CloudGov — Account Governance Redesign | Ganesh Hulle
CORESTACK · UX CASE STUDY 2024

Account Governance Redesign

Transforming multi-cloud governance from fragmented complexity into a guided, scalable enterprise workflow.

RoleLead Designer + Researcher
Timeline6–8 Weeks
Team3 Designers
Platform
AWS Azure GCP OCI
UsersIT Admins · Security · DevOps
Account Governance Dashboard — Final Design
Overview

Project Overview

CoreStack is a multi-cloud governance platform serving enterprise teams across AWS, Azure, GCP, and OCI. As cloud account portfolios scaled into the hundreds, the existing governance UX exposed raw technical complexity to users rather than abstracting it into guided, scalable workflows — leading to onboarding failures, misconfigurations, and poor governance confidence.

My Role
Lead Designer + Research Lead
Leading a team of 2 designers. Responsible for end-to-end UX strategy, research synthesis, IA redesign, and design execution across all flows.
Platform
Multi-cloud
AWS Azure GCP OCI
Primary Users
IT / Cloud Admins Security & Compliance Teams DevOps Engineers
Duration
6–8 weeks
Discovery → Design → Testing → Handoff
Tools
Figma
Design Prototype Handoff
Outcome Type
Feature Redesign
Within an existing product (CoreStack)
01 — Problem & Context

Cloud governance was a maze of fragmented, error-prone workflows

As organizations scaled their multi-cloud footprints, CoreStack’s governance UX exposed raw technical complexity instead of abstracting it into guided workflows.

01

Complex & error-prone onboarding

Multiple manual steps, console switching, unclear errors caused frequent failures.

02

No unified multi-cloud visibility

AWS, Azure, GCP, OCI behaved differently with no central view of status.

03

Confusing role & permission management

RBAC and cloud-native permissions disconnected. Too many steps needed.

04

Poor enterprise scalability

Bulk onboarding and templating were limited. Governance broke at scale.

05

Weak error handling & recovery

Technical, non-actionable failure states created heavy support dependency.

06

Lack of governance confidence

Security teams had no visibility into consistent config. Audit readiness near impossible.

“We never know if an account is actually configured correctly until something breaks — and by then, it’s a compliance nightmare.”

— Cloud Admin, discovery research session

02 — Design Evolution

Old UI → First Iteration → Final Design

Three distinct phases of design evolution — from a raw data-heavy list view with no governance context, through an improved but still fragmented iteration, to a purpose-built multi-cloud governance dashboard.

Old UI — Before Redesign

Cloud Account Summary — Original Design

Dense table list · No governance context · Provider silos · No onboarding status

Cloud Account Summary — Original Design (Old UI)

No governance context — just raw account data listed with no status hierarchy

Provider tiles (AWS/Azure/GCP/VMware/OCI) show total counts but no actionable health view

No onboarding status, no bulk actions, no governance coverage indicators

First Iteration

Cloud Account Summary — Iteration 1

Improved donut chart visualisation · Better filters · Still fragmented across providers

Cloud Account Summary — Iteration 1

Introduced donut charts for Active/Disabled/Not Onboarded status — better than raw numbers

Improved filter bar with saved filters — but still siloed per cloud provider

No governance framework visible — accounts still treated as isolated rather than governed entities

Final Design

Account Governance Dashboard — Final

Unified governance view · Management vs Member hierarchy · Onboarding steps · Bulk actions

Account Governance Dashboard — Final Design

Renamed to ‘Account Governance Dashboard’ — signals governance intent, not just account listing

Tab navigation (AWS/Azure/GCP/OCI) with unified mental model across all providers

Management Accounts vs Member Accounts hierarchy surfaced as primary navigation concept

Onboarding status column shows step-by-step progress (e.g. Steps 21/21 Completed) at a glance

Bulk Action button enables enterprise-scale operations — a key scalability improvement

Saved View + column controls give power users customisable governance oversight

03 — Design Process

From discovery to a governed, guided experience

Over 6–8 weeks, I led the design team through a rigorous six-step process — from mapping broken workflows to validating a governance system enterprise teams could trust at scale.

Discovery & Heuristic Audit

Evaluated existing flows, documented usability violations across all providers.

Heuristic evalFlow mappingInterviews

User Research & Synthesis

Interviewed IT admins, DevOps, security teams. Synthesized into prioritised themes.

User interviewsAffinity mappingPersonas

IA Redesign

Restructured nav and hierarchy for a unified mental model across all clouds.

IA redesignCard sortingFigma

Usability Testing & Validation

Sessions with IT admins and DevOps. Measured confidence and time-on-task.

Usability testingTask analysisHandoff

Hi-Fi Design & Prototyping

End-to-end Figma prototypes for onboarding, dashboard, bulk ops, error recovery.

Hi-fi designPrototypeComponent lib

Wireframing & Rapid Iteration

Low-to-mid fi wireframes for dashboard, wizard, and permission flows.

WireframingDesign sprintsCritique
04 — Key Design Decisions

Five pivotal choices that shaped the solution

The redesign transformed cloud governance from a technically fragmented experience into a guided, scalable, and transparent workflow.

02

Guided Onboarding Wizard with Automated IAM

Replaced multi-screen manual process with a step-by-step wizard — real-time validation, human-readable error recovery.

Before5+ separate screens, console switching, cryptic errors
AfterSingle wizard, 5-step sidebar, inline status + Re-Run
03

Governance Templates for Enterprise Scale

Reusable governance templates + bulk onboarding for hundreds of accounts with consistent policy application.

BeforeOne-by-one onboarding, no reuse
AfterTemplate library + bulk ops (~65% faster)
04

Simplified Permission & RBAC Management

Surfaces who has access, what policies are applied, and inheritance relationships — reducing technical knowledge needed.

BeforeDisconnected RBAC, hidden inheritance
AfterVisual role maps, clear policy inheritance
05

Contextual, Actionable Error States

Recovery flows explaining what failed, why, and the exact next step — dramatically reducing support dependency.

BeforeOpaque error codes, support tickets
AfterInline guidance, Re-Run actions, ↓40% support
05 — Final Design Screens

From guided onboarding to governance configuration

The final design comprised three core workflow areas: a guided onboarding wizard, real-time onboarding status tracking, and post-onboarding governance configuration. Together they create a complete, confidence-building account governance journey.

Guided Onboarding Wizard

Edit AWS Cloud Provider — Step-by-Step Wizard

Cloud Account Type selection · Prerequisites · Credentials · Settings — all in one guided flow

Live Product Screen
Edit AWS Cloud Provider — Step-by-Step Wizard

Wizard sidebar shows all 5 steps with completion indicators — users always know where they are in the process

Account Type (Management vs Member) and Environment (Global vs Government) surfaced as clear card choices

Onboarding Status panel shows 2/6 steps completed with granular task status — actionable ‘Re-Run’ controls for failures

Failed states (e.g. Inventory Discovery) shown clearly with Re-Run action — no more opaque error codes

Post-Onboarding Governance Configuration

Edit Governance Configuration — Cloud Service & System Settings

SecOps · CloudOps · Activity Logs · Alerts · Metric Data Collection · Permission Validation

Live Product Screen
Edit Governance Configuration — Cloud Service & System Settings

Left panel (SecOps / CloudOps) gives users a categorised view of all governance configuration areas

Tabbed interface (Cloud Service Configuration / System Configuration) separates concerns clearly

Permission validation success shown inline in green — users get immediate feedback on what’s working

Contextual red error messages (‘It seems activity log is not configured yet’) replace generic alerts with specific guidance

Tenant vs Cloud Account scope toggle gives admins fine-grained control over where settings apply

Metric Data Collection Interval presented as a clear 3-option selector (24 Hours / 8 Hours / 4 Hours)

“We finally feel in control. The new onboarding flow just works — our team stopped calling support for every new account setup.”

— CloudOps Engineer, post-launch usability testing

06 — Impact & Outcomes

From 30-minute onboarding to under 10 minutes

Measurable improvements across efficiency, error reduction, governance, and scalability.

↓67%
Onboarding time reduction
85%+
First-time success rate
↓40%
Workflow steps reduced
↑50%
Policy adoption increase
Operational Efficiency
Onboarding time30–45 min → <10 min
Bulk onboarding~65% faster
Support dependency↓ ~40%
First-time success55% → 85%+
Error & Governance
Config failures↓ 35–45%
IAM misconfigs↓ ~30%
Non-compliant ID timeHours → minutes
Policy adoption↑ ~50%
User Experience
Workflow steps↓ ~40%
Task confidence↑ significantly
Enterprise scaleHundreds of accounts
Onboarding stepsTracked & visible
07 — Learnings & Reflections

What this project taught me

01

Abstract complexity, don’t hide it

Best enterprise UX translates technical requirements into guided decisions. Users still choose — they just don’t need to understand IAM policy JSON.

02

Error states are a design surface

Treating failure states as first-class design artifacts was the single biggest confidence driver among admin users.

03

Multi-cloud ≠ multi-experience

Standardizing the mental model required deliberate IA decisions, not just a unified visual skin.

04

Scale informs design from day one

Designing for hundreds vs ten accounts changes everything — bulk ops and templating had to be primary features.