Many organizations contemplate whether or not vendor lock-ins are right for them, or should they stay cloud-agnostic. To answer this question, we got Hillel Solow, CTO & Co-Founder here at Protego and Eoin Shanaghy, CTO of fourTheorem to discuss all the latest topics in cloud-native and serverless.
Going All-In On Your Chosen Cloud
Eoin presented a tweet from ThoughWorks during our Serverless Show around vendor lock-in. Vendor lock-in’s are still very much a source of frustration when talking about cloud, AWS, and previous cloud vendors. ThoughtWorks led with a formula saying that lock-in is migration costs minus the opportunity gained. A lot of organizations ponder whether or not they should be cloud-agnostic and put in place preparations to be able to switch clouds quickly in the event of cost increases. Eoin believes organizations should measure it, and the formula from ThoughtWorks helps in doing it really well.
When it comes to being cloud-agnostic, organizations need to think about migration costs and their current costs. Meaning – what is the cost of actually preparing for being cloud-agnostic? Following that, they should also consider the opportunity they get from going all-in on their chosen cloud, do the equation and see how the math works out. Eoin believes 9 out of 10 times, they are going to find out it’s not worth the hassle of trying to be cloud-agnostic. If organizations use common sense principles around how they architect their code so that they don’t have tight coupling between services, in most cases lock-in is not an issue.
Asking The Right Questions
Hillel thinks the discussion around lock-in is not a binary discussion. It’s not about what if a company needs to move from provider A to provider B, but rather more nuance questions like what if provider A’s storage options are not as good as provider B’s? or what if the analytics pipeline from provider B is not sufficient and requires them to move to provider A? Organizations need to consider the costs, complexity and investment they would need in order to move, and add to it the fact that cloud services are not monolithic things that we have to migrate entirely.
IAM Is The Real Lock-In
Looking at cloud-agnostic vs. lock-ins in a more nuanced way can help organizations realize that spending a lot of time getting their permissions right and thinking about fine-grained access control, is ultimately where a lot of their time goes in. Eoin thinks organizations should try to think about it more logically and automate as much as possible so that they don’t end up handcrafting policies and roles that really are kind of snowflakes.
*** This is a Security Bloggers Network syndicated blog from Blog – Protego authored by Trisha Paine. Read the original post at: https://www.protego.io/serverless-show-lock-ins-vs-cloud-agnostic/