Skip to content

The RosettaOps Model

Tiered governance that earns trust incrementally -- from read-only visibility to full lifecycle automation across AWS, Azure, GCP, Alibaba Cloud, OVH, and OpenStack.

Why Tiered Governance

No enterprise gives a new vendor write access on day one. Cloud operations teams need to validate a platform's value before granting it permission to change anything -- and they need to validate preventive controls before trusting automated remediation.

RosettaOps is RosettaHub's cloud operations product -- the unified governance abstraction layer across all clouds. It provides the same APIs for account vending, sandboxing, budgets, compliance, and landing zones regardless of the underlying provider. Its tiered model maps directly to the real trust boundaries in enterprise cloud operations:

  1. Show me the problem -- read-only visibility builds confidence.
  2. Prevent new problems -- preventive controls prove the platform's judgment.
  3. Fix existing problems -- full automation follows established trust.

Each tier delivers standalone value. You can stay at any tier indefinitely, or progress when the business case is clear.

Tier Overview

graph LR
    subgraph tier1 ["TIER 1 -- Observe"]
        O1["Read-only visibility"]
        O2["Cost dashboards"]
        O3["Compliance scanning"]
    end

    subgraph tier2 ["TIER 2 -- Govern"]
        G1["Budget enforcement"]
        G2["Service restrictions"]
        G3["Policy enforcement"]
    end

    subgraph tier3 ["TIER 3 -- Automate"]
        A1["Account cleanup"]
        A2["Scheduled lifecycle"]
        A3["Freeze / unfreeze"]
    end

    tier1 -- "Trust established" --> tier2
    tier2 -- "Confidence earned" --> tier3

    style tier1 fill:#e3f2fd,stroke:#1565c0,color:#000
    style tier2 fill:#fff3e0,stroke:#e65100,color:#000
    style tier3 fill:#e8f5e9,stroke:#2e7d32,color:#000

Each tier is a strict superset of the one below it. Govern includes everything in Observe; Automate includes everything in Govern.

Tier 1 -- RosettaOps Observe

Access Level: Read-Only

Observe requires no write access to your cloud accounts. RosettaHub reads telemetry, inventory, and billing data only. Nothing in your environment is modified.

Observe gives you real-time, multi-cloud visibility -- the single pane of glass that most organizations lack today. Many enterprises operate across two or more clouds with no unified cost or compliance view. Observe solves that immediately.

Capabilities

Capability Description
Real-time cost estimation Event-driven cost tracking across all connected clouds -- not billing-lag estimates
Unified multi-cloud cost dashboard Single view of spend across AWS, Azure, GCP, Alibaba Cloud, OVH, and OpenStack
Resource inventory and audit Complete catalog of cloud resources with metadata and ownership
Compliance posture scanning Findings against ISO 27001, HIPAA, and CIS benchmarks (read-only findings, no remediation)
Exportable reports Download cost, inventory, and compliance data for stakeholders

Coming Soon

The following capabilities are planned for the Observe tier:

  • AI model usage visibility -- Track consumption of AI/ML model APIs across clouds. Coming Q1 2026.
  • Compliance posture dashboard -- Visual compliance status across all accounts and frameworks. Coming Q2 2026.
  • AI-driven cost forecasting -- Predictive spend analysis powered by historical trends. Coming Q2 2026.

Standalone Value

Observe answers questions that many organizations simply cannot answer today:

  • How much are we spending across all clouds, right now?
  • Which accounts have resources that violate compliance baselines?
  • Who owns the resources driving the most cost?

The data Observe surfaces typically reveals enough waste to build the business case for Tier 2.

Tier 2 -- RosettaOps Govern

Access Level: Preventive Write

Govern has write access for preventive actions. It can block new bad things from happening. It does not modify or terminate existing resources.

Govern adds enforcement to the visibility Observe provides. If Observe shows you the fire, Govern stops new fires from starting.

Capabilities

Everything in Observe, plus:

Capability Description
Budget limits with hard enforcement Real-time budget caps that prevent overspend, not just alert on it
Role-based service restrictions Control which cloud services and instance types users can provision
Account provisioning from pre-provisioned pools Vend cloud accounts instantly from warm pools with guardrails already applied
Compliance policy enforcement Preventive policies via Cloud Custodian that block non-compliant provisioning
Spot instance hibernation Automatically hibernate spot instances to preserve state and reduce cost

Coming Soon

The following capabilities are planned for the Govern tier:

  • AI model usage caps -- Enforce spending limits on AI/ML model API consumption per team or project. Coming Q1 2026.
  • MCP server access -- Programmatic governance via the Model Context Protocol server. Coming Q2 2026.

Key Distinction

Govern only takes preventive actions:

  • Blocking -- Deny provisioning requests that violate policy.
  • Enforcing -- Require tags, regions, instance families, or approval workflows.
  • Auto-remediating -- Correct configuration drift at creation time.

Govern never touches existing resources. A running production workload is safe from any Govern action by design.

Tier 3 -- RosettaOps Automate

Access Level: Full Lifecycle Management

Automate has full write access. It can modify, stop, and terminate existing resources in your cloud accounts -- subject to Protected Account Designation.

Automate closes the loop. Where Govern prevents new waste, Automate eliminates existing waste and manages resource lifecycles end to end.

Capabilities

Everything in Govern, plus:

Capability Description
Account cleanup Identify and remove idle resources, orphaned storage volumes, and unused snapshots
Compute shutdown on trigger or schedule Stop or terminate instances based on inactivity, time-of-day, or custom triggers
Account freeze and unfreeze Suspend all non-essential compute in an account instantly, and restore it later
Scheduled resource lifecycle policies Define policies that automatically age out, resize, or terminate resources on a schedule
Protected Account Designation Mark specific accounts as exempt from all automated actions -- production stays untouched

Coming Soon

The following capability is planned for the Automate tier:

  • Savings recommendations with one-click implementation -- AI-generated cost optimization suggestions that can be applied in a single action. Coming Q2 2026.

Critical Safety: Protected Accounts

Protected Account Designation

Any cloud account can be designated as Protected. Protected accounts are exempt from all automated actions at the platform level -- no cleanup, no shutdown, no freeze. This ensures that production workloads and other critical environments are never touched by automation, regardless of any policy or schedule configured in Automate.

Protected Account Designation is the safety mechanism that makes full lifecycle automation viable for enterprises. Teams can automate aggressively in development and sandbox accounts while maintaining absolute certainty that production is off limits.

Feature Comparison

The following table summarizes which capabilities are available at each tier.

Capability Observe Govern Automate
Real-time cost estimation
Unified multi-cloud cost dashboard
Resource inventory and audit
Compliance posture scanning (findings)
Exportable reports
Budget limits with hard enforcement
Role-based service restrictions
Account provisioning from pools
Compliance policy enforcement
Spot instance hibernation
Account cleanup (idle/orphaned resources)
Compute shutdown on trigger/schedule
Account freeze/unfreeze
Scheduled resource lifecycle policies
Protected Account Designation

Coming Soon Features

The following features are in development and not yet reflected in the table above:

Feature Tier Target
AI model usage visibility Observe Q1 2026
AI model usage caps Govern Q1 2026
Compliance posture dashboard Observe Q2 2026
AI-driven cost forecasting Observe Q2 2026
MCP server access Govern Q2 2026
Savings recommendations with one-click Observe / Automate Q2 2026

How Customers Progress

The tiered model is designed around a natural upgrade path where each tier builds the case for the next.

Observe reveals the problem

Most organizations begin with Observe because it requires zero write access -- the lowest possible risk. Within days, the unified cost dashboard and resource inventory surface waste that was previously invisible: idle instances, orphaned volumes, accounts with no budget controls, and compliance gaps.

This data alone often reveals six- or seven-figure annual savings opportunities.

Observe builds the case for Govern

Once stakeholders can see the waste, the conversation shifts from "do we have a problem?" to "how do we stop it from getting worse?" The business case for Govern writes itself: the cost of inaction is now visible on a dashboard.

Govern's preventive controls -- budget enforcement, service restrictions, compliant account vending -- stop new waste at the source without touching anything already running.

Govern builds the case for Automate

With Govern preventing new waste, existing waste becomes the obvious next target. Govern's data shows exactly which idle resources, orphaned volumes, and oversized instances are costing money today. Teams gain confidence in the platform's judgment through months of accurate preventive enforcement.

Automate then applies that same judgment to existing resources -- with Protected Account Designation ensuring production is always exempt.

graph LR
    See["<b>See it</b>\n\nObserve reveals waste.\n<i>We are wasting money.</i>"]
    Stop["<b>Stop it</b>\n\nGovern blocks new waste.\n<i>Existing waste remains.</i>"]
    Fix["<b>Fix it</b>\n\nAutomate cleans up.\n<i>Production is protected.</i>"]

    See -->|"Data builds the case"| Stop
    Stop -->|"Confidence earned"| Fix

    style See fill:#e3f2fd,stroke:#1565c0,color:#000
    style Stop fill:#fff3e0,stroke:#e65100,color:#000
    style Fix fill:#e8f5e9,stroke:#2e7d32,color:#000

Each tier delivers value on its own. There is no requirement to progress -- organizations can remain at any tier as long as it meets their needs.

Next Steps