This client was evolving its build, bundle, and deploy operations into a predictable, repeatable delivery model as it moved more of its operations into Amazon Web Services (AWS).
As a result, more knowledge and experience was needed in the use of cloud operations tools, processes, and procedures as well as how to fully evolve the use of development behaviors, tools, processes, and procedures in the cloud.
In order to scale using CloudFormation, Trility proposed an automated continuous delivery pipeline ecosystem using the client-chosen tools, Terraform and Jenkins, as well as RDS Aurora, MySQL, and S3 solutions to design, direct, and implement the cloud ecosystem architecture.
The team created and implemented a constantly evolving repeatable database solution using automated deployments and provisioning. The solution also included static asset monitoring and scanning solutions for antivirus, malware, and detection in S3 buckets for the different environments.
Trility also collaborated with identified vendors to assess information security aspects to understand information exchanges and flows, ingress and egress needs, internal and external resource access requirements, and data protection requirements.
Created and evolved a build pipeline ecosystem where:
100% of the stack is driven by CloudFormation and Jenkins, with GitHub Enterprise as change management control system
No console access or API access exists except for Jenkins, with a “break glass” process when/if needed
Before any changes are made to the different environments, mandatory pull requests are required
Artifactory stores deployable code after full authentication
Centralized Splunk logging is used as the destination for all VPC Flow logs, Apigee and Auth0 endpoints, S3 bucket access, and database logs
Manual steps are mitigated and/or eliminated with preference to "eliminated," from application management and deployment using Jenkins
CloudFront, with AWS Regional WAF, is enabled in front of the static website contents and Apigee endpoints with specific regions whitelist access
Read about other projects Trility has delivered.
Explore the latest insights, ideas, and perspectives from Trility's team.