Shortcoming: Manual Config and Setup
Setting up Cloud constructs either through the Console or Terraform consistent of many manual steps and requires knowledge inner workings of CSP construct. One incorrect configuration can have costly implications on uptime.
Short Coming: Automation
Scripting of highly repeatable tasks like VPC creation, GWLB creation, TGW attachment at scale, VIF and peering automation is complex and cannot scale manually.
Short Coming: Misconfiguration
Misconfiguration issues causes connectivity and performance errors, increasing man-hours required for issue resolution.
Short Coming: Mean Time to Fix
NetOps will have difficulty diagnosing problems during outages, working with at least 4-5 teams to spot the root cause. Combined with the friction through change management and app/dev team change approvals, all add up during critical time to resolve issues.
Missing from DIY: No Connectivity for PaaS
DIY does not include interconnecting PaaS services from VPCs that requires Private link, NLBs, Endpoint connections as well as maintaining routing, security, and performance constantly.
Missing from DIY: No Zero-Trust model for user to app layer connectivity
No App layer connectivity or how users connect to applications securely using a modern Zero-Trust model. That includes, Load balancers, NGFWs, Global Accelerator, CDN, etc. All this is an added cost to your infrastructure in one cloud and similarly replicated across multiple clouds.
Missing from DIY: No single architecture
Consider having ~350 VPCs in AWS, and now you need to extend this to Azure. The constructs are entirely different, so the team now needs to learn how Azure Private link, VWAN hub, and VNET peering works, how to configure and write scripts for those. Tomorrow if AWS releases a new capability, you must either hire more resources or educate your team to improve or even maintain the current architecture to be compliant with industry best practices.
