Multi-Cloud Management Console

Unified view across AWS/GCP/Azure with policy enforcement

View the interactive project page →

Multi-Cloud Management Console

Part of the worlds-biggest-software-project initiative.

A vendor-neutral, AI-native console for unified visibility, cost control, and policy enforcement across AWS, Azure, and GCP.

The Multi-Cloud Management Console is an open-source platform for engineering and platform teams running workloads across more than one hyperscaler. It unifies inventory, cost, and governance behind a single pane of glass while leaving organisations free of any one cloud's management plane as the anchor.


Why Multi-Cloud Management Console?

  • The market is consolidating into hyperscaler-adjacent portfolios — IBM acquired HashiCorp for $6.4B, Broadcom absorbed VMware/CloudHealth, and HPE acquired Morpheus Data — leaving a clear gap for an independent platform.
  • Hyperscaler-native tools such as Azure Arc (with its December 2025 GCP Connector Preview) and AWS Control Tower require committing to one vendor's management plane, creating implicit lock-in.
  • Enterprise platforms (CloudBolt, Flexera One, Cloudability, CloudHealth) are uniformly custom-priced with five-to-six-figure annual contracts and opaque post-acquisition roadmaps.
  • Open Policy Agent is the de-facto policy-as-code standard but ships as a headless engine — operationalising it as a full multi-cloud console requires significant engineering effort.
  • Existing tools detect issues but rarely bridge English intent to valid Rego, map cross-cloud resource dependencies, or rank remediations by blast radius.

Key Features

Unified Cost & Inventory

  • Normalised billing data across AWS, Azure, and GCP using the FOCUS 1.x specification
  • Continuous multi-cloud resource discovery and tagging
  • Chargeback and showback reporting with cost allocation to teams and cost centres
  • Cost spike anomaly alerting with configurable thresholds

Policy-as-Code Governance

  • OPA/Rego policy engine with pre-built rules for CIS Benchmarks and common misconfigurations
  • Plan-time policy gates for Terraform / OpenTofu and Pulumi pipelines
  • Preventive and detective controls across cloud accounts
  • Compliance reporting against CIS Benchmarks, SOC 2, and ISO 27001

Developer Self-Service

  • Self-service portal with cost projection shown at the point of provisioning request
  • Approval workflows with role-based access control
  • Blueprint-driven deployment of multi-tier applications
  • Embedded guardrails so policies enforce without blocking developer flow

Identity & Access

  • RBAC with SAML 2.0 and OIDC SSO integration
  • REST API for programmatic management and toolchain integration
  • Audit logging for all governance and provisioning actions

AI-Native Advantage

Natural language policy authoring translates English intent ("ensure all storage buckets in production have encryption and no public access") into validated OPA/Rego, lowering the barrier to cross-cloud governance. ML-based anomaly detection trained on per-account usage patterns surfaces cost spikes and configuration drift earlier than rule-based systems. Automated remediation suggestions are ranked by blast radius and compliance urgency, and graph AI maps cross-provider resource relationships to expose shadow IT, orphans, and hidden dependencies that manual inventory consistently misses.


Tech Stack & Deployment

The console is designed around open standards: OPA/Rego for policy, the FinOps Foundation FOCUS specification for normalised billing, CIS Benchmarks for security baselines, and Terraform / OpenTofu and Pulumi provider protocols for IaC integration. Deployment modes target SaaS, self-hosted, and air-gapped operation. Identity integrates via SAML 2.0 and OIDC; cloud credentials use short-lived OIDC federation rather than long-lived secrets where supported.


Market Context

The multi-cloud management market is estimated at $11.9B–$16.9B in 2025 with a CAGR of approximately 20–27% through 2030 (Precedence Research; Fortune Business Insights). Independent enterprise platforms typically command five-to-six-figure annual contracts under custom pricing, while hyperscaler-native tools are nominally free with charges tied to managed resource consumption. Primary buyers are cloud platform engineering leads, enterprise CTO/CIO operating across two or more clouds, FinOps practitioners, and security engineers responsible for cross-cloud posture.


Project Status

This project is in the research and specification phase.
Contributions, feedback, and domain expertise are welcome.


Contributing

We welcome contributions from developers, domain experts, and potential users. See CONTRIBUTING.md for guidelines.

Important: All contributions must be your own original work or clearly attributed open-source material with a compatible licence. Copyright infringement and licence violations will not be tolerated and will result in immediate removal of the offending contribution. If you are unsure whether a piece of code, text, or other material is safe to contribute, open an issue and ask before submitting.


Licence

Licence to be determined. See discussion for context.