Oracle Cloud Licensing Policy: What It Binds
The Oracle cloud licensing policy is a non contractual document that tells Oracle how to count licences for its products on AWS, Azure, and Google Cloud. It maps vCPUs to processor licences and defines the authorized cloud environments, but because it is policy rather than contract, Oracle can change it, and your protection comes from your agreement, not the policy.
What the cloud licensing policy is
The Oracle cloud licensing policy is a short document, published by Oracle and titled around licensing Oracle software in authorized cloud environments, that sets out how Oracle counts licences for its products when they run on third party public clouds. It names the clouds it recognises, defines a counting rule based on virtual CPUs, and states the conditions under which the rule applies. It reads like a contract, which is exactly why buyers misunderstand it, but it is a policy statement, and that distinction governs how much weight it carries. The counting mechanics it describes are unpacked in authorized cloud environments.
The policy matters because, for any Oracle product running on AWS, Azure, or Google Cloud, it is the only public Oracle statement of how licences should be counted on infrastructure Oracle does not control. There is no core factor on those clouds; instead the policy substitutes a vCPU based rule. If you run Oracle Database on a hyperscaler and you want to know your licence requirement, the policy is the reference Oracle's auditors will reach for. Understanding it is therefore a prerequisite for any Oracle on AWS or Oracle on Azure deployment.
How the policy counts licences
The policy's central rule converts virtual CPUs to processor licences. Where hyperthreading is enabled, the long standing convention treats two vCPUs as one Oracle processor licence; where it is not, one vCPU counts as one. Standard Edition products are counted differently, on a per instance and socket equivalent basis bounded by vCPU thresholds. The full vCPU to licence mechanics, including the hyperthreading distinction, are worked through in OCPU versus vCPU.
| Scenario | Policy treatment | Licences for 8 vCPUs |
|---|---|---|
| EE, hyperthreading on | 2 vCPUs per processor licence | 4 processor licences |
| EE, hyperthreading off | 1 vCPU per processor licence | 8 processor licences |
| Standard Edition 2 | Socket equivalent by vCPU bands | By instance size band |
| OCI (for contrast) | 1 OCPU = 1 processor licence | Counted in OCPUs |
The contrast with OCI is deliberate and commercially significant. On OCI an OCPU is a full physical core and maps one to one to a licence; on the hyperscalers a vCPU is typically a hyperthread, so the two vCPU rule effectively prices a hyperscaler core similarly to an OCI OCPU. The policy is the instrument that makes OCI look efficient by comparison, which is part of why it exists and why buyers should read it with that incentive in mind.
The authorized clouds
The policy names a closed list of authorized cloud environments to which its counting rule applies, currently Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Clouds outside that list are not covered by the policy at all, which means the favourable vCPU counting does not apply and the on premise rules, including the full physical core count, govern instead. Deploying Oracle on an unlisted cloud or a niche provider can therefore multiply the licence requirement, a trap covered in detail under authorized cloud environments.
The buyer implication is to confirm that any target cloud is on the authorized list before sizing a deployment, and to treat the list as subject to change. A cloud's presence on the list today is a policy position, not a contractual guarantee, which leads directly to the central weakness of relying on the policy at all.
Why policy is not contract
The decisive fact about the cloud licensing policy is that it is not part of your licence agreement. Your contractual rights are defined by your ordering documents, your OLSA or OMA, and the licence definitions within them. The policy is a separate, unilateral Oracle publication that Oracle can revise at any time without your consent. It tells you how Oracle currently chooses to count on the hyperscalers; it does not grant you a right that survives a policy change.
This matters because buyers routinely build hyperscaler business cases on the favourable two vCPU rule as though it were guaranteed for the life of the deployment. It is not. If Oracle revises the policy, the new counting applies to your running estate unless your contract independently protects the old treatment. The defensive move is to convert reliance on policy into reliance on contract wherever the workload is material, a negotiation point the cloud and OCI licensing practice raises before any large hyperscaler commitment.
How the policy changes
Oracle has revised the cloud policy several times, adjusting which clouds are authorized, refining the counting rule, and tightening definitions. Each revision applies on publication, and Oracle does not negotiate the policy itself; it negotiates contracts. Historically the changes have been incremental rather than punitive, but the structural risk remains that a future revision could materially raise the licence count for an existing hyperscaler estate that has no contractual protection.
The monitoring discipline is to track the policy version against your deployments and to model the cost impact of a plausible adverse change before it happens, so that a revision is a known and quantified risk rather than a surprise finding in an audit. This is the same forward modelling the practice applies to any policy dependent position.
Is the policy binding on you?
The policy binds Oracle's auditors in the sense that it is the rule they apply, but it does not bind you contractually and it does not expand your rights. In an audit, Oracle will count your hyperscaler estate using the current policy; you can hold them to that counting for the period it is in force, but you cannot rely on it as a permanent entitlement. If your contract contains language that fixes a counting method or references a specific policy version, that contractual language, not the live policy, is what governs your position. Where the contract is silent, the live policy fills the gap, and the gap is Oracle's to redefine.
The practical answer for most buyers is that the policy is the working rule today and a risk to be hedged for tomorrow. Treat it as authoritative for current planning and as negotiable, through the contract, for anything material or long lived. Audit exposure that turns on policy interpretation is squarely the territory of the audit defence practice.
How to protect yourself
Protection is a sequence. Read the current policy version and confirm your target cloud is authorized. Count your deployments using the policy rule and document the basis. For any material or long lived hyperscaler workload, negotiate contractual language that fixes the counting method or pins a policy version, so a future revision cannot reprice your running estate. Model the cost of a plausible adverse policy change so the risk is quantified. And reconcile the policy version against your estate on a dated schedule alongside your normal entitlement record.
The contractual hedge is the control that turns a policy dependency into a managed position, and it is most achievable at the point of a large purchase or renewal, when Oracle wants the deal. Raising it after the fact, in an audit, is far weaker. The negotiation work sits naturally inside a wider OCI licensing strategy.
The buyer side view
The cloud licensing policy is the rule Oracle uses to count its software on the hyperscalers, and it is policy, not contract. Use it for current planning, confirm your cloud is authorized, and count carefully on the vCPU rule. But never build a long lived business case on the policy as though it were guaranteed; pin the counting method in your contract for anything material, and model the cost of an adverse revision. Your protection is the agreement, not the document Oracle can rewrite. To convert a policy dependency into contractual protection, request a consultation.
Common questions.
Is the Oracle cloud licensing policy legally binding?
No. The policy is a unilateral Oracle publication, not part of your licence agreement. It tells Oracle's auditors how to count on the hyperscalers, but your contractual rights come from your ordering documents and master agreement, which the policy cannot override or expand.
How does the policy count Oracle licences on AWS and Azure?
For Enterprise Edition with hyperthreading enabled, the policy treats two vCPUs as one processor licence; with hyperthreading off, one vCPU counts as one. Standard Edition is counted on socket equivalents within vCPU bands. No core factor applies on the hyperscalers.
Which clouds are authorized under the policy?
The policy currently names Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Clouds outside this list are not covered, so the favourable vCPU counting does not apply and on premise full core counting governs instead.
Can Oracle change the cloud licensing policy?
Yes, at any time and without your consent, because it is policy not contract. A revision applies on publication to your running estate unless your contract independently protects the prior treatment. This is the central risk of relying on the policy.
How do I protect a hyperscaler deployment from a policy change?
Negotiate contractual language that fixes the counting method or pins a specific policy version for material workloads, ideally at a large purchase or renewal when Oracle wants the deal. Contractual protection survives a policy revision; reliance on the live policy does not.
Does the policy apply on OCI?
No. OCI uses its own rule of one OCPU to one Enterprise Edition processor licence, which is contractually backed within OCI terms. The cloud licensing policy and its vCPU counting exist specifically for the third party authorized clouds.