Announcing "Cloud Accelerate" - ServiceNow workflows to Accelerate your Cloud Adoption

Picture yourself as an IT Operations leader in a manufacturing company adopting a journey to innovate faster and gain market share. You are most likely looking to use cloud for driving the innovation and reduce costs of automation.

 

As a leader in your company driving the cloud adoption and transformation you would find yourself asking questions about -

 

• how to improve cloud adoption, while enforcing cost governance and security principles to enable faster innovation?
• how to setup a catalog of cloud services (marketplace) to meet app developer's needs keeping the overall experience simple?
• how to centralize cloud automation, add policy governance without a lot of refactoring of existing code?
• how to drive application migration assessment discussions and decisions faster?
• how to ensure that resource configs do not encounter drift from organization norms?

While these are specific topics influencing cloud transformation journey, the broader questions that organization are trying to solve for quicker cloud adoption are -

 

1. Simplify - how to speed up innovation through frictionless self-service experience?
2. Shift left - how to embed config checks in provisioning workflows as per org and regulatory norms?
3. End to end automation - how to simplify operational maintenance of the application?

 

In this blog post, I will explain how ServiceNow Cloud Accelerate enables this cloud adoption trifecta.

 

What's Cloud Accelerate anyway?

Cloud Accelerate is a set of capabilities to enable customers in their cloud automation day-0 (setup), day-1 (rollout), and day-2 (maintenance).

 

To get a role-based view into who works with Cloud Accelerate, and the tasks and efforts involved in the phases of cloud adoption, view this 4 minute video. Accelerate your Cloud Adoption with ITOM Cloud Accelerate

 

Cloud Accelerate comprises apps that enable each of these use-cases.

 

Here's some resources to help you understand how each of these capabilities will help you.

 

Plugin name	Docs Link	Video	Store App
Cloud Migration Assessment	CMA Documentation	ITOM Governance - Cloud Migration Workspace - YouTube	CMA Store App
Cloud Services Catalog	CSC Documentation	Webinar: How to Accelerate Cloud Provisioning with CSC - YouTube	Cloud Services Catalog Store App   CSC Content Pack (Store App)
Cloud Configuration Governance	CCG Documentation	Drive technology best practices with ITOM Cloud Configuration Governance - YouTube	CCG Store App   CCG Content Pack Store App
Cloud Action Library	CAL Documentation		CAL Store App

 

Now coming to the actual pains that many of you face in your cloud transformation and the approach to resolve this through an internal developer platform.

 

Pain 1: how to improve cloud adoption, while enforcing cost governance and security principles to enable faster innovation?

 

You wish to enable your developers to use cloud, but if you open them out to the cloud, they could end up ordering high-cost services without approval and enforcements - this can lead to surprises and negative returns on cloud investments. The solution for this is to offer an internal developer marketplace with the readymade cloud offerings and enclose this in a well governed catalog with underlying end-to-end workflows for cloud automation. Requests for usual day-to-day needs can be setup to pass through without approval, whereas uncommon requests need approval driven by policy. 

 

CSC helps through this entire process by offering ready-made OOB catalog items for IaaS, PaaS, FaaS services, as well as a catalog designer to design new catalog items. This comes with complete end-to-end API automation with the cloud vendor. CCG included during deployment workflows, can be used to run checks to ensure that the best practice configurations are followed, additional and custom policy checks can be created.

 

Pain 2: how to setup a catalog of cloud services (marketplace) to meet app developer's needs keeping the overall experience simple?

 

The internal developer platform acts as the nice garden (as opposed to a fortress) where developers can build the apps they want to, using common infrastructure components from the catalog. Their focus and efforts and time is only on their app development, instead of trying to find the right Linux image to use.

 

This catalog is built with standard, normal request items and meeting the 80-90% needs of the developer community. The remaining 10-20% is always a custom playfield for new innovations. Over time these new asks also become standard asks and will move into regular catalog.

 

CSC uses the Employee Center experience, so a developer in the organization (or any cloud user for that matter) need not go to different portal pages. The employees can order cloud services in the same location where they would go to order workplace items like stationery, or the laptop for office use making the experience simpler. As there's tie-in with CMDB in the CSC catalog items, the request form will show references to relevant business applications, cost centers and so the employee will be able to easily assign the resource to the right headings through drop-down lists. Once the resources are deployed to the cloud, there's automatic updates to the CMDB and all resources are tagged individually, so a service map creation also becomes very easy.

 

Pain 3: how to centralize cloud automation, add policy governance without a lot of refactoring of existing code?

 

Existing tools like Ansible possibly even built like cottage industries over time or even app-dev pipelines like Azure DevOps are important to integrate to the broader platform story, as a means of centralizing these various automation libraries. The added advantage of doing this is that when bringing towards central workflows in ServiceNow there's closer enforcement.

 

The ask from one of our customers was - "Can I restrict a developer from ordering cloud services unless he has completed cloud security training?" This is the place where ServiceNow rules over other tools as in an organization anyone with the cloud credentials and the CLIs can make a deployment, but this can lead to many process lapses - ServiceNow can help with the policies that look at employee training and team needs, or change approvals. CSC discovers ADO pipelines, and Ansible Tower/AWX job templates automatically and helps run this through central catalog. The deployed resources can be operated through day-2 operations available with CSC.

 

Pain 4: how to drive application migration assessment discussions and decisions faster?

 

Arguably 60-80% of migration projects are stalled because of lack of information about the applications. Mechanisms such as discovery of resources and relationships have long been in use, but there's a need to tie-in the discovered information into the 'move' groups combining servers and their hosted apps, and drive a conclusion towards the right R-Disposition.

Note: R-Disposition is cloud industry slang for what you want to do with that legacy app - Retire, Retain, Refactor or Rehost (and as if 4 R's were not enough, AWS came in an added 2 more to sell more of their stuff - repurchase and replatform). Flash news - we hear there's a 7th R pushed by VMware on cloud - called 'relocate' mainly regarding VMware investments moving to cloud.

 

ServiceNow's CMA helps to arrive at the right R-Disposition in a governed task activity, with a workbench of the discovered information at hand, as well as ability to add notes, comments and inputs from the various app stakeholders and team as well as the cloud team members.

 

Pain 5: how to ensure that resource configs do not encounter drift from organization norms?

 

All organizations follow best practice norms in their application deployments and want to avoid drift from the best practices - which obviously can creep in over time and with regular usage. The Operations team might step in to fix an issue reported by the customers - while this may be ok to close the particular issues, the new configuration may not be as per expected norms. This has to be regularly checked and any violations reported and remediated. The problems recently seen with leakage of data from open S3 buckets are all result of drift from best practice norms. Regular scans on resources must be done to ensure that the best practice policies are met and any violations must be remediated.

 

ServiceNow CCG provides the ability to setup best practice rules via low-code, no-code (rules based) and pro-code (Scripted) approaches. The policies will run automation flows to get latest resource information from the cloud and validate the obtained information. For resources not meeting the best practice norms, CAL our action library offers ability to remediate the resources.

 

Cloud Accelerate is not just a single trick wonder, it is a battalion of capabilities, with OOB content and extensibilty for driving your cloud automation and governance needs. Please try it out and let us know your feedback.