Data Storage CI/CD Pipeline Solution

Trility helped a Fortune 100 insurance company pursue a secure serverless enterprise environment to bootstrap the design, implementation, and operational evolution of AWS. Our team also implemented a data storage solution using CloudFormation for a secured enterprise framework.

Problem Statement

This client was evolving its build, bundle, and deploy operations into a predictable, repeatable delivery model as it moved more of its operations into Amazon Web Services (AWS).

As a result, more knowledge and experience was needed in the use of cloud operations tools, processes, and procedures as well as how to fully evolve the use of development behaviors, tools, processes, and procedures in the cloud. 

Solution Approach

In order to scale using CloudFormation, Trility proposed an automated continuous delivery pipeline ecosystem using the client-chosen tools, Terraform and Jenkins, as well as RDS Aurora, MySQL, and S3 solutions to design, direct, and implement the cloud ecosystem architecture.

The team created and implemented a constantly evolving repeatable database solution using automated deployments and provisioning. The solution also included static asset monitoring and scanning solutions for antivirus, malware, and detection in S3 buckets for the different environments.

Trility also collaborated with identified vendors to assess information security aspects to understand information exchanges and flows, ingress and egress needs, internal and external resource access requirements, and data protection requirements.


Created and evolved a build pipeline ecosystem where:

  • 100% of the stack is driven by CloudFormation and Jenkins, with GitHub Enterprise as change management control system

  • No console access or API access exists except for Jenkins, with a “break glass” process when/if needed

  • Before any changes are made to the different environments, mandatory pull requests are required

  • Artifactory stores deployable code after full authentication

  • Centralized Splunk logging is used as the destination for all VPC Flow logs, Apigee and Auth0 endpoints, S3 bucket access, and database logs

  • Manual steps are mitigated and/or eliminated with preference to "eliminated," from application management and deployment using Jenkins

  • CloudFront, with AWS Regional WAF, is enabled in front of the static website contents and Apigee endpoints with specific regions whitelist access

Project Attributes

  • Reduced COA
  • Reduced COO
  • Reduced Risk
  • Accelerate Delivery
  • Increased Automation
  • Increased Scalability
  • Reusable Patterns
  • Increased Capabilities
  • Increased Security
  • Verifiable Compliance

Technologies Used

  • Jenkins
  • AWS RDS Aurora
  • AWS Simple Storage Service (S3)
  • AWS CloudFormation
  • GitHub Enterprise
  • AWS CloudFront
  • AWS Regional WAF
  • Splunk
  • Artifactory
  • Microsoft SQL

Explore Experience

Read about other projects Trility has delivered.


Explore the latest insights, ideas, and perspectives from Trility's team.