Hybrid or multi-clouds have become an essential part of an organization’s IT strategy today. As part of a multi-cloud strategy, the organization needs to define how to manage, control, operate, optimize, and secure cloud infrastructure and applications in multiple clouds.
Cloud service providers such as Amazon, Azure, Google Compute Engine, IBM Softlayer, or cloud platforms such as OpenStack, Cloudstack, and vCloud provide their own self-service portal to manage resources, but they do not provide options to manage and govern multiple clouds. There are various cloud management and cloud governance solutions available to adopt and accelerate multi-cloud strategy.
Cloud management solutions provide the ability to provision and manage resources across multiple clouds through a single self-service portal. It simplifies multi-cloud adoption via abstraction so that users need not understand the intricacies of multiple clouds.
Cloud governance solutions provide the ability to govern cost, budgets, operations, security, and risk and compliance involving multiple clouds. In governance solutions, the focus is more on the operations, cost, and security rather than just the management of resources.
While cloud management promotes cloud adoption by providing easy access to specific private or public cloud environments, cloud governance helps organizations in cloud lifecycle operations, controlling and optimizing cost, security, chargebacks, and access control. Governance includes the orchestration of resources, users, and services across multiple platforms while also managing risks such as Shadow IT, security threats, etc.
It is indeed a challenge to cater to the dynamic requirements of business, cost management, and standardizing IT processes while still continuing to provide the agility for which we choose cloud options in the first place. Cloud governance focuses on the layer above cloud management that includes policy-based automation to standardize processes and optimizing costs — while providing self-service to end consumers within the organization.
The table below shows the high-level functional differences between cloud management and cloud governance.
Manage cloud resources : This includes performing discovery of resources, provisioning, de-provisioning, and discrete actions on individual resources such as VMs, virtual networks, storage, etc.
Access control: This provides controlled access to cloud services and resources to various users in an organization based on access policies.
Financial control: Financial control provides the ability to define, track, and control budgets for various departments within the organization. It also provides the ability to perform chargebacks on cloud resources based on utilization by various departments
Optimize: Optimization provides the ability to optimize cloud costs by cleaning up unused resources, archiving resources that are no longer required for access, cleaning up the archived resources, scaling down underutilized resources, etc.
Orchestration: Orchestration is about automating a group of tasks to perform a desired function. Orchestration simplifies the provisioning and management of the cloud resources through templates or scripts.
Cloud operations: This includes scaling (up or down) your infrastructure, cloud application deployment, migrations, backup, monitoring, log management, patch management, etc.
Secure cloud resources: And, of course, security includes managing cloud risk and compliance based on organization policy through proper security definitions across various layers, such as the network, endpoints, cloud infrastructure, applications, and data.
Some of the leading cloud management solutions are Scalr, Embotics, and Cloudbolt. Meanwhile, some of the leading cloud governance solutions are Jamcracker, Rightscale, and Corestack.
Cloud management solutions are maturing and extending themselves to solve some governance aspects as well. The table below shows the functional feature differences between cloud management and cloud governance.
Correction: A previous version of this article incorrectly included Rackspace with the list of cloud services providers and platforms that offer self-service portals but not multi-cloud management options. Rackspace does provide multi-cloud managed offerings.