Cloud Engineering
Insurance

Cloud Infrastructure & Operations Pipeline Pattern

Trility helped refactor a client’s cloud environment to align with its parent company’s enterprise framework by engineering a build, bundle, and deploy pipeline pattern using Infrastructure as Code. The pattern was reusable throughout the company to ensure a predictable, repeatable, auditable solution.

Problem Statement

This client needed to refactor its cloud environment to align with its parent company’s enterprise cloud framework and utilize AWS CloudFormation to allow for quick enablement of teams and enforcement of security controls.

Preceding this engagement, the client's parent company had 50 Amazon Web Service (AWS) accounts spread across the company without centralized security, logging, monitoring, and architecture. Trility helped the parent company develop a secure enterprise cloud architecture strategy and move on-prem workloads to the cloud, build native apps in the cloud, and optimize the cloud for automation, scalability, and auditability.

The achieved outcome was a Cloud Security enterprise framework to enable cloud services across the company with reusable patterns that created predictable, repeatable, and auditable results.

Solution Approach

In order to provide recommendations, Trility conducted architectural assessments to gain an understanding of existing processes, procedures, and information security implementations. The team then facilitated the secured population of the environments according to the parent company’s requirements, while cleaning up and simplifying IAM permissions contextually. 

As an extension of the initial project with the parent company, Trility used CloudFormation and CI/CD pipelines to build, evolve, troubleshoot, and provide solutions for cloud architecture, new resource buildouts, and configurations, as well as automate the deployment of IAM permissions, roles, and policies. Trility teams also provided training on S3 and writing IAM policies to equip the client’s team members at the end of the engagement.

Outcomes

Built software-defined infrastructure and operations into a build, bundle, deploy pipeline pattern for use across the Enterprise.

  • Continue to facilitate and ensure alignment of the enterprise cloud framework vision between the client and its parent company, while helping both be operational and more competently experienced in cloud architecture through operations.

  • Provide coaching and knowledge transfer to client team members for building and managing 100 percent software-defined infrastructure in the cloud with a security-first mindset.

  • New pipelines continue to be built as requested and required using existing enterprise cloud framework patterns.

  • Ensure all new work goes back into the framework.

  • Apply least privilege mindset to all patterns.

Project Attributes

  • Reduced COA
  • Reduced COO
  • Reduced Risk
  • Accelerate Delivery
  • Increased Automation
  • Increased Scalability
  • Reusable Patterns
  • Increased Capabilities
  • Increased Security
  • Verifiable Compliance

Technologies Used

  • AWS CloudFormation
  • AWS Cloud Compute (EC2)
  • AWS Simple Storage Service (S3)
  • Jenkins
  • Terraform Enterprise