Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Users management

  2. Cloud accounts management

  3. Cloud Financial Managementfinancial management

  4. Compliance and Auditingauditing

Anchor
users-management
users-management
Users management

...

Full ownership of all cloud accounts

  •  The root organization owns all cloud accounts this allows for full flexibility on services, spending and data preservation

Very low technical know-how required for management

  •  

Managers can enable or disable managed cloud accounts

  •  

Very low personnel bandwidth-required for management

  •  

Very low risk of unsolicited data and compute resources irreversible deletion

  •  By default, a data preservation strategy is adopted

Advanced cloud accounts monitoring (costs, resources, activity, etc.) and full auditability on users' actions

  •  

Individual accounts budget adjustment, budget transfer between cloud accounts and budget reverse transfer to managers and admins cloud accounts

  •  

Masquerading to users cloud accounts for managers and admins

  •  

RBAC Control of users' cloud accounts for accessing cloud services, cloud regions, compute instance types, database instance types, machine learning instance types etc.

  •  

Sharing capabilities for cloud artifacts (machine images, storages, IAM Users) User to User, User to Group, User to Organizations

  •  

Default configuration for user cloud accounts including a default private network, a default region, and a default IAM user

  •  

Anchor
cloud-financial-management
cloud-financial-management
Cloud

...

financial management

Cloud accounts costs daily reports at the organization and users level

  •   

Cloud accounts get automatically disabled when the budget is reached

  •  Accounts can be re-enabled via a budget transfer that sets the budget above the spending

Budgets can be enforced on cloud accounts based on RosettaHub’s real-time cost estimators

  •   

Cost, budget and resources real-time dashboard, cross-regions aggregated resources views

  •   

Custom actions on cloud accounts' budget depletion (full clean-up, data preservation, admin-defined)

  •   

Management framework for promotional credits

  •   

Maximum hourly cost on cloud accounts can be enforced

  •  Accounts get automatically disabled when the maximum hourly cost is reached

Multi-root accounts (multi-billing accounts) per root organization

  •  

Pooling (aggregation) of promotional credits

  •  

Real-time cost and resources monitoring, real-time billing estimate

  •  

Cloud accounts can be cleaned up in a few clicks

  •  

Cloud accounts can be disabled or quarantined by managers and admins

  •  

Anchor
compliance-auditing
compliance-auditing
Compliance and

...

auditing

RBAC-based access to limit regions and services to compliant regions and services for each user and organization

  •  

Compute instances number limit can be enforced

  •  

Storage Size limit can be enforced on object storages, file storages, block storages and block snapshots

  •  

Spot Usage can be restricted

  •  

Spot Management and safeguarding

  •  

Email notifications to individual users and admins for warnings and critical events

  •  

Cloud accounts get automatically disabled if keys get compromised or in case of an abuse

  •  

Automatic handling of abuse reports on all accounts

  •  Users and their managers are automatically notified, access keys are automatically reset

Immediate reset of any compromised access keys signaled by cloud provider

  •  

Regular reset of cloud access keys on all cloud accounts

  •  

Auto-stop idle compute instances

  •  The idle timeout can be customized

Auditing of all users actions

  •  

Auditing of all cloud accounts actions

  •