Introduction:
A prominent financial institution, with a vast online footprint and a substantial customer base, faced the challenge of managing multiple AWS accounts across various environments, including development, testing, production, logging, and monitoring. Adhering to stringent financial regulations, such as PCI-DSS, was paramount for ensuring secure and compliant transactions on their high-traffic microservices-based platform.
This case study showcases the successful implementation of AWS Organization Units (OUs) to establish a centralized management structure for the institution’s interconnected AWS accounts. Our expertise in designing and deploying a robust OU architecture, coupled with AWS Control Tower, enabled the client to streamline account governance, enforce consistent policies, and maintain a robust security posture across all accounts, while seamlessly aligning with their compliance obligations. Additionally, we created a landing zone with dashboards and applications, providing a unified view and control over their AWS infrastructure.Â
Challenges:
- Managing multiple AWS accounts across various environments (development, testing, production, logging, and monitoring)
- Adhering to stringent financial regulations like PCI-DSS for secure and compliant transactions on their high-traffic microservices-based platform.
- Need for centralized management structure for interconnected AWS accounts.
- Streamlining account governance and enforcing consistent policies across all accounts.
- Maintaining robust security posture across all accounts while aligning with compliance obligations.
- Unified view and control over AWS infrastructure through a landing zone with dashboards and applications.
Timelines:
Our experienced team understood their vast and complex infrastructure to tailor the services and strategies to be applied to their infrastructure.
- Understanding the multi-account configuration: 10-15 days (about 2 weeks)
- Cloud Deployments: 2 months
- Cost Optimization: 2 months
The Architecture: