Over my consulting career, I have had the opportunity to work with many companies using a variety of tech stacks, which has exposed me to many of the most popular cloud & hosting providers on the market today. Because of my expertise I often get asked which cloud provider I recommend for new projects. In this post, I'll share my thoughts on what's important when selecting a cloud provider and explain why AWS is my personal top choice.

The Big 3 and Beyond

When discussing cloud providers, it's important to consider the "big 3" – AWS, Azure, and GCP (sorry Oracle, IBM, Alibaba, et al.). These providers have established themselves as the leaders in the industry, each with a wide range of services and large customer bases. Cloudflare is another option that is up and coming, and one I am personally keeping a close eye on, but they haven't yet reached the same level as the big 3.

It's also worth mentioning the rise of specialized providers like Heroku, Netlify, fly.io, etc. which offer focused solutions for specific parts of your technology stack. These providers have developed some really interesting innovations for certain use cases, but generally they won't be enough on their own and you'll need to stitch multiple together for a complete solution. Even if you do use one of these specialized offerings you'll probably need to choose one of the big 3 providers as well for other parts of your stack, at least eventually. More on that later.

For those reasons, I will mostly focus on the big 3 in this article.

Factors to Consider

Before diving into why I choose AWS, it's important to acknowledge that there are valid reasons to select any of the big 3 providers. Some key factors to consider include:

1. Enterprise contracts: If your organization has an existing contract with a provider (ahem, Microsoft), it may be more compelling to stick with them.

2. Region location: You may need to rule out certain providers that don't have presence in certain locations for latency or data residency requirements.

3. Regulatory compliance: Compliance with regulatory standards differ across providers––even across services and regions within the same provider––which may determine your choice if that is required in your industry.

4. Team preference and expertise: It may not make sense to choose a provider that your team has never worked with if they are already proficient with another provider.

If any of these factors strongly favor one provider over another, it may outweigh other considerations. However, if you have the flexibility to choose, here's why I lean towards AWS.

Why AWS is My Top Choice

1. Innovation and Service Offerings

One of the biggest reasons I choose AWS is their vast array of services and constant innovation. As a small company or startup, reducing complexity is crucial, and keeping your architecture under one umbrella with a single provider is a great way to achieve that. Different providers have different operating models, authentication mechanisms, networking architectures, etc., and more providers in the mix introduces complexity in your architecture and can make it difficult to get a sense of your overall application health.

AWS simply has the broadest range of service offerings of any provider and on top of that, they are still adding features and services at a faster rate than Azure or GCP. This allows for virtually any solution to be built on infrastructure exclusively in AWS.

While it can be tempting to use a different "best of breed" specialized tool (see Netlify, Heroku, etc.) for each part of your stack, this can lead to overly complex system architectures with different credentials and operating models for each provider. Additionally, many smaller providers don't have the same resources and can't offer the same level of stability as AWS from an availability and business continuity standpoint.

It may make sense in some circumstances to use a third-party for some small parts of your stack (i.e. Cloudflare WAF in front of an AWS backend), but I'm of the opinion that you should default to a single provider unless you have a pretty good reason to go elsewhere.

2. Region and Datacenter Design

Another key advantage of AWS is their robust region and datacenter design. AWS regions are designed from the ground up to be highly available, with fully isolated regions made up of multiple fully isolated availability zones (AZs), connected by a low latency, fully redundant network backbone. This re:Invent talk from Nat Sahlstrom, then Director of Amazon Energy, gives a great walkthrough of how AWS regions are designed.

While Azure and GCP claim more regions and AZs than AWS, they seem to define regions differently. Azure's AZs are described as containing "at least one, but potentially multiple data centers," and not all regions support AZs. GCP's zones and regions are "logical abstractions of underlying physical resources provided in one or more physical data centers." In both cases, they use language indicating that some regions may only have only one datacenter, and due to lack of public details about their region design, we don't know which ones. Without this key understanding we can't be confident that our architecture is truly highly available and resilient to failures in a single datacenter. A prime example of this occurred in 2023 when a flood in a GCP datacenter caused an extended regional outage.

To be fair, AWS has also had regional incidents, but they are very infrequent and handled relatively quickly and transparently. They publish post-event summaries for major service events, and if you read through them, the root causes tend to be related to new and novel problems created by their sheer scale, rather than fundamental design flaws or oversights.

3. Security

Finally, security is obviously incredibly important when choosing a cloud provider, and AWS has a stellar reputation in this area. When I worked at AWS as a Solutions Architect, a common phrases was that at AWS, "security is job 0." While this may sound like sales speak, I find.

Chris Betz, the CISO at AWS, recently published a blog post outlining some of the ways they prioritize security at AWS. The TLDR is:

1. Security is built into the organizational structure

2. Security is everyone’s job

3. Security expertise and ownership is distributed across AWS

4. Innovation that scales security

It's a good read, I recommend it if you're interested and have a few minutes to spare.

I don't have the same confidence in other providers. Microsoft, for one, has been in the news numerous times for Azure security incidents, and when it comes to security, news is typically a bad thing!

The details of these incidents are incredibly concerning. Internal credentials left publicly available, leaving internal Azure services unauthenticated, validation errors allowing access to government emails, and the list goes on. I for one would be wary of putting any serious workload in Azure, especially when there are such viable alternatives. It will "probably be fine," but why take the risk?

AWS customers have experienced breaches as well, but each incident I have seen was due to customers misconfiguring their resources, like leaving an S3 bucket accessible from the public internet. AWS has put a lot of effort into making it easier for customers to secure their accounts in recent years, for example when they introduced the account-wide block public bucket access setting.

Conclusion

In summary, while you can be successful with any of the big 3 cloud providers, AWS is my default recommendation due to their vast array of services, robust region and datacenter design, and commitment to security. However, I recognize that every project is unique, and there may be compelling reasons to choose another provider based on your specific needs and circumstances.

I'd love to hear your thoughts! What factors do you consider when choosing a cloud provider? Have you had experiences with AWS, Azure, or GCP that have shaped your preferences? Send us a note on Twitter/X at @cloudomatic_dev or @jeffgardnerdev!