Realm of Cloud adoption and CIOs strategy of Cloud First has created significant governance issues for enterprises. Today it’s becoming a nightmare for CIO organization to manage Cloud Governance issues.
Broadly impacted Enterprises can be classified into two categories.
- Enterprises trying to manage by using Traditional IT methods.
- Enterprises trying to manage by using multiple tools.
Enterprise using AWS and falling into any of the categories is not able to set their house in order. Solutions and processes they might be using are either fragmented or not built for On-demand IT. First category enterprises are using traditional IT management process which works in silos and involves manual human dependent process since lacks workflow automation. To manage visibility and spend, IT ends up creating multiple AWS accounts for departments and projects but lack of centralized administration leads to cloud sprawl and often result in budgets overrun. The second category as stated does not provide to stitch complete GRC into a single glass of pane and hence fragmented. Hence every CIOs having a prevailing thought to address this with the help of a single tool but stuck between is Build Vs Buy.
If you read what AWS has to say about Governance at Scale is as follows:
Governance at Scale can help companies establish centrally managed budgets for cloud resources, oversight of cloud implementations, and the dashboard of the company’s cloud health. Cloud health is based on near real-time compliance with governance policies and enforcement mechanisms. To enable this, the policies and mechanisms are separated into three governance at scale focal points:
- Account Management - Automate account provisioning and maintain good security when hundreds of users and business units are requesting cloud-based resources.
- Budget & Cost Management - Enforce and monitoring budgets across many accounts, workloads, and users.
- Security & Compliance Automation - Manage security, risk, and compliance at a scale and pace to ensure the organization maintains compliance while minimizing the impact on the business.
What required is a single tool which helps Enterprises to monitor and control costs, accounts, and compliance standards, associated with operating large enterprises on AWS.
Let’s look at a use case. Enterprise IT has following to manage while consuming AWS.
- Centralized budget for AWS usage for a year. And the budget allocations and tracking should happen across departments and projects.
- Based on department and types of users defining policies of who can provision what?
- Enforcing Enterprise IT security policies on provisioned AWS resources A centralized access and visibility at every layer in the organization hierarchy about their spent, budgets, and resources.
Jamcracker Cloud Management Platform provides all necessary features for Enterprise IT to align Governance at scale. Key features are:
- Account Management – Streamlining multiple account creation process automatically or map existing parent and linked accounts to respective departments. Policy automation to define roles and access. RBAC enabled access of AWS console via SSO from the Jamcracker platform. Automated Workflow makes the entire process seamless from account provisioning via APIs to the importing AWS templates and creates centralized as well as department-specific AWS catalog. This brings a huge acceleration to developers and managers for provisioning and tracking.
- Budgeting & Cost Management – Budget planning and enforcement, that is what in a nutshell Jamcracker helps Enterprise IT to achieve with AWS consumption. IT can define AWS consumption budgets at the department level and track them centrally. Every department admin can further define and track budgets for projects. Developers can tag resources and can focus on their workloads. To do cost management automated workflows and dashboards are available. On one hand, workflow helps to enforce consumption under budgets and also gives the flexibility to provide approval for exceptions. Other hand dashboards give an insight into cost consumption for the department as well as central IT. Various recommendation dashboard suggesting optimizing workloads, adopting on-demand vs reserved instances, analysing saving plans based on agreements enterprises signed with AWS.
- Security & Compliance Automation – Supports automation to enforce security and compliance to achieve organizational GRC policies. Enterprises can integrate their IAM to sync their RBAC and then further federate with AWS portal access. The compliances are built by restricting users to provision non-approved resources via the self-service portal. Enforcing security policies by supporting users be it an IT Ops, DevOps to run AWS Cloud Formation and Custom Script templates. The GRC led FinOps provide department wise restrictive access to resources and cost visibility. Department having multiple accounts can have further drills down to their atomic level access.
Jamcracker provides multi-cloud management platform as virtual appliance and listed in AWS marketplace. Enterprises can download virtual appliance from the following link.
About Author:Ajay Gupta is Director of Business Development & Pre-Sales for Jamcracker. He is Cloud Evangelist and consults for defining product and growth strategy for Jamcracker. He manages global business, channels, alliances and analyst relations.