<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=8691193&amp;fmt=gif">

40%

Avg. Cloud Cost Reduction

50%

Operational Efficiency Boost

1500+

Built-in Security Policies

30+

Compliance Frameworks
Platform Capabilities
 

Four Pillars of Cloud Governance

Cloud Control consolidates cost management, security operations, cloud automation, and assessment into a unified, AI-powered governance platform.

ALIANDO Logo Icon white
FinOps+

Gain full visibility into multi-cloud spend with FOCUS-compliant dashboards. Identify idle resources, right-size workloads, manage reserved instances and savings plans, and enforce tagging governance for 100% cost attribution across business units.

Aliando White Favicon
SecOps

Continuously scan for vulnerabilities, misconfigurations, and threats with auto-remediation. Maintain compliance with HIPAA, GDPR, PCI-DSS, NIST, FedRAMP, CIS, ISO/IEC, and more through 1,500+ pre-built policies enforced across all connected accounts.

ALIANDO Logo Icon white
CloudOps

Automate provisioning, monitoring, and orchestration across clouds. Use rules-based workflows, intelligent remediation, and third-party integrations to streamline operations, reduce manual overhead, and improve reliability from a single pane of glass.

ALIANDO Logo Icon white
Assessments

Run automated evaluations against Well-Architected Frameworks and custom frameworks across all three major hyperscalers. Identify gaps in reliability, performance, security, and cost efficiency — all from a single consolidated report.

Multi-Cloud Support

Connect Your Cloud Accounts

Cloud Control supports onboarding for Azure, AWS, and GCP. Each provider follows a guided workflow inside the CoreStack™ dashboard with two access modes: Assessment-Only or Assessment + Governance.
3-Apr-14-2026-08-52-54-7321-PM
Microsoft Azure
  1. In the Azure portal, create an App Registration for CoreStack™ under Azure Active Directory.
  2. Assign the appropriate role (Reader for assessment, Contributor for governance) to the App Registration on each subscription.
  3. Collect the Tenant ID, Application (Client) ID, and Client Secret.
  4. In Cloud Control, navigate to Settings → Onboard Accounts → Azure.
  5. Select your account type (Pay-As-You-Go, CSP, EA, etc.) and paste credentials.
  6. Validate, configure advanced settings (tags, governance), and finish.
1-Apr-14-2026-08-52-54-7315-PM
Amazon Web Services
  1. In the AWS Console, create an IAM Role with a trust policy allowing CoreStack™ 's account to assume the role.
  2. Attach policies based on access type — use the CoreStack™ -provided CloudFormation template for recommended permissions.
  3. Collect the Role ARN and External ID.
  4. In Cloud Control, navigate to Settings → Onboard Accounts → AWS.
  5. Choose Single Account or Management Account (for AWS Organizations).
  6. Enter the Role ARN and External ID, validate, and complete onboarding.
2-Apr-14-2026-08-52-54-7114-PM
Google Cloud Platform
  1. In the GCP Console, enable the required APIs: Cloud Resource Manager, Billing, Recommender, and Security Command Center.
  2. Create a Service Account with appropriate roles and download the JSON key file.
  3. Alternatively, set up OAuth2 credentials (Client ID, Client Secret, Redirect URI, Authorization Code).
  4. Onboard the GCP Billing Account first — cost data sync takes up to 24 hours.
  5. In Cloud Control, navigate to Settings → Onboard Accounts → GCP.
  6. Select Linked Project, choose authentication type, upload credentials, validate, and finish.
Support & FAQ

Help Center

Find answers to common questions about accessing, operating, and troubleshooting Aliando Cloud Control. Can't find what you need? Contact our Premier Plus support team.

Accessing Cloud Control
  • How do I log in to Cloud Control?

    Cloud Control is delivered as a SaaS application hosted on the CoreStack™  platform. To access it:

    1. Open your web browser and navigate to https://www.corestack.io.

    2. Click Sign In in the top-right corner of the page.

    3. Enter the credentials provided by ALIANDO during your onboarding. If your organization uses SSO (SAML/OIDC), select
    Sign in with SSO and enter your corporate domain.

    4. After authentication, you will land on the CoreStack™  unified dashboard - this is your Cloud Control home screen.

     

    If you have not received credentials, contact Aliando support at premierplus@aliando.comto initiate provisioning.

  • Which browsers are supported?

    Cloud Control supports the latest two major versions of Google Chrome, Microsoft Edge, Mozilla Firefox, and Safari. For
    optimal performance and rendering, we recommend Google Chrome or Microsoft Edge (Chromium-based).

    Ensure JavaScript is enabled and that your browser allows third-party cookies for corestack.io domains, as session
    management relies on secure cookies.

  • I'm receiving a "403 Forbidden" or "Access Denied" error when logging in.

    This typically indicates one of the following:

    1. Account not provisioned: Your user account may not have been created in your organization's Cloud Control tenant.
    Contact your administrator or email premierplus@aliando.com.

    2. Role/scope mismatch: Your account exists but lacks the necessary role assignments. Roles are managed under
    Settings > Access Controls by your tenant administrator.

    3. IP allowlisting: If your organization has configured network restrictions, ensure your current IP is within the allowed CIDR
    ranges configured in the tenant settings.

  • The application loads slowly or pages time out.

    Try the following steps:

    1. Clear browser cache: Stale assets can conflict with updated platform releases. Clear cache and cookies for
    *. corestack.io and reload.

    2. Disable browser extensions: Ad blockers and privacy extensions can interfere with API calls. Temporarily disable them
    and retry.

    3. Check network connectivity: Ensure that outbound HTTPS (port 443) to
    corporate firewall or proxy.

    4. Try Incognito/Private mode: This eliminates extension and cache variables. If the application works in private mode,
    the issue is related to your browser profile.

    If the issue persists, email premierplus@aliando.com with your browser version, approximate time of the issue, and any
    error messages from the browser developer console ( F12 > Console tab).

    *. corestack.io is not blocked by your

  • How do I reset my password?

    If you are using local authentication (not SSO), click "Forgot Password" on the CoreStack sign-in page and follow the email
    verification flow. For SSO users, password resets must be done through your corporate identity provider (Azure AD, Okta,
    etc.).

    If you are locked out entirely, contact premierplus@aliando.com for a manual account recovery.

Operating & Navigating the Platform
  • How is the Cloud Control dashboard organized?

    The Cloud Control dashboard is organized around four primary governance modules, accessible from the left-hand
    navigation menu:

    1. FinOps+: Access cost dashboards, budget management, optimization recommendations, savings plans analysis, tagging
    governance, and chargeback/showback reports.

    2. SecOps: View security posture summaries, policy compliance status, vulnerability findings, threat detection alerts, and
    initiate manual or auto-remediation workflows.

    3. CloudOps: Manage automation runbooks, monitoring alerts, orchestration templates, resource inventory, and
    operational workflows.

    4. Assessments: Run Well-Architected reviews, schedule recurring assessments, view historical results, and export PDF

    reports.

    Additional areas include Settings
    report builder and scheduled exports).

    (tenant configuration, user management, account onboarding) and Reports

    (custom

  • How do I view and manage cloud costs?

    Navigate to FinOps+-> Cost Dashboard from the left menu. From here you can:

    1. Filter by provider, account, region, service, or tag to drill into specific spend categories.

    2. Set and track budgets under FinOps+ - Budgets. Configure threshold alerts to receive email or webhook notifications.

    3. Review optimization recommendations under FinOps+ -> Recommendations - this includes right-sizing, reserved
    instance purchasing, orphaned resource cleanup, and savings plan coverage.

    4. Generate chargeback reports under FinOps+ - Showback/Chargeback to allocate costs to departments or business
    units by tag strategy.

    Cost data typically refreshes every 24 hours after initial onboarding. Historical data availability depends on the billing export
    configuration in each cloud provider.

  • How do I check my security and compliance posture?

    Navigate to SecOps -> Compliance Dashboard. The dashboard shows your overall compliance score, broken down by
    framework (e.g., CIS, HIPAA, PCI-DSS). To drill in:

    1. Click on a specific framework to see which controls pass or fail.

    2. Select a failing control to see affected resources and the recommended remediation action.

    3. Click Remediate to trigger auto-remediation (if governance mode is enabled for that account) or export the finding to
    your ticketing system.

    For threat detection, navigate to SecOps -> Threats & Vulnerabilities to see a prioritized list of active security findings
    across all connected cloud accounts.

  • How do I set up automation and runbooks?

    Navigate to CloudOps -> Automation. The platform offers both pre-built templates and custom runbook creation:

    1. Browse templates in the Automation Library - common use cases include start/stop schedules, snapshot
    management, and tag enforcement.

    2. Create a custom runbook by defining trigger conditions (schedule, event, or manual), target resources, and the action

    sequence.

    3. Test in dry-run mode before enabling, then activate the runbook and monitor execution logs under CloudOps -+
    Execution History.

  • How do I run a Well-Architected Framework assessment?

    Navigate to Assessments - New Assessment. Choose the target cloud account(s), select the framework (AWS Well-
    Architected, Azure Well-Architected, GCP Best Practices, or a custom framework), and click Run Assessment. The
    platform evaluates your resources against the selected controls and generates a findings report.

    Reports can be exported as PDF and scheduled to run on a recurring basis (weekly, monthly, or quarterly) under
    Assessments -> Scheduled Assessments.

Connecting Cloud Accounts — Troubleshooting
  • My Azure subscription fails to validate during onboarding.

    Common causes and fixes:

    1. Incorrect credentials: Double-check the Tenant ID, Application (Client) ID, and Client Secret. Ensure the secret has not
    expired - Azure secrets have a configurable expiration date.

    2. Insufficient permissions: The App Registration must have at least Reader role assigned at the subscription level for
    Assessment mode, or Contributor for Governance mode. Verify this under Subscriptions > [Your Subscription] +
    Access control (IAM) in the Azure portal.

    3. API permissions: Ensure the App Registration has Microsoft Graph - Directory.Read.All (Application type) consent
    granted by an Azure AD admin.

    If your organization uses Conditional Access policies, ensure the CoreStack service principal is not blocked by any policy
    requiring device compliance or location restrictions.

  • My AWS account onboarding shows a "Role assumption failed" error.

    This means the CoreStack platform could not assume the IAM role in your AWS account. Check the following:

    1. Trust policy: The IAM role must include CoreStack's AWS account ID in its trust relationship. If you used the provided
    CloudFormation template, this is set automatically.

    2. External ID: Ensure the External ID entered in Cloud Control matches exactly what is configured in the IAM role trust
    policy. This is case-sensitive.

    3. Role ARN: Verify the ARN is in the correct format: arn: aws: iam :: <ACCOUNT_ID>:role/<ROLE_NAME>

    4. SCP/OU restrictions: If the account is part of an AWS Organization with Service Control Policies, ensure that the SCP
    does not deny the sts: AssumeRole action for the CoreStack principal.

  • My GCP project onboarding fails or shows no cost data.

    For onboarding failures:

    1. APIs not enabled: In the GCP Console, verify that the following APIs are enabled under APIs & Services > Library :
    Cloud Resource Manager, Cloud Billing, Recommender, Security Command Center, Compute Engine, and Monitoring.

    2. Service account key: If using service account auth, ensure the downloaded JSON key is valid, the service account has
    the necessary roles (Viewer for Assessment; Editor for Governance), and the key has not been revoked.

    3. OAuth2 flow: If using OAuth2, the authorization code is single-use. If onboarding was interrupted, you must generate a
    new authorization code.

    For missing cost data:

    1. GCP Billing Account must be onboarded before linked projects. Cost data sync takes up to 24 hours to complete.

    2. Ensure that Billing Export to BigQuery is configured in the GCP Console - Cloud Control reads cost data from the
    BigQuery billing export dataset.

  • I onboarded an account but see no resources or data.

    After initial onboarding, the platform performs a metadata sync that can take up to 24 hours to fully populate. During this
    period, resource inventory and cost data will gradually appear in the dashboard.

    If data is still missing after 24 hours:

    1. Navigate to Settings > Onboard Accounts and check the status indicator for the account. A green status means
    connectivity is healthy; yellow or red means the platform encountered permission or API errors.

    2. Click on the account and select Re-validate to re-test connectivity.

    3. Review the Activity Log for specific error messages related to the account sync.

    4. If unresolved, contact premierplus@aliando.com with the account name and any error codes from the activity log.

General Support
  • How do I contact ALIANDO support?

    For all Cloud Control support requests - including onboarding assistance, troubleshooting, account provisioning, and
    general questions - contact our Premier Plus support team:

    Email: premierplus@aliando.com

    When submitting a support request, please include:

    1. Your organization name and Cloud Control tenant identifier.

    2. A clear description of the issue, including steps to reproduce.

    3. Screenshots or browser console logs if applicable.

    4. The cloud provider and account ID affected (for onboarding issues).

    Our support team operates during standard business hours and will acknowledge your request within one business day.

  • Where can I find official CoreStack™ documentation?

    Detailed platform documentation - including API references, onboarding prerequisites, and module-specific user guides
    - is available at https://docs.corestack.io.

    For Aliando-specific configuration, service agreements, and custom policy documentation, contact
    premierplus@aliando.com.

  • What SLAs does Cloud Control include?

    Cloud Control is delivered on CoreStack's SaaS infrastructure with enterprise-grade reliability. Specific SLA terms -
    including uptime guarantees, support response time targets, and escalation paths - are defined in your ALIANDO service
    agreement.

    For questions about your SLA or to request a copy of the current terms, email premierplus@aliando.com.

 Still Need Help?

Our Premier Plus support team is ready to assist with any Cloud Control questions.