Enterprise cloud migrations rarely fail because of technology. They stall because organizations mistake infrastructure relocation for actual transformation. Moving workloads to AWS or Azure while preserving manual provisioning workflows and ticket-driven operations simply relocates the bottleneck — it doesn't eliminate it.
LAB³, an Australian cloud consultancy led by CTO Lachlan White, has spent years diagnosing why enterprises struggle to extract real value from cloud investments. Their findings reveal a consistent pattern: companies celebrate moving to the cloud while still waiting three weeks for server provisioning that should take three minutes. The problem isn't the cloud platform itself, but the operational model layered on top of it.
The Hidden Cost of Cloud Theater
White's assessment cuts through the usual cloud adoption narratives. "Taking six weeks to build a server was good. Now they're in cloud, it takes three weeks — but we know it can take three minutes," he explains. This gap between potential and reality stems from what LAB³ calls "cloud theater" — the appearance of modernization without the substance.
The symptoms appear across multiple operational layers. Provisioning still routes through manual approval chains. Secrets get rotated by hand, often inconsistently across teams. Networking changes require coordination meetings and change advisory boards. Each team builds infrastructure using different patterns, creating drift that compounds over time.
These inefficiencies might seem tolerable when managing traditional application workloads. But as enterprises begin deploying AI systems — which require rapid experimentation, dynamic resource scaling, and frequent model iterations — the operational debt becomes crushing. AI workloads expose every weakness in an organization's infrastructure delivery model.
Why Infrastructure-as-Code Adoption Fails
Most enterprises have attempted Infrastructure-as-Code (IaC) implementations. The tools exist, the training has been delivered, and teams understand the concepts. Yet LAB³ consistently finds fragmented adoption: some teams use Terraform, others prefer CloudFormation, many still rely on manual console work for "quick changes."
The failure point isn't technical knowledge. It's the absence of shared architectural patterns and enforcement mechanisms. Without organization-wide standards for how infrastructure should be defined, teams default to whatever works fastest in the moment. This creates technical debt that becomes harder to remediate as the environment grows.
White identifies five recurring obstacles that prevent true cloud velocity: manual provisioning queues that slow delivery cycles, inconsistent secrets management practices that create security gaps, fragmented networking approaches across different cloud providers, lack of reusable IaC patterns forcing teams to rebuild common components, and risk-averse approval processes that limit developer autonomy.
The Three-Stage Transformation Model
LAB³'s approach rejects the "big bang" transformation model in favor of progressive capability building. Their three-stage framework — crawl, walk, run — acknowledges that organizations need stable foundations before they can achieve true automation at scale.
Crawl: Rebuilding the Foundation
The crawl stage focuses on establishing baseline consistency. LAB³ works with clients to define shared architectural patterns, implement proper secrets management through HashiCorp Vault, and standardize on Terraform for infrastructure provisioning. This phase prioritizes stability and risk reduction over speed.
The goal isn't immediate automation. It's creating the structural prerequisites that make automation possible. Teams learn to define infrastructure as code, secrets get centralized with proper access controls, and networking practices become consistent across environments. Progress feels slow, but the foundation being built will support everything that follows.
Walk: Standardization Enables Velocity
The walk stage represents the inflection point where investment in standards begins generating returns. Organizations shift from ad hoc infrastructure builds to reusable, well-architected modules. Terraform modules encapsulate best practices and security requirements. Vault automates secrets rotation and enforces least-privilege access. Consul provides consistent service discovery and routing across distributed environments.
White emphasizes that efficiency at this stage serves a strategic purpose: "The walk phase is about making it efficient rather than just doing it because we've been told it's a good practice." Faster provisioning isn't valuable because it saves time — it's valuable because it accelerates time-to-market for new capabilities.
LAB³ typically sees provisioning speed improve by approximately 70% during this phase, with infrastructure delivery dropping from weeks to minutes. More importantly, the consistency achieved through standardized modules reduces configuration drift and security vulnerabilities.
Run: Platform Engineering at Scale
Organizations reaching the run stage operate fundamentally differently. They've moved beyond infrastructure automation to platform engineering — building internal developer platforms that abstract complexity while maintaining control. FinOps practices provide cost feedback loops. Advanced Vault capabilities enable dynamic secrets and workload identity. Consul manages service mesh complexity across hybrid environments.
This operational maturity creates space for innovation. Teams can experiment with AI frameworks, event-driven architectures, and emerging technologies without rebuilding foundational capabilities. White describes this as exploring "the art of the possible" — the ability to pursue new technical directions because the platform can support them.
How a Major Bank Rebuilt Its Cloud Foundation
A large Australian bank provided LAB³ with a case study in transformation urgency. Hundreds of engineering teams had adopted cloud services independently, creating a sprawling environment where operational overhead grew faster than business value. The arrival of AI workloads made the situation critical — teams needed to experiment rapidly, but the existing infrastructure couldn't support that velocity safely.
LAB³'s assessment revealed that despite extensive cloud adoption, almost no infrastructure was being provisioned through IaC. Teams used a mix of manual console work, custom scripts, and one-off templates. Secrets were scattered across systems with no consistent rotation policy. The environment had grown organically without architectural guardrails.
"We weren't provisioning any of the infrastructure through IaC, so we went back to square one — put everything into HCP Terraform with proper RBAC, then brought in Vault so we weren't exposing things we didn't want to," White explains. The decision to rebuild foundations rather than incrementally improve existing practices proved critical.
The transformation centered on four initiatives: implementing Terraform with role-based access control to unify provisioning across teams, establishing IaC baselines that eliminated template proliferation and configuration drift, deploying Vault to centralize secrets management and automate rotation, and creating a curated AI experimentation environment with proper security boundaries.
The results extended beyond operational metrics. Provisioning that previously took weeks now completes in minutes. Secrets are governed through automated policies rather than manual processes. Networking became predictable through Consul-managed service discovery. Most significantly, the bank gained a secure platform capable of supporting AI workloads while maintaining compliance requirements.
The Non-Human Identity Challenge
White identifies a security challenge that most enterprises haven't fully recognized: the shift from human to non-human identity as the primary access pattern. Traditional security models assume humans authenticate to systems, request access, and perform actions. AI agents, automated pipelines, and microservices operate differently — they need dynamic, short-lived credentials that can be provisioned and revoked programmatically.
"AI dramatically increases the speed of change and the surface area of access across modern platforms," White observes. "As agents, pipelines, and services are introduced at pace, non-human identity becomes the dominant security challenge." Long-lived shared secrets — the default approach for many automation workflows — create unacceptable risk in environments where AI agents might spawn hundreds of ephemeral workloads.
Vault's workload-based authentication and dynamic secrets capabilities address this challenge directly. Instead of distributing static credentials, systems can request short-lived tokens scoped to specific operations. When an AI agent needs database access, it authenticates based on its workload identity and receives credentials that expire after the task completes. This approach reduces the blast radius of any potential compromise while enabling the rapid experimentation AI development requires.
Applying AI to Infrastructure Operations
LAB³ is now exploring how AI can enhance the platform capabilities they've built for clients. The focus isn't on replacing human expertise but on amplifying it — using AI to handle repetitive validation tasks, detect anomalies, and accelerate module development.
Planned initiatives include automating Terraform module creation and configuration validation, implementing AI-driven anomaly detection for security monitoring, building intelligent IDE guardrails that catch errors before code commits, and supporting agent-based architectures that require dynamic trust and ephemeral environments. The firm has also begun incorporating agentic AI through the Terraform MCP Server, enabling AI agents to interact with infrastructure code in structured ways.
These applications depend on the foundational work LAB³ has already completed with clients. AI-enhanced operations require stable, well-architected platforms. Organizations still struggling with manual provisioning and inconsistent security practices can't effectively leverage AI for infrastructure management — they lack the structured environment AI systems need to operate safely.
Building Platforms for Unknown Future Requirements
White's perspective on cloud transformation emphasizes preparing for uncertainty. "You want to look at these capabilities because they provide the foundational layer for your enterprise's technology stack to address the value of new trends in markets such as artificial intelligence," he argues. The specific technologies that will matter in three years remain unclear, but the operational capabilities required to adopt them quickly are knowable today.
Organizations that have standardized on Terraform, centralized secrets management through Vault, and implemented consistent networking with Consul can evaluate new technologies without rebuilding their operational model. When a new AI framework emerges, teams can provision the required infrastructure in minutes rather than weeks. When a security vulnerability requires rapid credential rotation, automated systems handle it across the entire environment.
This operational flexibility represents the real value of cloud transformation. It's not about the specific tools or platforms in use today — it's about building the capability to adopt whatever comes next without organizational friction. LAB³'s three-stage model provides a roadmap for achieving that flexibility, but the journey requires commitment to foundational work that may not generate immediate visible returns.
The enterprises that will thrive in an AI-driven future are those investing in operational maturity today. Not because they know exactly what AI capabilities they'll need, but because they've built platforms capable of supporting rapid experimentation and deployment regardless of what emerges. That's the transformation LAB³ enables — not just faster cloud operations, but the organizational capability to move at the speed of innovation.
