RosettaHub Cloud Operations
- RosettaHub
Users management
Mass on-boarding | Using excel spreadsheets or the RosettaHub APIs |
Organization units mapping | |
Delegation by Organization units owners of management rights to other managers and admins | |
Dedicated registration websites for root organizations | |
Permanent cloud accounts | Users can keep their cloud accounts for as long as they are within the organization |
Federation of access | |
Single Sign On | |
Full auditability of administration actions | |
Fully customizable dashboard through RosettaHub perspectives that can be created and shared or enforced on users or on sub-organizations | |
Masquerading as other RosettaHub users for managers and admins |
Cloud accounts management
Full ownership of all cloud accounts | The root organization owns all cloud accounts this allows for full flexibility on services, spending and data preservation |
Very low technical know-how required for management | |
Managers can enable or disable managed cloud accounts | |
Very low personnel bandwidth-required for management | |
Very low risk of unsolicited data and compute resources irreversible deletion | By default, a data preservation strategy is adopted |
Advanced cloud accounts monitoring (costs, resources, activity, etc.) and full auditability on users' actions | |
Individual accounts budget adjustment, budget transfer between cloud accounts and budget reverse transfer to managers and admins cloud accounts | |
Masquerading to users cloud accounts for managers and admins | |
RBAC Control of users' cloud accounts for accessing cloud services, cloud regions, compute instance types, database instance types, machine learning instance types etc. | |
Sharing capabilities for cloud artifacts (machine images, storages, IAM Users) User to User, User to Group, User to Organizations | |
Default configuration for user cloud accounts including a default private network, a default region, and a default IAM user |
Cloud financial management
Cloud accounts costs daily reports at the organization and users level | |
Cloud accounts get automatically disabled when the budget is reached | Accounts can be re-enabled via a budget transfer that sets the budget above the spending |
Budgets can be enforced on cloud accounts based on RosettaHub’s real-time cost estimators | |
Cost, budget and resources real-time dashboard, cross-regions aggregated resources views | |
Custom actions on cloud accounts' budget depletion (full clean-up, data preservation, admin-defined) | |
Management framework for promotional credits | |
Maximum hourly cost on cloud accounts can be enforced | Accounts get automatically disabled when the maximum hourly cost is reached |
Multi-root accounts (multi-billing accounts) per root organization | |
Pooling (aggregation) of promotional credits | |
Real-time cost and resources monitoring, real-time billing estimate | |
Cloud accounts can be cleaned up in a few clicks | |
Cloud accounts can be disabled or quarantined by managers and admins |
Compliance and auditing
RBAC-based access to limit regions and services to compliant regions and services for each user and organization | |
Compute instances number limit can be enforced | |
Storage Size limit can be enforced on object storages, file storages, block storages and block snapshots | |
Spot Usage can be restricted | |
Spot Management and safeguarding | |
Email notifications to individual users and admins for warnings and critical events | |
Cloud accounts get automatically disabled if keys get compromised or in case of an abuse | |
Automatic handling of abuse reports on all accounts | Users and their managers are automatically notified, access keys are automatically reset |
Immediate reset of any compromised access keys signaled by cloud provider | |
Regular reset of cloud access keys on all cloud accounts | |
Auto-stop idle compute instances | The idle timeout can be customized |
Auditing of all users actions | |
Auditing of all cloud accounts actions |