@e-gineer.com.bsky.social
Founder turbot.com. Building at github.com/turbot. Father, husband, traveler, nerd, π-lover.
When the remediation is worse than the risk π
04.08.2025 13:38 β π 0 π 0 π¬ 0 π 0GRC says, "Show me the evidence."
Cloud Governance says, "Let's fix it."
Cloud Governance is different. It's not just describing rules β it's deploying them.
Setting guardrails, enforcing policies, nudging teams, blocking risks. It's proactive. It changes the path before the train leaves the station.
Cloud Governance and GRC aren't the same thing.
GRC documents what should happen and proves what did happen. Risk registers, control libraries, audit trails β it's a lagging indicator. The business already made its choices.
The best Cloud Directors arenβt empire-builders. Theyβre influence operators. Power by presence. Clout through clarity. They earn trust across engineering, security, finance, and the exec team. And they use that trust to make change happen. Quietly, but decisively.
28.07.2025 13:38 β π 0 π 0 π¬ 0 π 0They donβt own the budget. They donβt own the teams. They donβt get to make a decision and slam the table. But they shape the agenda. Build coalitions. Keep the big wheels turning while the chaos swirls. They know where the risk is hiding and whoβs pretending itβs not.
28.07.2025 13:38 β π 0 π 0 π¬ 1 π 0The Head of Cloud isnβt really in charge. Theyβre not the President. Theyβre the Chief of Staff. No final say, no official control. But somehow, theyβre still responsible for everything running smoothly.
28.07.2025 13:38 β π 0 π 0 π¬ 1 π 0Governance is the bridge between intent and execution.
It doesnβt slow teams down, it makes sure theyβre building in the right direction.
You can have the right intentions: secure the cloud, reduce cost, move fast.
But without governance, things drift. Exceptions pile up. Good ideas go rogue.
Everyone talks about their CNAPP and FinOps.
But visibility without governance is just a wishlist.
If you're on the cloud team, you own the bill. You're expected to explain every charge. You're responsible for every $ - because itβs easier.
Until you have a system to track and allocate spend, every cost is yours.
Tags. Accounts. Metadata. Good governance is the only way out.
The best governance ideas donβt fail because theyβre flawed.
They fail because theyβre abandoned.
Focus on function, not form.
(Inspired by an early morning walk across the abandoned Memphis monorail bridge.)
LLM results depend on two things:
π§ How smart the model is
π How well you brief it
Model quality? Thatβs up to OpenAI and friends.
Context? Thatβs your job.
Want Jedi-level performance?
Be like Luke: bring the force and the facts.
π―
10.07.2025 22:05 β π 0 π 0 π¬ 0 π 0To make security move faster, shift the perspective. Talk about their data, their systems, their risk. The moment it feels personal, it becomes a priority β just like budget.
10.07.2025 13:38 β π 0 π 0 π¬ 0 π 0Blow the budget? It hits your team, your goals, your bonus. Fix it and you see the win.
Fix a security issue? Best case: nothing happens. Worst case: someone else deals with the fallout.
FinOps changes happen faster than security. Why? Incentives.
Budget is your problem and opportunity.
But, security is everyoneβs problem β which often means it's no one's.
Video source - x.com/salmagedone/...
09.07.2025 00:00 β π 0 π 0 π¬ 0 π 0Business accepts the risk. Ship it!
08.07.2025 23:59 β π 0 π 0 π¬ 1 π 0
The toughest Cloud Governance problems arenβt technical - theyβre human. Our new book How to Herd Clouds and Influence People follows Gary, a cloud architect navigating chaos, silos & shifting priorities. Feel his pain, and joy, of driving real change π
cloudgovernance.org/library/how-...
The Bear is a great show - complex, layered, challenging to watch. But, in what world is it a Comedy?!?
05.07.2025 23:13 β π 1 π 0 π¬ 1 π 0
Iβve spent 13+ years deep in the weeds of cloud governance - building, breaking, fixing, and figuring it out with some of the smartest people around. We've just launched a free site packed with lessons we learned the hard way.
Check it out! π
cloudgovernance.org
Each shared service team brings its own tools, language, and priorities. The result is too much guidance, all at once. Governance should fix that β by creating shared priorities, clearly communicating expectations, and helping teams focus on what matters most.
That's the job.
Modern app teams already carry a massive load. They build the app, run the infra, and own the uptime. Now theyβre also expected to be experts in security, networking, identity, cost β all while shipping features and staying up.
01.07.2025 16:08 β π 0 π 0 π¬ 1 π 0Security, networking, compliance, FinOps β every shared service is piling on app teams with urgent must-dos. But without clear priorities, itβs just noise.
Governance isnβt about adding more alerts. Itβs about helping teams know which ones matter β and what to do about them.
We're entering a world where familiarity to humans AND models matters. The languages that already won developer mindshare are about to become even more valuable.
28.06.2025 11:29 β π 0 π 0 π¬ 0 π 0When you query infrastructure with SQL, AI can suggest optimizations, debug errors, and write new queries from schemas. Tools with custom syntax? The AI is completely useless β no suggestions, no debugging, no help.
28.06.2025 11:29 β π 0 π 0 π¬ 1 π 0LLMs excel with familiar languages like SQL and Python because they've seen them everywhere β decades of tutorials, docs, and StackOverflow answers have taught them to reason like experienced practitioners.
28.06.2025 11:29 β π 0 π 0 π¬ 1 π 0We chose SQL for Steampipe because developers knew it. Now there's an unexpected bonus: LLMs know it too. Meanwhile, tools with custom query languages are getting left behind.
Familiarity is more valuable than ever! π§΅
AI rewards curiosity, initiative, and accountability.
If you bring those, itβs a superpower.
If you wait for instructions, it feels like a threat.
