01

Summary

The client mandated a move of the company’s legacy application stack to a cloud-enabled environment. To do so, the company required the expertise of a cloud partner experienced in AWS architecture and best practices. As an AWS Premier Consulting partner, Eviden, an atos business was selected to configure infrastructure automation and support testing of the environment before the applications went live on AWS.

03

Solution

Eviden, an atos business started by providing an assessment of the AWS environment based on best practices that are built to scale and grow as adoption increases, which included the design of a customized VPC configuration for the company. To deliver seven core business services (B2B and B2C) Eviden, an atos business engineered AWS infrastructure automation in a way that was parameterized and repeatable. This approach allowed for maximum reuse of CloudFormations, including VPC and individual application specific CloudFormations. Eviden, an atos business built delivery pipelines to establish end-to-end infrastructure automation, application deployment, and serverless architecture for each of the seven applications.

• Services Leveraged in this implementation

• API Gateway – used in combination with Lambda to authenticate users via a nodejs implementation

• Lambda – used in combination with API Gateway to authenticate users via a nodejs implementation

• Serverless – the serverless framework to make lambda deployments consistent

• CodeDeploy – used to automate deployment of configuration and application artifacts into instances where elastic beanstalk is not involved

• Elastic Beanstalk – infrastructure automation and deployment management; used to manage versions in specific environments; mostly driven using the API in pipelines

• Custom .ebextentions – to customize the configuration of each instance deployed by Elastic Beanstalk

• SQS – simple queue service is used in this implementation to integrate services as they pass data and tasks from one service to another

• RDS Aurora – mySQL compliant databases for all services; Met scale and performance requirements with the least amount of management overhead

• CloudFormation – automated entire infrastructure process through CloudFormation

• VPC – parameterized CloudFormations to deliver consistent VPC definitions throughout every account; keeps the environments consistent

• Jenkins – build and deployment orchestration; use of Jenkins pipeline to manage promotion of change

• CloudWatch – cloudWatch logging; CloudWatch alerting to monitor environments

• IAM – access control of users across accounts and environments; Use of IAM Roles to limit the use of access keys in implementations

Through the use of these technologies and adoption of best practices, the company was able to automate code deployments and begin setup of a streamlined continuous delivery pipeline.

Eviden, an atos business also implemented managed services for the company's new AWS environment, which included a 15-minute Service Level Agreement. These managed services include monitoring and alerting, backup, system patching, user and network management, intrusion detection, and vulnerability scanning. Eviden, an atos business ensures that all production systems are monitored and maintained, data is backed up according to the client’s retention policy, and data is available in the event of a disaster.

The product team could now to track every change, infrastructure, and code through the same pipeline process, ensuring that environments are effectively managed and versioned properly. This aspect of the solution also provided governance and auditability of every change, without a people and process heavy governance platform. Deployment of logging and endpoint monitoring using CloudWatch has assured uptime and fast response to escalated issues.