Preceding this engagement, this client's parent company had 50 Amazon Web Service (AWS) accounts spread across the company without centralized security, logging, monitoring and architecture. The parent company hired Trility Consulting® to help develop a secure enterprise cloud architecture strategy and move on-prem workloads to the cloud, build native apps in the cloud, and optimize the cloud for automation, scalability, and auditability.
The achieved outcome was a Cloud Security enterprise framework to enable cloud services across the company with reusable patterns that created predictable, repeatable, and auditable results.
This client needed to refactor its cloud environment to align with its parent company's enterprise cloud framework, and using AWS CloudFormation allowed them to quickly enable teams and enforce security controls.
Prior to this engagement, the client hired Trility to help pursue a secure, safe serverless environment across its enterprise, so they turned to our team again to help bootstrap the design, implementation, and operational evolution of AWS operations and implement a data storage solutions using CloudFormation.
AWS CloudFormation was selected to automate the secure deployment of AWS resources across business units to help the client's teams adapt quickly and automate testing. Using the enterprise cloud framework provided by the parent company, Trility proposed rewriting all IAM roles, permissions, and policies for the entire environment – applications, EC2 instances, CloudFront, security groups, IAM resources, and all networking.
Trility conducted architectural assessments, gained understanding of existing processes, procedures, and information security implementations in order to provide next-step recommendations. Trility then facilitated the secured population of the environments according to the parent company's requirements while cleaning up and simplifying IAM permissions contextually.
As an extension of the initial project with the parent company, Trility used CloudFormation and CI/CD pipelines to build, evolve, troubleshoot, and provide solutions for cloud architecture, new resource buildouts, and configurations, as well as automate the deployment of IAM permissions, roles, and policies. Trility teams also provided training on S3 and writing IAM policies to equip the client's team members at the end of the engagement.
Trility builds a golden triangle of truth for version control, change management, and continuous delivery pipelines to ensure predictable, repeatable, and auditable results. Long-term, the client's teams have increased operational performance and reduced time to value by leveraging the power of CloudFormation’s reusable templates:
Implementation included 100 percent software-defined infrastructure and operations into a predictable, repeatable, auditable build, bundle and deploy pipeline pattern for use by any and all organizations in the enterprise. AWS CloudFormation allowed for the following:
Managed policies built in AWS did not allow for the granular controls necessary for this enterprise system. Trility worked with the parent company's team to create reusable and more granular policies across the environment that could be rolled back up to the enterprise cloud framework, along with all other iterations and lessons learned.
Trility helps rethink your entire business strategy in the cloud. Learn how you can accelerate your next AWS initiative with us.