Lift and Shift Governance

Edition #10: Lift and Shift Governance

"We've automated our infrastructure deployments with Terraform and CI/CD, but changes still require a CAB meeting with two weeks notice."

A platform team was being strangled by datacenter-era governance on their cloud deployment. Auto-scaling was disabled because capacity changes needed approval. Immutable infrastructure was blocked because "servers should be patched, not replaced." Continuous deployment hit a wall at the quarterly maintenance window process.

Teams adopt IaC, CI/CD, and cloud-native patterns, but governance stays manual with approval boards, change windows, and ticket-based processes. This creates a fundamental mismatch - software-defined infrastructure constrained by human-defined operations.

This is Lift and Shift Governance - when organizations automate their cloud infrastructure but govern it with manual, approval-heavy processes from on-premise operations. You can't have infrastructure as code with operations by committee.

Cloud requires governance to match its automation capabilities through the Standards Practice from the 5 Practices of Cloud Governance:

→ Automate what was manual - replace approval workflows with preventive controls and automated checks → Enable through guardrails - set boundaries that teams operate within confidently, not gates they wait at → Design for velocity - write standards that assume continuous change, not quarterly maintenance windows → Make compliance continuous - shift from periodic audits to real-time validation → Match cloud capabilities - embrace immutability, auto-scaling, and rapid deployment in your governance model

Cloud infrastructure needs Cloud Governance - automated and continuous, not manual and gated.

- Keep on Herding, Bob

What's Happening in Cloud Governance 📡

How to Herd Clouds and Influence People - No. 1 New Release on Amazon: Excited to share How to Herd Clouds and Influence People just hit No. 1 New Release in the Cloud Computing category on Amazon. The book focuses on the human side of governance - building trust across silos, influencing without authority, and keeping momentum when priorities shift. Many readers have recognized their own experiences in Gary's journey as a cloud architect navigating organizational dynamics. Available in paperback and Kindle, and the free web version remains in the governance library.

FinOpsWeekly's 2025 Summit and Recent Sessions: FinOpsWeekly's YouTube channel features their recent 2-day summit recordings plus ongoing content covering emerging topics like AI cost management, Kubernetes cost optimization, cloud migration economics, and FinOps 2.0.

Guardrails Not Gatekeepers: Unlock Autonomy by Sanjay Gidwani: This practitioner perspective perfectly captures the shift from manual approval gates to automated boundaries. Gidwani argues that governance should enable autonomy through clear constraints teams can operate within confidently, rather than requiring teams to wait at checkpoints for permission. The guardrails approach allows teams to move fast while staying safe - exactly what cloud-native governance should deliver.

Everything is Better as Code: Using FinOps to Manage Cloud Costs by McKinsey: McKinsey's research identifies $120B in potential value from automating FinOps best practices directly into engineering workflows, addressing the 28% cloud waste most organizations experience. Their "FinOps as Code" concept extends beyond cost to the broader principle: governance works best when automated into systems rather than enforced through manual processes. When best practices become code, compliance becomes continuous and scalable.

Get Involved 👋

Join the conversation on LinkedIn about this newsletter edition.