Infra Atlas · Cross-Cloud · IAM Matrix

IAM Matrix.

Four hyperscaler IAM systems against every meaningful capability — policy model, evaluation logic, workload identity federation, short-lived credentials, the account hierarchy, ABAC. The models are not 1:1 — so the asterisks stay.

A note before the matrix. Identity systems are the part of cloud that resists comparison hardest. AWS IAM, Azure’s split of Entra ID (identity) and Azure RBAC (resource authorization), Google Cloud IAM and OCI IAM each grew from different roots — so a checkmark here means “a real, documented equivalent exists,” never “identical.” Where a capability is present but works differently enough to mislead, the cell is marked (model differs) and carries a footnote. Click any cell for the per-provider detail and its documentation source.

Legend Native / first-class Partial / scoped / via add-on Not supported Exists, but model differs * Click any cell for the note & source
No capabilities match your filters.
Try a broader search term, or switch the category to “All”.