Multi-Cloud Rosetta Stone¶
While some terms across the cloud computing industry are standard, such as a firewall or IP address, Aviatrix works with multiple CSPs (Cloud Service Providers) who use different vocabulary for similar concepts. This document gives you, an Aviatrix user, a comprehensive list of common cloud computing terms and their synonyms.
| Aviatrix term | Definition | AWS | Azure | GCP | OCI |
| Attachment | Attachment (way to connect to a gateway) | Attachment | Virtual Local Area Network (VLAN) Attachment | VCN Attachment/RPC attachment | |
| Availability Zone (AZ) | Locations in different regions that can sustain local failures. Each Availability Zone has a separate data center. | AZ (Availability Zone) | AZ (Availability Zone) | AZ (Availability Zone) | AD (Availability Domain) |
| Custom or user-defined routes | Routes designed by users instead of by the cloud provider | User-Defined Routing (UDR) | User-Defined Route (UDR) | Custom routes (as opposed to system routes) | |
| Customer Gateway | Customer router that connects with VGW/TGW/DXGW | Customer Gateway (CGW) | Local network gateway | On-premises VPN Gateway | Customer Premises Equipment (CPE) |
| Data storage solution | Separate components or virtual sites for cloud storage | S3 buckets (Simple Storage Service) | Azure Blob Storage | Google Cloud Storage | Object Storage service |
| Domain Name System (DNS) | The Domain Name System or “phonebook for the Internet” translate the domain names that are easier for humans to remember, such as www.example.com, to the IP (Internet Protocol) addresses that distinguish devices, websites, and other Internet entities from each other. | Route 53 (DNS) | Azure DNS | Cloud DNS | Oracle DNS |
| Guard Duty + Guard Duty Enforcement | A threat detection system that can detect and eliminate threats | Amazon Guard Duty (detects threats but does not act on them) | Sentinel | Google Cloud Armor | Cloud Access Security Broker (CABS) |
| IAM (Identity Access Management) | Management of users accounts and permission – important for accessibility and security | AWS Identity and Access Management (IAM) | Azure Active Directory | Cloud IAM and Cloud Identity Aware Proxy | Oracle Identity and Access Management or Cloud Identity Cloud service (SaaS based) |
| Internet Gateway | A service that provides internet connection to the Virtual Machine | IGW (Internet Gateway) | Public IP Addresses are automatically able to connect to the Internet | Cloud NAT provides outgoing connectivity for the resources: Compute Engine VM | Internet Gateway (Virtual Machine) instances without external IP addresses |
| Load balancing | Balancing the “load” or effort of a network so that no one cloud machine is overworked. | ALB (Application Load Balancing) or Elastic Load Balancing (ELB) | Azure Load Balancer or Application Gateway | Cloud Load Balancer, TCP/UDP Network Load Balancing, or Network Load Balancing | Oracle Cloud Infrastructure Load Balancing or Infrastructure Flexible Network Load Balancing service (Network Load Balancer) |
| Machine image/imaging | A virtual resource or template that contains all the information required to launch, backup, or restore an instance or virtual machine | AMI (Amazon Machine Image) | VM Image | Machine image | Custom image |
| NAT Gateway | Allows private subnets to connect to the Internet | NAT Gateway (Network Address Translation Gateway) | Azure NAT Gateway | Cloud NAT | NAT Gateway |
| Network ACL (Access Control List) | A list on a router that shows which traffic should be allowed or blocked from the system. | NACL (Network Access Control List) | Managed via NSGS (Network Security Groups) | Firewall Rules | SLs (Security Lists): Default, Custom |
| Network interface | A physical or digital connection and a network and a network | VIFs (Virtual Interfaces) — Public, Private, or Transit | Network interface | Network Interface | Virtual Network Interface Card (VNIC) |
| Physical disk/volume | Storage for cloud-related data | Volume | Data Disk | Bucket | Oracle Cloud Infrastructure (OCI) File Storage |
| Peering | Free data sharing between two providers, services, or other Internet entities | VPC (Virtual Private Cloud) Peering | Virtual Network (VN) Peering | VPC (Virtual Private cloud) Network Peering | Local / Remote VCN (Virtual Cloud Network)
|
| Site2Cloud | Connection between an on-premise system and the cloud | DXGW (Direct Connect Gateway) | ExpressRoute | InterConnect | FastConnect |
| Subnet | A separate system within a network | Public or private subnet (specified at the time of creation) | Subnet (defined as public or private by whether or not it is connected to an Internet Gateway) | Subnet (public by default; remove the default route for Internet access to make the VPC private) | Public or private subnet (specified at the time of creation) |
| Transit Gateway | A network transit hub that can interconnect VPCs and on-premise networks | TGW (Transit Gateway) | Azure Virtual WAN | Cloud Router (NCC) | Dynamic Routing Gateway (DRG) The intermediary can be a VCN or a dynamic routing gateway (DRG) in your on-premises network |
| Virtual machines | A computer resource with its own operating system and functions that can run alongside similar resources (other Virtual Machines) on the same physical host machine. | EC2 (Elastic Compute Cloud) instance | Azure Virtual Machine | IAAS / GCE (Google Compute Engine) or VM (Virtual Machine)/PAAS/ GAE (Google APP Engine) | Oracle Compute, including Flexible Virtual Machines and bare metal compute |
| VPN Gateway | Connects Site-to-Site VPN tunnels to a specific VPC/VNet/VCN | VGW (Virtual Private Gateway) | VNG (VPN Gateway) | Cloud VPN Gateway | VPN Connect |