All Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure cloud accounts used for any Stanford-related activities—including development, student work, testing, learning and building production-ready solutions—should be part of Cardinal Cloud. It provides a level of visibility that helps University IT safeguard data. It also helps Stanford meet our spending commitments with our vendors, which in turn allows us to provide significant multi-year discounts to our community.
If you already have a standalone cloud account that still incurs credit card or PCard charges or gets monthly invoices, it’s probably not part of Cardinal Cloud. The good news is that joining Cardinal Cloud is fast, simple and non-disruptive; the technologies in your account will not be affected; it’s mostly a back-end change in who pays the bill.
Benefits of joining Cardinal Cloud
Joining Cardinal Cloud offers some real benefits while also helping the university protect Stanford data.
- Your account will enjoy immediate cost savings relating to data egress charges and will automatically benefit from any additional negotiated enterprise discounts between Stanford and our three major cloud service providers (CSP).
- You can use one or more PTAs for automatic monthly billing by UIT instead of a department PCard, a personal credit card, or purchase orders with monthly invoices.
- If you have any remaining credits from your CSP free tier promotion, they will conclude once billing is handled centrally.
- You’ll find easier integration with campus infrastructure, including directory services that allow you to use your Stanford account and workgroup membership to manage access to the account and its resources.
- You'll have access to new enterprise cloud security tools that UIT will be providing for free for all AWS, GCP, and Azure users.
- It's easier to remain in compliance with different security frameworks, including Stanford's own Minimum Security Standards (MinSec).
- Cardinal Cloud is the only way to be covered under Stanford's Enterprise Agreements and Business Associate Agreements (BAA) for AWS, GCP and Azure.
Important: Joining under the University’s enterprise account will not disrupt your currently deployed cloud technologies, limit your efforts, reduce your level of access, or compromise your privacy.
Steps to join Cardinal Cloud
These are generic instructions that might differ depending on whether your standalone cloud account is with AWS, GCP, or Azure.
For everyone joining your account to Cardinal Cloud, the short process starts with submitting a help request. In the ServiceNow form, mention that you’re intending to join Cardinal Cloud and provide the account number, email address used to set up the account, and any other specific details relevant to the account. You can also use this form simply to request confirmation that your account is already part of Cardinal Cloud.
Note: You will never be asked to disclose any usernames or passwords.
FAQ
- Will there be any interruptions to any deployed solutions? Any reboots or outages?
- No, this change primarily affects billing. Joining your standalone cloud account to Cardinal Cloud will not affect the technologies configured or running in your account. There is no need to schedule downtime or plan for any disruptions; it will happen in the backend.
- Will anyone else view my account? What will they be doing?
-
Once your account becomes part of Cardinal Cloud, our cloud operations team will give a cursory review of the deployed technologies through the web administration console to ensure current and future account policies will not conflict with your deployed technologies. For example, if your account uses regions located in a high-risk country, we will need to accommodate this before applying any Stanford-wide policies that prohibit using non-US regions.
- Will anyone log into my servers and databases or review data in any storage buckets?
-
No—no one will access your resources.
- Why does UIT want standalone accounts to be part of Cardinal Cloud?
-
It helps the University aggregate the financial commitments made with the different cloud vendors, helping to influence the total available discount offered to all of Stanford. It also helps automate cloud security by giving visibility in the account configuration to detect and prevent information disclosure. Finally, UIT wants everyone to take advantage of the financial discounts available to them.
- What if I’m not really using my standalone cloud account?
-
Now would be a good time to do some housekeeping. By closing your AWS account (if you use AWS), you eliminate the possibility that it gets hacked or exploited; it will also prevent any unwelcome billing surprises and eliminates the risk to the university. Other CSPs have similar processes.
- My standalone account is only to explore cloud services and learn more about the cloud. Do I still need to join Cardinal Cloud?
-
If the account is simply for personal work, we ask that you change the email address of the root account holder to something personal like an Outlook.com or Gmail address. The root account address is the Stanford email address you used when signing up for the account. View instructions to change your email address online if you used AWS.
- Will this affect the terms and conditions of the standalone account?
-
Yes, when you join Cardinal Cloud, you will be agreeing to new terms and conditions that are associated with Stanford’s Enterprise Agreements with all three cloud service providers These are generally more favorable to you and the University.
Get support
If you have questions, submit a help request or visit the Help Services page to chat with a support representative.