Azure Entra is an example of making a system so complex that nobody can understand it entirely. I'm fairly experienced in access control systems, OIDC, crypto, etc. but I was not able to understand how it all fits together.

Google Cloud is simplistic in comparison. AWS is full of legacy complexity (IAM policies, sigh) but it's fairly self-contained and can be worked around by splitting stuff into accounts.

I have not looked at Oracle cloud yet. Is it any better than MS?