I'm trying to implement several security services for both Azure and AWS, and I'm now struggling to find the equivalent of certain AWS services in the Azure pool of services (as the info is not present in the Azure documentation). Is there anything equivalent to:
Thanks in advance for the help!
(Important: this doesn't aim at evaluating a provider vs. another, but simply to help understanding how services translate from one to the other)
Azure provides several different relational database services that are the equivalent of AWS' Relational Database Service (RDS). These include: SQL Database. Azure Database for MySQL.
Azure Blob is the Microsoft equivalent to Amazon's S3-based object storage services. Within that, a “blob” is like a bucket as the framework for retention of objects.
Organizations all over the world recognize Microsoft Azure over Amazon Web Services (AWS) as the most trusted cloud for enterprise and hybrid infrastructure.
Both Azure and AWS have entities called "resource groups" that organize resources such as VMs, storage, and virtual networking devices.
These are kind of "rough" pointers since even though the services are basically comparisons to the ones available in AWS, some differences still exist.
For AWS Config, I would recommend Azure Policy https://docs.microsoft.com/azure/azure-policy/azure-policy-introduction
"Azure Policy is a service in Azure that you use to create, assign and, manage policy definitions. Policy definitions enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy runs an evaluation of your resources, scanning for those not compliant with the policy definitions you have."
For CloudTrail, Log Analytics is pretty similar (sort of) https://docs.microsoft.com/azure/log-analytics/
"Log Analytics is part of Microsoft Azure's overall monitoring solution. Log Analytics monitors cloud and on-premises environments to maintain availability and performance. Get insight across workloads and systems to maintain availability and performance. Learn how to collect, analyze, and act on data with our quickstarts, tutorials and samples."
Basically with Log Analytics, you aggregate logs to your Log Analytics workspace, and onboard several available solutions which provide you insight on your resources, based on the logs that are being ingested. If you are more interested in the management plane alerts (like which user is doing what on your Azure subscriptions), I recommend getting familiar with Azure Activity Log and Azure Monitor:
https://docs.microsoft.com/azure/monitoring-and-diagnostics/monitor-quick-audit-notify-action-in-subscription
For CloudWatch Events, see above and take a look at these
https://docs.microsoft.com/azure/monitoring-and-diagnostics/monitoring-get-started https://docs.microsoft.com/azure/log-analytics/log-analytics-activity
Basically, Activity Log is the service that gathers all actions happening inside an Azure subscription, whether human generated or not.
Hope these help.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With