Determine Cloud Subscription(s) to Use

When utilizing Cloud Slice with Skillable Studio, you have the ability to use subscriptions owned by Skillable or bring your own cloud subscriptions/accounts. When deciding whether to use your own or use Skillable’s subscriptions/accounts, there are a numerous aspects to think through. Much of what can be done with Skillable labs can be accomplished with either your own or Skillable’s labs, but each of these choices come with their own sets of pros and cons that you must evaluate based on what you would like to achieve in labs and take on as operational duties/considerations as an Organization.

Similarities Between Your Subscriptions & Skillable’s Subscriptions

When using cloud subscriptions in Skillable Studio, there are a number of consistent truths regardless of if you are using your own or Skillable’s subscriptions. When using cloud subscriptions with Skillable, the following is always applicable regardless of who owns the subscriptions:

• They can be enabled for Full Cloud Slice (Azure, AWS, GCP) or just (Azure & AWS only).

• Built-in cloud Marketplace VM Images can be utilized for VMs/EC2 instances.

• Look & feel the same to a lab user.

• Require an annual management fee.

Differences Between Your Subscriptions & Skillable’s Subscriptions

Security Considerations When Using Your Own Subscriptions

Best Practice: Use Dedicated Cloud Accounts

It is highly recommended to heavily segregate the cloud tenants/accounts used for labs from the cloud tenants/accounts used for general business purposes.

When using your own subscriptions, the biggest considerations to account for are around security & in turn possible business impact. It is highly recommended to use a tenant/account that is completely dedicated to labs and does not overlap with cloud tenants/accounts used in the day to day of the business. While Skillable designs their Cloud Slice capabilities with security at the top of mind, they are still integrating with live cloud platforms that can change at any moment.

Due to this, there is always some level of risk that an individual with ill intentions finds a way to commit abuse or fraud. By keeping your lab tenant/accounts completely isolated it ensures that even if a bad actor determines a way to breach any established security measures, they do not have access to critical business resources or infrastructure.

Additionally, Skillable requires a level of full and complete access across the entire tenant/accounts for Cloud Slice to properly function. In many cases security teams are uncomfortable with this level of access as it opens the possibility that Skillable has the ability to impact ongoing business operations outside of labs. When the only business purpose for the tenant/accounts are labs/Cloud Slice, this is no longer a risk.

Skillable Cloud Access

When enabling a tenant/account for Cloud Slice access. Skillable is granted the highest level of access (Global Administrator in Azure, Full Access in AWS) within the cloud platform, this provides Skillable the ability and permission to view and/or modify any configurations within the Cloud Slice tenant/account.

Due to this level of access, it is not recommended to share a tenant/account for both labs and vital business operations.

Summary

When deciding to bring your own or use Skillable’s subscriptions, consider if any of the below are hard requirements for your organization:

• Utilizing custom VM images

• Having direct backend access into the subscriptions

• A customized domain

If all of these items are more nice to have than must have, we recommend using Skillable’s subscriptions for enhanced organization security and reduced operational overhead.

Next Steps

• Configure your own subscriptions in:

  • Microsoft Azure

  • Amazon Web Services (AWS)

• Contact Skillable to use their subscriptions.