Skip links
Centralized Governance for a Financial Institution, Orchestrating AWS Accounts with Organization Units

Centralized Governance for a Financial Institution: Orchestrating AWS Accounts with Organization Units

Centralized Governance for a Financial Institution, Orchestrating AWS Accounts with Organization Units

Introduction:

A prominent financial institution, with a vast online footprint and a substantial customer base, faced the challenge of managing multiple AWS accounts across various environments, including development, testing, production, logging, and monitoring. Adhering to stringent financial regulations, such as PCI-DSS, was paramount for ensuring secure and compliant transactions on their high-traffic microservices-based platform.

This case study showcases the successful implementation of AWS Organization Units (OUs) to establish a centralized management structure for the institution’s interconnected AWS accounts. Our expertise in designing and deploying a robust OU architecture, coupled with AWS Control Tower, enabled the client to streamline account governance, enforce consistent policies, and maintain a robust security posture across all accounts, while seamlessly aligning with their compliance obligations. Additionally, we created a landing zone with dashboards and applications, providing a unified view and control over their AWS infrastructure. 

Challenges:

  • Managing multiple AWS accounts across various environments (development, testing, production, logging, and monitoring)
  • Adhering to stringent financial regulations like PCI-DSS for secure and compliant transactions on their high-traffic microservices-based platform.
  • Need for centralized management structure for interconnected AWS accounts.
  • Streamlining account governance and enforcing consistent policies across all accounts.
  • Maintaining robust security posture across all accounts while aligning with compliance obligations.
  • Unified view and control over AWS infrastructure through a landing zone with dashboards and applications.

Timelines:

Our experienced team understood their vast and complex infrastructure to tailor the services and strategies to be applied to their infrastructure.

  • Understanding the multi-account configuration: 10-15 days (about 2 weeks)
  • Cloud Deployments: 2 months
  • Cost Optimization: 2 months

The Architecture: