Modern enterprises operate through divisions, teams, subsidiaries, and partners – each with its own cloud usage and accountability.
Opactiv mirrors that reality by giving organizations an architecture that matches their structure.
Every customer environment starts with an Organization – an isolated container with its own accounts, policies, currency, and data.
Holding companies can provision separate organizations per subsidiary. MSPs can run clean environments for each client from one pane of glass.
Inside each organization, pools represent business units, teams, projects, CI/CD pipelines, ML workloads, or anything else that matters.
Pools nest arbitrarily, each with its own budget limit, owner, and alerting configuration, with unallocated budget rolling up automatically.
Pool types supported out of the box:
- Budget
- Business Unit
- Team
- Project
- CI/CD
- ML/AI
- Asset Pool
Resources discovered from connected cloud accounts are assigned to pools so every dollar has a clear owner and home.
Fine-grained RBAC operates at organization, pool, and resource levels simultaneously.
- Member - read access for their scope
- Engineer - operational access for managing infrastructure
- Manager - administrative control over budgets, assignments, policies
- Billing Reader - read-only cost visibility for finance
Roles are scoped so access can be limited to just the relevant pools while finance or leadership can view the whole organization without configuration permissions.
An invitation system lets managers send email invites with predefined roles and pool scopes.
Invitations carry expiry windows and capture assignment metadata for full auditing.
Opactiv supports over fifteen cloud and data platforms under the same organizational structure.
Public Cloud: AWS, Microsoft Azure, Google Cloud, Alibaba Cloud, Oracle Cloud Infrastructure, Yandex Cloud, OVHcloud.
Kubernetes: Kubernetes CNR (on-prem and cloud-hosted).
Data Platforms: Snowflake, Databricks.
AI & ML Services: OpenAI, Anthropic, xAI.
On-Premises: Datacenter TCO tracking.
Multiple cloud accounts can co-exist inside an organization, each mapped to the appropriate pool. Parent-child credential relationships prevent duplication when delegating access.
Organization-level constraints monitor for violations continuously.
| Policy Type | What It Does |
|---|---|
| Expense Anomaly | Detects unusual cost spikes against historical baselines |
| Resource Count Anomaly | Flags unexpected proliferation of resources |
| Expiring Budget | Alerts when a pool is approaching its limit |
| Recurring Budget | Tracks spend against recurring budget cycles |
| Resource Quota | Enforces hard limits on resource counts |
| Tagging Policy | Requires specific tags to be present on resources |
Each organization can configure its own SAML 2.0 connection to Okta, Azure AD, or any compliant IdP.
Password login, Google auth, email verification, and TOTP MFA are also available, with configurations isolated per organization.
- Currency selection per organization
- Billing schedule alignment with accounting cycles
- Custom cost models per cloud account for negotiated rates
- BI exports to AWS S3 or Azure Blob Storage
For Microsoft 365, Opactiv tracks licence usage and pricing to bring SaaS spend into the same governance framework.
Opactiv scales to single orgs with dozens of teams, conglomerates with many subsidiaries, or MSPs serving multiple clients.
Full isolation, granular roles, deep budgets, multi-cloud coverage – all in one platform.
Opactiv gives every stakeholder the view they need, and only the view they need, while finance and operations see the complete picture.
