<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1110556&amp;fmt=gif">
Skip to content
    February 24, 2023

    18 Best Practices for Cloud Automation

    Everyone is shifting their workloads to the cloud, but one challenge remains: Workloads need to be automated. Whether they’re employing a cloud-native, cloud server, or hybrid model—IT operations teams need to know what, when, and now also where to automate. Speaking at the recent 2022 Automation Virtual Summit, Dave Kellermanns, Global Advisor for Automation, Broadcom Software explored some lessons learned and best practices for cloud automation. Read on to see some of the highlights.

    Define Your Use Case for Cloud

    #1. Do you want to automate the cloud infrastructure, the workload in the cloud, or a combination of both? Each cloud and data center has different ways to automate.

    #2. You also need to decide whether to use one cloud provider or many. Staying with one makes life easier (the standardization story), but if costs rise or the service level degrades, you are locked into that provider.

    #3. What elements will be SaaS? SaaS means you won’t have access to the servers, although most SaaS providers feature extended APIs to support automation.

    Consider the Connection Strategy

    #4. How do you get to the cloud? Is it a bi-directional connection—in other words are you executing from a data center into the cloud? Or is it cloud-to-cloud? This helps you decide what firewalls or tunnels you’ll need to “request” work from other applications.

    #5. Consider how you will monitor your network experience. Where are the potential latency issues and what should you do if they occur?

    Think About your Execution Strategy

    #6. Consider an abstraction layer to avoid lock-in. If your cloud provider is likely to change, we recommended that you separate the automation of the cloud infrastructure from the automation of the cloud workload. This way, you can switch cloud providers more easily.

    #7. Where will your code execute? Do you want to do SDK or API calls from your data center or within the cloud? It’s good practice to set up a server with a lot of memory to run “utility agents” such as REST or SOAP.

    Think About Visibility

    #8. Some cloud providers dictate maintenance windows for their applications. You need to automate around these windows and decide what can be skipped, what can be scheduled around these windows, and what needs to be negotiated.

    #9. Individual cloud SDKs and APIs only provide visibility into a slice of the business flow. This gets complicated when you’re relying on multiple cloud providers, SaaS applications, and on-premises applications. Our advice is to invest in an orchestration layer that offers end-to-end visualization, from on-premises and SaaS applications to the cloud.

    #10. If you only see individual slices of the business flow, how can you manage SLAs? The orchestration layer can help you here. It sees the complete picture and can manage run-times and SLAs—informing you what’s on your critical path and when SLAs are likely to be affected.

    #11. If you use multiple cloud providers, each will alert you differently when problems occur. That adds complexity, risk, and potentially cost. You can add a SaaS solution like ServiceNow to harmonize the data. Or you can use your orchestration layer to receive individual alerts and then open, monitor, and close standardized tickets.

    Security Matters

    #12. How much needs to be exposed to the outside? A general rule is to minimize connections to the outside, thereby reducing the attack surface. You can also use encryption to secure communication.

    #13. Automating from a central location minimizes the need for connections. Users can orchestrate, automate, and monitor from one location or a single jump server in the cloud.

    #14. Never use the default ports. A little more configuration effort in the short run pays off when hackers are looking for the “usual” ports.

    #15. Manage your access rights. If you rely on SaaS, plan where you will trigger that automation from. Everything for a SaaS solution approach should be installed where you have access, either a cloud server or on-premises, so you can troubleshoot issues.

    Control Costs

    #16. Do you need every server up 24x7 or can you orchestrate your cloud to start/stop servers as required, reducing cost?

    #17. Automate the backups for your cloud servers and applications.

    Cloud Versus Containerization

    #18. When executing workloads in containers, you can either use the container control and features like load balancing or you can try to package an agent into the container. In general, an agent within a container does not offer significant benefits, unless it’s designed mostly for file movement or file watching  and then moves the file before the container shuts down.

     

    Want to learn more? You can catch all the presentations from the 2022 Automation Virtual Summit.

    Tony Beeston

    Tony is a 30-year veteran that started in IT Operations working for financial services and telecommunications companies in the UK. He has spent the last 20 years specializing in delivering modern automation to businesses globally. Starting as a consultant designing and delivering automation policies to companies...

    Other resources you might be interested in

    icon
    Blog July 14, 2026

    Controlling Flow Telemetry Overhead in Distributed Environments

    See how the latest updates to NetOps Flow reduce telemetry overhead and optimize WAN usage. Simplify data extraction and integration with the OData 4 API.

    icon
    Product Education July 10, 2026

    Automic Integration Brochure

    This brochure serves as your guide to the diverse tools, platforms, and systems that can connect seamlessly with Automic.

    icon
    Course July 10, 2026

    Clarity: Configure Reporting Data Sources Using Data Providers

    This course explains the data foundation that supports Reporting in Clarity. Learn how Data Providers prepare, organize, secure, and validate reporting data.

    icon
    Office Hours July 9, 2026

    Rally Office Hours: July 9, 2026

    This session covers the general availability of milestone delivery confidence, troubleshooting for custom views and admin functions, and upcoming webinars.

    icon
    Solution and Capabilities Briefs July 6, 2026

    Network Observability NCM

    See how Network Observability NCM delivers network configuration management capabilities that automate remediation, ensure compliance, and mitigate risk.

    icon
    Office Hours July 2, 2026

    Rally Office Hours: July 2, 2026

    Explore the July 2, 2026, Rally Office Hours session covering OAuth security updates, the new portfolio item flow states beta, and upcoming event news.

    icon
    Blog June 29, 2026

    Unleashing Enterprise Agility: The Power of Portfolio Kanban Flow States

    Learn how Rally's Customizable Portfolio Item Flow States (PIFS) balance team autonomy with executive visibility to accelerate enterprise value delivery.

    icon
    Blog June 25, 2026

    Chart Your Team’s Analytics Journey with Customizable Dashboards in DX NetOps

    DX NetOps now features customizable dashboards, providing standards-based flexibility and an easy way for new and existing users to add custom dashboards.

    icon
    Blog June 25, 2026

    What’s New in Network Observability for Summer 2026

    Find out about the updates coming to Network Observability by Broadcom. See how you can reduce alert fatigue, automate compliance, and simplify management.