> they seem Oblivious to the fact that the only thing we need from them is to negotiate an Azure or AWS subscription and after that they will loose any utility.
I've seen similar and they tried the following:-
- We'll provision VMs for you. Raise a ticket.
- We're doing "Hub & Spoke". You're not allowed to route any internet traffic except through our inspection proxies.
- We've disabled the API. You can only use the Console.
Basically, a couple of old school guys will do anything they can to disable automation, as otherwise they'll be accepting they can't really contribute anymore.
The old-school guys also think (rightly in some cases) that they have an added value. 10 years ago I was building a cloud platform and explaining to the security team that they would no longer receive tickets to manually configure routes on firewalls, the customers would do it from a console. I thought they’d be happy to be relieved of a menial, boring task but their reaction was “when we receive a ticket requesting to open all ports from any IP address, we can explain to the customer that it’s a dangerous idea. If they can configure it themselves, who will tell them?”
I've seen similar and they tried the following:-
- We'll provision VMs for you. Raise a ticket.
- We're doing "Hub & Spoke". You're not allowed to route any internet traffic except through our inspection proxies.
- We've disabled the API. You can only use the Console.
Basically, a couple of old school guys will do anything they can to disable automation, as otherwise they'll be accepting they can't really contribute anymore.