What Are the First Steps Toward a Cloud Operating Model?
Sep 09, 2019
Changes in IT organizations are often driven by infrastructure ops or security. If ops-driven, automating template-based governance for infrastructure provisioning is key. If security-driven, an identity broker for multiple cloud vendors' systems is the first priority.
What we see most people do is they'll pick one of the problems to solve rather than trying to tackle all of them. And the easiest one to solve is generally around security or provisioning. It's to say, "Hey, I am going to have all my teams go provision infrastructure on demand. How do I create a set of pre-approved templates that say, every time they deploy this application, it is the same every single time”? And Terraform is a very, very common tool for doing that. It allows me to create a common templating mechanism.
So people generally would start with Terraform as the basis for building this organizational competency in their company. This is to say, "Hey, I know we're all provisioning infrastructure on demand as we need it right now. I'm going to create a central repository and then require you to only use those [modules](https://registry.terraform.io/"Terraform Module Registry")". In that way, a group of 10 ops people can provide enforcement for tens of thousands of developers.
Whether it's Terraform, or whether it's centralizing credential management with [Vault], those tend to be the two places people start. But in our experience, people have [all three problems](https://www.hashicorp.com/resources/cloud-operating-model-devops-security-networking-challenges “The Cloud Operating Model: DevOps, Security, and Networking Challenges & Solutions”). It's a question of which one they want to tackle first.