Functions
Solutions by functions
meshStack - The entire Cloud Project Lifecycle from a single source
View your journey holistically with our 5 pillars of the Cloud Journey: Tenant Management, IAM, Security & Compliance, Cost Management and Service Ecosystem.

What our customers say
Cloud governance finally automated - integration into multi-cloud governance has worked flawlessly as the product accurately reflects an organization's requirements.Phil K., IT Infrastructure Architect
Multicloud Governance at its finest - definitely recommendable and always customizable. The product is easy to integrate and customize. The features and overview are forward-thinking and the support is really great. Feature Requests are set up immediately.Erik S., IT Service Engineer
Discover more advantages of meshStack
Set up for one cloud - use with all clouds
With meshStack, multiple cloud platform integrations are eliminated. Once set up for one cloud, you can add more cloud platforms for the enterprise with just a few clicks. Instead of cloud silos with months-long integration projects, you get an integrated control center for your cloud infrastructure.

Fast implementation
Thanks to our SaaS model, implementation in your IT landscape takes place in the shortest possible time.
Excellent support
Our experienced Customer Success team is on hand to ensure your Cloud Journey is successful.
100% customer satisfaction
Our customers rely permanently on meshStack for their successful cloud journey.
Weekly updates
meshStack is constantly being developed further and regularly receives new functions.
Made in Germany
meshStack is also suitable for operation in highly regulated environments, such as in the financial or infrastructure sectors, thanks to its extensive compliance support. meshcloud is ISO27001 certified.
Well documented
meshStack has detailed documentation for onboarding, configuration and operation. In the Cloud Foundation Maturity Model (CFMM) we show best practices for the Cloud Journey.
Multiple awards & certifications







Service Ecosystem
Your Service Catalog for Platform Services
Easily bring your terraform Modules into a Service Catalog
Do you want to provide standardized platform services, such as terraform modules for Azure subnets, in a central service catalog? With meshStack, you can do this in next to no time and without software engineering skills.
Your Benefits at a Glance:
- 90% less service requests for your platform team
- No more waiting time for your application teams
- High degree of standardization for security-relevant platform services
- Transparency on used platform services

meshStack Building Blocks
Your Toolbox for developing a Service Catalog for Platform Services
Easily integrate services into your service catalog via Git
No matter if you have terraform modules or manual services in mind. With meshStack, platform engineers can flexibly define their service catalog, incl.
- Variable inputs and outputs
- Dependency management and versioning
- Internal cost allocation
- Optional approval processes


Conveniently provision Platform Services from your central Service Catalog
Our intuitive user experience, lets you provision platform services in self-service as required, by both beginners and cloud experts.
Why is a service catalog for platform services useful for your organization?
Many cloud applications rely on standard components, such as network services, databases or monitoring tools. These components are often provided as platform services by cloud providers.
However, it is time-consuming to set up and reconfigure such platform services again and again. The resulting inconsistencies also harbor security risks. This is why many IT departments decide to define a standard, so-called “golden paths”, and provide this standard configuration centrally in a service catalog.
meshStack is a tool for platform teams to quickly set up such platform services independently for their own cloud and application landscape.
Who develops or defines the platform services for a central service catalog?
Companies usually establish a platform or cloud foundation team that is responsible for providing cloud infrastructure and platform services.
Which platform services are typically integrated in a service catalog?
Der erste Service ist oft ein Networking-Service, weil dieser von den meisten Applikationen benötigt wird. Darauf folgen zum Beispiel DevOps-Tools, wie Azure DevOps, GitHub oder GitLab.
Use Cases
Platform Teams use Building Blocks to ...
Problem: Customizing landing zones for different use cases
Central cloud teams need to support a wide variety of cloud applications. A one-size-fits-all landing zone does not meet these requirements.
Solution: Modular landing zones
Landing zones are built up in modules. These modules can be flexibly combined to support the different use cases (and skill levels) of the applications. At the same time, compliance-tested standards are enforced.
Result: Use-case-specific landing zones based on standardized building blocks
Application teams are provided with a suitable landing zone for their use case quickly without the need for customization. Standardization of modules leads to less complexity and thus facilitates the development and operations of the landing zones. Security requirements are enforced consistently across the entire cloud landscape.
Problem: Software delivery is slowed down
Software delivery is slowed down because developers have to fulfill extensive non-functional requirements that take time and focus away from the implementation of value-adding application functionality.
Solution: Golden Paths for frequently used platform services
The platform team provides so-called “Golden Paths” for frequently used platform services in a service catalog for self-service provisioning.
Result: Higher productivity and consistent cloud landscape
The optimized developer experience accelerates application development. The self-service catalog frees platform teams from provisioning platform services so that they can focus on developing new “golden paths”. The use of standardized platform services reduces complexity and improves the level of security in the cloud.

Discover exciting insights for the development of an internal developer platform in our board game.
Problem: Lack of expertise in building cloud applications
Many teams do not yet have sufficient skills and expertise to operate applications in the cloud.
Solution: Actively offer services to build up expertise in the service catalog
Consulting offerings such as a cloud driver’s license, architecture review or security support are integrated into the service catalog as platform services.
Result: Continuous invest in expertise for application teams
Application teams have a central overview of the platform team’s entire offering in the service catalog and can take advantage of services as needed to increase their cloud maturity. Platform teams can accelerate cloud adoption by building up expertise.
Why meshStack for your Service Catalog?
Automated & Manual
Not everything is automated from day 1, choose between manual and terraform automated building blocks.
Parametrization
Flexibly define inputs and outputs for building blocks to parameterize your platform services.
Versioning
Continuously develop your platform services to improve your service catalog.
Building Blocks Repository
Benefit from our out-of-the-box Building Blocks, open-source ready to use.
Approval Processes
Integrate approval processes where necessary to meet compliance requirements.
Fair Cost Allocation
Automatically charge back costs for platform services to internal teams.
Find out more about designing a successful Service Ecosystem
Cost Management
Solution for (Multi) Cloud Cost Management
Efficient chargeback processes through transparent allocation of cloud costs
With meshStack, you can manage public and private cloud costs in an automated way and successfully implement FinOps practices in your organization.

Automated cloud cost management
meshStack enables you to analyze and sustainably reduce your cloud costs

Central cost transparency across all clouds
- Overview of cloud costs for all stakeholders
- Cross-cloud cost allocation to cost centers
- Metering of private clouds and on-premises services (via Service Marketplace)
- PDF and CSV export
- Automated currency conversion
- Showback and chargeback
- Definition of quotas and budgets
- Budget Alerts
Creation and management of payment methods
Payment methods in meshStack model company-specific means of allocation (e.g. budgets, cost centers, internal orders) and can be freely configured accordingly – name, expiration date, budget, and much more. They can be created and assigned to projects by administrators or external systems in customer accounts. In addition, so-called “Substitute Payment Methods” can be stored, which e.g. allow an automatic change of the budget at a certain date (e.g. year change). In meshstack, payment methods can be managed in various ways:
- Via self-service for project and project teams by team members or administrators
- Creation via external systems and subsequent assignment to project teams


Chargeback in the multi-cloud
meshStack offers the possibility to define billing rules and prices based on measured consumption data and thus to create monetary settlements. Specifically, the chargeback module enables:
- Billing at project level
- Total overview of costs for cloud resources used
- Monthly cost history
- Billing for deputies/partners: display of cost overview for managed accounts
- Cost dashboard in the panel (UI)
Metering for maximum efficiency
Metering enables meshStack to measure cloud resources used in connected cloud platforms and for connected cloud services if and insofar as the connected platforms technically support the collection of consumption data and have been configured for this. Own prices or cost allocations can be added flexibly in the service catalog.
The collected consumption data is consolidated at meshProject level, prepared for the user and displayed in the meshPanel (UI). Likewise, all cost data can be exported via API or as CSV to make them available for further analyses or internal billing systems.

Use Case
How all multi-cloud stakeholders gain visibility into cloud costs

1. Team Lead Tom receives monthly Project Statements to manage the costs of his projects.

2. Developer Emanuela can view the costs she incurs from cloud resources and control the chosen architecture/resource usage accordingly.

3. Platform Operator Olivia, can centrally view the costs of all private and public cloud platforms and export them for billing.
Further advantages of meshStack
Cloud cost transparency
Keep developers financially accountable by providing them with an easily accessible view of their current cloud spend at all times.
Define multi-cloud budgets
Multi-cloud budgets allow developers to leverage their preferred technologies to build applications without adding cost allocation overhead.
Fully automated cost management
Automatically allocate cloud costs to the teams that incur them. Say goodbye to tedious manual spreadsheets.
Datenexport zum Erstellen von Reports
Export all your cost data to create custom reports for effective cloud cost management using tools like PowerBI or Google Looker (formerly Data Studio).
Allocation of internal costs to application teams
Distribute the cost of shared services such as CI/CD, networking, or monitoring and governance functions such as landing zones equitably across application teams.
Custom Fees
meshStack offers the option to store your own fees and/or discount rates, which are automatically transferred by the system to the regular billing of a meshProject and are listed and calculated there.
Challenge
Lack of cost transparency and manual cost allocation
IT decision-makers often lack the means to allocate the costs incurred in the cloud to specific projects or cost centers. Efficient controlling of cloud costs is therefore not possible or only possible with error-prone, manual processes. Due to the long time lag between the generation and billing of costs, it is often too late to take action when costs get out of hand.
Solution
Cross-cloud cost allocation at meshProject level
meshcloud prepares the usage data of the cloud platforms used and creates transparency for controlling and cost management. The costs can be further processed in third-party systems via exports. The showback functionality also creates awareness among developers for cloud costs incurred, in private and public clouds. And this with regularly updated data (e.g. daily).
Discover more advantages of meshStack
Set up for one cloud - use with all clouds
With meshStack, multiple cloud platform integrations are eliminated. Once set up for one cloud, you can add more cloud platforms for the enterprise with just a few clicks. Instead of cloud silos with months-long integration projects, you get an integrated control center for your cloud infrastructure.

Fast implementation
Thanks to our SaaS model, implementation in your IT landscape takes place in the shortest possible time.
Excellent support
Our experienced Customer Success team is on hand to ensure your Cloud Journey is successful.
100% customer satisfaction
Our customers rely permanently on meshStack for their successful cloud journey.
Weekly updates
meshStack is constantly being developed further and regularly receives new functions.
Made in Germany
meshStack is also suitable for operation in highly regulated environments, such as in the financial or infrastructure sectors, thanks to its extensive compliance support. meshcloud is ISO27001 certified.
Well documented
meshStack has detailed documentation for onboarding, configuration and operation. In the Cloud Foundation Maturity Model (CFMM) we show best practices for the Cloud Journey.
Multiple awards & certifications







Security & Compliance
Cloud Security & Compliance Solution
Consistent cloud security as part of comprehensive cloud governance
A cross-cloud governance model, uniform implementation of security standards, transparency across all cloud environments, centralized in one foundation.
Best practice for cloud security
meshStack offers unique features for secure operation of public and private clouds

Security in the cloud
Tagging, landing zones, policies - consistent, by default
Comprehensive cloud governance must include cloud security and cloud compliance requirements at its core. At the same time, it should give freedom and autonomy to the application teams in your company. To help you build such cloud compliance, meshStack offers a wide range of cloud security and cloud compliance capabilities.
Cloud Landing Zones
Security and Compliance by Design
Implement a consistent security foundation to prevent security breaches so your application teams can build on a secure foundation. meshStack’s cloud landing zone capabilities enable enterprises to securely configure cloud tenants (e.g. AWS Accounts, Azure Subscriptions, GCP Projects) according to centrally defined security and compliance requirements before they are even used.


Cloud tagging
Consistent and comprehensive cloud tagging
Multi-cloud tagging is an indispensable tool when it comes to establishing comprehensive cloud governance in your organization. Tags let you capture metadata about your cloud applications and environments in a structured way. This benefits not only cloud compliance and the security settings of your cloud environments, but also other areas such as tenant management or billing.
Compliance using cloud policies
Compliance-conform cloud environments - for every use case
- Integrate organizational compliance requirements into your cloud governance workflows to achieve greater standardization
- Automate compliance requirements to accelerate application time-to-market
- Provide your application teams with an intuitive user interface to efficiently deploy compliant cloud-native applications

The three principles of meshStack
The perfect balance between agility and control
Automation
By automating security and compliance requirements in the cloud, you reduce the burden on your application teams and accelerate time-to-market for applications while maintaining a consistent security foundation.
Prevention
Instead of correcting misconfigurations that have already occurred, provide your application teams with securely configured and properly documented cloud environments to prevent misconfigurations from the start.
Continuity
With our desired-state approach, you can not only create compliant cloud environments, but also achieve persistent policy compliance and avoid configuration deviations down the road.
Further advantages of meshStack
Integration of external approval processes
meshStack offers externally available interfaces to seamlessly integrate systems responsible for approval processes (ServiceNow, ITSM systems) and meshStack.
Enforcement of naming schemes
meshStack provides the ability to enforce standards for project naming and create cloud tenants according to a global naming scheme (depending on platform capabilities)
4-eyes principle
When assigning authorization roles on meshProjects, two independent confirmations by administrators are optionally required. For pending approvals, meshStack sends emails to the people to be approved.
Multi-cloud policies
By defining multi-cloud policies, organizational specifications can be ensured in multi-cloud projects. The defined policies can include and restrict the assignment of users and user groups as well as the use of landing zones.
Discover more advantages of meshStack
Set up for one cloud - use with all clouds
With meshStack, multiple cloud platform integrations are eliminated. Once set up for one cloud, you can add more cloud platforms for the enterprise with just a few clicks. Instead of cloud silos with months-long integration projects, you get an integrated control center for your cloud infrastructure.

Fast implementation
Thanks to our SaaS model, implementation in your IT landscape takes place in the shortest possible time.
Excellent support
Our experienced Customer Success team is on hand to ensure your Cloud Journey is successful.
100% customer satisfaction
Our customers rely permanently on meshStack for their successful cloud journey.
Weekly updates
meshStack is constantly being developed further and regularly receives new functions.
Made in Germany
meshStack is also suitable for operation in highly regulated environments, such as in the financial or infrastructure sectors, thanks to its extensive compliance support. meshcloud is ISO27001 certified.
Well documented
meshStack has detailed documentation for onboarding, configuration and operation. In the Cloud Foundation Maturity Model (CFMM) we show best practices for the Cloud Journey.
Multiple awards & certifications







Tenant Management
Best Practice for Multi-Cloud Management
AWS Accounts, GCP Projects & Azure Subscriptions - Centrally Managed
Use meshStack to manage the tenant lifecycle end-to-end – fully integrated on one platform.

Cloud Tenant Management rethought
With meshStack you manage the accounts of all cloud platforms in just one place
One multi-cloud project for all your clouds
- Automated tenant creation (e.g. Azure Subscriptions or Resource Groups, AWS Accounts, Google Projects)
- Consistent configuration of secure Landing Zones
- Overview of user and cloud platforms
- Cross-cloud project metadata (project owners, cost centers etc.)
- Cross-cloud assignment of cloud access rights
- Direct access to native cloud tools (APIs, CLIs, consoles, etc.)
- Easier switching between cloud platforms (reduced lock-in)
- Cloud inventory for more transparency
The Leading Solution for AWS Accounts, Azure Subscriptions & GCP Projects
Simplify your cloud governance
In meshStack, a cloud tenant refers to an account with a cloud provider. For example, a tenant can be an account with AWS, a subscription with Azure, or a project with GCP. Companies with a large number of cloud tenants with different cloud providers need central tenant management: the structured creation and management of accounts across all clouds.
Multi-cloud project management
Combined management of users and access permissions - from all cloud accounts
meshStack enables true multi-cloud project management: For this purpose, cross-cloud account projects are created – so-called meshProjects. A meshProject is a cross-cloud organizational unit in which all components belonging to a cloud application are bundled organizationally. At the same time, meshProjects always remain isolated from each other (multi-tenancy).
What is included in a meshProject
- Overview of the cloud platforms, people and their roles involved in a project.
- Uniform management of users and their access roles
- Consolidated view of cloud tenants and services belonging to a project
- Management of project metadata ("tags") via a company-specific tag catalog
- Management of consumption and billing data

Quota management
Some cloud platforms have interfaces that allow the configuration of restrictions on a tenant’s resource consumption (quota). These can be stored in meshStack: Either as default quota for newly created meshProjects (via landing zones) or on project level.
Use Case
Cloud tenant creation with meshStack

1. Team Lead Tom or one of his developers create a meshProject on the meshStack platform and assign appropriate access roles within the team.

2. Tom selects the cloud platform(s) his team will need for the project, such as Azure.

3. Tenants are created, given an appropriate landing zone, and then given the desired access roles for the team for the team – fully automated by the system.

4. The meshStack platform continuously replicates the meshProject to the connected cloud platforms in case of changes (e.g. user permissions).
Challenge
Heterogeneous organizational structures and lack of development resources
Cloud providers such as AWS, Azure or GCP follow different concepts for managing accounts, users, access structures and costs. In a multi-cloud strategy, this heterogeneity leads to large administrative overhead: Company-internal organizational structures have to be transferred to the respective concepts and administrative processes have to be adapted to them. The necessary governance structures and specific platform expertise are often lacking, which leads to complexity and uncontrollable shadow IT.
Solution
Central definition of organizational structures for all cloud platforms
meshcloud integrates all relevant cloud platforms out-of-the-box and accompanies the entire cloud project lifecycle: tenant (de)provisioning, tenant configuration, user (de)provisioning, service (de)provisioning. The organization is modeled centrally on the platform and transferred to the connected platforms. New cloud platforms can thus be integrated easily.
Discover more advantages of meshStack
Set up for one cloud - use with all clouds
With meshStack, multiple cloud platform integrations are eliminated. Once set up for one cloud, you can add more cloud platforms for the enterprise with just a few clicks. Instead of cloud silos with months-long integration projects, you get an integrated control center for your cloud infrastructure.

Fast implementation
Thanks to our SaaS model, implementation in your IT landscape takes place in the shortest possible time.
Excellent support
Our experienced Customer Success team is on hand to ensure your Cloud Journey is successful.
100% customer satisfaction
Our customers rely permanently on meshStack for their successful cloud journey.
Weekly updates
meshStack is constantly being developed further and regularly receives new functions.
Made in Germany
meshStack is also suitable for operation in highly regulated environments, such as in the financial or infrastructure sectors, thanks to its extensive compliance support. meshcloud is ISO27001 certified.
Well documented
meshStack has detailed documentation for onboarding, configuration and operation. In the Cloud Foundation Maturity Model (CFMM) we show best practices for the Cloud Journey.
Multiple awards & certifications







Identity & Access Management
Multi Cloud Identity & Access Management (IAM)
Management of identities, users, roles & permissions
Roles, users, permissions – for all clouds in one place: Manage cloud access and get developers into the cloud in minutes.

The leading cloud IAM solution
meshStack simplifies IAM in single or multi-cloud environments

IAM for AWS, Azure, GCP & co.
Multi Cloud IAM - One of the first steps in the Cloud Foundation
Clean management of identities and permissions in the environment of cloud providers such as AWS, Azure or Google Cloud Platform is an integral element of a compliant (multi-)cloud strategy. meshcloud provides a simple and secure solution for managing users and permissions across all the cloud platforms you have in use.
The right IAM architecture is crucial
The bridge between existing identity management systems and the cloud
We integrate flexibly with your existing and established identity management systems. To do this, we work with you to develop a cloud IAM architecture that addresses the specific needs of your organization, considers regulatory requirements of your industry, and provides your application teams with a cloud-native onboarding experience for platforms such as AWS, Azure, and GCP.
One click to all clouds
- Multi-cloud SSO
- Self-Service User Interface
- Integration with existing solutions (AD, LDAP, etc.)
- RBAC (Role-based Access Management)
- Integrated approval workflows (4-eyes principle)
- Central control of cloud access rights
- Auditable access logs
- IAM integrations to AWS, Azure, GCP, OpenShift, OpenStack and Cloud Foundry are integral elements of the product
- Recertification processes integrated
- Simple, API-driven import of user groups
- External access: "Partners" can create customer accounts for others and take over administrative tasks

Cloud-native tooling meets enterprise IAM
Challenges with Cloud IAM
From developer onboarding to long-term management of user and permission lifecycles, managing access to cloud infrastructure is complex and security-critical. Authorizations should be granted as sparingly as possible (principle of least privilege) to reduce security risks. At the same time, you don’t want to limit the productivity of developers due to a lack of access rights. A simple and transparent process for assigning access rights is therefore essential.
Further advantages of meshStack
Self-Service
Conveniently assign and revoke permissions for all cloud platforms via self-service
Faster cloud onboarding
Replace tedious approval processes with cloud-native self-service approaches to accelerate your cloud onboarding
User Lifecycle Integration
Connect your cloud permissions to the central user lifecycle according to SCIM standard to prevent the emergence of unwanted "zombie" users in active cloud environments
Transparency
Avoid shadow IT through a central and transparent overview of all cloud users and projects
Compliance
Benefit from our experience in the multi-cloud environment and balance agility and control optimally - with cloud-native processes that meet your compliance requirements
Automated IAM
Define once, use everywhere. Leverage existing IAM groups and assign permissions to specific cloud tenants without manual effort
Use Case
Cloud onboarding with meshStack

1. Tom is Application Team Lead. He registers the new product, which his team is developing on the meshcloud platform.

2. He invites his development team, which is notified by e-mail.

3. The team creates cross-cloud meshProjects centrally. Access and costs are managed here.

4. Developers get direct cloud access and can start development.
Best Practice for Multi Cloud IAM
How IAM works with meshStack

One identity across all cloud platforms
Control identities and access rights centrally via the meshcloud platform. This reduces the complexity of your cloud environment and increases control and auditability.
Integration with local identity provider
You can integrate one or more identity providers (Active Directory, LDAP, etc.) with meshStack to leverage identities from multiple sources and manage access to the connected clouds.
Multi-Cloud Single Sign-On (SSO)
After logging in to the meshcloud platform, developers get directly into the cloud tenants of the connected cloud platforms with one click and can use their native tools.
Discover more advantages of meshStack
Set up for one cloud - use with all clouds
With meshStack, multiple cloud platform integrations are eliminated. Once set up for one cloud, you can add more cloud platforms for the enterprise with just a few clicks. Instead of cloud silos with months-long integration projects, you get an integrated control center for your cloud infrastructure.

Fast implementation
Thanks to our SaaS model, implementation in your IT landscape takes place in the shortest possible time.
Excellent support
Our experienced Customer Success team is on hand to ensure your Cloud Journey is successful.
100% customer satisfaction
Our customers rely permanently on meshStack for their successful cloud journey.
Weekly updates
meshStack is constantly being developed further and regularly receives new functions.
Made in Germany
meshStack is also suitable for operation in highly regulated environments, such as in the financial or infrastructure sectors, thanks to its extensive compliance support. meshcloud is ISO27001 certified.
Well documented
meshStack has detailed documentation for onboarding, configuration and operation. In the Cloud Foundation Maturity Model (CFMM) we show best practices for the Cloud Journey.
Multiple awards & certifications






