Serverless security - Lambda, Functions, Cloud Run patterns and pitfalls.
- Compliance Frameworks - the framework-by-framework view.
- GRC - the program that lives above all of this.
- Friday Zoom - cross-cloud comparison questions come up regularly. Drop in.