Anyone engaged with hyperscalers like AWS or Azure has probably encountered the shared responsibility model:
- AWS Shared Responsibility Model
- Azure Shared responsibility in the cloud
In large organizations where multiple development teams are running multiple workloads in the cloud, it is beneficial to centralize some of the customer responsibilities to offer them to internal development teams in a streamlined manner.
This leads to an Extended Shared Responsibility Model shifting from a bi-directional relationship between Cloud Consumer and the Cloud Provider to a triangle relationship between the Cloud Consumer, the Cloud Foundation Team(s) and the Cloud Provider.
The Cloud Foundation can be broken down into Core Domains and Shared Service Domains, which in turn are composed of individual Capabilities.
The Core Domains represent the fundamental capabilities like Cloud Management, Cloud Security & Governance and Cloud Networking that will be consumed by the Cloud Consumers and the Shared Service Domains.
Shared Service Domains are capabilities like Container, IoT, BigData or Machine Learning that will be consumed by the Cloud Consumers.
The major benefit of this enhanced model is offered to Cloud Workload Development Teams who can benefit from a “refinement” of the Cloud Provider offering, allowing them to focus on their workload challenges.
Let’s have a look at the example of security controls. A majority of the security controls are provided directly by the Foundation Core Domain. Optionally, the Shared Service Domain will add domain-specific security aspects. This allows the actual Cloud Consumer to already start with a very high level of security “out of the box” and focus only on the workload-specific security aspects.
The Cloud Workload Development Teams can rely on centrally provisioned cloud capabilities offered by the Cloud Foundation.
Further magnification of the Cloud Foundation Core Domains leads to this Capability Map:
Each Foundation Capability consists of a technical part and a fulfillment part. A Foundation Capability is owned by one Foundation Capability Team (a Foundation Capability Team can be responsible for multiple Foundation Capabilities - for example, the AWS Foundation Security Team is responsible for the entire Foundation Security & Governance Domain).
The Nuvibit Cloud Foundation Capability Map is based on the Cloud Operating Model AWS whitepaper and the AWS Cloud Adoption Framework and implements their key principles.
Our model describes the capabilities of a Inhouse Cloud Platform in the sense of Gregor Hohpe - The Magic of Platforms  .
Nuvibit specializes in providing Cloud Foundation Capabilities to organizations.
We will tailor our Foundation Blueprint to your needs and enable you to deliver Foundation Capabilities to your Cloud Workload Development Teams with a high level of maturity.
Get in touch with us for further details.