AWS Competitive Intelligence Matrix Updated: February 16, 2018 Feedback: [email protected]

Amazon AWS Azure Global Infrastructure North America (number of Availability Zones for AWS) 17 10 Dedicated Availability Zones for US Government 2 6 Europe/Middle East/Africa (number of Availability Zones for AWS) 14 6

Asia Pacific (number of Availability Zones for AWS) 17 13

South America (number of Availability Zones for AWS) 3 1 Announced Locations 4 AWS Regions announced + 1 AWS GovCloud Region announced 6 Azure Regions announced

Total Production Locations 53 36

Number of Edge locations for content delivery web service 96 100+ shared Verizon & Akamai Regional Edge Caches 11 Total Edge Locations 107 100+ shared Verizon & Akamai Minimum distance between AZs. The min distance in miles, between two AZs in the same region Y X Maximum distance between AZs. The max distance in miles, between two AZs in the same region Y X Max instance size (vCPU/MEM) 128 vCPU / 3,904 GiB MEM 128 vCPU / 2,000 GiB MEM 12 Certifications 2 Certifications Number of SAP-certified Instances/VMs (up to 128 vCPUs, 3,904GiB RAM) (up to 32 vCPUs, 448GiB RAM) Public SAP case studies 33 8 Number of max FPGAs 8 X Number of max GPUs 16 4 Number of Security Certifications 59 48 Number of Managed Relational DB Services (PROD only) 6 1 Number of Migration Services 8 2

Service Description Amazon AWS

Compute Virtual Servers in the - Instances Virtual Servers in the cloud Amazon EC2 Virtual Machines Bare Metal servers Amazon EC2 Bare Metal Instances - PREVIEW X Arbitrary-size VMs. Custom Machine type (custom settings for vCPU and RAM) X X

Single-tenant VMs. Dedicated Instances (run on single-tenant hardware dedicated to a single customer) Y X

Host-locked VMs (ability to specify that a single-tenant VM must be places on a specific compute host) Y X

Virtual Machine Capabilities Burstable Performance Instances General Purpose - Burstable Burstable Instances/VMs (up to 8vCPUs, 32GiB RAM) (up to 8 vCPUs, 32GiB RAM) T2 Unlimited (burst above baseline as long as needed)

General Purpose General Purpose General Purpose Instances/VMs (up to 64 vCPUs, 256GiB RAM) (up to 64 vCPUs, 256GiB RAM)

Compute Optimized Compute Optimized Compute-intensive Instances/VMs (up to 72 vCPUs, 144GiB RAM) (up to 16 vCPUs, 112GiB RAM)

Accelerated Computing GPU GPU-enabled Instances/VMs (up to 4x M60s or 16x K80s) (up to 4x M60s/K80s/P100s)

12 Certifications 2 Certifications SAP-certified Instances/VMs (up to 128 vCPUs, 3,904GiB RAM) (up to 32 vCPUs, 448GiB RAM) Public SAP case studies 33 8

Memory Optimized Memory Optimized Memory-intensive Instances/VMs (up to 4TiB RAM) (up to 2TiB RAM) Storage Optimized Storage Optimized IO-intensive Instances/VMs (up to 64 vCPUs, 15.2TiB NVMe SSDs) (up to 32 vCPUs, 5.6TiB SSDs, no NVMe) Storage Optimized Storage Optimized Storage-intensive Instances/VMs (up to 36 vCPUs, 48TiB HDDs) (up to 32 vCPUs, 5.6TiB SSDs) Accelerated Computing FPGA-enabled Instances/VMs X (up to 8x FPGAs) Ability to easily attach low-cost graphics acceleration to instance Amazon Elastic GPUs - PREVIEW X Nested virtualization X Y Product Capabilities Instance for < $5 per month Y (t2.nano) X Rapid, self-service provisioning Y Y Image customization Y Y

Bring your own image/VM import Y Y

Two-generation OS support Y Y Large-instance support Y Y X compute starvation or resource prioritization across tenants Y Y Hot-swappable virtual hardware Y Y VM-preserving host maintenance Y Y VM-preserving maintenance X X VM host failure recovery Y Y Instance maintenance/failure notifications Y Y VM restart flexibility Y X Explicit host anti-affinity Y Y Dynamic horizontal autoscaling Y Y Dynamic vertical autoscaling X Y Explicit host affinity Y X Extra-large instance support Y Y Restart priority X X Automatic host anti-affinity Y Y VM console access ? basic access X X Single-tenant compute VMs Y X Compute performance baseline X Y Subminute provisioning times Y X Provider-offered distribution Y X Export VM image X Y Instance-level firewall protection Y Y Browser-based Cloud Shell X Cloud Shell (Bash + PowerShell) - PREVIEW Ability to reserve capacity on a recurring basis with a daily, weekly, or monthly schedule Y (Scheduled RI) X Auto Scaling support Y Scale Sets Bring your own image/Instance Import Y Y (VHD only) Export Instance Image Y (Prev. imported inst.) Y (VHD only) Instance affinity - logical grouping of instances within a single data center Y (Placement Groups) X (Affinity Groups - deprecated) Instance anti-affinity - logical grouping of instances in different data centers in a region Y (Availability Zone) Y (Azure Availability Zones) Instance failure recovery EC2 Auto Recovery Y (Availability Sets) Instance maintenance mitigation Live update Y (Memory preserving) Instance Metadata service: The platform has an instance metadata service, which provides an API that the VM can call to find out information Y Y about itself. Instance metadata key-value store: The instance metadata service allows customers to set arbitrary key-value pairs that are available to the VM. Y X Metadata credentials store: The instance metadata service can be used to store credentials for other services within the platform, allowing the VM Y X to call those services using these credentials. Instance restart flexibility Y (Scheduled Events) X Launch and manage an entire fleet of Spot Instances with one request Y (Spot Fleet) X Local Disk/Instance Store Y Y Protect instances from termination by auto scaling Y X Provider offered Linux distribution Y (Amazon Linux AMI) X Provision multiple concurrent instances Y Y (Scale Sets) Reserve capacity for 1 year, in exchange for a significantly discounted hr. rate Y (Reserved instances) Y (Azure Reserved Virtual Machine Instances) Reserve capacity for 3 years, in exchange for a significantly discounted hr. rate Y (Reserved instances) Y (Azure Reserved Virtual Machine Instances) Spot market pricing (bid on unused capacity for even lower hourly rates) Y (Spot instances) X Provision Spot capacity in custom compute units across instance families and Azs Y (Spot Fleet) X Fixed-duration EC2 instances Y (Spot Blocks) X Integrated support for Spot capacity in managed services (Auto Scaling, EMR, AWS Batch) Y (EMR, Auto Scaling, AWS Batch) X Sub-minute provisioning time (Linux instances) Y (<1 minute) X (> 1 minute) Support for Self-managed Oracle RAC on Amazon EC2 Y X Usage based discount for compute X X Volume discounts Y Y Encryption of Data While in Use Under investigation Azure Confidential Computing - PREVIEW OS Support - Linux - CentOS Y Y OS Support - Linux - CoreOS Y Y (via Marketplace) OS Support - Linux - Debian Y Y ( via Marketplace) OS Support - Linux - Fedora Y X OS Support - Linux - openSUSE Y Y (via Marketplace) OS Support - Linux - Oracle Linux Y Y (via Marketplace) OS Support - Linux - RHEL Y Y OS Support - Linux - SUSE Y Y OS Support - Linux - Ubuntu Y Y OS Support - Windows Y Y (Licencing via Azure or BYOL) License Portability and Support - IBM (DB2, Websphere) Y Y

License Portability and Support - Microsoft Apps (SharePoint, SQL) Y Y

License Portability and Support - Microsoft Apps (Windows Server) Y (EC2 Dedicated Hosts) Y

License Portability and Support - Oracle (DB 11g, Oracle Apps, Fusion) Y Y License Portability and Support - SAP (SAP Business Suite, HANA, Business Objects) Y Y (except HANA Ent.) Marketplace offering Y (3300+ products) Y (4100+ products) Pay as you go pricing (hourly) Y Y Pay as you go pricing (sub-hourly) X Y (charged per minute) Pay as you go pricing (per-second billing) Y Under investigation Pricing and Limits Limits Amazon EC2 limits Azure Virtual Machines limits SLAs 99.95% 99.95% (in Availability Set) or 99.90% (Stand-alone) Pricing Amazon EC2 pricing Azure Virtual Machines pricing Managed Container Registry Managed Container Registry Amazon EC2 Container Registry (ECR) Azure Container Registry Container Registry Lifecycle Policies Amazon ECR Lifecycle Policies X Replication across regions Images are stored in S3 which supports cross-region replication Y Pricing and Limits Limits Amazon EC2 Container Registry limits N/A SLAs N/A N/A Pricing Amazon EC2 Container Registry pricing Azure Container Registry pricing Run and Manage Docker Containers Azure Container Service Highly scalable, high performance container management service Amazon EC2 Container Service Azure Container Instances High Availability clustering Y Y Scheduling across multiple zones Y X Support for Docker Containers Y Y Container Linux Y Y Mesos support: The Docker service supports the use of Mesos/Marathon scheduling. X Y Kubernetes support: The Docker service supports the use of Kubernetes X Y Available in multiple regions NA, Europe, Asia - 65% coverage NA,Europe,Asia - 57% coverage Open Source Container Management and Orchestration Tooling Blox X Events CloudWatch Marathon Graphical view of cluster state Y X Health Checks ELB & Application health checks Marathon Identity and access management ✓ X Integration with Docker services - Compose ✓ Y Integration with Docker services - Swarm X Y IP per task/Pod X X Logging (to a persistent service which includes alarms) CloudWatch X Long running apps with failure recovery Y Marathon or Mesos Metrics - Instance and container level metrics Y X Multi-dimensional deployments (e.g. canary, blue-green, partitioned) X Marathon Multi-Environment (Hosted, On-Prem, Local-Machine) X Y Rolling updates Y Marathon Secret Management SSM Parameters X Task authentication and access Y X Service discovery Y Mesos Stateful Applications X X Support for Autoscaling Y X Support for CLI Y Y Support for Load balancing Y X Time-triggered services X Mesos Azure Service Fabric Application platform for building/deploying microservices-based applications X (Windows and Linux) Pricing and Limits Limits Amazon EC2 Container Service limits Azure Container Service limits SLAs N/A N/A Pricing NO COST (Pay only for used resources!) NO COST (Pay only for used resources!) Managed Kubernetes Service Managed Kubernetes Service Amazon Elastic Container Service for Kubernetes (Amazon EKS) = PREVIEW Azure Kubernetes Service (AKS) - PREVIEW Supported Kubernetes version 1.7 1.7.7 - 1.8.1 Automatic version updates Y Under investigation Granular control of automatic updates Y Under investigation Integrated logging & audit Y Under investigation Pricing and limits Limits Under investigation 3 - 10 nodes SLAs Under investigation No SLA provided for AKS, but underlying VMs follow the VM SLA Pricing Under investigation AKS is free, but you pay for resources used (VM, storage, network) Run containers without managing infrastructure Deploy and manage containers without having to manage any of the underlying infrastructure AWS Fargate Azure Container Instances Persistent storage Under investigation Y Public IP Connectivity Under investigation Y Supports Linux & Windows Containers Under investigation Y Scheduling multi-container groups Under investigation Y Pricing and Limits Limits Under investigation Under investigation SLAs 99.99% Under investigation Pricing AWS Fargate Pricing ACI Pricing Virtual Private Servers (VPS) Virtual Private Servers (VPS) (compute,storage & networking) Amazon Lightsail X Launch a virtual private server (VPS) with a few clicks (Base OS or App + OS) Y X Configurable networking. IP addresses, DNS, firewall Y X Highly Available Storage. High-performing Persistent SSD-based block storage Y X Scale applications with access to additional cloud services Y X Static IP address Y X Terminal access Y X Protect your data, clone your server - Lightsail snapshots $0.05/GB per month X Simple sizing choices. Choose from 5 sizes Up to 8GB RAM and 2vCPU X Pricing and Limits Limits Amazon Lightsail limits N/A SLAs N/A N/A Pricing Amazon Lighsail pricing N/A Managed Batch Processing Batch job scheduler: The platform provides a batch job-scheduling service that provisions and manages clusters used for batch computing AWS Batch Azure Batch workloads, and distributes jobs to the clusters. Native integration Y Y Suport for large-scale rendering jobs Under investigation Azure Batch Rendering Cost Optimized Resource Provisioning Y Low Priority Batch VMs Pricing and Limits Limits AWS Batch limits Azure Batch limits SLAs N/A 99.9% Pricing NO COST (Pay only for used resources!) NO COST (Pay only for used resources!) Run and Manage Web Apps Web Apps Run and Manage Web Apps AWS Elastic Beanstalk Cloud Services API Apps Supported Platform - Java Y Y Supported Platform - Python Y Y Supported Platform - PHP Y Y Supported Platform - Go Y X Supported Platform - .NET Y Y Supported Platform - Ruby Y X Supported Platform - Docker Y X Supported Platform - Node.js Y Y Deployment Mechanism - Git, Visual Studio, Zip Y Y Supported OS - Windows Y Y Supported OS - Linux Y PREVIEW Supported OS - any OS supported in Docker Y X Maximum number of instances >200 50 Maximum disk size 20 TB 500 GB SSL connections Y Y Application source versioning Built-in External Database options RDS, DBD, MS SQL, Oracle SQL Server, MySQL Traffic Routing Rt53 weights Traffic Manager Auto scaling Y Y Independently scale web and worker roles Y Y Security IAM, ACLs Azure Active Directory Automatic OS updates Managed Platform Updates Y Ability to swap virtual IP between staging and production environments Y Y Integration with caching solution Amazon ElastiCache In-role cache Enhanced application health monitoring Y Application Insights Pricing and Limits Limits AWS Elastic Beanstalk limits Azure Cloud Services limits SLAs N/A 99.95% (for both Cloud Services and App Service) Pricing NO COST (Pay only for used resources!) Azure Cloud Services pricing Run Code in Response to Events Event-driven computing that runs code in response to events Azure Functions AWS Lambda Event Grid Number of supported event sources 18 6 Environment variables Y Y Write functions deployed to network edge locations Y (AWS Lambda @Edge) X Support for Dead Letter Queues (DLQ) Y Y Encryption at-rest Y X Server-side Encryption (SSE) with KMS Y X Versioning Y X Ability to grant permissions to a Lambda function to access other resources Y (IAM Role) X Serverless functions orchestration capability AWS Step Functions X Authoring tools Plugins, SDK Y Code dependency management ZIP (w/ dependencies) ZIP (w/ dependencies) Deployment tools Console, S3, CodePipeline, CodeDeploy , GitHub, OneDrive, Visual Studio Team Services Debugging tools Amazon CloudWatch Logs Not Disclosed Monitoring tools Amazon CloudWatch Azure Application Insights Troubleshooting/Tracing tools AWS X-Ray Not Disclosed Auto-Scaling capability Automatic Automatic HTTP/S Invoke support API Gateway Y Event integration Y Y Framework supported - .NET Core 2.0 Runtime Y X Languages supported - Node.js Y Y Languages supported - Java Y Y Languages supported - C# Y Y Languages supported - F# X Y Languages supported - Python Y Y Languages supported - PHP X Y Languages supported - Bash X Y Languages supported - Batch X Y Languages supported - Swift X X Languages supported - PowerShell X Y Languages supported - Go Y X Pricing and Limits Concurrent Functions limit (maximum) 1,000 (soft limit) unlimited Function execution time (maximum) 5 minutes 10 minutes (by Consumption Plan) Function Code size (maximum) 50MB (compressed) N/A Function Memory size (maximum) 3008MB 1536MB Non-persistent temporary disk space (/tmp) Y (500 MB) N/A Sub-second metering/billing Y (100ms increments) Y (100ms increments) Limits AWS Lamba limits N/A SLAs N/A 99.95% Pricing AWS Lambda pricing Azure Functions pricing Serverless Application Repository Discover, deploy, and publish serverless applications AWS Serverless Application Repository X Uses JSON templates to package applications Y X Manages and provisions cloud resources Y (uses CloudFormation) X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing NO COST (Pay only for used resources!) N/A Auto Scaling Virtual Machine Scale Sets (VMSS) Auto scaling Auto Scaling Azure App Service Scale Capability (PaaS) Azure AutoScaling Pricing and Limits Limits Auto Scaling limits Azure Virtual Machine Scale Sets limits SLAs N/A Azure Virtual Machine Scale Sets SLA Pricing NO COST (Pay only for used resources!) NO COST (Pay only for used resources!) Hybrid Integration Extend virtualized data centers to the public cloud VMware on AWS Cloud Y Extend on-premise network configuration into the Cloud Y Y Hardware-based virtual private networking connection to cloud resources Y Y High speed, low latency, dedicated connectivity between on-premises & cloud Y Y Automated VM import functionality Y VHD only Automated VM export functionality prev. imported inst. VHD only Integrate with your existing identity and access management systems Y Y Use any IP address range, including RFC 1918 Y Y Create multiple private and public subnets Y Y Highly durable, automatic data replication, and recovery service from on-premises X Site Recovery Backup service to back up on-premises servers Backup and Recovery Azure Backup Control access to your cloud resources at a granular level Y Azure Role-Based Access Control (RBAC) Utilize multi-factor authentication when accessing cloud resources Y Y Temporary security credentials (Roles for IAM) Y Y Single Sign-On to SaaS Apps X Azure Active Directory Support from 3rd party management and monitoring tools - Microsoft Y Y Support from 3rd party management and monitoring tools - VMware Y X Support from 3rd party management and monitoring tools - CA Y Y Support from 3rd party management and monitoring tools - BMC Y Y Support from 3rd party management and monitoring tools - RightScale Y Y Support from 3rd party management and monitoring tools - Y X Support from 3rd party management and monitoring tools - Symantec Y Y App management service to deploy and operate apps in the Cloud or own data center Y Y Service to automate code deployments to cloud and on-premises Y Y Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing N/A N/A

Service Description Amazon AWS Microsoft Azure

Storage Object Storage Secure, durable, highly-scalable object storage Amazon Simple Storage Service (S3) Azure Storage - Blob Storage Retrieve only a subset of data from an object by using simple SQL expressions Y (S3 Select) X

Y No-delete objects (The customer must be able to mark an object as undeletable. It is acceptable for this to be enforced at the bucket level.) X Data Locality Y Y Object change notification Y X Location and Time-based policies Y X Multi-factor delete Y X Ability to route data (i.e. upload) from edge location to object storage service over an optimized network path Y (S3 Transfer Acceleration) X Service Side Encryption (SSE) Y (SSE-S3) Y (SSE) Service Side Encryption with Customer-Provided Keys (SSE-C) Y (SSE-C) SSE-C - PREVIEW Service Side Encryption (SSE) with a Key Management Service Y (SSE-KMS) SSE-AKV - PREVIEW Client-side Encryption (CSE) integrated with a key management service hosted by the provider Y (AWS KMS) Y (Azure Key Vault - AKV) Client-side Encryption (CSE) with a Client-side Master Key Y (CSE) Y (CSE) Default Encryption setting Y (Bucket level) X Cross-Region Replication (CRR) Y (Bucket, Prefix level) Y (limited to a fixed location) Cross-Region Replication (CRR), bi-directional Y X Cross-Region Replication (CRR) across different storage classes Y X Cross-Region Replication (CRR) with Key Management System (KMS) Y X Cross-Region Replication (CRR) with Access Control List (ACL) overwrite Y X Object tiering Y X Object lifecycle management Y PREVIEW Mutable object tags Y (up to 10 per object) X Flexible access-control mechanisms Y X Define policies to delete old data Y X Inventory Report for Objects and Metadata Y X Inventory Report with Encryption status Y X Define policies to move archival storage Y X Storage Analytics Y (Bucket, Prefix, Tag level) Y Storage Analytics with CRR integration Y X Ability to run analytics using SQL statements (aka query in-place) Y (Athena, Spectrum) Y (U-SQL) Object life cycle management policy Y X Lower Durability offering Y (S3 RRS) Y (LRS < ZRS < GRS < RA-GRS) Reduced availability offering Y (S3 Standard IA) Y (RA-GRS reads > GRS/ZRS/LRS/RA-GRS writes) Consistency model Y (read-after-write consistency for new PUTS, eventual consistency for overwrite PUTS/DELETES) Y (strong consistency) Encryption at-rest and in-transit Y Y gateway (CSG) Y Y Cross-geography replication Y Y Scalable object storage service Y Y Object storage replication Y Y Automatic object durability Y Y Array and tape bulk data import and export Y Y Bulk data import/export with encryption Y Y Bulk object delete Y Y Tiered storage service(s) Y (S3 Standard, S3 Standard IA, S3 RRS) Y (Hot Blob, Cool Blob) CDN option for users Y Y Static web hosting support Y Y Parallel, multipart upload Y Y Provider-enabled encryption services Y Y Support for bucket/container policies Y Y Logging of administrative object service requests Y Y Object versioning Y Y (snapshots only!) Audit logs Y Y Pricing and Limits Software (ISV) Support AWS Storage Partner Solutions Azure Technology Partners First Byte Latency (FBL) miliseconds miliseconds Throughput N/A Up to 60 MB/s or 500 requests/sec (Block Blobs) Storage Duration (minimum) N/A N/A Object Size (minimum) 0 bytes 0 bytes 4.77 TB (Block Blobs) Object Size (maximum) 5 TB 1 TB (Page Blobs) 195 GB (Append Blobs) Limits Amazon Simple Storage Service limits Blob Storage limits

SLAs >=99.90% and <=99.95% 99.9% to 99.99% (depending on Replication schema: LRS/ZRS/GRS/RA-GRS)

Availability 99.99% 99.9% to 99.99% (depending on Replication schema: LRS/ZRS/GRS/RA-GRS)

Durability 11 9s 99.9% to 99.99% (depending on Replication schema: LRS/ZRS/GRS/RA-GRS)

Pricing Amazon Simple Storage Service pricing Blob Storage pricing Object Storage - Infrequent Access Storage for infrequently accessed data Standard - Infrequent Access Cool Storage Ability to not limit retrieval throughput Y Under investigation Lifecycle Tiering Between Classes Y (Object age) Y (Object age) Encryption at-rest and in-transit Y Y Metrics Y Y Tools to Copy Y Y Storage Class Definition Y (Object level) Blob Storage Account Pricing and Limits First Byte Latency (FBL) miliseconds (same as S3 Standard) miliseconds (same as Hot Blob) Throughput Same as S3 Standard Same as Azure Storage Storage Duration (minimum) 30 days 30 days Object Size (minimum) 128 KB N/A Limits Amazon Simple Storage Service limits Cool Storage limits

SLAs >=99.90% and <=99.95% 99.9% to 99.99% (depending on Replication schema: LRS/ZRS/GRS/RA-GRS)

Availability 99.90% 99.9% to 99.99% (depending on Replication schema: LRS/ZRS/GRS/RA-GRS)

Durability 11 9s 99.9% to 99.99% (depending on Replication schema: LRS/ZRS/GRS/RA-GRS)

Pricing Amazon Simple Storage Service pricing Cool Storage pricing Archive Storage Low cost archival storage with policy support Archive Blob Storage Fault Tolerance Y (Data stored in 3 AZs) Y (6 copies maintained across 2 datacenters) Immutability Y Y Write Once Read Many (WORM) support Y X (3rd Party - Hubstor) Storage class transition Y (S3 Lifecycle) PREVIEW Retrieve only a subset of data from an object by using simple SQL expressions Y (Glacier Select) X Multiple retrieval options with multiple retrieval times Y X 3rd party attested governance - SEC Rule 17a-4(f), FINRA Rule 4511 and CFTC Regulation 1.31 Y X APIs Y (Amazon S3) PREVIEW SDKs Y (REST, C++, Go, Java, Node.j, .NE, PHP, Python, Ruby) Under investigation Encryption at-rest Y Y Audit logs Y (AWS CloudTrail) PREVIEW Backup Software support Y (CloudBerry, N2W, CommVault, CTERA, Druva, NetApp, SoftNAS) Y (Azure Backup Agent ,Windows only) Pricing and Limits Millisecond - not supported Expedited (1-5 minutes): flat rate of $0.03 per GB and $0.01 per 1K request Retrieval access times and cost N/A Standard (3-5 hours): flat rate of $0.01 per GB and $0.05 per 1K requests Bulk (5-12 hours): flat rate of $0.0025 per GB and $0.025 per 1K request Free Tier up to 10GB/month N/A First Byte Latency (FBL) minutes or hours up to 15 hours Storage Duration (minimum) 90 days 180 days Object Size (minimum) 0 byte N/A Limits N/A N/A SLAs N/A N/A Availability N/A N/A Durability 11 9s 99.90% Pricing Amazon Glacier pricing Archive Blob Storage pricing Block Storage Persistent block level storage volumes for compute instances in the cloud Amazon Elastic Block Storage (EBS) Azure Storage - Disk Storage Performance target/tier block storage Y (Amazon EBS Provisioned IOPS - PIOPS) Y (Premium Storage) Multiple instance mount capability X X Automatic snapshot management X Y Replication synchronous X Zone Redundant Storage Replication asynchronous Y (within AZ) X Encryption at-rest and in-transit Y (At-Rest) Y Block storage interconnect transparency Y Y Scalable instance-independent block storage service Y Y Point-In-Time Recovery (PITR) Y (Snapshots) Full Volume copy (aka Thick Clone) X Under investigation

Block storage service snapshots Y Y

Snapshot copy/ replication Y Y Expandable block storage volumes Y Y SSD-based block storage Y Y Block storage data eradication Y Y Pricing and Limits IOPS per Volume (maximum) 32,000 (PIOPS) 5,000 1GB-16TB 128GB, 512GB, 1 TB - (Premium) Size per Volume (maximum) (4GB min for io1, 1GB min for io2, 500GB min for st1/sc1) 32GB,64GB,128GB,512GB,1,024GB - (Standard) Throughput per Volume (maximum) 500 MB/sec 200 MB/sec IOPS per instance (maximum) 80,000 80,000 Size per Instance (maximum) N/A N/A Throughput per Instance (maximum) 1750 MB/sec 2,000 MB/sec Number of Volumes per instance (maximum, attached) 40 (Linux) / 26 (Windows) 64 Storage capacity attached to one instance (maximum) 640 TB 64 TB Limits Amazon Elastic Block Store limits Disk Storage limits SLAs 99.95% 99.9% Availability N/A N/A Durability N/A N/A Pricing Amazon Elastic Block Store pricing Disk Storage pricing (Managed or Unmanaged) File System Storage Managed file storage service Amazon Elastic File System (EFS) Azure Files NFS Support Y (NFS 4.1) Azure Enterprise NFS Service, Powered by NetApp - PREVIEW SMB Support X Y (SMB 3.0) Selectable performance modes, based on workload Y X SSD backed storage media Y Not disclosed Grow file systems to petabyte scale Y X (limited to 5 TB shares) Access from on premise Y X Sharable across thousands of instances Y X File storage service cross-geography replication Y X Integration with enterprise file synchronization and sharing X X -accessible file storage shares X Y Scalable instance-independent file storage Y Y Fully elastic capacity (no need to provision) Y Y Data spread across multiple AZs Y X Highly durable Y Y (GRS option) Highly available Y Y Consistency model Y (read-after-write) Y (read-after-write) File storage service snapshots Y PREVIEW File storage data eradication Y Y Encryption at-rest Y (KMS) Under investigation Data migration tools EFS File Sync Under investigation Pricing and Limits Throughput 10 GB/sec 60 MB/sec (max 1000 IOPS) Number of File Systems per Account (max) 10 N/A Limits Amazon Elastic File System limits File Storage limits SLAs N/A N/A Availability N/A N/A Durability N/A N/A Pricing Amazon Elastic File System pricing File Storage pricing Integrate On-Premises IT Environments with Cloud Storage Azure StorSimple AWS Storage Gateway Managed service to connect on-premises IT environment with cloud storage Azure File Sync - PREVIEW Cloud lifecycle support Y X Optimized data transfer over the network Y X Integration across block and object cloud storage services Y X Integrated Backup Service X Y (Azure Backup) Tape access Y X File access Y Y iSCSI access Y Y Local cache Y Y Local snapshots X Y Cloud snapshots Y Y Increment Snapshots with storage optimization Y Y Primary Storage Deduplication X Y Encryption at-rest and in-transit Y Y Support for Multipath IO (MPIO) X Y Support for VAAI X Y Virtual appliance support Y Y In-cloud hosted Y Y Integration with backup and archive software Y EMC, Microsoft, Veritas, Arc Serve, Veeam) Y (Azure Backup) Pricing and Limits Capacity File gateway: unlimited, Volume gateway >1PB, Tape Gateway: unlimited > 500 TB Limits AWS Storage Gateway limits Azure StorSimple limits SLAs N/A 99.9% Availability N/A N/A Durability N/A N/A Pricing AWS Storage Gateway pricing Azure StorSimple pricing Backup (BaaS) Managed Backup solution for on-prem infrastructure/workloads through Marketplace: Commvault, N2W Y (Azure Backup) Offers cloud backup for physical servers Not disclosed Y (Linux, Windows) Offers cloud backup for virtual servers Not disclosed Y (Hyper-V, VMware) Supports backup compression Not disclosed Y (On-Prem VMs only) Supports backup encryption Not disclosed Y (At-Rest, In-Motion, ADE) Supports backup deduplication Not disclosed Y (Hyper-V only) Offers application-consistent backups Not disclosed Y (Exchange/SharePoint/SQLServer) Offers long-term backup retention Not disclosed Y (9999 recovery points per protected instance) Offers automated daily backups Not disclosed Y (1x/day for Azure VMs, 2x/day for On-prem VMs) Supports network bandwidth throttling Not disclosed Y (Azure Backup Agent only) Pricing and Limits Limits N/A Azure Backup limits SLAs N/A 99.9% Pricing N/A Azure Backup pricing Disaster Recovery as a Service (DRaaS) Managed Disaster Recovery solution for on-prem infrastructure/workloads X (through Marketplace: CloudEndure, CloudVelox, Zerto) Azure Site Recovery Protects on-premises virtualized workloads Y Y (ESX, Hyper-V) Protects on-premises Bare Metal workloads Y Y (Windows, Linux) Allows implementation of Private Cloud to Public Cloud DR failover and failback scenarios Y (Pilot-light / Warm) Y Allows implementation of Private Cloud to Second Site failover and failback scenarios Not disclosed Y (Hyper-V, requires SC-VMM) Allows implementation of Cloud to Cloud (same Provider, across Regions!) failover scenario X (Marketplace) PREVIEW Allows implementation of Cloud to Cloud (same Provider, across Regions!) failback scenario Not disclosed Not disclosed Allows Cloud to Cloud (different Provider) failover and failback scenarios X (Marketplace) Y (AWS to Azure, needs validation!) Allows Hybrid Cloud integration X Y (Azure Stack) Allows DR Testing through Planned Downtime scenarios with zero data loss Not disclosed Y Allows implementation of Unplanned Downtime scenarios with minimal data loss Not disclosed Y Allows Orchestration with manual intervention Not disclosed Y (Azure Automate) Allows one-click replication for Instances/VMs hosted in the cloud Not disclosed PREVIEW Encryption for data in-flight Not disclosed Y Encryption of data at-rest (stored in the public cloud storage account) Not disclosed Y Supports VMs replication over a Site-to-Site VPN Not disclosed X Supports SAN-based replication Not disclosed Y Offers offline replication Not disclosed X Offers compression Not disclosed X Offers failback for any kind of VM disk Not disclosed X (no support Managed Disks!) Snapshots: Ability to create application-consistent Snapshots Not disclosed Y (Frequency = 1 to 12hrs) Snapshots Retention Period Not disclosed Y (1-3 days, Premium/Standard storage acct type!) Disk Selection: Allows selecting individual disks to be replicated (or not replicated) Not disclosed Y Allows to set target IP address Not disclosed Y Allows to target a private network to host recovered Instances/VMs Not disclosed Y Allows setting thresholds, alarms, notifications Not disclosed Not disclosed Deplay in replicating VM changes to the Portal Not disclosed Y (up to 15min) Supports Bandwidth Throttle Not disclosed Y Pricing and Limits Recovery Time Objective (RTO), depends also on connectivity speed 2-5min (Linux) or 10-15min (Windows) 10min to 2hrs (covered by SLA) Recovery Point Objective (RPO), depends also on connectivity speed 1sec Continuous (VMware, Bare Metal) OR 30sec (Hyper-V w/Standard Storage) OR 5min (Hyper-V w/ Premium Storage) Limits N/A Azure Site Recovery limits SLAs N/A 99.9% Pricing N/A Azure Site Recovery pricing

Service Description Amazon AWS Microsoft Azure

Database Managed Relational Database Service - Built for the Amazon Aurora - MySQL Managed relational database - Aurora X Amazon Aurora - PostgreSQL Multi-Master Amazon Aurora Multi-Master (PREVIEW) X Serverless relational database service Amazon Aurora Serverless (PREVIEW) X MySQL compatible Wire-compatible with MySQL 5.6 - InnoDB Azure Database for MySQL - PREVIEW PostgreSQL compatible Wire-compatible with PostgreSQL 9.6 Azure Database for PostgreSQL - PREVIEW Minimum storage limit 10 GB Not Disclosed Azure SQL 4096 GB Maximum storage limit 64 TB Azure Cosmos DB - no limit Azure SQL Automated backup support Y Azure Cosmos DB Azure SQL Point-in-Time Recovery Y Azure Cosmos DB - must contact support Azure SQL Snapshot support Y Azure Cosmos DB Encrypted snapshot support Y Azure SQL - Transparent Data Encryption (TDE) Amazon Aurora MySQL = 5x over standard MySQL MySQL performance Azure Database for MySQL - PREVIEW over 500,000 SELECTs/sec and 100,000 UPDATEs/sec PostgreSQL performance Amazon Aurora PostgreSQL = 3x over standard PostgreSQL Azure Database for PostgreSQL - PREVIEW Number of replicas Amazon Aurora Replicas = Up to 15 Azure SQL - up to four readable secondary databases Replication type Amazon Aurora Replicas = Asynchronous (milliseconds) Azure SQL - Asynchronous Automated fail-over Amazon Aurora Replicas Azure SQL Database auto-failover groups - PREVIEW Azure SQL - Transparent Data Encryption (TDE) Encrypted data in-transit support SSL (AES-256) Azure Cosmos DB - SSL/TLS 1.2 Azure SQL - Transparent Data Encryption (TDE) Encrypted data at rest support SSL (AES-256) Azure Cosmos DB - unknown method Azure SQL Encryption of data at-rest with customer managed keys Y Azure Cosmos DB Offers integrated monitoring capabilities Y Y Offers advanced monitoring capabilities Y Y Offers dashboard-based SQL query performance analysis tool PREVIEW Under investigation Pricing and Limits Limits Amazon Relational Database Service limits Azure Service Limits Azure SQL = 99.99% SLAs 99.99% Azure Cosmos DB = 99.99% (1 Region) / 99.999% (Read Availability, 2+ Regions) See Azure SQL and other database pricing Pricing Amazon Aurora pricing Azure Cosmos DB pricing Managed Relational Database Service Overarching managed relational database service for multiple database engines Y (Amazon RDS) Y (Azure Database) Managed relational database - Aurora Amazon Aurora (see Aurora section above) X Managed relational database - MariaDB Amazon RDS - MariaDB Y - PREVIEW (announced Nov/17, waitlist) DBaaS Microsoft SQL Server: You provide Microsoft SQL Server as a service. Amazon RDS - Microsoft SQL Y (SQL Database and Azure SQL Managed Instances)

DBaaS MySQL: You provide MySQL, MariaDB, or other MySQL-compatible database as a service. Amazon RDS - MySQL and Aurora Azure Database for MySQL - PREVIEW

DBaaS Oracle RDBMS: You provide Oracle RDBMS as a service. Amazon RDS - Oracle X

DBaaS PostgreSQL: You provide Postgres as a service. Amazon RDS - PostgreSQL and Aurora Azure Database for PostgreSQL - PREVIEW

DBaaS with local read replicas: You offer one or more of the above relational DBaaS with the ability to scale out in a single data center via read replicas. Opting into this service must be simple and through self-service means, not requiring any additional replication configurations on the Y Y customer's part. DBaaS with in-region read replicas: You offer one or more of the above relational DBaaS with the ability to scale out in multiple data centers within a single region, via read replicas. Opting into this service must be simple and through self-service means, not requiring any additional replication Y Y configurations on the customer's part DBaaS with cross region read replicas: You offer one or more of the above relational DBaaS with the ability to scale out in multiple regions via read replicas. Opting into this service must be simple and through self-service means, not requiring any additional replication configurations on the Y Y customer's part.

DBaaS with in-region failover: You offer one or more of the above relational DBaaS with cross-region high availability, meaning that the customer database is synchronously or asynchronously replicated into at least one data center in a different region, allowing failover to a replica in another Y Y region. Opting into this service must be simple and through self-service means, not requiring any additional replication configurations on the customer's part. Please indicate RPO if replication is asynchronous.

Supports Database synchronous in-zone/in-region (multiple AZs/DCs) replication (Master/Standby) Y (Multi-AZ) Y

Supports Database asynchronous in-zone/in-region (multiple AZs/DCs) replication (Read Replicas) Y (Aurora, MySQL, MariaDB, PostgreSQL) Y

Supports Database asynchronous cross-region replication (Read Replicas) Y Y Supports second-tier Read Replicas Y (Aurora, MySQL) Under investigation Supports High Availability (Master/Standby Database) Y Y Supports automatic failover of the master database to the standby database Y (Multi-AZ for MySQL, MariaDB, Oracle, PostgreSQL) Under investigation Supports manual failover (i.e. forced failover) of the master database to the standby database Y X Supports Database vertical scaling capability Y Under investigation Supports Database horizontal scaling capability (i.e. using Replicas) Y Under investigation Supports Database storage scaling capability Y (MySQL, MariaDB, Oracle, PostgreSQL) Under investigation Allows users to specify their desired level of IOPS for consistent throughput/performance Y (Provisioned IOPS) X Supports automated backups for point-in-time restore Y Y Supports on-demand (user-initiated) snapshots Y Under investigation Supports database cloning Under investigation Under investigation Supports database encryption at-rest Y Y Encryption of data at-rest with customer managed keys Y (KMS) Under investigation Supports database encryption in-transit Y Under investigation Supports Row Level Security (RLS) policies Y Y Ability to logically group multiple databases for management and scaling activities Under investigation Y (Azure SQL Elastic Pools - SQL Database) Allows to apply engine configuration values to one or more database instances Y (DB Parameter Groups) Y Offers integrated monitoring capabilities Y Y Offers advanced monitoring capabilities Y Under investigation Offers dashboard-based SQL query performance analysis tool PREVIEW Not Disclosed Supports Bing Your Own License (BYOL) Y Under investigation Supports transactional replication using sub/pub model for database migrations Not disclosed SQL Server Pricing and Limits vCPUs per database instance (maximum) 40 vCPU - db.m4.10xlarge N/A RAM per database instance (maximum) 244 GB N/A Database size (maximum) Aurora 64TB,SQL Server 4TB, others 16TB 1 TB Limits Amazon Relational Database Service limits Azure SQL Database limits SLAs 99.95% 99.99% Pricing Amazon Relational Database pricing Azure SQL Database pricing Managed NoSQL Database Service Azure Cosmos DB Amazon DynamoDB DBaaS: Other NoSQL: You provide some other NoSQL database as a service. DocumentDB (deprecated) SimpleDB (deprecated) Table Storage (also available as a CosmosDB API) Y (single-digit ms, TP99) Offers single-digit milisecond latency performance Y (single-digit ms, TP99) 10ms (reads) / 15ms (writes) In-memory cache for micro-second response times Y (Amazon DynamoDB Accelerator - DAX) X Multi-Master architecture Y MSFT claims yes, but a Primary Writer is still required! Multi-AZ architecture Y (but can't choose AZs) X Read Replicas X X In-zone/in-region replication Y (3 facilities in a Region) Y (Cosmos DB) Cross-region replication Y (Global Tables) Y (Cosmos DB) Multi-homing capability X Y (Cosmos DB) Automated Failover Y Y Failover prioritization X Y (Region prioritization) Failover test capability X Y Supports point-in-time recovery X X On-demand/Manual (user-initiated) Backups Y (On-demand Backup) X Automated backups Y Y (full, limited to every 4hrs) Database cloning capability X X Encryption of data at-rest X Y Encryption of data at-rest with customer managed keys X X Encryption of data in-transit Y Y Supports end-to-end encryption (client-side encryption) Y Y Vertical scaling capability X X Not Automatic (Cosmos DB, using partitions/sharding) Horizontal scaling capability Automatic (Amazon DynamoDB, using partitions/sharding) (requires RUs adjustment to meet request rate!) Network isolation X X Private connectivity to/from the database Y (VPC Endpoint for DynamoDB) X Y Y (Cosmos DB) Model compatibility (Key-Value, Document) (Key-Value, Graph, Column-Family, Document) Y (Cosmos DB) Y API compatibility (SQL API, API, MongoDB API, Cassandra API) (DynamoDB API only) (DocumentDB API is now SQL API!) DBaaS: Mongo DB: You provide MongoDB as a Service X Y (Cosmos DB) DBaaS: Cassandra: You provide Cassandra as a service X Y (Cosmos DB) Y (Cosmos DB) ACID compliance X (SQL API) Y (Cosmos DB) Consistency models Strong, Eventual Strong, Bounded Staleness, Session, Consistent Prefix, Eventual Database schema Schema-less Schema-less (Cosmos DB) Offers data migration tool to import data from various sources Y (AWS Database Migration Tool) Y (Cosmos DB) Number of security certifications 16 3 SDK/Programming support Java, .NET, Node.js, JavaScript (Browser) Java, .NET, Node.js, Python Supports GET, PUT operations Y Y Supports predifined data types Y Y Supports Query, Filter, Scan operations Y Y Supports Secondary Indexes Y (5 Local and 5 Global) Y (automatic indexing) Supports Triggers Y (AWS Lambda) Y (Azure Functions) Supports Streams Y (DynamoDB Streams) Y (Azure Stream Analytics) Supports Stored Procedures X Y (JavaScript) Supports Titan Graph database integration Y X Atomic counters (numeric attribute that is incremented, unconditionally) Y Under investigation Supports automatic item expiration (TTL) Y Y Offers automated data movement (in/out) capabilities Y (AWS Data Pipeline) Y (Azure Data Factory) Offers integration with Hadoop service for advanced analytics capabilities Y (Amazon EMR) Y (HDInsight) Offers integration with DW service for advanced business intelligence capabilities Y (Amazon Redshift) Y (PowerBI connector) Offers free-text search capability Y (Amazon Elasticsearch Plugin) Y (Azure Search) Offers integrated monitoring capabilities Y (Amazon CloudWatch) Y Pricing and Limits Limits Amazon DynamoDB limits Azure Cosmos DB limits SLAs N/A 99.99% (1 Region) / 99.999% (Read Availability, 2+ Regions) Free Burst capacity 5min N/A Pricing Amazon DynamoDB pricing Azure Cosmos DB pricing Managed In-Memory Cache Service Managed in-memory cache (memcached support) Amazon ElastiCache for Memcached X In-memory cache: Redis: You provide Redis as a service. Amazon ElastiCache for Redis Azure Redis Cache In-zone replication Y Y Multi-zone replication Y X Auto-failover Y Y Add/Remove Partitions/Shards Y (Online Dynamic Scale In/Out - Amazon ElastiCache for Redis) Under investigation Reserved Instances Y (Amazon ElastiCache Reserved Cache Nodes) X Pricing and Limits Limits Amazon ElastiCache limits Azure Redis Cache limits SLAs N/A 99.9% Pricing Amazon ElastiCache pricing Azure Redis Cache pricing Managed Data Warehouse Service Data Warehouse: You provide a data warehouse service that supports SQL-based queries, allowing the use of common BI tools such as Tableau Amazon Redshift SQL Date Warehouse and Microstrategy. Audit and compliance Y Y Automated backups Y (Snapshots to S3: Automated - every 5GB or 8 hrs whichever is earlier or Manual) Y (every 4-8 hrs) Encryption Y (CloudHSM, KMS) Y (Transparent Data Encryption - TDE) Fault Tolerant Y (global DR, backup to S3, Node failure tolerance) Y Network Isolation Y Y Optimized for data warehousing Y (high perf.) Not Disclosed Pause/Resume data warehouse X Y SQL support Y Y Run SQL queries against structured data stored in local disks (i.e. data warehouse) Y Y Run SQL queries against unstructured data stored in object storage (i.e. data lake) Y (Amazon Redshift Spectrum) Under investigation Supports open source data formats Y (Redshift Spectrum: Avro, CSV, Grok, ORC, Parquet, RCFile) Under investigation Employs a query optimizer to automatically determine how to minimize data scans Y Under investigation Support for 3rd party business intelligence software package and ETL tools Y Y Pricing and Limits Limits Amazon Redshift limits SQL Date Warehouse limits SLAs N/A 99.9% Pricing Amazon Redshift pricing SQL Date Warehouse pricing Managed Graph Database Service Cosmos DB Managed Graph Database Service - PREVIEW (also Graph extensions in Azure SQL Database) Y (single-digit ms, TP99) Offers single-digit milisecond latency performance Y 10ms (reads) / 15ms (writes) Multi-Master architecture X X Multi-AZ architecture Master (no) / Replicas (yes) X Read Replicas Y (up to 15) Y (up to 4) In-zone/in-region replication Y (6 copies, in 3 AZs) X Cross-region replication X Y Y Automated Failover (Less than 15min for Single Instance) Y (Less than 30sec w/ Read Replicas) Failover prioritization Y (Read Replicas prioritization) Y (Region prioritization) Failover test capability X Y Supports point-in-time recovery Y (within last 5min) X On-demand/Manual (user-initiated) Backups Y (snapshots) X Automated backups Y (continuous+incremental) Y (full, limited to every 4hrs) Database cloning capability Y X Encryption of data at-rest Y Y Encryption of data at-rest with customer managed keys Y (AWS KMS) X Encryption of data in-transit Y Y Vertical scaling capability Y (up to 64TB) X Horizontal scaling capability X Y (Cosmos DB, using partitions/sharding) Network isolation Y X Private connectivity to/from the database X X Y (Cosmos DB) Model compatibility Y (Apache TinkerPop and W3C RDF) (Apache TinkerPop) API compatibility Y (Gremlin and SPARQL) X (Cosmos DB offers Gremlin only) Y (Cosmos DB) ACID compliance Y (SQL API) Y (Cosmos DB) Consistency models Immediate Strong, Bounded Staleness, Session, Consistent Prefix, Eventual Bulk loading/import Y X Offers data migration tool to import data from various sources Y (HTTP REST Endpoint) Y (Cosmos DB) Number of security certifications X 3 SDK/Programming support X Java, .NET, Node.js, Python Supports user-defined indexing/partitioning X Y Pricing and Limits vCPUs per database instance (maximum) N/A RAM per database instance (maximum) 64TB Database size (maximum) N/A Limits Amazon Neptune limits Azure SQL Database limits SLAs 99.99% (unofficial) 99.99% Pricing Amazon Neptune pricing Azure SQL Database pricing

Service Description Amazon AWS Microsoft Azure

Migration Central location to track the progress of application and server migrations Centralized (Single Pane of Glass) cloud-based tool to trak cloud migrations progress/history AWS Migration Hub X Offers a dashboard for quick and improved visualization Y X Supports multi-region aggregated view capability Y X Migrates servers and workloads Y X Integrates with cloud provider migration tools Y (DMS, SMS) X Supports integration of 3rd party tools Y (ATADATA, CloudEndure) X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing NO COST (Pay only for used migration tools, resources!) N/A Application Discovery Service On-premise application discovery service AWS Application Discovery Service Azure Migrate - PREVIEW Maps dependencies between on-premises servers and applications Y Under investigation Collects configuration and usage information from servers Y Under investigation Ability to store all collected information in a centralized database Y (exports to CSV) Under investigation Encryption at-rest Y Under investigation Pricing and Limits Limits AWS Application Discovery Service limits N/A SLAs N/A N/A Pricing N/A Azure Operations Management Suite pricing Database Migration Service Database migration service AWS Database Migration Service Azure Database Migration Service - PREVIEW Ability to perform migration with minimum downtime (source database remains fully operational) Y Under investigation Supports multiple database sources (commerical and open-source) Y Under investigation Supports homogeneous database migrations Y Under investigation Supports heterogeneous database migrations Y Under investigation Pricing and Limits Limits AWS Database Migration Service limits N/A SLAs N/A N/A Pricing AWS Database Migration Service pricing N/A Database Schema Conversion Tool Database schema conversion tool AWS Schema Conversion Tool X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing N/A N/A Server Migration Service On-premises workloads to cloud migration service AWS Server Migration Service Azure Site Recovery Supports server discovery Y Under investigation Supports live replication (invremental server replication) Y (up to 90 days) Under investigation Supports VMware virtual machines migration Y Under investigation Supports Hyper-V virtual machines migration Y Under investigation Supports physical servers migration N Under investigation Supports encryption in-transit Y Under investigation Pricing and Limits Limits AWS Server Migration Service limits Azure Site Recovery limits SLAs N/A 99.9% Pricing AWS Server Migration Service pricing Azure Site Recovery pricing Batch Cloud Data Transfer Service Petabyte-scale data transport solution to transfer large amounts of data AWS Snowball Azure Data - PREVIEW Fast data transfer Y Y Support for encryption Y Y (BitLocker) Tamper Resistant and Secure (256-bit encryption and industry-standard Trusted Platform Module (TPM) Y PREVIEW Support for end-to-end tracking Y PREVIEW Secure erasing Y X Scalable - appliances can be used in parallel Y Not Disclosed Simple and Compatible (Job created via simple web interface - simple conection to your network) Y X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing AWS Snowball pricing N/A Petabyte-scale Data Transport with On-board Storage and Compute Hyper-converged device for edge processing AWS Snowball Edge X Perfrorm tasks such as analyzing data streams or processing data locally Y X Includes stand-alone storage Y X

Tamper Resistant and Secure (256-bit encryption and industry-standard Trusted Platform Module (TPM) Y X

Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing AWS Snowball Edge pricing N/A Massive Exabyte-Scale Data Transfer Service

Exabyte-scale data transport solution to transfer large amounts of data into and out of public cloud AWS Snowmobile X

Tamper-resistant, water-resistant and temperature controlled Y X Secure - 256-bit encryption, 24/7 video survelliance and alarm monitoring, GPS tracking Y X Customized to meet the needs of the transfer job Y X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing AWS Snowmobile pricing N/A

Service Description Amazon AWS Microsoft Azure

Networking & Content Delivery Isolated Cloud Resources Virtual network in the cloud Amazon (VPC) Virtual Network (VNet) Auto-created default virtual private network Y Y Service Endpoint (private connection) to connect your services within the Virtual Network to other Cloud-based services Y (Interface-type and Gateway-type) Vnet Service Endpoints - PREVIEW Endpoint capable of routing traffic through provider's internal network backbone (private connectivity) as well as on-premises applications AWS PrivateLink (Interface-type Endpoint) Vnet Service Endpoints - PREVIEW Endpoint capable of routing traffic through provider's internal network backbone (private connectivity) Gateway-type Endpoint (S3, DynamoDB) Under investigation Private connectivity between compute and storage services Y (EC2, S3, DynamoDB) X Use any network CIDR, including RFC 1918 Y Y Ability to expand/shrink Virtual Network size (CIDR) Y Under investigation IPv4 Protocol support Y (All) Y (TCP, UDP, ICMP) IPv6 Protocol support (new: IPv6 support for EC2 instances in VPC) Y (EC2, S3, S3 Transfer, CloudFront, WAF, Route 53, ALB, ELB) Y (Azure Load Balancer, Virtual Machines) Support for multiple IP addresses/instance Y (ENI or Secondary IP) PREVIEW Auto-assigned public (ephemeral) IP addresses Y Y Promote ephemeral IPs to static IPs X X Static IP addresses (public and private) Y (Elastic IP) Y Ability to move network interfaces and IPs addresses between instances Y (ENIs in VPC) X Instance support for five or more network interfaces and IP addresses Y Y Multiple virtual NICs per VM Y X Multiple network interface/instance Y Y Isolated virtual networks and private-IP-address-only compute instances Y Y Multisegment networks and multiple subnets per virtual network Y Y Five (ormore) virtual networks (per customer, per Region) Y Y Multi-data-center virtual networks stretching capability Y Y Customer-defined hierarchical LAN topology Y Y Subnets within private network Y Y Virtual network configurable routing Y (Route Tables) Y Multiple private network connections per Virtual Network (VPN/WAN) Y Y LAN traffic encryption (at the Data Center level) Y Y WAN traffic encryption (across Data Centers) Y X Subnet-level traffic filtering Y (Network ACLs) Y (deprecated - use NSG) Instance-level Ingress traffic filtering Y (Security Groups) Y Instance-level Egress traffic filtering Y (Security Groups) Y Managed NAT service Y (NAT Gateway) X Configure proxy server (NAT instance) at network level Y X Disable source/destination checks on interfaces Y X Customer VPN connectivity (site-to-site VPN connectivity) Y (Hardware-based VPN or Software VPN) Y Customer VPN connectivity or remote access (point-to-site VPN connectivity) AWS VPN CloudHub (uses software VPN) Under investigation Supports using VPN server at the application layer Y X Supports multiple VPN Connections per Virtual Network Y Y AES256 Encryption VPN capability Y Y IPSec Encryption VPN capability Y Under investigation Supports statically-routed VPN connections Y Under investigation Supports dynamically-routed VPN connections Y Under investigation Supports Border Gateway Protocol (BGP) for improved HA/Failover capability Y Y Intercustomer private traffic exchange (cross-account Virtual Network connectivity) Y Y Virtual network traffic exchange (same account Virtual Network connectivity) Y Y Virtual Network to Virtual Network connectivity within Region Intra-Region VPC Peering Y Virtual Network to Virtual Network connectivity across Regions Inter-Region VPC Peering (requires DirectConnect Gateway) Under investigation Virtual Network transitive routing (edge-to-edge routing) X Global VNet Peering - PREVIEW Interregion private connectivity (Region-to-Region connectivity through provider's private network) Y Y WAN performance target (inter-region network performance optimization) Y Y WAN performance automatic optimization/acceleration (across Data Centers and Regions) X X Higher performance networking tier Enhanced Networking Y Lower performance networking tier X X LAN performance target/tier X X Real-time network performance visibility (Monitoring) Y (CloudWatch) X Network Traffic Flow Monitoring Y (VPC Flow Logs) X Time Sync Service Amazon Time Sync Service X Pricing and Limits Virtual Network size (maximum) /16 /8 Limits AWS Virtual Private Cloud limits Networking limits (w/ Azure Resource Manager) SLAs N/A N/A Pricing AWS Virtual Private Cloud pricing Virtual Network pricing Global Content Delivery Network Content delivery web service Amazon CloudFront - Content Delivery Network (CDN) Azure Content Delivery Network Allows to access content in an internal origin Y (S3) Under investigation Allows to access content in an external origin Y Y Uses a multi-tier cache approach to reduce latency Y Uses Regional Edge Caches (aka mid-tier caches) to extend object's cache availability Y Not Disclosed Employs performance optimization for the Edge Locations Y Y Supports proxy methods to accelerate API calls Y Under investigation Global Load Balancing & Failover across Multiple CDN's Y () Y (Traffic Manager) Supports file compression Y (gzip) Not Disclosed Ability to securely upload user-submitted data Y (Field-Level Encryption) Under investigation Ability to serve/restrict content to specific countries Y (Geo Restriction feature) X (announced, but NA) Latency and Weighted Round Robin routing Y (Amazon Route 53) Y (Traffic Manager) Ability to remove copies of a file from all edge locations cache before it expires Y (Invalidation API) Y Ability to invalidate multiple objects at edge locations Y (use * wildcard) X Ability to serve secure content by deploying/importing certificates Y Not Disclosed Custom SSL - bring your own certificate Y X Token Authentication / Private URLs for private content Y (Signed URL, HTTP Cookies) X (announced, but NA) SSL/TLS encryption Y Under investigation Layer 7 connectivity security AWS WAF Under investigation Layer 3/4 connectivity security AWS Shield (Standard / Advanced) Under investigation Supports Hi-Def & Std-Def Encoding Formats Y (AET or EC2) Y (Azure Media Services) Supports Adobe Flash Media (RTMP, RTMPe) for audio/video streaming Y (AET or EC2) Y Supports live audio/video streaming platforms Adobe Media Server, Wowza Media Server, Windows Media Services Y Supports Multi-Bit rate Encoding Y (Smooth HLS, HDS, MPEG-DASH) Y (Media Services Encoding) Supports Media Player X Y (Media Player) Supports HTTP and HTTP/2 Y Under investigation Supports SNI (TLS extension) protocol Y Under investigation Basic reporting capability Y (Amazon CloudFront Reports & Analytics) Y Detailed Analytics reporting capability Y (Amazon CloudFront Reports & Analytics) X Geographic Traffic reporting capability Y (Amazon CloudFront Reports & Analytics) X Automated Hourly Log Retrieval & Filtering Application Y Y Private Backbone Network (What is this????) X Y Pricing and Limits Number of Edge Locations 102 (56 Cities) 49 Cities (plus Akamai Network) Number of Regional Locations 13 N/A Limits Amazon CloudFront limits Azure Cloud Delivery Network limits SLAs N/A 99.9% Pricing Amazon CloudFront pricing Azure Content Delivery Network pricing Scalable DNS and Domain Name Registration Azure DNS DNS web service (Highly available and scalable cloud) Amazon Route 53 Traffic Manager Management Console access Y Y (Traffic Manager) Domain Registration service Y X Latency based Routing Y Y (Traffic Manager) Weighted Round Robin (WRR) Routing Y Geo DNS Routing Y X Geoproximity Routing Y Under investigation DNS Failover capability Y Y (Traffic Manager) Visual editor for traffic management Y (Traffic Flow) Y (Traffic Manager) Automatic Health Checks Y Y (Traffic Manager) Integration with Load Balancer Y X Zone Apex support for Load Balancer and CDN Y X Pricing and Limits Limits Amazon Route 53 limits Azure DNS limits SLAs N/A 99.99% Pricing Amazon Route 53 pricing Azure DNS pricing Customer Connectivity Customer Connectivity: Integrated service: A customer can obtain private WAN connectivity directly from you (i.e., you are either a carrier or you are reselling a carrier's WAN services), and it is integrated directly into the cloud platform. This service can be manually provisioned, but once AWS Direct Connect ExpressRoute provisioned, must be self-service configurable with an API (and optionally a portal). Private customer connectivity — integrated service (WAN service, directly from Cloud Provider) Y Y Private customer connectivity (WAN service, provided by Carriers) Y Y Ability to stablish/consolidate connectivity that spans across multiple VPCs/Vnets Y (DirectConnect Gateway) Under investigation Layer 2 (IEEE 802.1q VLANs) connectivity method Y Under investigation Layer 3 connectivity method X Under investigation Allows partitioning into multiple interfaces Y Under investigation Multiple private customer connections (WAN connectivity) Y Y Allows connectivity to both prublic and private IP addresses Y Under investigation Offers reduced data rates for Transfer Out traffic Y Under investigation Automatic failover betwwen primary and secondary links Y Under investigation Supports Link Aggregation Group (LAG) / Link Aggregation Control Protocol (LACP) to group links together Y (up to 4, Dynamic only) Under investigation Support for active-active LACP Y Under investigation IPv6 support Y Under investigation Monitoring and Alerts Y (Amazon CloudWatch) Y (Monitoring ExpressRoute with Operations Management Suite) Pricing and Limits Bandwidth 1 - 10 Gbps Limits AWS Direct Connect limits Azure ExpressRoute limits SLAs N/A 99.95% Pricing AWS Direct Connect pricing Azure ExpressRoute pricing Elastic Load Balancing Managed Layer 7 Load Balancer for apps that rely on HTTP/HTTPS Application Load Balancer Y (Application Gateway) Managed Layer 4 Load Balancer for apps that rely on TCP protocol Network Load Balancer Load Balancer Managed Layer 7/Layer 4 Load Balancer Classic Load Balancer Under investigation Front-end (external) Load Balancer Y Y Back-end (internal) Load Balancer Y Y Support for UDP protocol X Y Support for IPv6 protocol Y (Application Load Balancer, Classic Load Balancer) Y Support for native HTTP/2 Y (Application Load Balancer) X Support for WebSockets protocol (for long-lived connections) Y (Application Load Balancer, Network Load Balancer) Y Support for SNI (TLS protocol extension) Y (Application Load Balancer) Under investigation Single-AZ load balancing capability/isolation Y (Network Load Balancer) Under investigation Cross-AZ load balancing capability Y (Application Load Balancer, Classic Load Balancer) Under investigation Zonal (AZ) failover capability Y Under investigation High Availability (HA) Ports Y (Application Load Balancer, Network Load Balancer) High Availability Ports - PREVIEW Local load-balancing — independent IP address X Y Y (Traffic Manager) DNS based global load balancing Y (Amazon Route 53) Azure Load Balancer (Basic/Standard) - PREVIEW Metrics-driven load balancing Y Y Content-based/Path-based routing Y (Application Load Balancer) Under investigation Content-based/Host-based routing Y (Application Load Balancer) Under investigation Client-side source IP visibility Y Under investigation Static IP support (front-end) Y (Network Load Balancer, one per AZ) Under investigation Elastic (fixed) IP support Y (Network Load Balancer, one per AZ) Under investigation Support for connection draining Y Under investigation Session affinity load balancing Y Y Sticky sessions support Y (Application Load Balancer, Classic Load Balancer) Y (2-tuple, 3-tuple) Configurable idle connection timeout Y (Application Load Balancer, Classic Load Balancer) Under investigation Backend server encryption Y (Application Load Balancer, Classic Load Balancer) Under investigation SSL Encryption Y (Application Load Balancer, Classic Load Balancer) Under investigation Support for SSL offloading Y (Application Load Balancer, Classic Load Balancer) Y Delete protection Y (Application Load Balancer) Under investigation WAF integration Y (Application Load Balancer) Y Logging Y (CloudWatch Logs) PREVIEW Enhanced Logging (records traffic in/out) FlowLogs Under investigation Monitoring Y (Amazon CloudWatch) Y Auditing Y (CloudTrail) Under investigation Request Tracing Y (Application Load Balancer) Under investigation Pricing and Limits Limits Elastic Load Balancing limits Azure Load Balancer limits SLAs N/A N/A Pricing Elastic Load Balancing pricing Azure Load Balancer pricing

Service Description Amazon AWS Microsoft Azure

Developer Tools Unified to Manage Software Development Quickly develop, build and deploy applications AWS CodeStar Visual Studio Team Services Pricing and Limits Limits N/A Visual Studio Team Services limits SLAs N/A 99.9% Pricing NO COST (Pay only for used resources!) Visual Studio Team Services pricing Store Code in Private Git Repositories Managed source control service AWS CodeCommit Visual Studio Team Services Repository Type highly scalable Git repositories Git, TFVC Code Browsing Y Y Code Editing X Y Code Search X Y Code Review X pull requests Encryption at rest Y X Pricing and Limits Limits AWS CodeCommit limits Visual Studio Team Services limits SLAs N/A 99.9% Pricing AWS CodeCommit pricing Visual Studio Team Services pricing Automate Code Builds Fully Managed Build Service to build and test code in the cloud AWS CodeBuild Visual Studio Team Services Continous scaling Y Y Extensible Y via Visual Studio Team Services extensions Enables CI/CD integration Y Y Secured by a Key Management System Y Y Pricing and Limits Limits AWS CodeBuild limits Visual Studio Team Services limits SLAs N/A 99.9% Pricing AWS CodeBuild pricing Visual Studio Team Services pricing Automate Code Deployments Managed Service to deploy code to instances AWS CodeDeploy Visual Studio Team Services Rolling Update - deploy to instances AWS CodeDeploy X Rolling Update - deploy to containers Amazon EC2 Container Service (ECS) X Rolling Update - deploy to App Platform AWS Elastic Beanstalk X Deployment Health Tracking CodeDeploy X Configuration Management Integrations Ansible, Chef, Puppet Labs, Salt X IDE X VS, VS Team Services IDE Toolkits AWS Toolkit for Eclipse, AWS Toolkit for Visual Studio Eclipse, IntelliJ Monitoring and Alerts Amazon CloudWatch Application Insights Logging AWS CloudTrail Audit Log In-Process Call Tracing X IntelliTrace Remote Procedure Calls details, including latency for requests that make RPC calls X X Crash Reporting X Application Insights Pricing and Limits Limits AWS CodeDeploy limits Visual Studio Team Services limits SLAs N/A 99.9% Pricing AWS CodeDeploy pricing Visual Studio Team Services pricing Release Software using Continuous Delivery Continuous Delivery service for fast and reliable updates AWS CodePipeline Visual Studio Team Services Build Jenkins, AWS Partner Network Visual Studio Team Services Load Test AWS Partner Network Visual Studio Team Services UI Test AWS Partner Network X API test AWS Partner Network X Security Testing X X Pricing and Limits Limits AWS CodePipeline limits Visual Studio Team Services limits SLAs N/A 99.9% Pricing AWS CodePipeline pricing Visual Studio Team Services pricing Cloud-based IDE Cloud IDE for writing, running, and debugging code AWS Cloud9 X Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Analyze and Debug Production, Distributed Applications Distributed Tracing System: The provider offers, as a service, a mechanism for collecting and displaying trace information from the customer's Visual Studio Team Services - limited infrastructure and/or applications, providing performance metrics for distributed applications. This may require the customer to install an agent on AWS X-Ray compute instances or instrument an application. Application Insights Review Request Behavior Y X Discover Application Issues Y Visual Studio - Limited Improve Application Performance Y Visual Studio - Limited Integrated Y X Pricing and Limits Limits AWS X-Ray limits Visual Studio Team Services limits SLAs N/A 99.9% Pricing AWS X-Ray pricing Visual Studio Team Services pricing

Service Description Amazon AWS Microsoft Azure

Management Tools Monitor Resources and Applications Azure Portal Monitoring service for cloud resources and applications Amazon CloudWatch Azure Monitor Azure Storage metrics in Azure Monitor - PREVIEW Customer defined monitoring metrics (publish your own metrics) Y (through API call) X Infrastructure metrics/alarms Y Y Dashboards - collection of charts Y Y (Azure Operation Insights only) Historical performance monitoring 14 days 30 days Ability to monitor at 1 minute granularity 1min,5min,1hour X Ability to get notifications from services delivered in near-real-time Y (Amazon CloudWatch Events) Y (Azure Monitor) Availability/external monitoring from multiple locations Y (Amazon Route 53 Health checks) Y (web endpoint monitoring) Application monitoring Y Y (Application Insights) Percentiles X X Real-time monitoring of logs Y (Amazon CloudWatch Logs) Y (Operation logs) Log search Y X Email notifications Y Y Mobile notifications Y X Ability to monitor multiple clouds (metrics, logs) through a single view X Y (Operations Management Suite) Pricing and Limits Limits Amazon CloudWatch limits Azure Monitor limits SLAs N/A 99.9% Pricing Amazon CloudWatch pricing Azure Monitor pricing Monitor Resources and Applications Managed Systems Manager for cloud and on-premises systems Amazon EC2 Systems Manager Microsoft Operations Management Suite - Automation and Control functions Pricing and Limits Limits Amazon EC2 Systems Manager limits N/A SLAs N/A 99.9% Pricing N/A Azure Operations Management Suite pricing Create and Manage Resources with Templates Azure Resource Manager (ARM) Service to create a collection of related resources and provision them using a template AWS CloudFormation VM Extensions Azure Automation Customized resources (extensibility) Y Y Visualization of templates/resources Y (AWS CloudFormation Designer) X Online editor/code completion Y (AWS CloudFormation Designer) Y Shared / OSS resources (GitHub repos, community contributions) Y (custom resources) Y (sample templates) Resource coverage (build service,document association, IPv6) Y X Portal experience for provisioning Y Y Cross-region template replication for DR scenarios Y Not disclosed Mobile enabled portal access Y X Parameters / Inputs for customization Y Y Support for Authenticated user access Y Y Role based access Y Y Separate permissions for launch vs. provision Y (AWS Service Catalog) X Support cost tracking Y (tags) Y (tags) Provide cost estimate Y (budget-tags) X Event feeds of provisioning actions Y (Amazon Simple Notification Service) X Audit logs Y (AWS CloudTrail) Y (Audit Logs) Community engagement (StackExchange/Forums/Twitter) Y Y Support for external tools Y (Troposphere, Sparkle) X Language features Y (Parameters, Maps, Conditions, Outputs) Y (Loops, Variables, Parameters, Outputs) Reliability guarantees/semantics Y (Strong reliability) Y (Strong reliability) Pricing and Limits Limits AWS CloudFormation limits Azure Automation limits SLAs N/A 99.9% Pricing NO COST (Pay only for used resources!) Azure Automation pricing Track User Activity and API Usage Web service to record API calls and deliver log files AWS CloudTrail Azure Monitor (Activity log) Number of supported services 63 Services 23 services Receive notification of API activity Y Y Durable and inexpensive log file storage Y (compressed) X (no compression) Choice of partner solution Y X (no partner solution) Latency to deliver API activity history to a storage bucket <15 mins Y (<15 mins) Aggregation across multiple accounts and multiple Regions for ease of use Y X Account level logging to correlate activity from different AWS services application logs Y Y Pricing and Limits Limits AWS CloudTrail limits Azure Monitor limits SLAs N/A 99.9% Pricing AWS CloudTrail pricing Azure Monitor pricing Track Resource Inventory and Changes Managed service for resource inventory, configuration history & change notifications AWS Config X Guidelines for provisioning, configuring and continuously monitoring compliance AWS Config Rules X Automatically records a resource’s configuration when it changes Y X Examine the configuration of your resources at any single point in the past Y X Receive notification of a configuration change Y X Choice of partner solution Y X Record configuration changes (OS changes,system-level,installed apps,network config) Y X Supports on-premises environment (Hybrid) Y X Pricing and Limits Limits AWS Config limits N/A SLAs N/A N/A Pricing AWS Config pricing N/A Automate Operations Application management service to deploy and operate applications AWS OpsWorks Azure Automation Managed service to automate tasks using PowerShell based runbooks X Azure Automation Scalable Y X Security for fine-grained access controls Y X Community Support Y X Simple to Manage Hybrid Environments Y X Fully Managed Chef Server and suite of automation tools AWS OpsWorks for Chef Automate X Fully Managed Puppet Enterprise Server and suite of automation tools AWS OpsWorks for Puppet Enterprise X Fully Managed Stacks suite of automation tools AWS OpsWorks Stacks X Pricing and Limits Limits AWS OpsWorks limits N/A SLAs N/A N/A Pricing NO COST (Pay only for used resources!) N/A Unified user Interface to view operational data and automate operation tasks Visibility and Control of your infrastructure AWS Systems Manager Microsoft Operations Management Suite Logically group resources Y Under investigation Dashboard that automatically aggregates and displays operation data Y Under investigation Collects information about your instances and the software installed on them Y Under investigation Automate IT operations and management tasks across recources Y Under investigation Secure remote management of your instances at scale Y Under investigation Select and deploy and software patches automatically across large groups of resources Y Under investigation Maintain consistent configuration Y Under investigation Centralized store to manage configuration data Y Under investigation Pricing and Limits Limits AWS Systems Manager limits N/A SLAs N/A N/A Pricing NO COST N/A Create and Use Standardized Products Create and manage catalog of pre-approved services for use AWS Service Catalog X Pricing and Limits Limits AWS Service Catalog limits N/A SLAs N/A N/A Pricing AWS Service Catalog pricing N/A Best Practice Advisor Service to compare resource usage to best practices AWS Trusted Advisor Azure Advisor Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing AWS Trusted Advisor pricing NO COST Personalized Dashboard Personalized View of Service Health AWS Personal Health Dashboard Azure Resource Health Proactive Notifications Y Y Detailed Troubleshooting Guidance Y X Integration and Automation Y X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing NO COST NO COST Tools AWS Command Line Interface Azure Command Line Interface CLI AWS Tools for Windows PowerShell Azure PowerShell Web based Management Console AWS Management Console Azure Portal Smartphone app to manage cloud infrastructure Y X Azure Cloud Shell ($ for storage) Cloud Shell X Bash or PowerShell Software Development Kits (SDKs) AWS Tools & SDKs Azure SDKs Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing NO COST NO COST Infrastructure Operations Management Infrastructure Operations Management AWS Managed Services X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing AWS Managed Services pricing N/A

Service Description Amazon AWS Microsoft Azure

Artificial Intelligence Conversational Interfaces for Applications Bing Speech API Language Understanding Intelligent Service (LUIS) Managed Service for building conversation interfaces into any application using voice and text Amazon Lex Speaker Recognition API (PREVIEW) Custom Recognition Service (CRIS) Azure Bot Service Number of languages supported 3 at GA, expanding to 5 languages in 2017 8 ASR Y X (Need to call separate speech API) NLU Y X Integeration with Mobile Hub to easily integrate with mobile Apps Y X One click deployment to chat services Y X Support for multi-developer environment: Versioning, Aliases Y Not disclosed Seamlessly build, test and deploy Y X Built-in connectors to Enterprise SaaS applications: , Microsoft Dynamics, Marketo, Zendesk, QuickBooks and Hubspot Y X Built-in Integration with cloud platform providing scale and security Y X Monitoring Y X Pre-defined Intents and Entities Y X Pricing and Limits Limits N/A N/A SLAs N/A 99.9% Pricing Amazon Lex pricing Cognitive Services pricing Turn text into Lifelike Speech using Managed Service to turn text into lifelike speech Amazon Polly Bing Speech API Convert audio to text X Bing Speech API Number of lifelike voices/number of languages 47 voices across 24 languages 28 voices across 17 languages Store and Redistribute Speech Y Not answered but cogitive services it is prohibited copying, storing, and caching of search results Speech Synthesis via API, Console or Command Line Y Y Support AWS SDK - Java,Node.js,.NET,PHP,Python,Ruby,Go,C++ Samples - .NET, Javascript, NodeJS, PHP, Python, Ruby, Unity Platform Support AWS Mobile SDK - iOS,Android Samples - iOS,Android User Lexicons Y X SSML support Y Y Speech marks X X Pricing and Limits Limits Amazon Polly limits N/A SLAs N/A 99.9% Pricing Amazon Polly pricing Cognitive Services pricing Deep learning-based Image and video Recognition Computer Vision API Face API Managed Service for Image Analysis for applications Amazon Rekognition Emotions API (PREVIEW) Video API (PREVIEW) Scalable Image Analysis Y Not disclosed Securely control access to API's AWS Identity and Access Management (IAM) Not disclosed Integrated with other cloud services Y Not disclosed Scalable Face recognition Y Not disclosed Real-time face recognition Y Face API Text-in-image recognition Y Video Optical Character Recognition Pricing and Limits Limits N/A N/A SLAs N/A 99.9% Pricing Amazon Rekognition pricing Cognitive Services pricing Build Smart Applications Quickly and Easily Managed service for building models and generating predictions Amazon Machine Learning Azure Machine Learning Batch prediction API (for generating predictions in a batch mode) Y Y

Data visualization and exploration Y Y Dataset maximum size 100 GB 10 GB Deployment in multiple regions IAD, DUB available in 7 regions Gallery with published ML APIs API reference ML Gallery Integrated with other cloud services for easy data access S3, RDS, Redshift Storage, SQL, HiveQL Model evaluation and interpretation tools Y ✓ Modeling APIs for creating, reviewing, and deleting data sources, models, and evaluations Y only model retraining Preview real-time predictions within the console, before creating an app Y X Price per million predictions (approximate) $100 $500 Real-time model updates with new data points X X Real-time prediction API (for generating real-time predictions) Y Y Throughput transactions per second (for generating real-time predictions) 200 Not disclosed Typical latency (for generating real-time predictions) <100 200-2000 Support for a visual interface with drag and drop predictive modeling X ML Studio Support for a visual interface with predictive modeling Y ML Studio Support for common ML data transformations Y Y Support for custom scripts X Y Support for ML Algorithms - Bayesian Recommendation systems X Y Support for ML Algorithms - Clustering X Y Support for ML Algorithms - Deep Neural Networks X Y Support for ML Algorithms - Multiclass and Binary classification Y Y Support for ML Algorithms - Regression Y Y Support for ML Algorithms - Scalable Boosted Decision trees X Y Support for ML models for audio transcribing X Project Oxford Support for ML models for image analysis Rekognition Cognitive Support for ML models for video analysis - real-time and batch Rekognition Video X Support for ML models for translating into multiple languages X Translator Text API Bing Speech API Language Understanding Intelligent Service (LUIS) Support for ML models for conversational interfaces Amazon Lex Speaker Recognition API Custom Recognition Service (CRIS) Azure Bot Service Support for ML models to turn text into lifelike speech Amazon Polly Bing Speech API (preview) Job search and discovery API X X Support for publishing Machine Learning APIs as paid or free services in the Marketplace X ML Marketplace Support for Python scripts Y Y Apache MXNet Apache MXNet on AWS Deep Learning Virtual Machine TensorFlow TensorFlow on AWS Deep Learning Virtual Machine AWS Deep Learning AMIs Deep Learning Machine Images Deep Learning Virtual Machine Windows and Linux AMIs Pricing and Limits Limits Amazon Machine Learning limits N/A SLAs N/A N/A Pricing Amazon Machine Learning pricing Azure Machine Learning pricing Insights discovery cognitive service Cognitive service that ingests documents to identify correlations in unstructured content Under investigation Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Personality insights discovery service Service to predict personality characteristics, needs, and values through written text Under investigation Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Chatbots interface service Build and deploy chatbots and virtual agents Under investigation Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Natural Language Understanding (NLU) service Advanced text analytics service for structured/unstructured data Under investigation Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Automatic Speech Recognition (ASR) Service Managed Speech to Text Translation service Amazon Transcribe (PREVIEW) Azure Translator Speech API Easy-to-Read transcriptions (automatic formating and punctuation) Y Y Low-quality audio support Y Custom Speech Service (PREVIEW) Lanuage support US English and Spanish (more coming) 60 languages Custom vocabulary support Coming soon Custom Speech Service (PREVIEW) Timestamp generation Y Under investigation Recognize multiple speakers Coming soon Speaker Recognition API (PREVIEW) Pricing and Limits Limits N/A Under investigation SLAs N/A Under investigation Pricing N/A Under investigation Natural Language Processing (NLP) service to discover insights and relationships in text Natural Language Processing (NLP) service to discover insights and relationships in text Amazon Comprehend Azure Web Language Model API (PREVIEW) Keyphrase extraction API Y Under investigation Sentiment analysis Y Under investigation Entity recognition Y Under investigation Language detection Y Under investigation Topic modeling Y Under investigation Multiple language support English & Spanish Under investigation Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing N/A N/A Neural Machine Translation Service Text based Real-time language translation service Amazon Translate (PREVIEW) Azure Translator Text API Language support 6 languages 60+ languages Language detection Y Y Batch translation support Y Under investigation Real-time translation support Y Under investigation Secure machine translation Y Under investigation Pricing and Limits Limits N/A Under investigation SLAs N/A Under investigation Pricing Amazon Translate Pricing Under investigation Deep-learning enabled video camera Deep-learning enabled video camera AWS DeepLens X Integrated with other cloud services Y X Run deep-learning models locally on device Y X Broad deep learning framework support (Apache MXNet, TensorFlow, , etc.) Y X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing N/A N/A Fully managed end-to-end machine learning service Build, train, and deploy machine learning models at scale Amazon SageMaker Azure Machine Learning services Managed Notebooks for authoring models Y Under investigation Built-in, high performance algorithms Y Under investigation Broad framework support Y Under investigation One-click training Y Under investigation Automatic model tuning Y Under investigation One-click deployment Y Under investigation Automatic A/B testing Y Under investigation Fully-managed hosting with auto-scaling Y Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Analyzes emotions and tone in written content Analyzes emotions and tone in written content Under investigation Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Interprets and classifies natural language Interprets and classifies natural language Under investigation Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation

Service Description Amazon AWS Microsoft Azure

Analytics Query Service DataLake Analytics Amazon Athena Interactive query service U-SQL Serverless query service Y Under investigation Highly available Y Under investigation Instant querying. Serverless. No ETL Y Under investigation Query Service for storage (data) at rest Y Under investigation Built on Presto (support includes CSV,JSON,ORC & Parquet) Y Under investigation Runs standard SQL Y Under investigation High performance query analysis for raw logs and text files Y Under investigation Supports complex analysis Y Under investigation Data stored into common sharable service to share with other cloud services Y Under investigation Service to load streaming data Kinesis Firehose Under investigation Result Set Caching X Under investigation Data Partitioning Y Under investigation Interactive performance even for large datasets Y Under investigation Supports ODBC connectivity with other BI Tools Y Under investigation Supports JDBC connectivity with other BI Tools Y Under investigation pricing and limits limits Amazon Athena limits N/A SLAs N/A N/A pricing Amazon Athena pricing N/A Cloud Data Prep Service Cloud Data Service to visually explore, clean and easliy prepare data for analysis X Azure Analysis Services Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing N/A N/A Managed Hadoop Framework Hadoop as a Service: You provide Hadoop as a Service Amazon EMR HDInsight Ability to install multiple components on the same cluster Y X Ability to specify initialization actions on clusters Y Windows only Ability to utilize different pricing model OD, Spot, RI X OD only Cluster Start time 5-6 minutes >15 minutes Commercial Hadoop distribution offered as a managed service MapR Hortonworks Data Platform (HDP) Conserve work while resizing a running cluster Graceful Shrink X Flexible data stores S3, HDFS, DDB, RS, Glacier, RDS Blob Storage Integrated logging - Audit CloudTrail Y Integrated monitoring Ganglia 3.7.2 Y Managed Hadoop clusters on Windows X Y Parallel clusters Y Y Per-minute billing X Y Process encrypted data stored in an Object storage system Envelope encryption X Reconfigure a running cluster X through Ambari Resize a running cluster Y Y Resize a running cluster with different instance types Y X Support for Hadoop Key Management Service (based on Hadoop’s KeyProvider API) Y X Support for JSON based configuration files Y X Support for Step API (a step can contain one or more Hadoop jobs) Y X

Supported Programming languages Java & ,Python,Ruby,C++,PHP,R C#, Java, .NET Visual Studio integration for Hive X Web interfaces for the cluster YARN,Spark,Zepplin,HUE,Ganglia,Hbase UI,Hadoop HDFS Ambari Supported Hadoop Tools/Versions HDFS 2.7.3 2.6 MapReduce 2.7.3 2.7.3 Ambari X .1.0 Avro 1.7.4 1.4.0.0 Cascading 3.7 X Flume 1.5.2 X HBase 1.2.3 1.1.2 Hive 2.1.0 1.2.1.2.5 Hue 3.10.0 X Impala 1.2.4 X Mahout 0.12.2 0.9.0+ Oozie 4.2 4.2.0 Parquet 1.5.0 Y Pig 0.16.0 0.16.0 Spark 2.0.1 1.6.2 + 2.0 (Linux only) 1.4.6 1.4.6 Storm X 1.0.1 Tez 0.8.4 .7.0 YARN 2.6 2.7.3 Zookeeper 3.4.8 3.4.6 Presto 0.152.3 X Zeppelin 0.6.2 X Pricing and Limits Limits N/A N/A SLAs N/A 99.9% Pricing Amazon Elastic Map Reduce pricing Azure HDInsight pricing Managed Spark Framework as a Service X Azure Databricks Pricing and Limits Limits N/A Under investigation SLAs N/A Under investigation Pricing N/A Under investigation Managed Search Service Search service Amazon CloudSearch Azure Search Pricing and Limits Limits Amazon CloudSearch limits Azure Search limits SLAs N/A 99.9% Pricing Amazon CloudSearch pricing Azure Search pricing Run and Scale Elasticsearch Clusters Managed service that makes it easy to deploy, operate, and scale Elasticsearch Amazon Elasticsearch Service Search Pricing and Limits Limits Amazon Elasticsearch Service limits Azure Search limits SLAs N/A 99.9% Pricing Amazon Elasticsearch Service pricing Azure Search pricing Real-time Processing of Streaming Big Data Stream Analytics Data Lake Analytics Collect, process and analyze real-time streaming data Amazon Kinesis Data Lake Store Event Hubs Additional Storage (up to 7 days) Y Y Connector Ecosystem Amazon Kinesis Connector Library Y Event delivery to multiple consuming applications Y Y Large scale event ingestion Y Y Message replay Y Y Message Retention 7 days 1 day Message size 1 MB Not disclosed Producer Library Y X

Pub/sub service: You provide pub-sub messaging service designed to ingest large amounts of streaming data, such as a Kafka-based service. Amazon Kinesis Streams Stream Analytics

Simple and highly scalable data ingestion Amazon Kinesis Firehose X Capture, process, and store video streams for analytics and machine learning Amazon Kinesis Video Streams X Ability to process streaming data in real time using standard SQL language Amazon Kinesis Data Analytics Under investigation Supports time-encoded data (Video, audio, RADAR and LIDAR) Y X Device SDKs to securely stream data from devices Y X Durable storage Y X APIs for real-time and batch data retrieval Y X Video stream parser library Y X Video playback in the console Y X Built-in integration that automatically detects ad recognizes faces in streaming video Y X Automatic data encryption in transit Y X Automatic data encryption at rest Y X Automatic indexing for search and retrieval Y X Pricing and Limits Limits Amazon Kinesis limits Data Lake Analytics limits SLAs N/A 99.9% Pricing Amazon Kinesis pricing Data Lake Analytics pricing Business Intelligence Cloud powered Business Intelligence service Amazon QuickSight PowerBI

Pricing and Limits Limits N/A N/A SLAs N/A 99.9% Pricing Amazon QuickSight pricing N/A Orchestration for Data driven workflows Managed service to move data between compute and storage services AWS Data Pipeline Data Factory Ability to visually monitor your data pipelines Under investigation Y Pricing and Limits Limits AWS Data Pipeline limits Data Factory limits SLAs N/A 99.9% Pricing AWS Data Pipeline pricing Data Factory pricing ETL Service Data Factory Fully Managed ETL Service AWS Glue Data Catalog Pricing and Limits Limits AWS Glue limits Data Factory limits SLAs N/A 99.9% Pricing AWS Glue pricing Data Factory pricing

Service Description Amazon AWS Microsoft Azure

Security, Identity & Compliance Manage User Access/ Fine-grained Access Control Azure Active Directory Control access to your cloud resources at a granular level AWS Identity and Access Management (IAM) Azure Active Directory Premium Managed Service Identity Identify when an access key was last used to rotate old keys and remove inactive users Y X Policy Simulator to test policies before committing to production Y X Policy validation to ensure that your policies match your intentions Y X Ability to create custom policies Y Not Disclosed Built-in access control policies Y (Managed Policies) Not Disclosed Discover, restrict and monitor privileged identities X Y (Azure AD Privileged Identity) Temporary security credentials when making requests between services Y (Roles) X Utilize multi-factor authentication when accessing cloud resources Y Y Ability to group resources together for fine grained access management Under investigation Under investigation Fine-grained access control capabilities Y Not Disclosed Temporary security credentials/permissions Y (STS) Not Disclosed Ability to reset password in a self-service manner Y Not Disclosed Ability to add permissions to users and groups at the resource-level Y Not Disclosed Pricing and Limits Limits AWS Identity and Access Management limits N/A SLAs N/A 99.9% Pricing NO COST Azure Active Directory pricing Cloud SSO Service Centrally manage single sign-on (SSO) access to multiple account and business applications AWS Single Sign-On (SSO) Azure Active Directory Grant user access to one or more acounts Y Under investigation Centralized users permissions management Y Y Microsoft Active Directory integration Y Y SAML-enabled application configuration wizard Y Y Built-in SSO integrations to business applications (Salesforce, Box, and Office 365) Y Y Audit SSO activity Y Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Free Azure AD Pricing Analyze Application Security Managed cloud-native directory service Amazon Cloud Directory X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing Amazon Cloud Directory pricing N/A Analyze Application Security Managed service to identify potential security issues with resources Amazon Inspector Security Center Agent (on-host) asssessments for Common Vulnerabilities and Exposure (CVE) Y X Agent (on-host) asssessments for Center for Internet Security Benchmarks (CIS) Y X Agent (on-host) asssessments for Security Best Practices Y X Agent (on-host) asssessments for Runtime Behavior Analysis Y X Remote, authenticated scanning for Common Vulnerabilities and Exposure (CVE) X X Remote, authenticated scanning for Web App Vulnerabilities (XSS, Injection, etc) X X Pricing and Limits Limits Amazon Inspector limits N/A SLAs N/A 99.9% Pricing Amazon Inspector pricing Security Center pricing Machine Learning-powered Security Service Machine learning-powered security service to discover, classify, and protect sensitive data. Amazon Macie SQL Database Threat Detection Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing Amazon Macie pricing N/A Managed Threat Detection Service Managed Threat Detection Service Amazon GuardDuty Azure Security Center Threat detection of account compromise Y Under investigation Continous monitoring and analysis of account and workload event data Y Under investigation Advanced detections using machine learning and anomaly detection optimized for the cloud Y Under investigation Automated threat response and remediation Y Under investigation Application whitelisting Under investigation Adaptive Application Controls Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Provision, Manage, and Deploy SSL/TLS Certificates Managed service to provision, manage, and deploy SSL/TLS certificates AWS Certificate Manager App Service Certificates on Portal Automatic/Managed renewal Y Y Managed renewal (clientless) Y Y Central management Y Y Configuration via console/GUI Y X Wildcard certificates Y X 24x7x365 support Y Y Certificate widely accepted in browsers and applications Y X Certificate installation Y Y Issues own certificates (i.e. is a CA) Y X Can be used anywhere X X DNS-based identity validation X X Periodic certificate rotation X X Pricing and Limits Limits AWS Certificate Manager limits App Service limits SLAs N/A 99.95% Pricing NO COST (Pay only for used resources!) App Service pricing Host and Manage Active Directory Managed Microsoft Active Directory in the cloud AWS Directory Service Azure Active Directory Domain Services Managed domain controller as a service Microsoft Active Directory, Simple AD, AD Connector Azure AD Domain Services Integration with your existing on-premises Active Directory Y Azure AD connect LDAP support Y Read only Manage users/groups using existing AD Tools Y X Maximum number of users supported 50,000 500K Multi-Factor Authentication server for on-premises users RADIUS based Active Directory Premium only Multi-Factor Authentication as a service for applications X Y Policy configuration for targeted OUs Y Default GPO only Provision AD Directories on Demand Y X REST-based directory Y Y SAML Federation Y Y Self-service password reset for cloud users Y Y Self-service password reset with on-premises write-back X Active Directory Premium only Service to discover all cloud apps in use within your organization X Cloud App Discovery Standard security reports X Y Support for Domain Trusts Y X Support for Schema Extensions Y X support for single sign-on to SaaS and custom Apps X Y User and Group management Y Y Pricing and Limits Limits AWS Directory Service limits N/A SLAs N/A 99.9% Pricing AWS Directory Service pricing Azure Active Directory Domain Services pricing Key Management & Storage Managed service to create and control the encryption keys used to encrypt your data AWS Key Management Service (KMS) Key Vault Integrates with other cloud services Y (25+ services) Not Disclosed Dedicated, hardware security module (HSM) appliance Y Y Built-in backup and restore Y Y Built-in high availability Y Y Built-in monitoring and recovery Y Y Built-in security at rest Y Y Conditional access policies based on user location and group membership Native Key usage policies and integrated with AWS IAM Y FIPS 140-2 validated CloudHSM; KMS in evaluation with NIST Y HTTPS security on wire Enforced use of PFS ciphers Y Interfaces Console, CLI, AWS SDKs PowerShell No service provider access to physical keys by design Y Y Supported Cryptographic Methods AWS KMS - Symmetric encryption only; AWS CloudHSM - symmetric and asymmetric RSA (asymmetric) only 2 services Integration with other services to provide data at rest and data in transit security 18 AWS services Azure Blob service and SQLserver Allows customer to bring their own keys (BYOK - Bring your own key) KMS Import Key supports any key source Only if the customer supports Thales HSMs Pricing and Limits Limits AWS Key Management Service limits Key Vault limits SLAs N/A 99.9% Durability 11 9s N/A Pricing AWS Key Management Service pricing Key Vault pricing Cloud HSM Service HSM service AWS CloudHSM Key Vault Pricing and Limits Limits AWS CloudHSM limits Key Vault limits SLAs N/A 99.9% Pricing AWS CloudHSM pricing Key Vault pricing Policy-based management for multiple accounts Policy-based management for multiple accounts AWS Organizations Azure Subscription and Service Management + Azure RBAC Pricing and Limits Limits AWS Organizations limits N/A SLAs N/A N/A Pricing NO COST N/A Managed DDoS Protection Managed Distributed Denial of Service (DDoS) Protection Service AWS Shield Azure DDoS Protection Service (PREVIEW)

Seamless Integration and Deployment (AWS Shield Standard - resources are automaticly protected) Y X Customizable Protection Y X Cost Efficient (no additional costs for protection against some of the most common DDoS) Y X DDoS Cost Protection - protects your bill from usage spikes Y X Pricing and Limits Limits AWS Shield limits N/A SLAs N/A N/A Pricing AWS Shield pricing N/A Filter Malicious Web Traffic Application Gateway Web Web application firewall to protect web applications from common web exploits AWS WAF - Web Application Firewall Application Firewall Instant threat mitigation, based on Live traffic Y Under investigation Instant rule updates Y Under investigation API Y Under investigation Force SSL Mode Amazon CloudFront-Content Delivery Network (CDN) Under investigation Enables PCI DSS 6.6 X Under investigation CDN is PCI Complaint Y Under investigation Easy Deployment Y Under investigation Rules Number of Pre-configured security rules 1 X Provision for custom rules Y X Protect against malicious BOTS, crawlers X X Rate-limiting based on whitelist/blacklists X X Automatic updating heuristics-based blacklists X X Whitelist/blacklist of IPs Y X Whitelist/blacklist of Referrers Y X SQLi Y X XSS Y X Remote File Inclusion Y X Whitelist/blacklist of URLs Y X Whitelist/Blacklist of User-agent Y X CAPTCHA X X Actions Blocking Y X Counting Y X Challenge X X Scoring X X Visibility/Reporting Sampled Requests Y X Real-time Metrics Y X Full Logs Extra $ X Pricing and Limits Limits AWS Web Application Firewall limits Application Gateway limits SLAs N/A 99.95% Pricing AWS Web Application Firewall pricing Application Gateway pricing Self-service portal for on demand compliance reports Self-service portal for on demand compliance reports AWS Artifact Service Trust Portal (PREVIEW) Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing NO COST N/A Governance Cost calculator/simulator ✓ ✓ Cost forecasting ✓ X Cost optimization engine ✓ X Granular billing ✓ ✓ Billing alert trigger an action ✓ ✓ Security Initial admin access: Pre-positioned SSH key: The customer provides an SSH public key, and as part of the provisioning process, that key is placed on the new compute instance, allowing the customer to log into an administrative account via SSH, without assigning that administrative account a X X password. (The customer MUST NOT need to place that key on the image, prior to provisioning.) Personnel background checks: All of the provider's personnel who have access to service infrastructure (whether physical or non-physical) are Y X - not documented subject to background checks. Personnel access restricted: Provider personnel cannot access service infrastructure without that access being specifically associated with a trouble Y X - not documented ticket, change request, or similar formal authorization. Personnel access logging: When provider personnel access service infrastructure, that access is always logged and logs are retained for a minimum Y X - not documented of 90 days. No personnel access to compute hosts: The provider's personnel cannot log into compute hosts. All tasks carried out on compute hosts are done in Y X - not documented an automated fashion, and the contents of these automated jobs are logged, with the logs retained for a minimum of 90 days. Compliance (Certifications and Assurance Programs) Canadian Privacy Laws Y Y China GB 18030 X Y China TRUCS X Y CIS (Center for Internet Security) Y X CISPE Y X CJIS (Criminal Justice Information Service) Y Y Compliance Controls Catalog (C5) Y X Content Delivery and Security Association (CDSA) Y Y CS Mark (Japan) X Y CSA Y Y DIACAP Y Y DISA Level 2 Y Y DNB (Netherlands) Y X DoD SRG Y Y EAR Y X EU Data Protection Directive/GDPR Y Y EU-US Privacy Shield Y Y EU Safe Harbor / EU Model clauses Y Y FACT (UK) X Y FDA 21 CFR Part 11 Y Y FedRAMP (SM) Y Y FERPA Y Y FIPS 140-2 Y Y FISC Y Y FISMA Y X GLBA Y X GxP Y Y HIPAA with BAA Y Y HITECH Y Y ICREA Y X IRAP (Australia) Y Y IRS - 1075 Y Y ISO 22301 X Y ISO/IEC 27001 Y Y ISO 27017 Y Y ISO 27018 Y Y ISO 9001 Y X ITAR Y Y IT-Grundschutz Y Y MARS-E Y Y MeitY (India) X Y MITA 3.0 Y X MPAA Y Y MLPS Level 3 - Multi-Level Protection Scheme (China) Y Y MTCS Tier 3 Certification Y Y My Number Act (Japan) Y Y NIST 800-171 Y Y NIST 800-53 Y X NZ GCIO X Y PCI DSS Level 1 Y Y PDPA (Argentina) X Y PDPA (Malaysia) Y X PDPA (Singapore) Y X Privacy Act (Australia) Y X Privacy Act (New Zealand) Y X SEC Rule 17a-4(f) Y X Section 508 / VPAT Y X Shared Assessments Y Y SOC 1/ ISAE 3402 Y Y SOC 2 Y Y SOC 3 Y Y Spain ENS Y Y Spanish DPA Authorization Y X U.K. DPA - 1988 Y X UK Cloud Security Principles Y X UK G-Cloud Y Y Uptime Institute Tiers Y X

Service Description Amazon AWS Microsoft Azure

Mobile Services Mobile Application Development Service Mobile Apps Mobile application develop, build and deploy service AWS Mobile Hub Xamarin Apps Pricing and Limits Limits N/A Mobile Apps / App Service limits SLAs N/A 99.95% Pricing NO COST (Pay only for used resources!) Mobile Apps / App Service pricing Managed API Service Create, publish, maintain, monitor and secure APIs at scale Amazon API Gateway API Management Supports Regional API endpoints for reduced request latency Y Under investigation Pricing and Limits Limits Amazon API Gateway limits API Management limits SLAs N/A 99.9% to 99.95% Pricing Amazon API Gateway pricing API Management pricing User Identity and App Data Synchronization Service to securely store and sync user app data across multiple devices and OS platforms Amazon Cognito Mobile Apps Supported Platforms -client side (Kindle Fire) Y - unknown Android is supported Supported Platforms -client side (iOS) Y Y Supported Platforms -client side (Android) Y Y Supported Platforms -client side (Windows Phone, Windows Store) X Y Supported Platforms -client side (JavaScript) Y Y Supported Platforms -client side (Unity) Y X Supported Platforms -client side (others) X Xamarin Supported Platforms -Server side (Java) Y X Supported Platforms -Server side (Node.js) Y Y Supported Platforms -Server side (Ruby) Y X Supported Platforms -Server side (Python) Y Y Supported Platforms -Server side (.NET) Y Y Supported Platforms -Server side (PHP) Y Y Authentication mechanism - Amazon, Google, Facebook, Twitter, OpenID, others Y Y Offline local database storage SQLite customer choice Database Technology Amazon DynamoDB Azure SQL Query/Search data X Direct access to DB Pricing and Limits Limits Under investigation Mobile Apps limits SLAs N/A 99.95% Pricing Amazon Cognito pricing Mobile Apps pricing Targeted Push Notifications for Mobile Apps Fully Managed Service for Targeted Push Notifications for Mobile Apps Amazon Pinpoint Notification Hubs Real-time analytics with dashboards Y X Create Targeted Campaigns Y X Reporting on app usage activity Y X Support for Apple PushKit push notification framework Y X Pricing and Limits Limits Amazon Pinpoint limits Notifications Hub limits SLAs N/A 99.9% Pricing Amazon Pinpoint pricing Notifications Hub pricing Test apps on real devices in the cloud Test apps on real devices in the cloud AWS Device Farm Xamarin Test Cloud Pricing and Limits Limits Amazon Device Farm limits N/A SLAs N/A N/A Pricing Amazon Device Farm pricing N/A Mobile SDK Mobile SDK AWS Mobile SDK Mobile Apps Pricing and Limits Limits N/A Mobile Apps limits SLAs N/A 99.95% Pricing N/A Mobile Apps pricing Fully managed serverless GraphQL service Fully managed serverless GraphQL service AWS AppSync X Enable client apps to fetch, change, and subscribe to data from servers Y X Specify which portions of your data should be available in a real-time manner Y X Offline data synchronization Y X Pricing and Limits Limits Under investigation N/A SLAs Under investigation N/A Pricing Under investigation N/A

Service Description Amazon AWS Microsoft Azure

Cost Management Cost & usage reporting tool AWS Cost Explorer Azure Cost Management Ability to set billing alerts and send notifications for specific usage thresholds Y Under investigation Ability to consolidate billing for multiple accounts Y Under investigation Cost & usage budget alerting tool AWS Budgets Azure Resource Manager (ARM) (budget API) Reserved Instance Reporting Tool Reserved Instance Reporting Azure Cost Management - Optimizer Single pane to view costs and usage AWS Cost and Usage Report Y Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing AWS Cost Management Tools pricing Azure Cost Management pricing

Service Description Amazon AWS Microsoft Azure

AR & VR Services Build and run AR & VR applications Build and run AR, VR, 3D experiences Amazon Sumerian X Editor based on WebGL & WebVR to author scenes from a browser Y X Create 3D characters that can interpret spoken or text interations Y X Import and place 3D objects Y X Build dynamic scenes that respond to user interactions Y X Support for Oculus Rift, HTC Vive, and ARKit Y X Pricing and Limits Limits Under investigation N/A SLAs Under investigation N/A Pricing Under investigation N/A

Service Description Amazon AWS Microsoft Azure

Application Services Build Distributed applications using visual workflows Visual workflkow service for building distributed applications AWS Step Functions Logic Apps

Fully Managed state tracker and task coordinator Amazon Simple Workflow Service (SWF) - deprecated Logic Apps Visual console and blueprints for commonly-used workflows Y Y Automatic triggers Y Looking for PM Ease to change workflows and re-use components and steps without code change Y Looking for PM Combine workers running in the datacenter with workers running in the cloud Y Y Pricing and Limits Limits AWS Step Functions limits N/A SLAs N/A 99.9% Pricing AWS Step Functions pricing Logic Apps pricing Location Services API to allow the creation os location aware apps, IoT, and mobility solutions Under investigation Azure Location Based Services Build, Deploy, and Manage APIs Create, publish, maintain, monitor, and secure APIs at any scale Amazon API Gateway API Apps Custom authorizers to authorize API requests using token strategies such as Oauth Y Y Document Your API Y X API Gateway Integration with Marketplace Y X Pricing and Limits Limits Amazon API Gateway limits API Apps / App Service limits SLAs N/A 99.95% Pricing Amazon API Gateway pricing API Apps / App Service pricing Media Services Scalable Media Transcoding Media transcoding service Amazon Elastic Transcoder Media Services HTTP Ingress Y Y Encryption support Y Y Simultaneous tasks/jobs up to 30 output jobs Y Notification system Amazon Simple Notification Service (SNS) Notification Hub Output presets and advanced settings Y Y Support for multiple video codecs H.264, GIF, VP8, VP9, MPEG-2 H.264, MPEG-1/2 Support for multiple audio codecs AAC, MP2, MP3, PCM, FLAC, Vorbis MP3, Dolby, WMA Video thumbnails Y Y Visual watermarks Y X Captions Y Y Clip generation Y Y Clip concatenation Y Y Smooth streaming Y Y HLS streaming Y Y MPEG-DASH streaming Y Y HDS streaming X Y Dynamic Packaging X Y Billing Simple, output minutes Complex, output storage Pricing and Limits Limits Amazon Elastic Transcoder limits Media Services limits SLAs N/A 99.9% Pricing Amazon Elastic Transcoder pricing Media Services pricing Convert file-based media content File-based video transcoding service with broadcast-grade capability AWS Elemental MediaConvert Azure Media Services Broad range of video input and output formats Y Under investigation Automated resource provisioning Y Under investigation Automatic redundant infrastructure across separate Availability Zones Y Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Video on Demand Encoding Convert live video content Broadcast-grade live video processing service AWS Elemental MediaLive Azure Media Services Comprehensive video standards support (H.264, HEVC, RTP, HLS) Y Under investigation

Supports broadcast features (ad markers, closed captions, multiple language audio tracks, audio descriptors, and loudness correction) Y Under investigation

Automated resource provisioning Y Under investigation Automatic redundant infrastructure across separate Availability Zones Y Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Live Channels Video origination and packaging Prepares and protects video for delivery over the web AWS Elemental MediaPackage Azure Media Services Supports standards commonly used to stream video (MPEG-DASH, Silverlight, and HLS) Y Under investigation Integrates with multiple DRM technologies for protection including Apple FairPlay and Microsoft PlayReady Y Under investigation Automatic redundant infrastructure across separate Availability Zones Y Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Media storage and simple HTTP origin Storage service optimized to deliver live and on-demand video content AWS Elemental MediaStore X Consistent read-after-write & read-after-update performance to reduce buffering Y X Pricing and Limits Limits Under investigation N/A SLAs Under investigation N/A Pricing Under investigation N/A Video personalization and monetization Server-side ad insertion service for targeted advertising AWS Elemental MediaTailor X On-the-fly ad insertion to deliver personalized ad content to each viewer Y X IAB level of ad playback metrics Y X Automatic scaling Y X Pricing and Limits Limits Under investigation N/A SLAs Under investigation N/A Pricing Under investigation N/A

Service Description Amazon AWS Microsoft Azure

Messaging Managed message queue service Azure Queue Storage Queuing service: You provide a message-queueing service, such as RabbitMQ-based service. Amazon Simple Queue Service (SQS) Azure Service Bus Pricing and Limits Limits Amazon Simple Queue Service limits Azure Service Bus limits SLAs N/A 99.99% Pricing Amazon Simple Queue Service pricing Azure Service Bus pricing Push Notification

Mobile Push: You provide a service for mobile push notifications. Amazon Simple Notification Service (SNS) Notification Hubs

Messaging model Pub-Sub/Direct Addressing Pub-Sub Message Delivery Push Push HTTP: You provide a service that can send notifications to HTTP endpoints. Y Y Support for Mobile Push Gateways Y Y Support for SMTP Y Y Support for SMS Worldwide - 200+ countries Y Maximum number of topics per project Unlimited Unlimited Maximum number of subscription per topic Unlimited Unlimited Throughput - Publish Unlimited Unlimited Pricing and Limits Limits Amazon Simple Notification Service limits Notification Hub limits SLAs N/A 99.9% Pricing Amazon Simple Notification Service pricing Notification Hubs pricing Cloud-based Email Sending Service Email service Amazon Simple Email Service (SES) X Pricing and Limits Limits Amazon Simple Email Service limits N/A SLAs N/A N/A Pricing Amazon Simple Email Service pricing N/A Managed Message Broker Service for ActiveMQ Managed Message Broker Service for ActiveMQ Amazon MQ X Supports open-source ActiveMQ message broker Y X Supports industry-standard STOMP protocol Y X Supports industry-standard MQTT protocol Y X Supports industry-standard WebSocket protocol Y X Supports in-zone/in-region replication Y (across AZs) X Supports cross-region replication X X Supports active/standby brokers for increased availability Y X Supports encryption of messages at-rest Y X Supports encryption of messages in-transit Y X Supports monitoring (alarms and metrics) Y (Amazon CloudWatch) X Supports point-to-point model (message queues) Y X Supports publish-subcribe model (topics) Y X Supports request/reply model Y X Supports persistent and non-persistent model Y X Supports composite destinations Y X Supports virtual destinations Y X Supports FIFO (First In, First Out) order Y X Supports message redelivery Y X Supports Dead Letter Queues (DLQ) Y X Pricing and Limits Limits Amazon MQ limits N/A SLAs N/A N/A Pricing NO COST (Pay only for used resources!) N/A

Service Description Amazon AWS Microsoft Azure

Business Productivity Intelligent Assistant Intelligent Assistant Alexa for Business Cortana Skills Kit Shared devices in common areas in the workplace Y Under investigation Enrolled users can use personal devices Y Under investigation Join meetings from conference rooms Y Under investigation Control conference room features Y Under investigation Develop private skills Y Under investigation Manage work calendars (Microsoft Office 365, Microsoft Exchange, and Google G-Suite) Y Under investigation Provision Alexa devices Y Under investigation Additional APIs for business Y Under investigation Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Under investigation Managed Communications Service Communications Service Amazon Chime Skype Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing Amazon Chime pricing N/A Managed, secure enterprise storage and sharing service Managed, secure enterprise storage and sharing service Amazon WorkDocs Office 365 In browser editing X Office 365 Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing Amazon WorkDocs pricing N/A Secure Email and Calendaring Secure, managed business email and calendaring service Amazon WorkMail Office 365

Microsoft Outlook on Windows Y Y Regional data control Y Y Encryption at rest using customer managed keys Y X Announced, but NA Rich Mac OS X integration Y Y Generic client support using IMAP/POP3 X Y Company address book Y Y Distribution groups Y Y Shared mailboxes Y Y Shared calendars Y Y Free/busy Y Y Resource booking Y Y Public folders X Y Feature rich web client Y Y Mobile device support Y Y Mobile device policies Y Y Mobile device access rules X Y Remote wipe Y Y Malware, virus, and spam scanning Y Y Custom spam filter settings X Y SMTP routing rules X Y Data Leak Prevention X Y Email journaling Y Y Information Right Management (IRM) X Y Active Directory integration Y Y Migration tool to facilitate migration from Microsoft Exchange to Amazon WorkMail Migrate to Amazon WorkMail for Free Y Co-existence with Microsoft Exchange X Y Multi region support X Y Multi-factor authentication Y Y Admin audit logging X Y Management APIs X Y Compliance certifications (ISO 27001, 27017 and 27018) Y Y Unified Communication X Y Pricing and Limits Limits Amazon WorkMail limits N/A SLAs N/A N/A Pricing Amazon WorkMail pricing N/A

Service Description Amazon AWS Microsoft Azure

Desktop & App Streaming Virtual Desktops in the cloud Managed desktop computing service in the cloud Amazon WorkSpaces ✓Azure RemoteApp - discontinued Persistent Desktops Y X Application sessions (WAM) Amazon WorkSpaces App Manager (WAM) X Performance Bundles [CPU, Memory] Value/Standard/Performance options X Purchase Model No minimum commit (hourly or monthly pricing) X Microsoft Office via WorkSpace bundles X Non-Persistent desktops (on the road) X X Windows Server OS Y X Windows Client OS X X Linux OS X X Configurable Storage X X Virtualization Stack EC2/Xen X GPU Capable Y X Offline access to docs X X Clients iPad, Fire or Android tablets, Mac, Win and zero client X Web Client Y X APIs Y X Utilities Anti-virus X Active Directory and RADIUS Integration Y X Dedicated Network Y X Image Management Custom image X Line of Business Applications Amazon WorkSpaces App Manager (WAM) X Enterprise App Store Amazon WorkSpaces App Manager (WAM) X BYOL for Win 7 Y X Multi-Factor Auth Y X Monitoring X X Auditing AWS CloudTrail X Tier-1 support via customer X Tier-2 support via AWS Support X Monitoring Amazon CloudWatch X Applications stream service Amazon AppStream 2.0 X Pricing and Limits Limits Amazon WorkSpaces limits N/A SLAs N/A N/A Pricing Amazon WorkSpaces pricing N/A Application Streaming Service Managed Secure Application Streaming Service - run desktop applications on any device Amazon AppStream 2.0 X Instant-On Access Y X HTML5-capable browser (Google Chrome,Mozilla FF,MS IE and Edge on Windows,Mac,Chromebooks & Linux PC Y X Secure Applications and Data Y X API Gateway Integration with Marketplace Y X Pricing and Limits Limits Amazon AppStream 2.0 limits N/A SLAs N/A N/A Pricing Amazon AppStream 2.0 pricing N/A

Service Description Amazon AWS Microsoft Azure

Software Software Marketplace AWS Marketplace Azure Marketplace Ability to negotiate and receive privately lower prices Y Under investigation

Service Description Amazon AWS Microsoft Azure

Internet of Things IoT Platform Azure IoT Suite Managed cloud platform for connected devices to interact with cloud apps/other devices AWS IoT Core Azure IoT Hub Read and set device state at any time Device Shadow X Ability to apply conditions/business logic on inbound messages Rules Engine ASA, Service Bus Protocol support - MQTT (Message Queue Telemetry Transport) Y Y Protocol support - HTTP/S Y Y Protocol support - WebSockets Y Y Protocol support - AMQP (Advanced Message Queue Protocol) X Y Authentication X.509 certificates, AWS IAM, AmazonCognito SAS token Enable integration between devices and application 10 services 3 services Device Registry Y Y Custom MQTT keepalive intervals Y X Reference architecture/suite packaging and pricing X IoT Suite Embedded OS for creating IoT devices Y Windows 10 IoT Core Import your own authority of certification Y Not disclosed Just in time provisioning of devices Y Device Provisioning Service Fine grained security policy per device Y Not disclosed Logging using a managed service Y Not disclosed Wide ecosystem of partners, with dedicated IoT competency Y Not disclosed Partnership to mass produce devices with crypto chip Y Not disclosed Compatible with LoRa technologies Y Y Compatible with Sigfox technology Y Y Global product expansion (Region) Y Not disclosed Job Orchestration + OTA Updates X Not disclosed Custom Endpoints X Not disclosed Pay only for what you use pricing Y X Large Fan out support (1:1,000,000+) Y Not disclosed IoT microcontroller operating system Amazon FreeRTOS X IoT Device SDK support - Python Y Y IoT Device SDK support - C Y Y IoT Device SDK support - .NET X Y IoT Device SDK support - JavaScript Y X IoT Device SDK support - Java Y Y IoT Device SDK support - Node.js Y Y IoT Device SDK support - Arduino Yún Y X IoT Service SDK support All .NET,Node.js,Java,Python SDK for iOS Y X SDK for Android Y X Certified for IoT Devices - Edison Y Y Certified for IoT Devices - BeagleBone Y Y Certified for IoT Devices - TI Launchpad Y Y Certified for IoT Devices - Arrow DragonBoard Y Y Certified for IoT Devices - Renasas Y X Certified for IoT Devices - Microchip Y X Certified for IoT Devices - seeeduino Y X Certified for IoT Devices - Avnet Y X Certified for IoT Devices - Marvell Y X Certified for IoT Devices - MediaTek Y X Certified for IoT Devices - Texas Instruments Y Y Certified for IoT Devices - Qualcomm Y X Certified for IoT Devices - Broadcom Y X Certified for IoT Devices - Mistral Y X Certified for IoT Devices - Freescale FRDM K64 X Y Certified for IoT Devices - Raspberry Pi 2 X Y Certified for IoT Devices - Adlink Systems X Y Certified for IoT Devices - Arduino X Y Certified for IoT Devices - e-con systems X Y Certified for IoT Devices - Embedded Systems SIA X Y Certified for IoT Devices - Nexcom X Y Certified for IoT Devices - Samsung X Y Certified for IoT Devices - Toradex X Y Certified for IoT Devices - Minnowboard Max X Y Pricing and Limits Limits AWS IoT Core limits IoT Hub limits SLAs N/A 99.9% Pricing AWS IoT Platform pricing IoT Hub pricing IoT Service to create triggers for functions on simple devices IoT Service to create triggers for functions on simple devices AWS IoT 1-Click X Simple device support AWS IoT Enterprise Button & AT&T LTE-M Button X Secure connectivity Y X Device grouping Y X Choice of actions Y X Usage and status reports Y X Pricing and Limits Limits Under investigation N/A SLAs Under investigation N/A Pricing AWS IoT 1-Click Pricing N/A IoT Device Management Service IoT Device Management Service AWS IoT Device Management Microsoft IoT Central (PREVIEW) Register devices in bulk Y Y Group management Y Y Near real-time device location Y Under investigation Remote device manangement Y Y Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Microsoft IoT Central pricing IoT Analytics Service Managed IoT Analytics Service AWS IoT Analytics Microsoft IoT Central (PREVIEW) Integrated with core IoT Service Y Y Ability to filter collected data Y Under investigation Enrich collected data with external data sources Y Y Ability to store processed and RAW data Y Under investigation Jupyter Notebook support Y Under investigation Visualization support Y Y Pricing and Limits Limits Under investigation Under investigation SLAs Under investigation Under investigation Pricing Under investigation Microsoft IoT Central pricing IoT Software to run local services on Edge devices Run local compute, messaging, data caching and synch in software AWS Greengrass Azure IoT Edge (PREVIEW) Perform ML inference locally AWS Greengrass Machine Learning (ML) Inference Under investigation Pricing and Limits Limits AWS Greengrass limits N/A SLAs N/A N/A Pricing AWS Greengrass pricing N/A IoT time-series analytics Analytics, storage, and visualization service for managing IoT-scale time-series data X IoT Time Series Insights Pricing and Limits Limits N/A Under investigation SLAs N/A Under investigation Pricing N/A Under investigation IoT programmable button Cloud programmable button AWS IoT Button X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing $19.95 N/A

Service Description Amazon AWS Microsoft Azure

Contact Center Cloud-based contact center Amazon Connect None Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing Amazon Connect pricing N/A

Service Description Amazon AWS Microsoft Azure

Game Development Game server hosting service Amazon GameLift X Pricing and Limits Limits Amazon GameLift limits N/A SLAs N/A N/A Pricing Amazon GameLift pricing N/A AAA game engine Amazon Lumberyard X Pricing and Limits Limits N/A N/A SLAs N/A N/A Pricing N/A N/A

Service Description Amazon AWS Microsoft Azure

Support Customer service 24x7x365 AWS Support Azure Support for Customers Tiered Support Plans Basic (Included), Devloper, Buisness, Enterprise Included/Developer/Standard/Professional Direct/Premier Granular assignment of support tiers: If the provider offers multiple tiers of support, it must allow customers to self-assign different tiers of support to resources/services based on granular classification and not by maintaining separate cloud accounts. Examples of classification might include the user, a component (for example, an instance) or a metadata tag that can be assigned to any asset. Customers must furthermore be Y X - not documented able to change service support tiers on demand via a portal or other self-service mechanism (without, for instance, calling sales, making a contract change, or filing a support ticket) Service Health Dashboard Y Under investigation Ability to display alerts and remediation guidance that impact user's cloud infrastructure and services Y (Personal Health Dashboard) Under investigation 365 day service health dashboard and SLA history Y Under investigation Service to compare resource usage to best practices AWS Trusted Advisor Azure Advisor Direct access to a Technical Account Manager (TAM) Y Under investigation Support for third party applications Y X Public APIs to integrate with customer support systems Y X Support forums Y Under investigation Documentation, whitepapers, best-practice guides AWS Support Documentation Under investigation CLI Documentation Y Under investigation Public, well-documented reference architectures Y Under investigation Public, well-documented, step-by-step reference deployment guides Y Under investigation Break/Fix Tickets (Support for Health Checks) Y Under investigation Route critical issues directly to specially trained engineers for resolution Y Under investigation TAM to help customers tier, execute, and evaluate their infrastructure performance Y Under investigation Onsite services Y Under investigation Response time (fastest) <15 mins (Enterprise) <15 mins-Premier+Azure Rapid Response Pricing $15k+/monthly (Enterprise) $24,500+/mo (Premier)