Our team had limited time to implement the project. We had to strictly follow the schedule and think every step of the way twice prior to implementing. Our client had number of AWS accounts which had to be taken into consideration, making sure that all resources are correctly provisioned, monitored, and secured. Creating, importing, and sharing all products and portfolios with multiple AWS accounts had to take part of the fully automated CI/CD pipeline and version control system that our client had in place.
We gathered all necessary information from the customer. Big chunk of the AWS Service Catalog depends on AWS Cloudformation stacks and our team has started creating all portfolio and product templates from scratch. Being successful with this task, we’ve started working on the CI/CD and created a stable automated pipeline that allowed the management of the catalog easily. Applying constraints and specific group of users working with the catalog was a priority. We’ve minimized the time and cost of AWS resources provisioned by the Service Catalog drastically. We’ve given the users the ability to manage their own resources and take responsibility. Notifications are being sent for all infrastructure running reminding users about that. Each resource can be monitored individually, thus providing security and separation.
We introduced the DevOps way of working. We started to use Agile Scrum and helped setting these processes up. We coached their internal people and advised on their organizational challenges. Their new private cloud infrastructure had all components to be fully automated. The only things missing where building blocks for the various types of applications. Configuration management and remote execution software were introduced. Together with their newly formed DevOps teams we created the building blocks and consulted on various topics. Slowly we were able to create more velocity during the project. Mainly due to the re-usability of these building blocks.
The foundation for a succesful transformation to the Cloud is the use of a Landing Zone. Landing Zones bundle cloud environment configuration such as; Security, Compliancy, IAM / RBAC, Networking, Billing, Logging, Monitoring and Auditing as well as the configuration of products to support specific workload requirements. Landing zones are delivered using Infrastructure as Code (IaC) which ensures consistently trusted, rapid and repeatable deployments.Read More