The Shadow Path
When teams use approved services and platforms but take unofficial shortcuts around governance processes that feel like obstacles.
Edition #6: The Shadow Path
"Why are teams still deploying directly to production when we built them a proper CI/CD pipeline? And how did that temporary development environment end up handling customer traffic for eight months?"
A cloud team discovered their Cloud Governance processes were being systematically bypassed. Teams were pushing emergency fixes straight to production to avoid the deployment approval workflow. Temporary environments created for quick testing had evolved into critical business systems. Teams were spinning up additional cloud accounts to avoid the resource approval process.
This is The Shadow Path - when teams use approved services and platforms but take unofficial shortcuts around the governance processes, finding ways around guardrails that feel like obstacles rather than enablers.
Teams don't bypass processes to be rebellious. They create workarounds when official governance becomes an obstacle instead of an enabler. When approval workflows take weeks, deployment pipelines are unreliable, or resource requests get lost in bureaucracy, teams find faster alternatives.
Shadow Paths emerge when governance becomes bureaucracy, delays, and confusion instead of the benefits it promises of empowerment, speed, and clarity.
Preventing Shadow Paths requires governance that actually delivers the 10 Benefits of Cloud Governance:
Empowered and Accountable Teams - clear rules and helpful tools that make teams confident to act within guardrails
Faster, Safer Innovation - preventive controls and secure templates that let teams ship without waiting for approval
Clarity in a Constantly Changing Environment - teams know what exists, who owns it, and how it's configured
A Platform for Organizational Change - structured standards and rollout strategies that make change safe and scalable
Consistent Standards Across Teams - shared frameworks that ensure predictable outcomes without confusion
When governance enables instead of restricts, teams choose the official path because it's actually better than the workaround.
- Keep on Herding, Bob
PARTNER SPOTLIGHT
Turbot: Complete Cloud Governance
Transform visibility into action with automated policy enforcement and remediation at enterprise scale.
What's Happening in Cloud Governance 📡
It's not R&D if you're running it like production: Nicolas Chaillan highlights how federal agencies label production systems as "R&D" to bypass procurement and governance requirements. The Air Force's NIPRGPT chatbot cost five times more than commercial alternatives while delivering fewer features - demonstrating the risks when governance processes become obstacles rather than enablers.
Cloud Governance in the Age of AI: Kyle Campos explains why traditional governance models fail with AI workloads that are dynamic, decentralized, and expensive. Key insight: "When governance is built around delays, gatekeeping, or reactive controls, teams choose speed every time" - highlighting the need for governance that enables rather than restricts.
The re:CloudFinOps Blog: Oliver Assad and Samuel Nord's practical FinOps insights tackle real implementation challenges. Their approach of "prevent costs, don't just optimize them" emphasizes proactive governance over reactive fixes. Best practices based on actual experience rather than theoretical frameworks.
Asset lakes emergence in security and IT: Cole Grolmus observes enterprises building custom analytics layers because existing asset inventories can't answer nuanced questions that combine asset data with other metadata. Highlights the "Know Your Cloud" challenge - comprehensive visibility that enables action, not just reporting.
Get Involved 👋
Join the conversation on LinkedIn about this newsletter edition.