— Back to the Cloud Forum Schedule

May 19th Presentations

A Journey into the Cloud for Science: Lessons Learned from Salk’s Cloud Acceleration Program for Biology

Jerry Sheehan, Salk Institute for Biological Studies
9:45 am | Slides | Recording

The Salk Institute for Biological Studies launched the Cloud Acceleration Program for Biology to let faculty rapidly experiment with cloud-scale infrastructure for computational biology. One year in, eight projects are underway—from teams training machine-learning models at scale to groups leveraging no-code bioinformatics tools—yielding early wins in speed-to-insight, reproducibility, and collaboration. This session is tailored to the Cloud Forum’s “by higher ed, for higher ed” community and its audience of CIOs, cloud architects, and enablement leaders; we’ll share what worked (and didn’t).

The session will detail the strategy behind the program, the staffing model and community-building approach, and how we navigated compliance complexity (e.g., NIST 800-171 and data-use agreements), identity and access controls, secure research patterns, and FinOps (unit economics, showback/chargeback, budgets)—topics that have been front-of-mind at recent Forums. Attendees will leave with a pragmatic playbook, and lessons learned they can adapt to their campus context, backed by strong institutional sponsorship and oversight.

N2P: A National Research Cloud Service Tailored for Brazilian Scientists

Sergio Leal Fonseca, Rede Nacional de Ensino e Pesquisa
10:45 am | Slides | Recording

Cloud computing can be challenging to use. For researchers that means spending precious time that could be dedicated to the research itself to learning a cloud provider’s intricacies and inner workings of virtual networking, computing and storage. Besides the technical details, cloud cost is also an enormous undertaking that is not well understood even by large corporations. At RNP we strive to help the Brazilian research community overcome the cloud adoption initial challenges and help them focus on the work itself while not having to worry about extrapolating their spending budgets.

“N2P – Nuvem para Pesquisadores” (Cloud for Researchers, in Portuguese) is our answer to that call for help. It is a “work-in-progress” development for a service that will ultimately make cloud easy and as pain-free as possible. Our idea is to develop a unified and centralized web interface that will enable our community to manage costs, users and cloud services. This will also integrate AI agents to help with cloud architecture planning and cost forecasts as well as no-code/low-code integrations to deploy cloud infrastructure as code making it unnecessary to use the cloud providers’ GUI console or CLI.

For those researchers that would rather defer to a DIY approach, we will also leverage our training facilities to build on their knowledge and let them use the providers’ resources at will through the GUI console or CLIs.

Our goal at Cloud Forum 2026 is to show our development so far and share our proof of concept’s exciting results.

Skyway: A Seamless Platform that Democratizes Cloud Computing for Researchers

Trung Nguyen, University of Chicago
11:15 am | Slides | Recording

As AI workloads accelerate, universities face rapidly growing computational demands that exceed the capacity of on-premises HPC systems. Commercial clouds offer scalable resources, yet adoption in academia remains limited, not only due to cost, but because of the steep learning curve and operational complexity associated with cloud platforms.

The Skyway platform (https://cloud-skyway.rcc.uchicago.edu/), developed at the University of Chicago, eliminates these barriers by allowing researchers to use commercial cloud resources as seamlessly as their local HPC cluster, without needing to learn anything about cloud infrastructure. Skyway automatically provisions cloud instances, runs jobs or pipelines, shuts down resources when complete, and provides integrated cost-monitoring tools that help users track spending and set budget caps.

Skyway 2.0 offers both a user-friendly web interface and a command-line tool, along with an extensible API for developers and administrators. It supports Google Cloud Platform, Amazon Web Services, Microsoft Azure, and Oracle Cloud Infrastructure, enabling hybrid workflows that combine on-prem HPC and cloud capacity with minimal user effort. This presentation will demonstrate how easily Skyway can be deployed on an HPC system and will showcase real examples of bursting to the cloud for both traditional simulations and AI workloads. Attendees will gain practical insights into simplifying cloud adoption, controlling costs, and empowering researchers with flexible hybrid computing capabilities.

Opening Up Research Cloud Without Losing Control

Geert Soet, SURF (Netherlands)
12 pm | Slides | Recording

At many universities, cloud onboarding is slow and often limited to a single approved platform. Researchers who need something else work around it with personal accounts and credit cards. Institutions either lose control, or lock cloud use down even further, in the Netherlands often Azure.

At SURF, we’re piloting a pragmatic alternative: a centrally managed cloud sandbox (our Cloud Delivery Service, CDS) that researchers can access quickly across multiple clouds. Pre-configured accounts, federated identity, central billing and basic guardrails, plus a short bit of hands on support to get teams started. The goal is speed and choice, without creating shadow IT.

We’re still early and honest about what this doesn’t solve yet. We’ll share what we’re learning from the first pilots and open the discussion with peers on how to open up research cloud in a controlled, scalable way, including room for European providers next to hyperscalers.

Modernize Now, Migrate Later: A discussion on Kubernetes as a Cloud Readiness Strategy

Phil Fenstermacher, William & Mary
1:30 pm | Slides

Cloud migration and application modernization are often treated as two massive, separate challenges. But for some, they are two sides of the same coin. In this panel, we will discuss how Kubernetes serves as more than just a container platform—it is our primary strategy for bridging the gap between legacy on-prem infrastructure and the cloud.

We will explore how containerization allows institutions to “modernize in place,” standardizing how applications are built and deployed today so they are naturally cloud-ready tomorrow. Join us to learn how adopting a container-first mindset can simplify your eventual migration, improve portability, and let you modernize your applications without having to rewrite them from scratch.

Automating CMMC Compliance in Research Clouds: An AI-Powered Framework from DoD-Funded Work

Holly Yuan, University of Wisconsin-Stout
2:30 pm | Slides

Universities increasingly handle controlled research data, yet most lack scalable, cost-efficient ways to implement CMMC-aligned cloud controls across AWS, Azure, and GCP. This session introduces ACCESS 2.0 — the AI-Powered Cloud CMMC & Education Support System, a next-generation compliance automation framework developed at UW-Stout to support research, teaching, and institutional security.
ACCESS 2.0 uses LLM-driven agents to automate security evidence collection, monitor configuration drift, detect cloud misconfigurations, and generate remediation workflows across multiple cloud providers. The system integrates hyperscale services (AWS Lambda, EventBridge, Azure Entra, CloudTrail/Config), multi-cloud IaC (Terraform, CloudFormation), and policy-as-code to significantly reduce faculty, IT, and compliance workload.
This presentation shares governance models, deployment architecture, lessons learned from failure points, and measurable outcomes—including reduced audit preparation time, improved cloud visibility, and enhanced student hands-on learning in controlled-data environments. Attendees will leave with practical strategies and architectural patterns to begin implementing CMMC-aligned controls in their research environments.

No More Clickbait: CI/CD for Your Multi-Account AWS Infrastructure

Jared Bulosan, University of Notre Dame
3 pm | Slides

Institutions in Research and Education (R&E) frequently operate vast, multi-account AWS environments, leading to challenges in governance, consistency, and efficient infrastructure management. Deploying baseline security and operational tools across dozens or hundreds of accounts using manual methods is prone to drift and human error.

This session provides a practical, real-world review of the specific CI/CD pipeline the University of Notre Dame’s Cloud Engineering team designed and implemented to solve these challenges. Our primary goal was the controlled deployment of core governance and foundational configurations. A key success story is our standardized Lambda environment: our pipeline strictly segregates IaC from application code, allowing developers to focus purely on their logic while our system enforces standardized configurations and guardrails. We will detail how our custom GitHub Actions workflow integrates with this setup to manage critical configurations (like SCPs and Permission Sets), achieving controlled, repeatable delivery at scale, and leveraging the native GitHub integration in AWS Service Catalog to manage self-service resource vending.

Lightning Talks

3:45 pm | Slides | Recording

1. NIH My Cloud: One Portal to Rule NIH’s Cloud Portfolio – Joshua Stultz, National Institutes of Health
   As NIH’s cloud adoption accelerates, so does the complexity of managing accounts, funding, and spending across a multicloud environment. Each Cloud Service Provider (CSP) has its own billing model, terminology, and reporting structure, which makes it difficult for IT staff, researchers, and budget officials to piece together a clear picture of their budgets and utilization. STRIDES has launched My Cloud to address this challenge directly for NIH internal customers and workloads. Leveraging readily available enterprise NIH tools such as Microsoft Power Platform, ServiceNow, Microsoft Forms, and Outlook, My Cloud brings together previously disconnected workflows into a single, intuitive site while avoiding prohibitive costs from other 3rd party cloud management solutions. Users can now see all cloud accounts where they serve as a point of contact, update account information without lengthy email chains, request new accounts or cloud credits, and track the status of those requests in real time. What truly transforms the user experience is the new Power BI–driven Funding and Spending Dashboard, which provides a unified view of funding amounts, account-level spending trends, and service category breakdowns regardless of whether those accounts are in AWS, Azure, or Google Cloud. By demystifying the underlying billing structures of multiple cloud providers and translating them into consistent, NIH-aligned views, My Cloud empowers programs to proactively manage their portfolios, identify emerging funding gaps, and make informed decisions at the beginning and throughout the fiscal year. In short, My Cloud reduces administrative burden, improves financial transparency, and offers a clearer path for navigating the complexities of NIH’s evolving cloud landscape
2. Using Kubernetes to manage certificates – David Lacey, The Getty
   With certificate lifespans shrinking to just 90 days, manual creation and renewal is no longer practical—or safe. In this lightning talk, I’ll demonstrate how Kubernetes can automate certificate management, ensuring timely updates and reducing operational headaches. Learn how to keep your certificates valid without lifting a finger, so you can rest easy knowing your systems are secure.
3. Internet2 Cloud Community Chatbot – Tim Manik, Internet2
   Discover how students in CalPoly DxHub, an AWS Cloud Innovation Center, Internet2, and community testers collaborated to create an AI-powered chatbot specifically for the higher education cloud community. What started as a simple request evolved into a sophisticated RAG-based solution that puts years of community experience and knowledge at the fingertips of higher ed cloud teams. Learn about the technical architecture, collaborative development process, and how this novel AI use case is now being deployed across the higher ed cloud community.
4. A (More) Predictable Pricing Model for Glacier – Matthew Rich, Northwestern University
   Amazon and Four Points worked with Northwestern to create a custom pricing model for Amazon Glacier that makes cost easier to forecast. I’ll briefly discuss the motivation, the solution, and the tradeoffs involved.
5. Get a Prenup! Lessons learned from vendor engagements – Kari Robertson, University of California Office of the President
   Working with vendors is a lot like starting a new relationship: everything is smooth, shiny, and full of promise – right up until it isn’t. When the honeymoon ends, contract gaps, support issues, and unexpected costs suddenly appear. This session will share lessons learned from real vendor partnerships and explain why every engagement needs a prenup. Because while things feel great in the beginning, what happens later can be…educational.
6. From SaaS to Infrastructure-as-Code: An AI-Assisted Journey – Ian Crew, University of California, Santa Barbara
   After 32 years in IT and a decade managing SaaS platforms like Google Workspace, Zoom, and Box, I made the leap to AWS and Terraform—and AI coding assistants like Claude and GitHub Copilot became my secret weapons. This talk explores how AI tools accelerated my transition from the SaaS world to PaaS/IaaS/IaC, serving as translator, tutor, and coding partner while I brought deep architectural experience to a new domain. I’ll share how AI assistance transformed my productivity while requiring careful oversight (it does duplicate code sometimes!), and why “vibe coding” is nonsense but thoughtful AI collaboration is transformative. You’ll hear why working with AI feels like being an architect with a talented junior developer at your side—and why finally experiencing real IaC in AWS, after years of dreaming about it in SaaS, has been professionally exhilarating. Key takeaway: With strong fundamentals and AI as your guide, you can bridge domains faster than ever—but keep that leash short.
7. Making everyone happy enough: Security and Privacy assurances for Azure-based AI development – Cornelia Bailey, University of Chicago
   Is our AI offering secure? How can we describe it as private? Can we still see what’s going on underneath? Can we still know if someone is doing the Wrong Thing ™ with the AI we’ve offered to campus? If we get audited, will we be OK? Here’s how we approached answering these questions for UChicago’s PhoenixAI offering, built primarily on Azure.
8. We did it!* – Cornelia Bailey, University of Chicago
   Hear the fine print on how UChicago finally got some (not all) abandoned projects in GCP deleted.
9. Exploring Azure Low-Code Solution for Meteorological Data Analysis – Zekai Otles, University of Wisconsin-Madison
   The proposed lighting talk will demonstrate the innovative application of Large Language Models (LLMs), specifically by utilizing Retrieval-Augment Generation (RAG) for meteorological data analysis. Traditionally, the field of meteorology relies on extensive data collection, coding, and statistical analysis. However, recent advances in LLMs now enable the extraction and interaction with meteorological data. Cloud vendors made a vast amount of LLMs readily available to industry and research organizations, including university researchers and staff. In this talk, we will demonstrate how Azure infrastructure, in conjunction with the Azure OpenAI service, is used to interact with weather data from various global stations. We used a low-code approach in Azure infrastructure build a chatbot or agent to interact with meteorological data. We grounded the GPT-4 and GPT-5 models with meteorological data obtained from the National Centers for Environmental Information (NCEI). Interacting with meteorological data via chatbots or agents will enable broader use and advance science, enabling interaction with other agents to solve various problems.
10. It Doesn’t Have to Cost an ARM and a Leg – Phil Fenstermacher, William & Mary
    Switching from x86 to ARM can save some money with less friction that one might expect. In this lightning talk we’ll briefly talk about strategies for switching and how you can make it transparent to your developers.
11. From Sprawl to Strategy: Using AWS Control Tower and InCommon Grouper to Govern Cloud Access in Higher Ed – James Bennett, Indiana University
    Cloud adoption in Higher Education often outpaces the processes needed to govern it effectively. When our institution adopted AWS Control Tower and IAM Identity Center, we saw an opportunity to align cloud access with existing campus identity and governance practices using InCommon Grouper. This presentation describes how we centralized SSO and delegated AWS account access through Grouper-managed groups, enabling consistent, auditable onboarding and offboarding across a growing AWS footprint. We’ll discuss the governance benefits, how this model supports institutional autonomy while maintaining central controls, and what this approach means for long-term sustainability. This session is aimed at both technical leaders and practitioners looking to bridge campus identity systems with scalable cloud governance.

May 20th Presentations

Panel: Exploring Strategies for Institutional Cloud Billing

Chris Manly, Internet2
1:30 pm | Slides | Recording

Institutional cloud billing can be complicated, especially when an institution has hundreds of accounts to track, different funding streams, and ever-present budget pressures. This session will be a conversation between representatives of several institutions, each of which has a different approach for managing cloud billing. How does each affect cost optimization? What approaches encourage (or discourage) cloud adoption? How do you manage costs of shared services? We will examine the strengths and challenges associated with various approaches.

Rebuilding Cost Models: How FinOps Helped APTrust Shape a Sustainable Business Strategy for Long-Term Preservation

Allison (Flavia) Ruffner, APTrust (UVA)
2:30 pm | Slides | Recording

As cloud infrastructure costs and digital preservation needs continue to grow, sustainable financial models for shared services are more essential than ever. APTrust—a consortium-based digital preservation service—faced an inflection point: our longstanding model, built on a flat $20,000 annual membership fee and low rates for additional storage, would eventually fail to cover the full costs of cloud operations and preservation services.

By adopting FinOps practices, we gained the financial visibility to uncover underlying issues in our cost model and the operational agility to act before reaching a crisis point. This presentation explores how FinOps empowered APTrust to surface structural deficits in our cost recovery approach, evaluate the true costs of both storage and service delivery, and develop a business strategy toward a more sustainable and equitable pricing model.

We’ll share the cultural and operational shifts that enabled us to take early, informed action—realigning pricing with actual usage and increasing transparency with our member institutions. Attendees will leave with actionable insights into how FinOps can support long-term sustainability for mission-driven, community-based infrastructure services.

Cloud FinOps Lite – Practical Examples for Immediate Cost Savings

John Bailey, Washington University in St. Louis
3 pm | Slides | Recording

With financial headwinds stemming from government changes and other challenges, cost savings is top of mind for many higher education cloud teams. This will be a cloud FinOps talk that will share practical strategies that any cloud practitioner can implement without the need to purchase additional tools, such as rapidly identifying orphaned virtual disks and replacing them with cheaper archived snapshots. The talk will aim to provide 3 practical tasks that cloud practitioners with little time can implement across Azure, AWS, and GCP.

May 21st Presentations

From On-Prem to Cloud First in Less Than a Year

Phil Fenstermacher, William & Mary
9 am | Slides

You know the drill: big project, impossible deadline, no time for outside help. Facing a seven-month deadline, our small team of (mostly) cloud novices successfully retired our legacy VMware infrastructure and shifted to a cloud-first operating model. We’ll explain the strategic decisions behind this migration, how decisions were made, and what we’d do differently. Since the project was executed without external partners, we’ll also discuss the inherent challenges of staff upskilling under pressure and the technical trade-offs we made to ensure speed.

From Data Centers to Cloud Excellence: How George Washington University Transformed IT Infrastructure and Unlocked University-Wide Operational Efficiency

Anna Vakulick, The George Washington University
9:30 am | Slides | Recording

George Washington University has undertaken a comprehensive cloud transformation that extends far beyond traditional IT modernization. By migrating the majority of our IT infrastructure to AWS through strategic partnerships with SaaS providers and AWS native services, we are realizing operational efficiencies that impact every corner of our institution—not just the IT department.
This session will share our journey of moving hundreds of on-premises servers to AWS, modernizing our ERP system into a SaaS solution, and implementing a data lake as an accelerator for actionable insights. Central to our success has been the establishment of a Cloud Center of Excellence and the adoption of FinOps practices, which have enabled us to manage cloud spend with unprecedented precision and accountability.
The results speak for themselves: significant reductions in utility costs, 99% reduction in carbon footprint on migrated workloads, and operational improvements that have rippled across academic affairs, student services, research operations, and administrative functions. We’ll discuss the organizational change management required, the governance structures that made this possible, and the lessons learned along the way.
Attendees will leave with practical insights into:

• Building a Cloud Center of Excellence that drives institutional transformation
• Implementing FinOps to achieve financial transparency and cost optimization
• Managing large-scale migrations while maintaining service continuity
• Measuring and communicating the broader institutional impact beyond IT metrics
• Navigating the cultural shifts required for cloud-first operations

This is a story of how strategic cloud adoption can transform not just infrastructure, but the entire operational model of a research university.

What If? You Started Your Cloud Use Today

David Lacey, The Getty
10:15 am | Slides | Recording

Imagine being able to go back and advise your past self at the start of your Cloud journey—what would you say? Over the years, the Cloud landscape has evolved in ways which may not reflect when you started. My journey has been filled with challenges, breakthroughs, and victories, each shaping how I view technology today. In this session, we’ll explore the lessons learned, the pitfalls encountered, and the transformations that have occurred along the way. Then, we’ll ask the big question: if you could restart your Cloud journey today, knowing what you know now, what would it look like? Join me as I share insights on how to reimagine existing environments and leverage modern practices to make them new again.

Starting in the Cloud to Change the Data Center: Using Diffusion of Innovation to Modernize Enterprise IT

James Bennett, Indiana University
10:45 am | Slides

Enterprise IT teams often agree on the need for automation but disagree on where and how to start—particularly when existing on-prem environments limit experimentation. This session outlines an approach Indiana University is exploring: using AWS as the first platform for a next-generation, fully automated server lifecycle, then leveraging that success to influence future on-prem practices.

We’ll describe plans to build a focused strike team, implement modern infrastructure patterns in AWS, and intentionally use that work as a learning and communication tool for the broader organization. Framed through the Law of Diffusion of Innovation, the goal is to move from early adopters to early majority by making automation visible, achievable, and desirable.

The discussion will cover cultural and organizational considerations, including training needs, cross-team collaboration, and the hard conversations around access and control that may be required to replicate similar workflows on-prem. We’ll close with how this effort could serve as the foundation for a future Cloud Center of Excellence, aligned with both cloud and traditional infrastructure strategies in Higher Ed.

Breaking Cloud Lock-In: A Multicloud Framework for Sovereign Development with Free Software

Sergio Leal Fonseca, Rede Nacional de Ensino e Pesquisa
11:30 am | Slides | Recording

Cloud adoption in research and education is accelerating, but vendor lock-in, cost unpredictability, lack of interoperability, and gaps in cloud knowledge remain significant obstacles. AppStarter, developed by Brazil’s National Research and Education Network (RNP), is an open multicloud acceleration framework that delivers consistent, secure, and automated software development across AWS, Azure, Google Cloud, and on-premise environments.
Over the last six years, AppStarter has been designed, evolved, and tested in large-scale national applications, giving RNP practical hands-on experience in addressing real-world multicloud challenges at scale. This presentation aims to share that experience, offering insights that can guide other institutions navigating similar transformations.
AppStarter combines Infrastructure as Code, ready-to-use DevSecOps pipelines, and the Cloud Anti Lock-In Layer (CALI), enabling a true “build once, deploy anywhere” approach. Its architecture evolves from FinOps to CloudOps, embedding cost awareness, operational automation, and reliability to support sustainable and sovereign multicloud operations.
The framework enhances cloud use in research and teaching by providing reproducible, auditable, and provider-agnostic environments. It also integrates an AI-powered assistant that helps researchers, educators, and students design cloud architectures, configure experiments, refactor applications, and navigate multicloud environments with minimal learning curve — addressing knowledge gaps while accelerating innovation and ensuring governance, privacy, and compliance.
With DevSecOps-by-design and full source-code transparency through the ProDev toolkit, AppStarter enables secure, interoperable, and cost-efficient digital services. Successfully applied in national platforms such as PNIPE and PNLD, AppStarter demonstrates how open frameworks can deliver sovereign multicloud solutions at scale. This session will detail CALI’s technical foundations and share lessons learned in implementing cross-cloud governance for public and academic ecosystems

The CloudMinder Journey at Penn State

Rick Rhoades, Penn State
12:00 pm | Slides | Recording

When Penn State “borrowed” the CloudMinder concept from a peer institution, we never anticipated the journey ahead. Originally designed as 30-minute, customer-focused check-ins, the program evolved significantly in response to strategic decisions, product changes, and the Cloud Elevation Index. This presentation will explore the challenges and pivots we navigated to make CloudMinder a reality for our customers.

Co-Piloting the Cloud: How R&E Teams Are Leveraging GitHub Copilot, Amazon Q, and LLMs to Accelerate Cloud Operations

Jared Bulosan, University of Notre Dame
1:30 pm | Slides | Recording

The rapid adoption of generative AI tools like GitHub Copilot, Amazon Q Developer, and private, internal LLM deployments is fundamentally changing the role and velocity of higher education cloud teams. This 30-minute panel discussion will move beyond theoretical AI adoption to explore concrete, production-level use cases, successes, and governance challenges experienced by cloud engineers and architects within the Research and Education (R&E) community.

Our discussion will focus on the practical implementation of AI tools across the entire cloud lifecycle—from initial infrastructure-as-code (IaC) generation to operational cost optimization and security policy enforcement.

Building Reliable AI Evaluators

Tim Manik, Internet2
2:30 pm | Slides

The Cloud Elevation Index scores cloud services on their “cloudiness”—measuring whether they’re IaaS-ey, PaaS-ey, or SaaS-ey from scale of 1-10. Penn State’s cloud team uses this metric to track organizational cloud maturity and spending patterns across 600+ services. The challenge: Manually scoring services requires deep expertise and hundreds of hours. Our solution: We built an AI-powered evaluation system using Claude and Gemini as automated subject matter experts, applying a multi dimension rubric to score services at scale. This presentation covers three technical challenges we are trying to solve: creating validation harnesses to verify AI scoring accuracy, implementing tool calling to overcome AI knowledge cutoffs with current provider documentation, and using statistical cross-model comparison to identify scoring disagreements and improve reliability. We’ll share lessons learned and welcome your ideas as we continue developing this approach leveraging new technologies and techniques

Backbone or Back Pain: Organizing Cloud Operations When Cloud Becomes Everything

Kari Robertson, University of California Office of the President
Damian Doyle, University of Virginia
3:00 pm | Slides | Recording

Cloud is no longer a destination – it’s the environment we all operate in now, whether we planned for it or not. Join Kari and Damian as they compare how UCOP and UVA organize their cloud operations and manage teams that somehow need to handle identity, security, networking, research, AI and everything else that didn’t move out of the way fast enough. This session brings organizational insights, a few battle stories from the trenches, and a realistic look at what it takes to lead cloud teams now that cloud has become the backbone (and occasionally the back pain) of IT.