In the previous blog post (part 6 of the cloud governance series), we discussed cloud access governance. In this blog, we talk about the fifth pillar of OSCAR Governance framework which is Cloud Resource Governance.
Resource consistency is one of the fundamental steps to consider for cloud governance. It is important to organize cloud assets as per the organization needs – organization structure, financial accounting practices, and application needs. It helps in numerous ways in following consistent & standard practices pertaining to resource deployment, management, and reporting.
For example, you can have standard deployment templates using Azure resource manager (ARM) or AWS CloudFormation (CFN) for a specific resource group. Similarly grouping of governance policies, access controls and applying them to one or more resource groups will simplify the implementation of overall cloud governance.
The decisions regarding the level of cloud resource consistency requirements are primarily driven by three factors:
- Post-migration digital estate size
- Business or environmental complexity
- On-going governance enforcement
Source: Azure resource consistency decision guide
Standardize naming conventions
A standardized and well-defined naming convention is the starting point for organizing cloud resources. It will help in identifying and grouping cloud resources for both IT and business purposes such as compliance audits, cost accounting etc. If you are already using a naming convention in your current IT set-up, decide whether to carry that forward to cloud or establish new standards. It is recommended to come up with naming guidelines which are common across the entire IT landscape whether it is cloud or on-premise or a mix.
Resource tagging
An effective cloud governance relies on good tag hygiene. A disciplined and well-designed tag hygiene will help in numerous ways
Support critical governance initiatives for cost reporting, cost optimization, charge-back security, and compliance- Easily discover every cloud resource on-demand
- To establish ownership of the resource for effective charge-back mechanism both for maintenance and for billing
- To understand which environment the cloud resource belongs to – production, development, staging, or QA. You can then apply policies based on these tags. For example, turn off all development resources on a weekend
- To facilitate financial accounting process with different billing codes (for different kinds of cloud spend) mapped to the tags
Source: Azure cloud-adoption-framework
The real benefit of tagging can be realized only when it is enforced globally across all teams. Even a slightest deviation will defeat the purpose.
With this we have covered all the key pillars of the OSCAR Cloud Governance model i.e., Operations, Security, Cost, Access, and Resources. Here is a quick recap of what we discussed in this 7-part blog series on Cloud Governance.
Accessing and consuming cloud is very easy. Unfortunately, it is not the same to operate cloud in a secure, compliant, and a cost-effective manner. Enterprises often face major roadblocks as their traverse the cloud journey which often results in reassessing if cloud indeed is the way forward. The good news is that these challenges are not insurmountable.
To be successful in cloud, automation and governance are indispensable.
Before diving into the execution details which would entail technical discussions, it is paramount to understand the governance needs at a strategic level. Develop clarity on the key business outcomes to be achieved by implementing governance. Accordingly, scope the requirements, their implementation model, and the success criteria. Irrespective of the cloud platform, there are a few common principles which together offer an effective governance. They are related to cloud visibility, costs, operations, compliance, security, resource consistency, and access control.
Cloud service providers offer governance services. However, they often lack the depth enterprises need as per the standards and regulations they need to adhere to. Their value diminishes further in the multi-cloud environments. Hence, third-party governance solutions which are cloud agnostic and continually pursue innovation related to governance are rising in importance.
Governance must not block agility and the autonomy of the cloud users.
It must empower them to leverage the power of cloud at that time that matters to continually roll out innovative solutions. All while ensuring the enterprise security and compliance needs.
