What is tested in a SOC 1 audit report that is not tested in SOC 2 audit reports?

When I go through SOC 1 & SOC 2 it feels like SOC 2 is just much broader and tests basically all the SOC 1 controls.

But then the SOC 1 report is required for auditors because SOC 1 clearly says it is intended for user entity auditors but SOC 2 doesnt.

Honestly, feels like a way to charge for 2 reports where only one is sufficient.

Can someone give me an example of a control tested in SOC 1 …

amp audit controls cybersecurity report reports soc soc 1 soc 2 soc 2 audit tests what is