More and more systems and services are now sourced from cloud service providers. Whether vServers, cloud servers, storage systems or web services such as CRM and CMS systems – applications are increasingly being outsourced to the cloud to save on data space and remain flexible.
Why cloud services?
Cloud services provide clear advantages: cost saving in the company’s internal infrastructure, low maintenance, reliability and data protection. A further benefit is the rapid commissioning of new systems: While in-house resources are scarce, a cloud service provider can procure and use almost all the resources required at the touch of a button, with billing to the second. This is particularly beneficial regarding test instances, which are anyway only needed and operated on for a few hours.
Documentation is also important in the cloud
Systems running in the cloud must also be documented – just like those that are located in the company’s own infrastructure. Without documentation, the important ability to easily determine system information, occurring errors, costs, contact persons and responsible persons is missing.
Since the characteristics of virtual server types and cloud services differ from those of conventional systems, it is advisable to create them in separate object types. In order to do this, we have extended the existing object types, “server, virtual server and blade server” with the further types, “cloud server, vServer and managed server”.
What must the documentation include?
Managed Server – Hand over the responsibility, but not for documentation.
Managed servers are increasingly used to provide web applications and services. Managed servers offer their own exclusively used system, without requiring any personal effort. As a customer you get to use a system that is always up-to-date and ready to run. However, the responsibility for updates and maintenance lies with the service provider from whom you rent the server.
Nevertheless, you still have a responsibility for documentation. In addition to the contracts and service level agreements that need to be documented, you should check at regular intervals which changes have been made to your managed server. Frequently, the Managed Server contracts guarantee a minimum availability. Check whether you also need this information in your documentation. In case of recurring downtimes, this information can be important for contract changes and claims for damages. The same applies to installed software and services: regularly ask yourself what patch level they are at and make sure that current IT security standards are met. For emergencies, you should record all contact persons and service numbers.
Managed servers are usually managed via a web portal. If you use different providers, it is particularly important to provide the access link to the web portal.In i-doit you can create your own object type for the documentation of Managed Servers and assign different categories to it.
Possible documentation content
- Hardware specifications (CPU, memory, disk space)
- Contract & SLA documentation
- Contact person & service number
- Service hotline for faults
- Contact person for contract changes
- Access via web interface or SSH
Cloud server – documentation even with short operating time
Cloud servers are particularly suited to applications and services that are only temporarily scaled or needed for a short period of time – for example, for testing new software versions or completely new solutions.
Since cloud servers are usually billed according to operating time and resources, various factors are important for the documentation. Firstly, of course, the system resources used are decisive. What’s important here is the number of CPU cores used, the reserved working memory and the (hard disk) memory size.
Other important factors include the traffic caused, the number of databases, cluster and IP configurations used and load balancer services. Depending on your requirements, you have the option of using user-defined categories to document exactly what will provide the most benefit for your departments.
For cost and performance analysis, for example, it is important to record the operating hours. This will help you be able to immediately understand the costs and purpose.
Our partner Becon GmbH offers a corresponding connector for the automatic recording and inventory of Azure Cloud Servers.
Collaboration Tools – Users should be documented
Many companies now use various collaboration tools such as MS Planner, Trello, Jira or Zenkit. Since these applications are usually obtained directly from the respective service provider, they are often not taken into account in the documentation.
However, in the case of staff turnover or project handovers especially, it is crucial to know who needs access to which boards. In principle, therefore, at the very least the boards and the respective users should be recorded. This means that privileged users, such as administrators, can be immediately identified as such. In the event of problems and required approvals, this makes it easier to quickly identify specific contact persons.
Cloud storages – the documentation priority is access rights
Like collaboration tools, the documentation of cloud storage solutions such as AWS S3, Google Drive, Microsoft OneDrive or even a simple Nextcloud is similar.
First and foremost, of course, the decisive factor is: Which persons have access to which data? Since the last thing to come into force is the DSGVO, everyone must be aware that this information is important for data protection.
Therefore, keep a record of which users and groups have access to which directory of the respective application. Also document each user of the application, together with their access rights, directories and personal storage space.
Keeping an overview using documentation – even in the cloud
Despite the increasingly convenient resources and services offered by various Cloud and SaaS providers, you cannot dismiss all responsibility. Documentation still applies here!
Similarly to applications and systems that run in your own infrastructure, users, administrators and managers must be able to access information quickly and keep track of things, even with cloud-based applications.
The most important thing here is which services are purchased, used and scaled and which persons have access to these services. Only in this way, can you react quickly to any changes that occur and plan effectively.