🛠 Service Ecosystem
As an organization’s cloud adoption accelerates, application teams will start requesting additional services from Cloud Foundation teams like managed on-premise connectivity or managed DevOps toolchains. Providing a rich ecosystem of services can helps teams build on the cloud more successfully and can also be an important enabler of cloud adoption speed.
In the same way that cloud platforms are composed out of multiple services built on a single control plane, successful cloud foundation teams adopt a similar approach to develop an internal cloud service ecosystem for the organization. Leveraging the same “cloud foundation control plane” that already offers 🗂 Tenant Management, 🔐 IAM, 🔖 Security & Compliance and 💵 Cost Management for managing application teams’ access to cloud platforms, the cloud foundation offers additional services to teams. In general Cloud Foundation teams should focus on offering “value-added” services that solve problems that are too complex or too costly to solve for internal customer leveraging cloud-native services individually.
Key Activities for a Multi-Cloud Service Ecosystem
Building a strong multi-cloud service ecosystem needs to consider the unique demands of the application teams. The building blocks however represent common capabilities that many organizations implement along their cloud journey:
An Internal Service Marketplace is the foundation for offering internal services in a consistent way and enabling teams outside the cloud foundation to build and consume services as well
Virtual Network Service is a fundamental capability that enables managed connectivity solutions such as On-Premise Network Connection or Managed Internet Egress
Managed DevOps Toolchain can simplify adopting DevOps practices by allowing application teams to concentrate on “what” over “how”
Cloud Foundation teams should listen closely to the needs of application teams and evolve the service offering accordingly. For example:
Offering a Shared VM Image Repository and Managed bastion hosts as building blocks can accelerate application teams building IaaS solutions
In-house PaaS Service Integration and API Gateway to on-premises APIs can enable building cloud-native solutions e.g. based on serverless
As the cloud foundation approach is all about integrating the capabilities of its constituent pillars, the Service Ecosystem pillar has several important links to other cloud foundation capabilities
Application teams should be able to order services from the cloud foundation’s service ecosystem based on the organizational metadata they already used to register, e.g. recorded in a Cloud Tenant Database.
Services are an important part of Modular Landing Zones and should thus be logical extensions to existing tenant management processes like Tenant Provisioning.
- Leverage existing IAM facilities such as Federated Identity and Authentication as well as the Resource Authorization Management to manage teams’ access to internal services.
- Encapsulating solutions commonly needed by application teams to run secure workloads in centrally managed and well-secured services can help raise the overall security of a cloud foundation. For example providing Managed bastion hosts or Managed Key Vault.
- Integrate metering and chargeback with cost management building blocks like Pay-per-Use for internal Services. These are an integral part of enabling an Internal Service Marketplace.
Designing a Multi-Cloud Service Ecosystem Strategy
Especially when adopting cloud at scale, cloud foundation teams can benefit tremendously from an internal service ecosystem strategy that enables the organization to build and offer additional services to application teams.
Building an Internal Cloud Service Ecosystem
Take a look at the comprehensive guide for building successful cloud service ecosystems leveraging an enterprise-wide marketplace for cloud infrastructure services.Read the Cloud Service Guide →
Key Stakeholders in a Multi-Cloud Service Ecosystem
The Cloud Foundation Maturity Model recommends building the cloud service ecosystem around the concept of an Internal Service Marketplace. Marketplaces naturally have three key-stakeholders: the marketplace provider, service providers and service customers.
The cloud foundation team should position itself as a marketplace provider. It is therefore responsible for aligning the marketplace with existing IT service management (ITSM) and governance processes like chargeback.
The cloud foundation team will also take on the role as one of the first service-providers on the marketplace. However, a successful service ecosystem requires that the marketplace provider also enables other providers to offer and “sell” services on its marketplace. This can be traditional infrastructure teams (e.g. offering a Shared VM Image Repository or On-Premise Network Connection) as well as teams manging 3rd party PaaS Service Integration or even In-house PaaS Service Integration.
The application teams are the service consumers. Cloud Foundation teams play a critical role here as a facilitator matching consumer demands with the supply-side. As a part of this role, cloud foundation teams should also involve management stakeholders and enterprise architects to provide feedback for the evolution of the IT service portfolio.
Finally, the cloud foundation team should also incentivize security & compliance stakeholders to view the marketplace as an opportunity to provide “secured out of the box” services. This can help improve the overall security level of cloud workloads by providing building blocks that are aligned with security and compliance requirements.