FinOps Governance Review

Overview

CoreStack can assess your onboarded cloud accounts periodically to identify any violations and generate a FinOps Governance Detailed Report/FinOps Governance Summary Report. This governance review is performed against specific scenarios, each having its own definition and weight.

The governance review analyzes how your cloud account is performing with respect to controlling costs. Cost control identifies whether your resources are managed within your defined budget thresholds. Cost optimization checks if your resources are used in an optimized manner. The governance review also includes details around recommendations and cost avoidance.

Based on the number of violated resources per scenario, a maturity index is derived. This maturity index helps you understand how your cloud account is performing over a set time period.

Required Permissions (AWS, Azure, and GCP)

A cloud account must be configured with the required privileges prior to onboarding the cloud account to perform a FinOps governance review.

Read-only access to most services should be sufficient for the FinOps governance review.

📘

Note:

For governance, you can also onboard a cloud account with Assessment + Governance settings.

📘

Important

For governance reviews, you must provide access to the following in the Cloud Account being onboarded to CoreStack:

• Cloud resources to understand whether the resources are configured properly.

• Monitoring data to understand whether the resources are utilized well.

• Cost & Usage data to calculate potential savings for recommendations (data for the current month + last 2 months are mandatory).

• Reservations and/or long-term savings options available for the account to provide purchase recommendations and check that purchases are utilized well.

Onboarding Prerequisites

AWS

1. How to Onboard an AWS Management Account
2. How to Onboard an AWS Member Account

Azure

1. How to Onboard an Azure Subscription (Pay as You Go)
2. How to Onboard an Azure CSP Direct Account
3. How to Onboard an Azure CSP Subscription
4. How to Onboard an Azure EA Subscription

GCP

1. How to Onboard a GCP Billing Account
2. How to Onboard a GCP Linked Project

FinOps Governance Review Score

CoreStack provides a comprehensive FinOps Governance Detailed Report/ FinOps Governance Summary Report for your cloud accounts. You can view the review score for your cloud account that is identified based on the resources assessed. Cost avoidance is estimated for each of the review categories in your cloud account.

Cloud admins can perform a governance review of their cloud accounts to view the governance index and compare them against each other to see where they stand according to others in CoreStack or industry benchmarks. You can generate an automated governance review report every month to visualize the improvements/decline in the index.

Score = ((100 - % of Potential Cost Savings) 0.5) + ((100 - % of Violated Resources) 0.1) + ((100 - % of Budget Violations) 0.2) + ((100 – % of Untagged Resources) 0.2)

• % Of Potential Cost Savings = ((Potential Cost Savings) / Average Monthly Cost) * 100)
• % Of Violated Resources = (Total Violated Resources / Total Resources Assessed) * 100
• % Of Budget Violations = (Total Violated Budget Scenarios / Total Budget Scenarios Assessed) * 100

How it works

CoreStack has a defined set of governance review scenarios based on your cloud platform, cloud services, and cloud resource types that are available in your cloud account. These review scenarios are based on Industry Standards and Best Practices, including those recommended by AWS, Azure, and GCP. There are scenarios available for each Governance Pillar: Operations, Security, Cost, Access, and Resource Consistency.

The system checks the status of your cloud environments against these standards for each of the 5 pillars and provides a consolidated report that covers multiple aspects of your cloud accounts. For example, an Operations review will include checks for multiple aspects such as Monitoring, Utilization, Activities, Automation, Backup, Patching, etc. Similarly, each pillar will have all their key areas covered as part of the governance review.

The system checks for the compliance percentage across your resources for each review scenario. And each scenario carries a certain weight based on how critical that is. A Review Score is provided for your cloud account by calculating the weighted average of the results across all scenarios.

Azure Hybrid Benefit

Azure Hybrid Benefit is a cost-savings benefit that lets you bring your existing on-premises Windows Server and SQL Server licenses with active Software Assurance or subscriptions to Azure.

To know more, please click here: https://docs.corestack.io/docs/optimize-rate-license-benefits#azure-hybrid-benefit

Navigation

The cost usage reports are available in the Reports > Cost section. You can select the required cloud account and view its report(s).

Governance Review Reports

CoreStack provides a FinOps Governance Detailed Report for specific Governance Pillars and Cloud Accounts.

The report summary provides information about each governance review scenario for the selected cloud account, as well as an overall score for the account and the Governance Pillar. This helps to understand the specific areas where the account requires improvements and recommend any necessary next steps.

The fields available in the Review Summary section are:

• Review Sub-Category
• Review Group
• Review Scenario
• Total Violated Resources
• Total Resources Assessed
• Potential Cost Avoidance

🚧

Note:

For the Config review category, cost avoidance data will not be available for a few of the cases. These cases will be supported shortly and are planned for a future release.

The report can be printed or exported in PDF and Excel file formats. While in the report, you can switch between different Tenants, Cloud Accounts, and Review Dates to view the report and export the one that you need to.

The Governance Review Detail section provides a deeper view into the review results. You can view the number of violated resources and total number of resources assessed for each of the review scenarios.

The fields available in the Governance Review Detail section are:

• Description
• Resource Type/Resource
• Total Resources Assessed
• Number of Violated Resources
• Total Estimated Monthly Cost Avoidance
• Recommendations

The actual resources that are in violation are also listed after each Review Category. This helps the cloud admin to identify the actual resources in violation so they can take immediate action to resolve them.

FinOps Governance Report

The FinOps Governance Report conveys the following details:

• FinOps Governance Review: Provides an overview of the FinOps maturity level of your cloud account.
• FinOps Governance Review Summary: Users can view the summary of information identified for different FinOps review scenarios for your cloud account and the details are grouped based on the categories.
• FinOps Governance Review Detail: Provides further details for each resource involved in the FinOps Governance Review and provides associated information to remediate any resource violations in your cloud account.
• Cost Visibility: Provides an overview of the actual costs incurred by resources against their forecasted costs.
• Cost Insights: Provides insights on various factors such as regions and tags that are available on your chosen cloud platform.
• Governance Review Visibility: Provides a summary of the resources that are involved in the governance review.

Visibility and Insights are captured as a snapshot and persist once the governance review is completed. This helps you to relate cost avoidance, resources, and other details together. Point-in-time data for costs will be available only in the Posture & Other Cost Reports section.

Recommendations related to reservations are provided as part of the AWS management account that's consolidated for all the AWS member accounts.

Examples of some of the pages and charts from the report are shown below.