Posted in

Azure / AWS / GCP: The Basics without the marketing fluff

by Sebastian Sejzer0

If you’ve worked with cloud for more than five minutes, you’ve probably noticed something:
each provider uses different names for concepts that are basically the same.
And nothing confuses engineers faster than learning a new cloud by trying to map terminology 1:1.

The Core Building Blocks

At a high level, all clouds need to answer the same three questions:

  1. Who owns the resources?
  2. How do we separate billing or environments?
  3. How do we group and manage the actual resources?

They solve these differently, but for the same goals.

Azure Structure

  • Tenant. the identity and directory boundary
  • Subscription. where billing and service limits exist
  • Resource Group. optional grouping of resources for organization, RBAC, or lifecycle

Azure’s philosophy is:
“One big house with many rooms.”
You typically keep everything under a single tenant and multiple subscriptions.

AWS Structure

  • Account. the core boundary (identity, billing, security)
  • Organization (Billing Account). a parent structure to group multiple accounts
  • Tags and Resource Groups. optional grouping, not required

AWS prefers the opposite approach:
“A neighborhood with many small houses.”
Each environment (dev, staging, prod, …) is usually its own isolated account.
This makes AWS extremely strong in security separation, governance, and blast-radius reduction.

GCP Structure

Google Cloud is the most “enterprise directory” model:

  • Organization. Top-level entity tied to a domain (like histechist.com)
  • Folders. Optional hierarchy used heavily by enterprises
  • Projects. The smallest deployable and billing unit
  • Labels. GCP’s version of tags

GCP’s philosophy feels like:
“A corporate campus with a main building (Organization), hallways (Folders), and rooms (Projects).”
Projects are strict boundaries: IAM, quotas, billing, APIs. All scoped at the project level.

Which Cloud Makes More Sense?

Here’s the honest, practical take:

Azure is great when:

  • You want everything under a single identity umbrella
  • RBAC and grouping matter a lot
  • You like structured organization out of the box

AWS is great when:

  • You want hard isolation between environments
  • Security boundaries matter more than convenience
  • You want the strongest multi-account governance story

GCP is great when:

  • You like a clean, logical hierarchy
  • Your org is already Google Workspace-centric
  • You want projects to encapsulate everything cleanly

Once you understand the mental model, everything clicks. The portals stop feeling confusing, they’re just different interpretations of the same problem: how to keep cloud resources organized, isolated, secure, and billable.

Leave a Reply

Open Terminal