Object Storage Face-Off: Cloudflare R2 vs S3 vs Azure Blob vs Google Cloud Storage

At 100TB/month of egress: R2 costs /bin/sh, AWS S3 costs approximately ,500, Azure Blob costs approximately ,700, and Google Cloud Storage costs approximately 0,000. Egress fees are often the largest line item in cloud storage bills, frequently exceeding the storage cost itself. This is why R2's zero-egress model is so disruptive.

Sippy is Cloudflare's incremental migration feature for R2. Instead of copying all data upfront, Sippy configures R2 to transparently read from your existing S3 bucket on cache miss, copying objects to R2 as they are accessed. Over time, hot data migrates automatically. This eliminates downtime, avoids batch migration jobs, and lets you migrate gradually.

R2 has two storage classes: Standard and Infrequent Access (IA). Standard is /bin/sh.015/GB/month. Infrequent Access is /bin/sh.01/GB/month with minimum 30-day storage duration and higher retrieval costs. R2 does not offer deep archive tiers comparable to S3 Glacier or Azure Archive. If you need long-term archival storage at /bin/sh.001-0.004/GB, the hyperscalers still have an advantage.

Cloudflare's business model monetizes compute (Workers), security (WAF, DDoS, Zero Trust), and platform services rather than bandwidth. Cloudflare has argued publicly that egress fees are artificial markups designed to create vendor lock-in, not reflections of actual bandwidth cost. By eliminating egress fees, R2 removes the economic barrier to multi-cloud architectures and data portability.

R2 automatically distributes data across multiple availability zones within Cloudflare's network for durability. R2 provides 99.999999999% (eleven 9s) annual durability, matching S3 Standard. Unlike S3, you do not choose a region — R2 automatically places data based on access patterns. For data locality requirements (like GDPR), R2 offers jurisdiction hints to keep data in specific regions.

Yes, with some differences. R2 does not have S3's built-in static website hosting feature, but you can serve R2 objects through a custom domain using Cloudflare Workers or by connecting R2 to a Cloudflare-managed domain. Combined with Workers for routing and caching, this approach is more flexible than S3's built-in hosting, though it requires more configuration.

S3 is the most mature choice for data lakes, with native integration with Athena, Redshift Spectrum, EMR, and the broadest ecosystem of data tools. Google Cloud Storage is excellent for BigQuery-centric analytics pipelines. Azure Blob with ADLS Gen2 provides a true hierarchical namespace optimized for analytics. R2 is less suited for heavy analytics workloads due to its limited query-in-place capabilities and smaller ecosystem integration.

All four providers encrypt data at rest by default. S3 offers three options: SSE-S3 (AWS-managed keys), SSE-KMS (customer-managed through AWS KMS), and SSE-C (customer-provided keys). Azure Blob supports Microsoft-managed and customer-managed keys via Azure Key Vault. Google Cloud Storage supports Google-managed keys, Cloud KMS keys, and customer-supplied encryption keys. R2 encrypts all data at rest with Cloudflare-managed encryption.

It depends on the workload. For publicly served content (images, downloads, static assets), R2 is an excellent choice even with AWS compute — you pay AWS egress once to write to R2, then serve unlimited reads from R2 for free. For workloads with heavy internal read/write patterns between compute and storage (like data processing pipelines), keeping storage on the same cloud as compute avoids cross-cloud latency and egress costs.