Description: AWS Secure Cloud Environment

 

High Level Summary:

The client was preparing an early deployment of a multi-account AWS Organizations based cloud environment for Security accreditation for production workloads (ATO.).  All aspects of the environment had to meet Government of Canada ITSG (eq. NIST) standards.  In addition the environment required governance, security, and automation resources to support ongoing Operations requirements within the Cloud Centre of Expertise.

 

Objective:

Primary objective was to provide a combination of design & architecture to meet security, governance, monitoring and reporting requirements, in combination with hands-on development and deployment of resources via Terraform Infrastructure as Code.

Secondary objective was to layer enhancements and efficiencies to operational processes and resources, using Terraform Infrastructure as Code, Cloud Native (AWS) Resources, and Third-Party integrations

 

Challenges and Risk Mitigation:

Primary challenges were driven by limited internal staffing resources, and required complex code and pipelines to be delivered, highly documented, and implemented in a manner to support a low-touch deployment and operational perspective.  Automation and tight integration with AWS serverless, and event driven architecture provided efficient and efficacious solutions.