4 Fundamental Concepts for Enforcing Cloud Cost Management

Complete FinOps Guide
Chapter 4.1 Primer: Cloud Cost Control Enforcement

We have created the complete guide to FinOps to help FinOps practitioners achieve efficient cloud spending. After reading the guide, FinOps professionals will understand how to have a predictable monthly cloud bill for every cost center, avoid wasting money on underutilized resources, and ensure that discounted rates are applied wherever possible. We have organized the guide into chapters covering four key concepts (organize, optimize, save, and enforce), with each chapter containing four articles. Here’s a brief overview of each chapter:

Organize
Producing a cloud bill organized by cost center requires the steps introduced in the first chapter, such as tagging and separating AWS accounts.
Optimize
Avoiding wasteful spending requires the resource optimization best practices recommended in the second chapter.
Save
In the third chapter, we introduce various discounting options available for different workload types.
Enforce
The fourth and final chapter focuses on the enforcement required to achieve saving results.

This primer article of our last chapter (Enforce) introduces four key concepts behind enforcing cloud cost management and explains their relevance. In the next article of this chapter, we prescribe enforcement best practices, and in two drill-down articles, we present the relevant AWS tools designed to enforce budgets.

Here are the four fundamental enforcement concepts presented in this article:

  1. Measuring and allocating costs
  2. Budgeting
  3. Engaging stakeholders
  4. Implementing systems of accountability
Key concepts behind enforcing cloud savings initiatives
Key concepts behind enforcing cloud savings initiatives

1. Enforcement requires granular cloud cost allocation.

Whether separated explicitly or implicitly, every large enterprise divides into cost centers. A cost center may be a business unit (e-commerce vs. retail stores), a product offering (ERP vs. CRM software), a region (Europe vs. North America), or even an application (online banking vs. stock trading). It would be too expensive for every cost center to maintain a dedicated application hosting infrastructure, so business units typically share at least parts of their infrastructure (e.g., backbone network routers, firewalls, and DNS servers). It’s also typical for each cost center to have dedicated and specialized infrastructure resource requirements (e.g., specialized low-latency database, mobile application).

An engineer within a cost center must know when to stop provisioning additional cloud resources to stay within a monthly spending target or request additional funding to meet the increasing business requirements. This management task is impossible without allocating the spending to each cost center.

What adds to this cost allocation challenge is that cost centers require itemized reports. For example, engineers must know how much they can spend each month on storage (Elastic Block Storage), networking, database services (Relational Database Service), caching (ElastiCache), or load balancing (Elastic Load Balancing or ELB). Whether calculated by each cost center or provided by a centralized FinOps team, engineers must know how much they have spent month-to-date on each service and how much more they can spend before reaching their monthly usage limit.

The diagram below shows a cloud bill allocated to two business units by line item.

Allocating the total cloud bill to each business unit by service line item
Allocating the total cloud bill to each business unit by service line item

2. Enforcement requires cloud cost budgeting.

Predictable spending is synonymous with budgeting. With over one hundred types of cloud services offered by AWS alone and hundreds of thousands of possible configurations for just an EC2 instance (virtual machine), a large team of cloud engineers can’t possibly know the consequences of their provisioning action without being presented with a granular monthly budget.

Budgeting by service line item is a challenge for enterprises. It requires a detailed historical cost allocation report grouped by service line item (as discussed in the previous section) and a reporting platform that presents forecasted budgets in time to cloud engineers to observe.

The financial managers in charge of each cost center decide the amount of increase or decrease required to meet the company’s financial expectations and apply it to each line item as simplified and illustrated in the table below.

Summary of AWS Budgets and AWS Cost Explorer
Cost Center Service Line Items Historical Period Permitted Growth Next Period Budget
Elastic Block Storage $100 10% $110
Data Transfer $20 10% $22
Relational Database Service $200 10% $220
ElastiCache $10 10% $11
Elastic Load Balancer $40 10% $44
Total $370 10% $407

The second obstacle to successful enforcement is creating a budgeting system capable of presenting line-item budgets to cloud engineers on time.

3. Enforcement requires all cloud cost stakeholders to engage.

You can only control cloud spending at the source where the provisioning takes place. Infrastructure engineers make daily decisions to start, stop or terminate services that drive the monthly cloud bill. The engineers are spread across multiple cost centers throughout the enterprise organization with different management reporting lines.

The executives in charge of the cost centers play an essential role in this process. First, they must consult the FinOps practitioners to arrive at an infrastructure spending level appropriate for their monthly profit and loss goals. Second, they must deliver a directive to the engineers working within their respective organizations to comply with budgeting.

The diagram below shows a simplified organization chart for two cost centers and a centralized corporate function of IT, procurement, and finance. This subset of organizational functions represents the minimum number of teams that a FinOps practitioner must engage in controlling cloud spending across a large enterprise.

FinOps org charg showing two cost centers and corporate IT
FinOps org charg showing two cost centers and corporate IT

In our experience, the most significant practical enforcement challenge within a FinOps practice lies in corralling the busy stakeholders across multiple cost centers to collaborate.

4. Cloud cost enforcement can’t happen without accountability.

Chargeback is the most effective approach for controlling expenses (such as the public cloud costs) within a large enterprise with multiple cost centers. Chargebacks hold general managers accountable for their spending. However, implementing the financial systems and processes to support chargebacks is a challenging undertaking.

To understand what a chargeback is, let’s consider an extreme case as an example. Suppose the company’s IT department competed with other outside managed service providers (MSP) to offer the best infrastructure service at the lowest price. Under this model, it would “charge” each business unit for its services. The charges for these internal services are chargebacks. It’s worth noting that many departments (such as human resources or legal services) don’t make top-line revenue contributions. Therefore, they must chargeback their services to the revenue-generating product lines that they support.

Producing a profit and loss (P&L) financial statement requires tracking revenue against which to allocate a share of the company’s expenses. For example, a company with a chain of retail stores and an e-commerce application with clearly separated sales could produce one P&L statement for the physical stores and a separate P&L statement for the online application.

The diagram below shows a simplified view of corporate revenues and expenses flows between two business units. As shown by the arrows, the revenues from each business unit contribute to the overall corporate revenues. On the other hand, the company’s centralized departments such as HR, legal, and IT (which may include a large portion of the cloud spending) are “charged back” to each business unit according to a measure such as an employee count or revenues.

Charging the corporate expenses back to each business unit’s P&L
Charging the corporate expenses back to each business unit’s P&L

A chargeback system is the ultimate implementation of enforcement within a company to achieve FinOps control. However, given its scope, it requires the company’s CEO and CFO to deem it a priority and invest the necessary resources.

Conclusion

The main concepts behind enforcing efficient cloud infrastructure within a large enterprise are:

  1. Allocating costs by service line to each cost center
  2. Establishing budgets by line item
  3. Engaging all stakeholders
  4. Implementing the financial instrument of chargebacks

In the next chapter of this guide, we explore the best practices for implementing successful enforcement mechanisms.

Continue Reading this Series