Account Governance Redesign
Transforming multi-cloud governance from fragmented complexity into a guided, scalable enterprise workflow.
Project Overview
CoreStack is a multi-cloud governance platform serving enterprise teams across AWS, Azure, GCP, and OCI. As cloud account portfolios scaled into the hundreds, the existing governance UX exposed raw technical complexity to users rather than abstracting it into guided, scalable workflows — leading to onboarding failures, misconfigurations, and poor governance confidence.
Cloud governance was a maze of fragmented, error-prone workflows
As organizations scaled their multi-cloud footprints, CoreStack’s governance UX exposed raw technical complexity instead of abstracting it into guided workflows.
Complex & error-prone onboarding
Multiple manual steps, console switching, unclear errors caused frequent failures.
No unified multi-cloud visibility
AWS, Azure, GCP, OCI behaved differently with no central view of status.
Confusing role & permission management
RBAC and cloud-native permissions disconnected. Too many steps needed.
Poor enterprise scalability
Bulk onboarding and templating were limited. Governance broke at scale.
Weak error handling & recovery
Technical, non-actionable failure states created heavy support dependency.
Lack of governance confidence
Security teams had no visibility into consistent config. Audit readiness near impossible.
“We never know if an account is actually configured correctly until something breaks — and by then, it’s a compliance nightmare.”
— Cloud Admin, discovery research session
Old UI → First Iteration → Final Design
Three distinct phases of design evolution — from a raw data-heavy list view with no governance context, through an improved but still fragmented iteration, to a purpose-built multi-cloud governance dashboard.
Cloud Account Summary — Original Design
Dense table list · No governance context · Provider silos · No onboarding status
No governance context — just raw account data listed with no status hierarchy
Provider tiles (AWS/Azure/GCP/VMware/OCI) show total counts but no actionable health view
No onboarding status, no bulk actions, no governance coverage indicators
Cloud Account Summary — Iteration 1
Improved donut chart visualisation · Better filters · Still fragmented across providers
Introduced donut charts for Active/Disabled/Not Onboarded status — better than raw numbers
Improved filter bar with saved filters — but still siloed per cloud provider
No governance framework visible — accounts still treated as isolated rather than governed entities
Account Governance Dashboard — Final
Unified governance view · Management vs Member hierarchy · Onboarding steps · Bulk actions
Renamed to ‘Account Governance Dashboard’ — signals governance intent, not just account listing
Tab navigation (AWS/Azure/GCP/OCI) with unified mental model across all providers
Management Accounts vs Member Accounts hierarchy surfaced as primary navigation concept
Onboarding status column shows step-by-step progress (e.g. Steps 21/21 Completed) at a glance
Bulk Action button enables enterprise-scale operations — a key scalability improvement
Saved View + column controls give power users customisable governance oversight
From discovery to a governed, guided experience
Over 6–8 weeks, I led the design team through a rigorous six-step process — from mapping broken workflows to validating a governance system enterprise teams could trust at scale.
Discovery & Heuristic Audit
Evaluated existing flows, documented usability violations across all providers.
User Research & Synthesis
Interviewed IT admins, DevOps, security teams. Synthesized into prioritised themes.
IA Redesign
Restructured nav and hierarchy for a unified mental model across all clouds.
Usability Testing & Validation
Sessions with IT admins and DevOps. Measured confidence and time-on-task.
Hi-Fi Design & Prototyping
End-to-end Figma prototypes for onboarding, dashboard, bulk ops, error recovery.
Wireframing & Rapid Iteration
Low-to-mid fi wireframes for dashboard, wizard, and permission flows.
Five pivotal choices that shaped the solution
The redesign transformed cloud governance from a technically fragmented experience into a guided, scalable, and transparent workflow.
Unified Multi-Cloud Governance Dashboard
Created a single command centre showing account status, health, governance coverage, and compliance across AWS, Azure, GCP, and OCI — eliminating provider-switching context loss.
Guided Onboarding Wizard with Automated IAM
Replaced multi-screen manual process with a step-by-step wizard — real-time validation, human-readable error recovery.
Governance Templates for Enterprise Scale
Reusable governance templates + bulk onboarding for hundreds of accounts with consistent policy application.
Simplified Permission & RBAC Management
Surfaces who has access, what policies are applied, and inheritance relationships — reducing technical knowledge needed.
Contextual, Actionable Error States
Recovery flows explaining what failed, why, and the exact next step — dramatically reducing support dependency.
From guided onboarding to governance configuration
The final design comprised three core workflow areas: a guided onboarding wizard, real-time onboarding status tracking, and post-onboarding governance configuration. Together they create a complete, confidence-building account governance journey.
Edit AWS Cloud Provider — Step-by-Step Wizard
Cloud Account Type selection · Prerequisites · Credentials · Settings — all in one guided flow
Wizard sidebar shows all 5 steps with completion indicators — users always know where they are in the process
Account Type (Management vs Member) and Environment (Global vs Government) surfaced as clear card choices
Onboarding Status panel shows 2/6 steps completed with granular task status — actionable ‘Re-Run’ controls for failures
Failed states (e.g. Inventory Discovery) shown clearly with Re-Run action — no more opaque error codes
Edit Governance Configuration — Cloud Service & System Settings
SecOps · CloudOps · Activity Logs · Alerts · Metric Data Collection · Permission Validation
Left panel (SecOps / CloudOps) gives users a categorised view of all governance configuration areas
Tabbed interface (Cloud Service Configuration / System Configuration) separates concerns clearly
Permission validation success shown inline in green — users get immediate feedback on what’s working
Contextual red error messages (‘It seems activity log is not configured yet’) replace generic alerts with specific guidance
Tenant vs Cloud Account scope toggle gives admins fine-grained control over where settings apply
Metric Data Collection Interval presented as a clear 3-option selector (24 Hours / 8 Hours / 4 Hours)
“We finally feel in control. The new onboarding flow just works — our team stopped calling support for every new account setup.”
— CloudOps Engineer, post-launch usability testing
From 30-minute onboarding to under 10 minutes
Measurable improvements across efficiency, error reduction, governance, and scalability.
What this project taught me
Abstract complexity, don’t hide it
Best enterprise UX translates technical requirements into guided decisions. Users still choose — they just don’t need to understand IAM policy JSON.
Error states are a design surface
Treating failure states as first-class design artifacts was the single biggest confidence driver among admin users.
Multi-cloud ≠ multi-experience
Standardizing the mental model required deliberate IA decisions, not just a unified visual skin.
Scale informs design from day one
Designing for hundreds vs ten accounts changes everything — bulk ops and templating had to be primary features.
