In this Expert View article, our expert Andrew Thompson discusses the use of automated “FinOps policies” to improve efficiency and cost control in large organisations’ cloud environments. These policies serve as financial guardrails, aligning cloud usage with financial objectives and promoting cost savings while empowering application teams to make informed decisions. The article highlights the benefits, considerations, and common mistakes associated with implementing such policies.
In large organisations, where cloud environments constantly evolve, cost-efficiency can be challenging. Automated FinOps policies provide financial guardrails, enforcing minimum standards to drive cloud efficiency. By centralising these efforts, organisations achieve consistency, improve cost savings, and boost overall cloud efficiency without hampering development speed. This approach not only reduces costs but also supports environmental sustainability.
FinOps policies work like security policies but focus on financial control. They create a framework to manage cloud costs by setting minimum standards for cloud efficiency. Whether managed by the FinOps team or the platform team, these policies ensure cloud usage aligns with organisational financial goals.
Automated FinOps policies reduce waste, improve application infrastructure, and increase cost efficiency. Beyond rule enforcement, effective FinOps policies foster cost awareness among application teams. By establishing clear cloud efficiency standards, FinOps teams empower teams to make cost-saving decisions, optimise resources, and support budget control. These efforts also demonstrate FinOps’ impact, gaining support across the organisation.
Policy Examples:
The problems these types of policies address cannot be targeted via ‘shifting-left’ and running analysis of the infrastructure when it is initially deployed. FinOps policies like these are designed to monitor the active cloud environment.
Boost efficiency with automated FinOps policies
In large organisations, where cloud environments constantly evolve, cost-efficiency can be challenging. Automated FinOps policies provide financial guardrails, enforcing minimum standards to drive cloud efficiency. By centralising these efforts, organisations achieve consistency, improve cost savings, and boost overall cloud efficiency without hampering development speed. This approach not only reduces costs but also supports environmental sustainability.
FinOps policies work like security policies but focus on financial control. They create a framework to manage cloud costs by setting minimum standards for cloud efficiency. Whether managed by the FinOps team or the platform team, these policies ensure cloud usage aligns with organisational financial goals.
Benefits of automated FinOps policies
- Lean and Efficient Non-Production Environments: Automated policies ensure non-production environments follow best practices, reducing waste and inefficiencies. These guardrails support lean and optimised cloud resource usage, boosting cost-effectiveness.
- Minimal Disruption to Development Teams: FinOps controls aim to minimise risks without hindering development work. By automating essential standards, these policies provide a sustainable approach to maintaining cloud efficiency without impacting team productivity.
- Cost Reduction and Environmental Sustainability: FinOps policies help organisations reduce cloud expenses by minimising waste. This cost optimisation not only benefits financial performance but also supports environmental sustainability by lowering CO2 emissions.
The importance of automated FinOps policies for cloud optimisation
When designing and implementing automated policies, it is crucial to not only decide which policies to create but also to consider the capabilities of the framework that will run these policies. Equally important is the collaborative effort with application teams throughout the development of these capabilities. Overlooking the non-functional aspects can result in the policies failing to achieve the intended impact.
Considerations for the policy framework
When designing the framework to implement automated FinOps policies, consider several key factors to ensure sustainability and effectiveness. The framework must handle enterprise-level cloud complexities, deliver value to application teams, and support observability. Overlooking these can lead to weak cost-reduction policies that miss expected savings.
Collaborate early with application teams in the framework’s creation to allow them input on its operation. Since application teams are both the framework’s customers and software engineers, they may circumvent a framework that fails to meet their needs—prioritising their ability to deliver new features.
Different policy frameworks offer flexibility: choose from third-party vendors, in-house platforms like AWS Lambda-based frameworks, or open-source tools like Cloud Custodian, featured on TechRadar by Devoteam.
When deciding which pattern to use there are 2 key aspects to consider as a first step:
- “Does my organisation already have systems in place that offer automated policy techniques?”
- For example, automated policy frameworks may already be in place for security or internal compliance projects, or your organisation may already pay for a 3rd party vendor tool that has this capability.
- Leveraging existing frameworks will help speed up the Proof of Concept work and provide feedback on the value of your FinOps policies quickly
- “Will my organisation support and allocate resources for an internal policy framework project?”
- While an open-source solution may seem suitable for your needs, it’s important to recognise that a policy engine is an application like any other. Even if the engine is open source, integrating the technology successfully will still require a significant amount of technical work.
If you already have an automated policy framework in place, consider whether the framework can answer the following questions. If it cannot, this is a sign that your framework may not be meeting expectations:
- Are all the policies functioning correctly?
- How much value is each policy providing us?
- How many resources have been opted out, or have not been opted-in, and which teams or business units do these resources relate to?
Many automated policy systems, out of the box, do not deliver this functionality, so it may need to be built into the system.
If an automated policy system lacks these capabilities, senior stakeholders may question the effectiveness of FinOps policies.
The most effective way to understand all the features necessary for the FinOps policy framework is to have a dialogue with the application and business teams to discuss the requirements. Here are some examples of key topics that should be considered:
Addressing the elephant in the room – passive vs active policies
In organisations with strong DevOps cultures, passive policies that provide data to application teams may be more appropriate to avoid disrupting team autonomy. However, in cases where cost control is critical, organisations might choose active policies to enforce compliance more assertively. Starting with passive policies allows teams to gather data and make informed decisions about activating stricter controls.
What policies should be created?
To develop effective FinOps policies, it is crucial to base your decisions on real data. By analysing detailed billing reports, you can identify the resource types that contribute the most to your spend and usage. These areas should be the primary targets for automated policies. For instance, in some organisations, ‘EC2’ and ‘RDS’ may dominate the cost and usage charts, while in others, it could be ‘Lambda’ and ‘Dynamo DB’, or other types of services.
The next step is to perform an analysis – hypothesise a policy and use the data to understand how much waste reduction could occur.
Let’s consider a simple hypothesis:
“Removing unused AWS EC2 instances from the Development environment will result in significant cost savings.”
Begin by examining the daily cost of the resources that you expect to impact, accounting for any applicable discounts
- If the estimated cost savings appear substantial, delve deeper into the specific types of resources that will be affected. Remember that ‘EC2’ encompasses various aspects such as CI/CD systems running on EC2 instances, Auto Scaling Groups, EKS cluster worker nodes, and many more. Focus on the specific areas where you want the policy to be enforced and ensure you measure the potential cost savings within that dedicated area.
- If you find the estimated cost savings do not appear substantial, move on and look for other, more effective, policies to create.
Adopting a data-driven approach is essential. Without this approach there is a risk of creating policies that may seem promising on paper but fail to have any material effect on your Cloud usage.
Common mistakes to watch out for:
Common mistakes businesses make when implementing automated policy frameworks fall into 2 categories:
Poor Communication with Engineering Teams
- Without building strong relationships with application teams from the beginning, the central policy team risks working in isolation. This can lead to the creation of centrally deployed policies that terminate resources without informing resource owners.
- Initially, the central team might feel successful due to cost savings, but without engineering team support, the project will likely fail. Engineering teams may quickly work to disable the policies to avoid further disruption.
Failure to Agree on Metrics for Success
- Establishing clear success metrics upfront is essential. The automation team needs to secure detailed agreement on how project success will be measured.
- If this is postponed until presenting results for further funding, stakeholders may highlight discrepancies. They may note that the metrics don’t align with actual monetary savings or point out instances where resources covered by reserved agreements were deactivated, resulting in no real impact on the cloud bill.
FinOps policies: boosting cloud efficiency
In large enterprises, a FinOps policy framework that is both opinionated and flexible strikes the right balance between cost control and productivity. The financial risks of unchecked cloud spending demand more than data visualisation; establishing guardrails helps mitigate these risks, allowing organisations to capitalise on the cloud’s advantages while maintaining financial responsibility. Collaborating with application teams also strengthens connections between finance and engineering, fostering a unified approach to cloud cost optimisation.
Scaling FinOps?
Our experts can help you optimize cloud costs with Policy-as-Code.