Cloud Services Cross-Reference: Management & Monitoring
This document maps management and monitoring services across AWS, Azure, Oracle Cloud Infrastructure (OCI), and Google Cloud Platform (GCP). All four providers address the same operational pillars — observability, cost control, governance, automation, and configuration compliance — but differ significantly in architecture, service boundaries, and integration depth. Use this reference when evaluating operational tooling requirements, audit readiness, or multi-cloud observability strategies.
1. Monitoring (Metrics)
Metrics monitoring is the foundation of operational visibility: time-series data collected from infrastructure and applications, used for dashboards, alerting, and autoscaling.
AWS — Amazon CloudWatch CloudWatch is the unified monitoring hub for AWS. It collects metrics from over 200 AWS services automatically, supports custom metrics, and provides the Metrics Explorer for ad-hoc exploration. CloudWatch Alarms trigger SNS notifications, Auto Scaling actions, or EC2 recovery. CloudWatch Dashboards aggregate metrics and logs in a single pane. CloudWatch processes more than 20 quadrillion metric observations per month across the AWS fleet.
Azure — Azure Monitor (Metrics) Azure Monitor Metrics is a time-series database built into Azure Monitor. Platform metrics are collected automatically from every Azure resource at no charge. The Metrics Explorer in the Azure portal allows chart creation, dimension filtering, and threshold-based alerting. Azure Monitor also ingests Prometheus metrics natively for container workloads via the Azure Monitor managed service for Prometheus, enabling Grafana dashboards without operating a separate Prometheus stack.
OCI — OCI Monitoring OCI Monitoring enables services and customers to emit metrics about OCI resources. It includes a Metrics Explorer, service-level metrics automatically published by OCI services, and Alarms that trigger Notifications (email, Slack, PagerDuty, OCI Functions). Metrics are queried using the Monitoring Query Language (MQL). OCI Monitoring integrates with OCI Operations Insights for capacity planning and trend analysis powered by machine learning.
GCP — Cloud Monitoring Cloud Monitoring (formerly Stackdriver Monitoring) collects time-series metrics from GCP services, virtual machines, and custom instrumentation. It supports Prometheus-compatible collection via Google Cloud Managed Service for Prometheus, dashboards, uptime checks, and alerting policies. Starting October 2025, pricing for Monitoring read API calls changed to a per-time-series-returned model rather than per-call.
| Feature | AWS CloudWatch | Azure Monitor Metrics | OCI Monitoring | GCP Cloud Monitoring |
|---|---|---|---|---|
| Auto-collected service metrics | Yes (200+ services) | Yes (all resources) | Yes (OCI services) | Yes (GCP services) |
| Custom metrics | Yes ($0.30/metric) | Yes (included with workspace) | Yes (MQL) | Yes |
| Prometheus support | Managed Prometheus (AMP) | Azure Monitor for Prometheus | Via third-party agents | Managed Service for Prometheus |
| Dashboards | CloudWatch Dashboards | Azure Dashboards / Workbooks | Metrics Explorer | Cloud Monitoring Dashboards |
| Alerting | CloudWatch Alarms | Azure Monitor Alerts | OCI Alarms | Alerting Policies |
| Uptime / synthetic checks | CloudWatch Synthetics | Azure Monitor availability tests | OCI Health Checks | Cloud Monitoring Uptime Checks |
2. Logging
Log management services collect, index, and query structured and unstructured log data from infrastructure, platforms, and applications.
AWS — Amazon CloudWatch Logs CloudWatch Logs is the primary log aggregation service for AWS. It ingests logs from EC2 (via CloudWatch Agent), Lambda, ECS, EKS, API Gateway, and other services. Log Insights provides an interactive query interface for analysis. Log groups define retention policies; subscription filters can stream logs to Kinesis Data Streams, Lambda, or OpenSearch Service for downstream processing. CloudTrail delivers governance and API-call logs separately and is distinct from CloudWatch Logs.
Azure — Azure Monitor Logs (Log Analytics) Azure Monitor Logs stores structured and unstructured log data in Log Analytics workspaces. Queries are written in Kusto Query Language (KQL), a powerful analytics language suited for time-series and event data. Application Insights stores its telemetry data in a Log Analytics workspace (workspace-based model). Ingestion-time transformation rules (generally available in 2025) allow filtering or reshaping log data before storage, reducing cost. Azure Monitor also provides a Basic Logs tier at lower cost for high-volume, infrequently queried data.
OCI — OCI Logging OCI Logging provides log ingestion from OCI resources using the CloudEvents standard and the CNCF Fluentd agent. Log categories include audit logs, service logs, and custom application logs. Service Connector Hub routes logs to Object Storage, Streaming, or Functions for downstream processing. OCI Logging Analytics extends this with machine learning-based anomaly detection, log correlation, and visualization across on-premises and multicloud log sources. OCI also collects audit logs of all API calls via the Audit service, analogous to AWS CloudTrail.
GCP — Cloud Logging Cloud Logging is the centralized log management service for GCP. It automatically ingests logs from GCP services, VMs (via Ops Agent), GKE, and Cloud Functions. Log Explorer provides an interactive query interface. Log-based metrics allow alerting on log content. Log sinks export logs to Cloud Storage, BigQuery, or Pub/Sub. Regional quotas for write API calls replaced a single global quota in April 2025 to improve resilience.
| Feature | AWS CloudWatch Logs | Azure Monitor Logs | OCI Logging | GCP Cloud Logging |
|---|---|---|---|---|
| Query language | CloudWatch Logs Insights | KQL (Kusto) | SQL-like / UI Explorer | Logging Query Language |
| ML-based log analytics | CloudWatch Anomaly Detection | Azure Monitor AIOps | OCI Logging Analytics | Log Analytics (built-in) |
| Audit / API call logs | AWS CloudTrail (separate) | Azure Activity Log (in Monitor) | OCI Audit Service (separate) | Cloud Audit Logs (built-in) |
| Log export / routing | Subscription filters → Kinesis/Lambda | Diagnostic settings → Storage/Hubs | Service Connector Hub | Log sinks → Storage/BigQuery/Pub-Sub |
| Agent | CloudWatch Agent | Azure Monitor Agent (AMA) | Unified Monitoring Agent / Fluentd | Ops Agent |
| Retention control | Per log group (1 day–never) | Per workspace (4–730 days) | Per log group | Per sink / retention policy |
3. Distributed Tracing / APM
Application Performance Monitoring (APM) and distributed tracing provide end-to-end visibility into request latency, service dependencies, and error propagation across microservices.
AWS — AWS X-Ray + CloudWatch Application Signals AWS X-Ray captures traces from distributed applications, generating service maps and latency histograms. It supports synchronous requests and asynchronous SQS-based workflows. CloudWatch Application Signals (GA 2024) is the higher-level APM experience: it surfaces service-level health dashboards, SLOs, and dependency maps built on X-Ray trace data and CloudWatch metrics. Application Signals does not require manual instrumentation for supported AWS services.
Azure — Azure Monitor Application Insights Application Insights is the APM component of Azure Monitor. It provides distributed tracing (W3C Trace Context, OpenTelemetry), live metrics, dependency tracking, exception monitoring, user analytics, and availability tests. Instrumentation can be code-based (SDK) or codeless (auto-instrumentation agent). Application Insights data is stored in a Log Analytics workspace (workspace-based model), enabling cross-correlation with infrastructure logs using KQL. It integrates with OpenTelemetry through the Azure Monitor OpenTelemetry Distro.
OCI — OCI Application Performance Monitoring (APM) OCI APM provides distributed tracing compatible with both the OpenTracing and OpenMetrics standards. It supports Kubernetes and Docker container tracing, end-user monitoring (EUM/RUM), and synthetic monitoring. APM Domain ingests trace spans and provides trace explorer, span dimensions, and waterfall views. OCI APM is integrated with OCI Monitoring for metric correlation and with OCI Logging for log-trace correlation.
GCP — Cloud Trace + Cloud Profiler Cloud Trace is the distributed tracing service for GCP, collecting latency data from applications and displaying trace timelines, latency distributions, and root-cause analysis in the Google Cloud console. Charges are based on trace spans ingested and scanned. Cloud Profiler complements tracing with continuous CPU and memory profiling of production applications without significant overhead.
| Feature | AWS X-Ray / App Signals | Azure Application Insights | OCI APM | GCP Cloud Trace |
|---|---|---|---|---|
| Standards support | OpenTelemetry (X-Ray SDK) | OpenTelemetry (Azure OTel Distro) | OpenTracing / OpenMetrics | OpenTelemetry |
| Auto-instrumentation | App Signals (AWS services) | Codeless agent | OCI APM agents | Auto-instrumentation for GCP services |
| Synthetic monitoring | CloudWatch Synthetics | Application Insights availability tests | OCI APM Synthetic Monitoring | Cloud Monitoring Uptime Checks |
| Real user monitoring (RUM) | CloudWatch RUM | Application Insights (browser SDK) | OCI APM End User Monitoring | Not native |
| SLO / service dashboards | Application Signals SLOs | Application Insights SLAs | OCI APM Dashboards | Cloud Monitoring SLO policies |
| Profiling | CodeGuru Profiler | Application Insights Profiler | Not native | Cloud Profiler |
4. Cost Management
Cost management services provide spending visibility, budget enforcement, anomaly detection, and rightsizing recommendations.
AWS — AWS Cost Management Suite AWS offers a suite of cost management tools: Cost Explorer (interactive spend visualization and forecasting), AWS Budgets (threshold alerts), Cost and Usage Report (CUR — the detailed, line-item billing export), Cost Anomaly Detection (ML-based unusual spend alerts), Cost Optimization Hub (consolidated rightsizing and savings plan recommendations), and Compute Optimizer (ML-based resource rightsizing for EC2, ECS, Lambda, and EBS). Billing Conductor supports custom rate cards for managed service providers or internal chargeback.
Azure — Microsoft Cost Management Microsoft Cost Management (formerly Azure Cost Management + Billing) is integrated into the Azure portal and provides cost analysis views, budgets, anomaly alerts, and cost allocation rules. It supports exports to Azure Storage for downstream processing. Subscription-level email alerts for cost anomalies are generally available in 2025. Cost Management integrates with Azure Advisor for rightsizing recommendations and with Power BI for executive-level reporting.
OCI — OCI FinOps Hub + Cost Analysis OCI consolidated cost management tools into the FinOps Hub in 2024–2025, bringing together Cost Analysis (interactive spending reports and forecasts), Budgets (with alerts on compartments or cost-tracking tags), Usage Reports (granular CSV exports), and Cloud Advisor recommendations into a single overview page. OCI's compartment model provides native cost attribution by compartment — a structural advantage over tag-only attribution in other clouds. Tag-based cost tracking enables finer chargeback where needed.
GCP — Cloud Billing + FinOps Hub GCP Cloud Billing provides billing reports, cost breakdowns by project/service/label, and budget alerts. The FinOps Hub (GA 2024) presents active savings, optimization opportunities, and commitment recommendations in a single dashboard. Gemini Cloud Assist (2025) generates AI-powered summaries of cost trends and drafts email reports for engineering teams. Committed Use Discounts (CUDs) recommender proactively surfaces commitment opportunities.
| Feature | AWS Cost Management | Azure Cost Management | OCI FinOps Hub / Cost Analysis | GCP Cloud Billing |
|---|---|---|---|---|
| Interactive cost explorer | Cost Explorer | Cost Analysis | Cost Analysis | Billing Reports |
| Budgets and alerts | AWS Budgets | Cost Management Budgets | OCI Budgets | Cloud Billing Budgets |
| Detailed billing export | Cost and Usage Report (CUR / CUR 2.0) | Export to Storage (CSV/Parquet) | Usage Reports (CSV) | BigQuery billing export |
| Anomaly detection | Cost Anomaly Detection (ML) | Anomaly Alerts (ML) | Cloud Advisor (daily scan) | Cost anomaly alerts |
| Rightsizing recommendations | Compute Optimizer | Azure Advisor | Cloud Advisor | Active Assist / Recommender |
| Native cost attribution unit | Tags / Accounts | Tags / Management Groups | Compartments + Tags | Labels / Projects |
| AI-assisted cost insights | Not native | Not native | Not native | Gemini Cloud Assist |
5. Resource Management and Tagging
Resource management services provide inventory, grouping, and metadata labeling across cloud assets.
AWS — AWS Resource Groups + Tagging + Resource Explorer AWS Tag Editor applies tags across resources in bulk. Resource Groups logically group tagged resources for operational actions (Systems Manager, Config rules). Resource Explorer provides cross-region, cross-account search of all resources. AWS Config maintains a configuration inventory with history. Tag policies in AWS Organizations enforce tagging standards across the organization. CloudTrail records all API calls for resource change history.
Azure — Azure Resource Manager + Tags + Resource Graph Azure Resource Manager (ARM) is the control plane for all Azure resources. Resources are organized into Resource Groups (mandatory) and Subscriptions. Tags are applied at resource or resource group level. Azure Resource Graph (ARG) provides fast SQL-like query across all resources in a subscription or management group, supporting large-scale inventory and compliance queries. Change Analysis tracks resource configuration changes using ARG as its store. Azure Policy enforces mandatory tags.
OCI — OCI Compartments + Tags + Resource Manager OCI compartments are hierarchical logical containers (up to six levels deep) that provide the primary unit of access control, cost attribution, and resource isolation. Compartments are unique to OCI: unlike tags in other clouds, they are a structural boundary enforced at the API level, not a metadata annotation. Free-form and defined tags provide additional metadata. OCI Resource Manager (Terraform-based) manages infrastructure-as-code stacks with built-in state management and drift detection. OCI Resource Search provides cross-tenancy resource discovery.
GCP — Google Cloud Resource Manager + Labels + Asset Inventory GCP organizes resources in a hierarchy: Organization → Folders → Projects → Resources. Projects are the primary billing and access boundary. Labels (key-value pairs) serve as the primary resource metadata and cost attribution mechanism. Cloud Asset Inventory is a global metadata service that indexes all resource metadata, supports change history, exports to BigQuery, and integrates with Recommender for security posture insights.
| Feature | AWS | Azure | OCI | GCP |
|---|---|---|---|---|
| Primary grouping unit | Account + Resource Group (tags-based) | Resource Group | Compartment | Project |
| Tag / label enforcement | Tag Policies (AWS Organizations) | Azure Policy | Tag namespaces + policies | Organization Policy constraints |
| Resource inventory / search | Resource Explorer + Config | Resource Graph | Resource Search | Cloud Asset Inventory |
| Configuration change history | AWS Config | Change Analysis (ARM) | OCI Audit + Resource Manager | Cloud Asset Inventory (change feed) |
| IaC state management | CloudFormation / Terraform | ARM / Bicep / Terraform | Resource Manager (Terraform-native) | Deployment Manager / Terraform |
Key differentiator: OCI Compartments are a structural isolation boundary, not merely a label. Policies, quotas, and budgets attach to compartments, making cost attribution and least-privilege access structurally enforced rather than metadata-dependent.
6. Governance (Organizations, Policies, Hierarchy)
Governance services provide multi-account or multi-subscription hierarchy, policy enforcement, and compliance guardrails at scale.
AWS — AWS Organizations + Service Control Policies (SCPs) AWS Organizations provides a hierarchical account management structure: root → Organizational Units (OUs) → accounts. Service Control Policies (SCPs) are permission guardrails applied at the OU or account level that restrict the maximum actions available to IAM principals — even the root account. Resource Control Policies (RCPs) restrict resource-level access. AWS Control Tower provides opinionated landing zone automation on top of Organizations, with pre-built guardrails (preventive and detective). AWS Config conformance packs enable organization-wide compliance assessments.
Azure — Azure Policy + Management Groups Azure Management Groups provide a hierarchy above subscriptions: Tenant Root Group → Management Groups → Subscriptions → Resource Groups → Resources (up to six levels of management groups). Azure Policy defines, assigns, and evaluates compliance rules (deny, audit, deploy-if-not-exists) that cascade by inheritance. Policy initiatives (groups of policies) implement compliance frameworks such as CIS, NIST, and PCI-DSS. Azure Policy and RBAC assignments made at a management group scope inherit down to all child subscriptions and resources automatically.
OCI — OCI Compartments + IAM Policies + Organizations OCI governance is built on compartments (hierarchical resource containers), IAM policies (allow/deny statements scoped to compartments or the tenancy), and OCI Organizations (multi-tenancy management for enterprise customers). The tenancy root compartment is the governance root; child compartments inherit parent policies by default. OCI Landing Zones (2025 unified framework) provide Terraform-based templates for CIS-compliant, pre-hardened tenancy setup with compartments, policies, budget, security zones, and Cloud Guard enabled from day zero.
GCP — Organization Policy + Resource Hierarchy GCP governance uses the Organization → Folders → Projects hierarchy. Organization Policies enforce constraints on resource configurations (e.g., restrict VM image sources, disable external IP assignment) and inherit down the hierarchy. Organization Policy constraints are evaluated at the resource level without requiring RBAC-style principal assignment. Google Cloud's security baseline constraints are automatically applied when an organization is created to address common misconfigurations. Custom constraints (GA) allow expression-based policy conditions beyond predefined constraints.
| Feature | AWS Organizations | Azure Management Groups | OCI Compartments / Orgs | GCP Organization Policy |
|---|---|---|---|---|
| Hierarchy type | Root → OUs → Accounts | Root → MGs → Subscriptions | Tenancy → Compartments (6 levels) | Org → Folders → Projects |
| Policy guardrails | SCPs (allow/deny on principals) | Azure Policy (audit/deny/remediate) | IAM Policies (compartment-scoped) | Org Policy constraints (config-based) |
| Policy inheritance | Cascades to member accounts | Cascades to child subscriptions | Cascades to child compartments | Cascades to child folders/projects |
| Landing zone / guardrails | AWS Control Tower | Azure Landing Zones (CAF) | OCI Core Landing Zone (Terraform) | Google Cloud Foundation Toolkit |
| Multi-tenancy management | AWS Organizations | Azure Lighthouse | OCI Organizations | Resource Hierarchy (single org) |
| Automated compliance assessment | Config Conformance Packs | Azure Policy Compliance | Cloud Guard + Security Zones | Security Command Center |
7. Configuration Management
Configuration management services assess whether cloud resources conform to defined standards, track configuration history, and optionally remediate drift.
AWS — AWS Config AWS Config records the configuration of AWS resources and evaluates them against Config Rules (managed or custom Lambda-based). It maintains a complete configuration history and timeline for every resource. Config Conformance Packs bundle multiple rules into a deployable package for organization-wide compliance. Config integrates with CloudTrail to correlate who made a change with what changed. AWS Systems Manager State Manager can enforce desired configuration state on EC2 instances.
Azure — Azure Policy + Azure Arc Azure Policy is the primary configuration compliance tool: it evaluates resources against defined rules and can automatically remediate non-compliant resources via deployIfNotExists or modify effects. Azure Arc extends Azure's management plane — including Azure Policy, Azure Monitor, and Defender for Cloud — to servers, Kubernetes clusters, SQL Server instances, and databases running outside Azure (on-premises, AWS, GCP, edge). Arc-enabled resources appear in the Azure portal as first-class objects and can be governed using the same tooling as native Azure resources. This is a unique multi-cloud configuration management capability with no direct equivalent in other providers' native tooling.
OCI — (No dedicated configuration compliance service) OCI does not have a direct equivalent to AWS Config or Azure Policy for configuration compliance assessment. OCI Cloud Guard serves a related purpose: it monitors OCI resources for security misconfigurations (open security list rules, public buckets, unencrypted volumes) and generates "problems" with guided remediation. OCI Security Zones enforce hard preventive guardrails (e.g., a resource cannot be created non-encrypted in a Maximum Security Zone). For full configuration management, customers typically use OCI Resource Manager (Terraform) for desired-state IaC, or third-party tools such as Terraform Cloud or Chef/Puppet.
GCP — Cloud Asset Inventory + Organization Policy GCP does not offer a dedicated service equivalent to AWS Config's resource configuration history. Cloud Asset Inventory provides resource metadata and change history, and exports can be analyzed in BigQuery. Organization Policy prevents non-compliant resource creation at provisioning time (preventive). Security Command Center analyzes assets for security misconfigurations (detective). For hybrid and multi-cloud configuration compliance, Google offers no native equivalent to Azure Arc; the closest is Anthos Config Management, which enforces GitOps-based configuration policies on Kubernetes clusters.
| Feature | AWS Config | Azure Policy + Arc | OCI Cloud Guard | GCP Asset Inventory + Org Policy |
|---|---|---|---|---|
| Configuration history | Full per-resource timeline | Change Analysis (ARM) | Partial (audit logs) | Cloud Asset Inventory change feed |
| Compliance rules / assessment | Config Rules (managed / custom) | Azure Policy definitions | Cloud Guard detectors | Organization Policy constraints |
| Auto-remediation | Systems Manager / Lambda | deployIfNotExists / modify | Responders (Functions) | Not native |
| Hybrid / multi-cloud scope | Systems Manager (on-prem agents) | Azure Arc (any cloud/on-prem) | Not native | Anthos Config Mgmt (Kubernetes only) |
| Preventive guardrails | Organizations SCPs | Azure Policy (deny) | Security Zones | Organization Policy |
Key differentiator: Azure Arc is the only native solution that extends a cloud provider's configuration management, governance, and monitoring plane to resources running in competitor clouds or on-premises without requiring those resources to be re-platformed.
8. Automation and Runbooks
Automation services execute operational workflows, scheduled scripts, and remediation runbooks against cloud and on-premises infrastructure.
AWS — AWS Systems Manager (SSM) Automation AWS Systems Manager is a broad operations management platform. Its Automation capability executes runbooks — YAML or JSON documents with sequential action steps — against EC2 instances, AWS resources, and on-premises servers via the SSM Agent. Over 300 pre-built runbooks are available for common tasks (patching, AMI creation, compliance remediation). Systems Manager also includes Run Command (ad-hoc execution), State Manager (desired-state enforcement), Patch Manager (automated OS patching), Session Manager (browser-based shell without SSH/RDP), and Maintenance Windows (scheduled execution).
Azure — Azure Automation Azure Automation provides runbook automation using PowerShell, Python, or graphical runbooks. It includes Update Management (OS patching for Azure and on-premises VMs), Desired State Configuration (DSC) for PowerShell-based configuration enforcement, Change Tracking and Inventory for file/registry/software change monitoring, and Process Automation for scheduled or webhook-triggered workflows. Azure Automation integrates with Azure Monitor Alerts and Logic Apps for event-driven automation.
OCI — OCI Resource Manager + OCI Functions OCI does not have a direct Systems Manager or Azure Automation equivalent with built-in runbook catalogs. OCI Resource Manager (Terraform-managed) handles infrastructure provisioning and drift remediation. For operational automation (patching, script execution), OCI OS Management Hub (launched 2023) manages OS patching, module streams, and software updates for OCI and on-premises instances, using the OCI Unified Monitoring Agent as the host-side agent. OCI Functions (serverless) and OCI Notifications + Alarms provide an event-driven automation chain for cloud resource responses.
GCP — Workflows + Cloud Run Jobs GCP Workflows is a serverless orchestration service that executes multi-step workflows defined in YAML or JSON, calling GCP APIs, HTTP endpoints, and Cloud Run services. It does not include a pre-built runbook library. Cloud Run Jobs execute containerized scripts on demand or on a schedule. For VM-level automation, VM Manager (part of Google Cloud Observability) handles OS patch management and compliance scanning. GCP does not have a direct analogue to AWS Systems Manager's full breadth of capabilities.
| Feature | AWS Systems Manager | Azure Automation | OCI Resource Manager / OS Mgmt Hub | GCP Workflows / VM Manager |
|---|---|---|---|---|
| Runbook / workflow execution | SSM Automation (YAML/JSON) | PowerShell / Python runbooks | IaC stacks (Terraform) | Cloud Workflows (YAML/JSON) |
| Pre-built runbook library | Yes (300+ managed runbooks) | Yes (pre-built for common tasks) | No native library | No native library |
| OS patch management | Patch Manager | Update Management | OS Management Hub | VM Manager |
| Desired-state config | State Manager / DSC | DSC (PowerShell) | Resource Manager (Terraform) | Config Management (Anthos/K8s) |
| On-premises / hybrid agent | SSM Agent | Azure Automation Hybrid Worker | Unified Monitoring Agent | Ops Agent |
| Ad-hoc command execution | Run Command | Hybrid Runbook Worker | Cloud Shell + OCI CLI | Cloud Shell |
9. Service Health and Status Dashboards
Service health services communicate provider-side incidents, maintenance windows, and outages affecting customer resources.
AWS — AWS Health Dashboard AWS Health Dashboard has two components: Service Health (public, showing the status of all AWS services across all regions) and Your Account Health (personalized view of events affecting your specific resources and accounts). The Health API enables programmatic access to health events, integration with EventBridge for automated responses, and integration with AWS Organizations for aggregated multi-account health visibility. AWS Health is the authoritative source for planned changes and operational issues across 200+ AWS services.
Azure — Azure Service Health Azure Service Health in the Azure portal provides personalized alerts for Azure service issues, planned maintenance, and health advisories affecting your subscriptions and regions. Resource Health (a sub-component) shows the current and historical availability of individual resources. Service Health alerts can trigger action groups (email, SMS, webhook, Logic Apps). Azure Status (status.azure.com) is the public global status page.
OCI — OCI Status (ocistatus.oraclecloud.com) OCI Service Status provides a public status page with real-time and historical service health data per region and per service. Within the OCI console, Service Announcements delivers personalized notifications for planned maintenance (Required Actions, Recommended Actions) affecting resources in your tenancy. Notification subscriptions allow routing service announcements to email or other channels.
GCP — Google Cloud Status + Service Health Google Cloud Status (status.cloud.google.com) is the public status page for all GCP services. Service Health in the Google Cloud console provides personalized, account-specific health notifications showing incidents affecting resources in your projects. Service Health integrates with Cloud Monitoring alerting for automated responses.
| Feature | AWS Health Dashboard | Azure Service Health | OCI Status / Announcements | GCP Service Health |
|---|---|---|---|---|
| Public status page | health.aws.com | status.azure.com | ocistatus.oraclecloud.com | status.cloud.google.com |
| Personalized / account-specific | Yes (Your Account Health) | Yes (Service Health in portal) | Yes (Service Announcements) | Yes (Cloud console Service Health) |
| Planned maintenance notices | Yes | Yes | Yes (Required/Recommended Actions) | Yes |
| API / programmatic access | Health API | Service Health REST API | Announcements API | Service Health API |
| Multi-account aggregation | AWS Organizations integration | Azure Lighthouse | OCI Organizations | Not native |
| Alert integration | EventBridge | Action Groups | OCI Notifications | Cloud Monitoring |
10. Cloud Advisor / Recommendations
Cloud advisor services proactively analyze tenancy or account configurations and generate actionable recommendations across cost, security, performance, and reliability dimensions.
AWS — AWS Trusted Advisor Trusted Advisor continuously evaluates an AWS account against best practices across six categories: Cost Optimization, Performance, Security, Fault Tolerance, Operational Excellence, and Service Limits. Basic and Developer support plans get access to Service Limits and select Security checks. Business Support+ unlocks all 482 checks. AWS Compute Optimizer provides separate, ML-driven rightsizing recommendations for EC2, Auto Scaling Groups, ECS on Fargate, Lambda, and EBS. Cost Optimization Hub aggregates savings opportunities from multiple sources into a single prioritized view.
Azure — Azure Advisor Azure Advisor analyzes Azure resource configurations and usage telemetry and generates recommendations across five categories: Cost, Security, Reliability, Operational Excellence, and Performance. Advisor integrates with Azure Security Center (Defender for Cloud) for security recommendations and with Cost Management for rightsizing suggestions. Recommendations include estimated cost savings and one-click remediation for many items. Advisor Score provides a composite health score to track improvement over time.
OCI — OCI Cloud Advisor OCI Cloud Advisor runs a full tenancy scan once per day and generates recommendations across four categories: Cost Management, Performance, High Availability, and Security. Recommendations include estimated cost savings where applicable. OCI FinOps Hub (2025) consolidates Cloud Advisor output with Cost Analysis, Budgets, and Subscriptions into a single overview page. Cloud Advisor integrates with OCI Notifications to alert teams when new recommendations are generated.
GCP — Recommender (Active Assist) GCP Recommender is a service-native recommendation engine accessed either through the Active Assist dashboard or individual service consoles. It generates recommendations and insights across six value categories: Cost, Performance, Security, Reliability, Operations, and Sustainability. The Active Assist dashboard aggregates all recommendations in one place. Google Cloud FinOps Hub (2024) incorporates Recommender data with billing history to display active savings, projected savings, and optimization opportunities. Gemini Cloud Assist generates AI-powered summaries of utilization insights (2025).
| Feature | AWS Trusted Advisor | Azure Advisor | OCI Cloud Advisor | GCP Recommender (Active Assist) |
|---|---|---|---|---|
| Recommendation categories | Cost, Performance, Security, Fault Tolerance, Ops Excellence, Service Limits | Cost, Security, Reliability, Ops Excellence, Performance | Cost Management, Performance, High Availability, Security | Cost, Performance, Security, Reliability, Operations, Sustainability |
| Scan frequency | Continuous / weekly refresh | Continuous | Daily | Continuous (per service) |
| Full access requirement | Business Support+ plan | All tiers | All OCI tenancies | All GCP projects |
| Rightsizing recommendations | Compute Optimizer (separate) | Advisor integrated | Cloud Advisor integrated | Recommender integrated |
| Unified console | Cost Optimization Hub | Advisor dashboard | FinOps Hub | Active Assist dashboard |
| AI-powered insights | Not native | Not native | Not native | Gemini Cloud Assist |
| Score / health index | Not native | Advisor Score | Not native | Not native |
Summary: Service Mapping Quick Reference
| Domain | AWS | Azure | OCI | GCP |
|---|---|---|---|---|
| Monitoring (metrics) | CloudWatch | Azure Monitor Metrics | OCI Monitoring | Cloud Monitoring |
| Logging | CloudWatch Logs | Azure Monitor Logs (Log Analytics) | OCI Logging | Cloud Logging |
| Audit logs | AWS CloudTrail | Azure Activity Log | OCI Audit | Cloud Audit Logs |
| Log analytics (ML) | CloudWatch Logs Insights | Azure Monitor Logs (KQL) | OCI Logging Analytics | Cloud Logging + Log Analytics |
| APM / Tracing | X-Ray + Application Signals | Application Insights | OCI APM | Cloud Trace |
| Profiling | CodeGuru Profiler | Application Insights Profiler | — | Cloud Profiler |
| Cost analysis | Cost Explorer | Cost Management | FinOps Hub / Cost Analysis | Cloud Billing Reports |
| Budgets | AWS Budgets | Cost Management Budgets | OCI Budgets | Cloud Billing Budgets |
| Rightsizing | Compute Optimizer | Azure Advisor | Cloud Advisor | Recommender |
| Multi-account governance | AWS Organizations + SCPs | Management Groups + Azure Policy | OCI Compartments + IAM + Organizations | Org Policy + Resource Hierarchy |
| Resource tagging / inventory | Resource Groups + Config | Resource Graph + Tags | Compartments + Tags | Cloud Asset Inventory + Labels |
| Configuration compliance | AWS Config | Azure Policy | Cloud Guard + Security Zones | Org Policy + Security Command Center |
| Hybrid configuration mgmt | Systems Manager | Azure Arc | — | Anthos Config Mgmt (K8s only) |
| Automation / runbooks | Systems Manager (SSM) | Azure Automation | Resource Manager + OS Mgmt Hub | Cloud Workflows + VM Manager |
| Service health | AWS Health Dashboard | Azure Service Health | OCI Status + Announcements | GCP Service Health |
| Cloud advisor | Trusted Advisor | Azure Advisor | OCI Cloud Advisor | Active Assist (Recommender) |
Notable Architectural Differences
OCI Compartments are a first-class structural primitive, not a metadata layer. Every resource must reside in a compartment; compartments define IAM policy scope, budget boundaries, and service quotas. This makes cost attribution and least-privilege access structurally enforced in a way that tag-based models in AWS, Azure, and GCP cannot replicate without policy enforcement overhead.
Azure Arc is the only native tool from any provider that extends a cloud's management plane (Azure Policy, Azure Monitor, Defender for Cloud) to resources running in other clouds or on-premises. AWS Systems Manager can manage on-premises nodes via SSM Agent, but does not extend governance policy to non-AWS cloud resources. OCI and GCP have no direct equivalent.
AWS Systems Manager is the most comprehensive native automation and operational management service of the four providers. It bundles patch management, desired-state configuration, run command, session management, parameter store, and inventory into a single service, with 300+ pre-built runbooks and deep integration across the AWS service catalog.
GCP Gemini Cloud Assist (2025) is the first native AI-powered cost and operational insight tool integrated directly into a cloud provider's billing and monitoring consoles, providing natural-language cost summaries, report generation, and utilization insight drafts.
References
- Amazon CloudWatch Features — Application Observability (APM)
- AWS Cloud Financial Management
- AWS Organizations
- AWS Systems Manager Automation
- AWS Trusted Advisor
- AWS Health Dashboard
- Azure Monitor overview
- Azure Management Groups overview
- Azure Arc overview
- OCI Monitoring and Observability
- OCI Resource Manager
- OCI Cloud Advisor
- OCI Landing Zones Overview
- Google Cloud Observability
- Google Cloud Cost Management
- Google Cloud Recommender overview
- Cloud Asset Inventory overview
- Google Cloud Resource Manager — Managing Organizations