<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1110556&amp;fmt=gif">
Skip to content
    February 24, 2023

    18 Best Practices for Cloud Automation

    Everyone is shifting their workloads to the cloud, but one challenge remains: Workloads need to be automated. Whether they’re employing a cloud-native, cloud server, or hybrid model—IT operations teams need to know what, when, and now also where to automate. Speaking at the recent 2022 Automation Virtual Summit, Dave Kellermanns, Global Advisor for Automation, Broadcom Software explored some lessons learned and best practices for cloud automation. Read on to see some of the highlights.

    Define Your Use Case for Cloud

    #1. Do you want to automate the cloud infrastructure, the workload in the cloud, or a combination of both? Each cloud and data center has different ways to automate.

    #2. You also need to decide whether to use one cloud provider or many. Staying with one makes life easier (the standardization story), but if costs rise or the service level degrades, you are locked into that provider.

    #3. What elements will be SaaS? SaaS means you won’t have access to the servers, although most SaaS providers feature extended APIs to support automation.

    Consider the Connection Strategy

    #4. How do you get to the cloud? Is it a bi-directional connection—in other words are you executing from a data center into the cloud? Or is it cloud-to-cloud? This helps you decide what firewalls or tunnels you’ll need to “request” work from other applications.

    #5. Consider how you will monitor your network experience. Where are the potential latency issues and what should you do if they occur?

    Think About your Execution Strategy

    #6. Consider an abstraction layer to avoid lock-in. If your cloud provider is likely to change, we recommended that you separate the automation of the cloud infrastructure from the automation of the cloud workload. This way, you can switch cloud providers more easily.

    #7. Where will your code execute? Do you want to do SDK or API calls from your data center or within the cloud? It’s good practice to set up a server with a lot of memory to run “utility agents” such as REST or SOAP.

    Think About Visibility

    #8. Some cloud providers dictate maintenance windows for their applications. You need to automate around these windows and decide what can be skipped, what can be scheduled around these windows, and what needs to be negotiated.

    #9. Individual cloud SDKs and APIs only provide visibility into a slice of the business flow. This gets complicated when you’re relying on multiple cloud providers, SaaS applications, and on-premises applications. Our advice is to invest in an orchestration layer that offers end-to-end visualization, from on-premises and SaaS applications to the cloud.

    #10. If you only see individual slices of the business flow, how can you manage SLAs? The orchestration layer can help you here. It sees the complete picture and can manage run-times and SLAs—informing you what’s on your critical path and when SLAs are likely to be affected.

    #11. If you use multiple cloud providers, each will alert you differently when problems occur. That adds complexity, risk, and potentially cost. You can add a SaaS solution like ServiceNow to harmonize the data. Or you can use your orchestration layer to receive individual alerts and then open, monitor, and close standardized tickets.

    Security Matters

    #12. How much needs to be exposed to the outside? A general rule is to minimize connections to the outside, thereby reducing the attack surface. You can also use encryption to secure communication.

    #13. Automating from a central location minimizes the need for connections. Users can orchestrate, automate, and monitor from one location or a single jump server in the cloud.

    #14. Never use the default ports. A little more configuration effort in the short run pays off when hackers are looking for the “usual” ports.

    #15. Manage your access rights. If you rely on SaaS, plan where you will trigger that automation from. Everything for a SaaS solution approach should be installed where you have access, either a cloud server or on-premises, so you can troubleshoot issues.

    Control Costs

    #16. Do you need every server up 24x7 or can you orchestrate your cloud to start/stop servers as required, reducing cost?

    #17. Automate the backups for your cloud servers and applications.

    Cloud Versus Containerization

    #18. When executing workloads in containers, you can either use the container control and features like load balancing or you can try to package an agent into the container. In general, an agent within a container does not offer significant benefits, unless it’s designed mostly for file movement or file watching  and then moves the file before the container shuts down.

     

    Want to learn more? You can catch all the presentations from the 2022 Automation Virtual Summit.

    Tony Beeston

    Tony is a 30-year veteran that started in IT Operations working for financial services and telecommunications companies in the UK. He has spent the last 20 years specializing in delivering modern automation to businesses globally. Starting as a consultant designing and delivering automation policies to companies...

    Other resources you might be interested in

    icon
    Course September 17, 2025

    DX NetOps: Harness Syslog for Operational Visibility

    Learn how to configure DX NetOps for robust syslog ingestion, gaining comprehensive operational visibility by displaying all external syslog messages directly within DX NetOps Portal.

    icon
    Office Hours September 17, 2025

    Rally Office Hours: September 4, 2025

    In the latest edition of Rally office hours, learn how to view filter substitutions and then follow the weekly Q&A session with Rally product experts.

    icon
    Office Hours September 17, 2025

    Rally Office Hours: September 11, 2025

    Hear about recruiting MCP Server early adopters and ancestor filtering in Rally's Custom Lists, then follow the weekly Q&A session with Rally product experts.

    icon
    Blog September 16, 2025

    Powering RAG Pipelines With Automic Automation

    See how Automic Automation optimally equips you for the AI revolution, combining proven enterprise capabilities with the potential of generative AI.

    icon
    Blog September 16, 2025

    Unlock Real-Time AWS Observability With Streaming Ingestion in DX Operational Observability

    With streaming ingestion capabilities, DX Operational Observability offers visibility into your AWS telemetry, enhancing insights and incident response.

    icon
    Blog September 16, 2025

    Observability and IT Monitoring Governance: Establishing Order (Part 3 of 4)

    Find out how DX Unified Infrastructure Management (DX UIM) supports monitoring governance, enabling teams to manage configurations and track alarm policies.

    icon
    Blog September 16, 2025

    Observability and IT Monitoring Governance (Part 4 of 4)

    This post shows how baselines, KPIs, and thresholds are essential for monitoring governance. See how IT can shift from reactive to proactive IT management.

    icon
    Blog September 12, 2025

    What's Really Happening in Your Branch Office Network?

    Fragmented monitoring tools create critical visibility gaps in branch networks. Find out why you need network observability to pinpoint the cause of issues.

    icon
    Office Hours September 12, 2025

    Rally Office Hours: August 28, 2025

    Learn about the general availability of the AI writing assistant in Rally, then follow the weekly Q&A session with Rally product experts.