Cloud-Native is the most used and abused term in the industry now. It has been used to represent anything from cloud services to containers to DevOps tools. We consider cloud-native infrastructure to be an infrastructure that is consumed as a service through an API. Public clouds are an obvious candidate for cloud-native infrastructure, but we consider any infrastructure whose complexity is completely abstracted away to be consumed as a service through an API. With this definition in mind, we are going to make a case to rethink governance to fit the cloud-native infrastructure.
How is cloud-native governance different from traditional governance?
In traditional IT, organizations had more leverage over their infrastructure, and the access was heavily gated. The security perimeter was also confined within the control of the IT. However, cloud computing and cloud-native shifts the control away from enterprise IT departments and give more power to developers consuming IT resources. The security perimeter transcends the organizational boundaries and, in the case of multi-cloud, spans multiple cloud providers. This change makes governance much more complicated and changes the very nature of governance to be more dynamic.
Listed below are a few critical capabilities a cloud-native governance model must include:
- Since the barrier to consuming cloud services is very minimal (as opposed to raising a ticket to commission necessary servers), a traditional gating approach will not stop people from breaking the organization’s policies. Instead, organizations should embrace a smooth approval workflow. This requires monitoring from the point of consumption of a cloud service to its use. Cloud-native governance platforms must not only empower the consumers by providing a self-service interface but also monitor the consumption and orchestration of services
- Security spans multiple cloud providers, and the traditional approach to security as an afterthought will fail miserably. The security services should be baked into the infrastructure platforms and application architectures. Since security perimeters traverse different cloud providers with differing security protocols, the governance platform should work natively with cloud providers’ APIs to bring security into the governance fold. Without tapping into the APIs, it is not possible to have fine-grained control over the security
- Monitoring has to be comprehensive and go beyond traditional monitoring tools. A shift is underway from conventional monitoring to observability, which not only monitors the health of the distributed systems in real-time using the APIs but also applies predictive analytics using logging and tracing data. A cloud-native governance platform should embrace this approach to help organizations stay complaint
A move to cloud-native from the traditional systems based approach requires governance platforms to embrace programmability and take advantage of native APIs. As the cloud environment changes dynamically, the governance platform can tap into the APIs to have the most up to date data and also provide the necessary levers to ensure compliance. With a cloud-native governance platform, organizations can empower their developers to operate at the speed of business while also having the required guardrails. Please contact us here to learn more on CoreStack’s cloud-native governance model.