Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Articles Building a Self-Service Cloud Services Brokerage at Scale

Building a Self-Service Cloud Services Brokerage at Scale

Key Takeaways

  • Building a self-service cloud brokerage offers some powerful options for large enterprises to provision and manage cloud services for their internal project teams
  • Planning for a cloud brokerage takes a cross-functional team with customer participation to ensure the brokerage meets  customer requirements at rollout time
  • Standard technologies behind a cloud services brokerage include a cloud management platform (CMP) or service management platform; financial operations solution to monitor cloud spending; and cybersecurity solutions to govern user access and cloud security
  • Building a cloud brokerage is an ambitious project for even large cloud-first enterprises so outsourcing the project to a systems integrator or professional services firm is the best choice

As workforces move to more remote models, the case for a cloud brokerage becomes increasingly apparent for large enterprises to improve their overall cloud management and operations.

An obvious tool is a self-service cloud brokerage where authorized enterprise users can select and provision cloud services to support their software development and infrastructure projects using an internal cloud portal. Establishing a brokerage for your enterprise can help save internal departments' time by researching services from different cloud service providers (CSPs) and supplying your users' cloud services to help them achieve their business goals.

Typically, a cloud brokerage also frees up your service desk from handling calls to provision cloud services for internal customers. Your authorized users get access to an online portal and service catalog that automates many of the service desk functions behind going live with cloud services.

Planning for a Cloud Brokerage and forming the Brokerage Team

Planning a cloud brokerage for your enterprise starts with working with your internal customers to understand their business processes, provisioning requirements, cloud budget, and data management requirements.

Self-service cloud brokerage can be a misnomer in some ways. There still needs to be a team behind the cloud brokerage to support its operations. Your current cloud team or teams in inside your enterprise may cover many if not all of these roles:

  • Program/project manager to keep the project on track and within the budget. This manager could also support business operations tasks such as managing relationships with your CSPs.
  • Solution architect(s) that sit at the edge of the business and cloud technologies to help your business units define their cloud services requirements. Hence, the right solutions are available from your brokerage.
  • Business analyst(s) or technical writer(s) who can work with your internal customers to document their business processes "as is" and future state
  • Cloud engineer(s) to tackle the more complex technical configurations that might be out of traditional solution architect skillsets
  • Customer outreach/Communications specialist that communicates to your user communities any notable updates to the cloud brokerage 
  • Cloud economist – a hard to find skillset – who can help set up the internal controls, tools, and cloud budgets to support your internal customers' cloud services during a given budgetary period. The cloud economist should also play a significant role in developing your brokerage's service catalog.
  • Executive sponsorship is critical to the success of a cloud brokerage because it disrupts how internal business units obtain and consume cloud services

Exact brokerage team headcount numbers can vary on the size and scope of your project. In the case of the cloud economist and the technical writers, a cloud brokerage may not require their services full-time once the brokerage is live and serving customers.

Your solution architects, business analysts, and customer outreach need to work with stakeholders from your business units to research their cloud requirements. Those findings should help form a cloud service catalog.

Creating the Processes behind the Brokerage

A self-service cloud brokerage is a process-driven operation.  If your organization abides by Information Technology Service Management (ITSM), then that's where you'll find the processes to govern brokerage operations. However, cloud management – in the form of a self-service brokerage – may still require you to put renewed attention on processes, especially onboarding, acquisitions/procurement, and cloud security.

Writing the Cloud Brokerage Service Catalog

The service catalog you create for your brokerage must be able to stand alone, so clear definitions of services, including what you get and don't get, is a must. Don't hesitate to spend the time upfront to have your solution architects, cloud economists, and technical writers work together on draft service catalog entries. An important point to note is that you need a clear understanding of the cloud services you're offering your internal customers through your brokerage. Offering cloud services without dependent services is no help to your users. Depending on how your organization structures budgets, your users can be left without a much-needed service until the next budget cycle.

You should create your service catalog in a tiered or hierarchical format that maps the dependencies of the cloud services in the catalog to each other. Your solution architects should know (or research) the dependencies based on their cloud domain knowledge, solutions background, and customer interviews.

A well-crafted service catalog entry includes the following elements:

  • Short name of the catalog entry
  • A short narrative describing what the service provides.
  • Billable unit which is typically a fixed unit price
  • Billable time, which is typically one-time hourly, monthly, or annual fees
  • Service catalog prerequisites listing catalog items the customers must buy with this catalog entry
  • Related service catalog entries listing service catalog items in a similar category and available for purchase
  • Customer responsibilities such as specific customer tasks or items they must supply to support the service level
  • Services supplied documenting the specific tasks the service provider delivers, including one-time and recurring tasks as appropriate

Other common elements of a service catalog entry include a Service Level Agreement (SLA), which describes the service provider's metrics. In the case of an internal portal, your internal team is the provider. It's possible to have separate SLAs for various components of a service. For example, cloud brokerage availability may have an SLA for 100% availability. However, the actual items a customer provides through the portal, such as virtual machines, storage, and email accounts, may have 99.95% availability.

A Service Level Objective (SLO) documents the terms and conditions under which the service provider performs tasks to achieve and support SLAs. You should also consider defining SLO tiers as part of your service catalog. For example, the brokerage team will resolve severity problems in two hours or less.

Terms and conditions are typically a separate document or addendum outline other specific services and delivery criteria. For example, terms and conditions may define in which CSP region services delivery takes place. Terms can also include the discount structure as part of the billable unit and billable time.

Technologies powering a cloud brokerage

While the designs and components of a cloud brokerages vary, some standard services and solutions enterprises use to power their cloud brokerages include:

Cloud Management Platform

There's a proliferation of cloud management platforms (CMPs) such as and CloudBolt right now that can serve as the central core of a cloud brokerage. Neither CMP provider is sitting still. For example, CloudBolt just acquired Kumulous, a cloud cost management platform. CloudTamer includes budget controls and continuous compliance controls. You can expect that other CMP vendors will follow suit and bolster their platforms with more robust cost management and governance features

On the other end of cloud management solutions are service management platforms such as ServiceNow and Cherwell. ServiceNow brings with it an expensive professional services engagement to stand up and take the platform live. ServiceNow expertise can be hard to find (and keep) in some major metropolitan markets. However, if your organization is already standardized on ServiceNow, it's possible to power the cloud management behind your brokerage. Cherwell is a startup service management platform provider that offers a low code solution.

Cloud Spending Management & Financial Operations

Cloud spending management is still a challenge for organizations of all sizes. While you can't automate cloud economics as a practice and discipline, you can put in tools such as CloudCheckr to watch cloud spending.

Part of being a self-service brokerage is integrating cloud spend monitoring with your chosen management platform and supplying real-time and on-demand reporting about a business unit's cloud spending to your corporate accounting department, departmental management, and other stakeholders that influence the brokerage's budget.

Cybersecurity & Governance

Your brokerage has some essential cybersecurity requirements to ensure the security of your data and new cloud endpoints. You'll want your authorized users to be able to log in and authenticate to your brokerage using their current enterprise credentials, whether it's Active Directory or a Cloud Access Security Broker (CASB).

Other Services behind a Cloud Brokerage

Your cloud brokerage offerings can extend beyond those services that your CSPs offer. For example, suppose you're among the many organizations undergoing digital transformation due to COVID-19 and an already planning initiative. In that case, you can offer cloud migration and other professional services through the service catalog. The same goes for obtaining cloud training for stakeholders and business users.

The source of these other services could be through contracts your organization already has in place with third-party service providers or chargeback arrangements with other departments across your company, such as the training department.

Building the Brokerage

The concepts and architecture behind a cloud brokerage are continually evolving. In a recent cloud brokerage survey on, an online community of IT executives, 29 % of the respondents answered that they outsourced the development of their cloud brokerage to a regional systems integrator (SI) or professional services firms. More interesting, is that 56% of the respondents built and launched their brokerage using a hybrid team of their own staff and expert outside contractors.

When choosing a third-party SI or professional services firm, look for a provider with experience building brokerages for other customers like your organization. You should also investigate their strategic alliances with the CSPs and tools providers your organization requires in your brokerage. When it comes to expert outside contractors, the same rules apply. You might get lucky with finding such highly skilled contractors through contingent staffing firms – the so-called body shops – if you’re willing to go through enough resumes. However, when finding contractors for your cloud brokerage you’ll probably need to exercise your own team member’s professional networks to find the right caliber of cloud contractor.

Launching the Brokerage

Launching a self-service cloud brokerage at scale means taking a systematic business unit to business unit approach with your launch. Your cloud brokerage launch team (presumably your core brokerage team) needs to work with your organization's stakeholders to chart out a business unit level launch plan by priority. Like any other product or services launch, you will not turn on your new cloud brokerage for your entire organization. Use the initial launches as learning experiences for the team and to catch any technology issues or procedural challenges early as to work out any issues before the brokerage goes live across a large user community.

Promoting Culture Change through a Brokerage

While the cloud's culture change brings commercial and public sector enterprises is widely written about, setting up a cloud brokerage adds some new shades to cloud culture. You need to prepare your internal business units, such as your service desk and business units for a new power dynamic.

Unfortunately, it's a familiar story that business users have a contentious relationship with the corporate service desk for reasons that aren't always their fault. Long waits for the provisioning of services. Endless bureaucracy. Service desk tickets being closed without resolution. Working on a service desk can be thankless work. Taking cloud provisioning away from the service desk might give your employees cause to celebrate. It also is a political attack on your IT department's sovereignty and business relevancy in some corporate cultures.

Risks and Downsides of a Cloud Brokerage

Cloud brokerages aren’t for every enterprise. Brokerages can prevent their own set of risks, especially as you outsource management tools to third-party providers. As more third-party providers join your brokerage effort, it can present security risks as your teams move to a cloud computing model with enlarged attack surfaces due to integrating new and disparate components and APIs.

Downsides of a brokerage can vary depending on your industry and corporate culture.

While the brokerage concept makes business sense, not all your business units may fit the use case. Brokerages target technically self-sufficient business units for the most part. Less technical parts of your business are still going to want a personal touch to their cloud services. Instituting a cloud brokerage can also make your enterprise even more dependent on a small group of technology specialists. Such a dependence places your brokerage at liberty of a hot market for cloud jobs. There can also be new compliance concerns as you outsource brokerage components to new third-party services providers.

A cloud brokerage can truly democratize cloud services inside a large enterprise. However, you can't get your business users to reach the true democratization of cloud services without training. Operational level cloud certifications such as AWS Cloud Practitioner, AWS Solution Architect Associate, Google Cloud Platform Associate Engineer, Microsoft Certified Solutions Architect and need to take on a new business meaning and priority with the budget and management support behind what could prove to be a large scale effort depending on the size of your organization. Cultures that live and breathe continuous learning are ideal candidates for a cloud brokerage.

About the Author

Will Kelly is a writer focused on Cloud and DevOps. He works as a technical marketing manager for a DevSecOps startup. Prior to that, he spent his career as a technical writer. Over his career, he has worked on commercial and public sector client projects. Will’s technology articles have been published by TechTarget,, CNET TechRepublic, and other major sites. He has also developed thought leadership content for industry leaders including Cisco, IBM, and Samsung. Follow him on Twitter: @willkelly

Rate this Article