For scalable, secure AWS DevOps, it’s important to start on the right foot. For this reason, we were recently contacted by our client, a marketing solutions provider to more than 500,000 small businesses across America, to help them with their cloud-based DevOps transition. The company wanted to bring Development, IT and Security under one umbrella, gain AWS skills and enhance security with its new AWS DevOps initiative.
The AWS consulting team at Flux7 immediately understood the marketing firm’s desire to build security into its new AWS environment. Indeed, security best practices are a built-in subset of Flux7’s flagship Landing Zone offering; the Gold Landing Zone is a designed collection of application agnostic components that provide a secure, management foundation for landing applications in AWS. The company’s teams agreed that the Flux7 solution would be ideal for addressing its core security, development and IT goals, giving it a solid foundation for its DevOps initiative moving forward.
AWS Architecture Best Practices
The DevOps consulting team at Flux7 addressed the marketing firm’s DevOps transition with three primary areas:
- Flux7 addressed the company’s account concerns with an Account Factory which allows it to create multiple AWS accounts for the highest level of resource and security isolation. The account factory was coupled with IAM, applied applications of the principle of least privilege, and an Okta integration for secure identity management, single sign-on and multi-factor authentication.
- In addition, the Flux7 Landing Zone ensures that every AWS account that is provisioned is secure and auditable with CIS benchmarks. When coupled with an AMI Factory, the team is able to create, verify and distribute AMIs that are standardized for compliance, providing DevOps security.
- Advanced, secure VPCs were provided to the customer with Transit VPC, shared services VPC and a VPC Factory.
- Flux7 and its client’s teams worked together to install monitoring and logging with Amazon CloudWatch for event monitoring, AWS CloudTrail for logging and EBS Snapshots with Lambda and S3 for backups.
Last, the Flux7 DevOps team worked closely with the development, IT and security teams to teach them along the way the skills needed to configure and maintain their new AWS DevOps solution. The Landing Zone deployed by Flux7 provides the marketing company with a fast and secure platform for its next steps on AWS, helping ensure they avoid common and potentially costly mistakes that can lead to security, scalability and other critical issues. Moreover, the AWS Landing Zone created by Flux7 provides important guardrails to enforce DevOps best practices and offers flexibility for continuous iteration and documentation of the platform through code. It also includes access control, appropriate processes, and logging for audit purposes.
To learn more about how this enterprise gained AWS and DevOps skills while improving its security, download the full case study today.