Two clouds. Two KMS services. Same goal; very different experience.

Two clouds. Two KMS services. Same goal; very different experience.
I work across AWS and OCI daily so I get to compare these things firsthand.
AWS KMS feels mature. You create a key, attach a policy, integrate with S3, Lambda, EBS in minutes. IAM controls everything. It just works.
OCI Vault is powerful but the setup feels heavier. Key management, secret management and vaults are separate concepts you need to understand before you start. It takes more planning upfront.
A few real differences I noticed;
AWS KMS integrates natively with almost every AWS service out of the box. OCI Vault requires more manual wiring to connect with other OCI services.
AWS gives you automatic key rotation with one toggle. OCI supports rotation but the process needs more configuration.
AWS KMS pricing is per API call. OCI Vault pricing is per key version stored; different mental model for cost planning.
Neither is better. They just think differently.
AWS optimizes for speed and simplicity. OCI optimizes for control and structure.
Know which one you are working with before you start designing your encryption strategy.