Who

• Engineers

Why

Developers are naturally curious and are therefore likely to have existing experience in your chosen cloud platform. Harnessing their enthusiasm and passion is absolutely critical to driving cultural transformation within your organization. This enthusiasm, however, can create tension, as developers are likely to request broad access to a wide variety of services without significant enterprise control. This leaves us with a challenge: how do we apply our security policies in a consistent and reliable fashion?

A common anti-pattern we’ve seen regularly is to build or buy a brokerage layer—a piece of software that abstracts one or more cloud platforms into a common set of APIs. This is regularly framed as solving two problems:

1. Enabling longer-term arbitrage opportunities between cloud providers

2. Providing a common control point at which policy can be applied

The first problem is dealt with elsewhere in this report, where we argue that enabling only common services substantially reduces cost-efficiency and velocity in favor of a future potential opportunity.

This approach of wrapping the providers’ APIs also has a dangerous side effect, whereby you substantially change the developer experience (DX). Any knowledge your developers have already garnered in operating cloud technologies will be underutilized. Moreover, it unintentionally stymies growth for your engineers beyond ...