Secure and Scalable DevOps Solution with AWS – Alite International

By /

Secure and Scalable DevOps Solution with AWS

2019 – Today

CodePipeline, CodeBuild, CloudFormation, CloudFront, S3, Lambda, SNS, CloudTrail, CloudWatch, Parameter store, Secrets manager

APSIS creates personal and scalable marketing solutions that help companies reach their audience better and grow their business faster. 

They are known for always taking responsibility for what they deliver and for always finishing what they’ve set their mind on, providing scalable solutions for data-driven marketing in a complex world. 

They have teamed up with multiple leaders in the tech-providing industry to craft the perfect solution for their customers’ needs.

Problem Definition

To achieve excellence in their mission for simplifying the workloads of all their clients, APSIS had to overcome some challenges that were becoming an issue on the technical side of things. 

Their ambition was to: 

Since most of their products, platforms and solutions are deployed in AWS, they felt the need for moving or reshaping their on-prem CI/CD solution for their frontend services into the cloud.

The end goal would be that they will be more ready to handle the future demands with increased scalability, robustness, high availability, security and performance.

Proposed Solution

To help our client address all the above-mentioned issues we prepared a solution specifically for their needs. 

We decided to move the source code to GitHub and migrate the complete CI/CD for the frontend services to an AWS native pipeline. We organised the environments (stage, beta, prod) in different stages and separated the AWS accounts. Also, we introduced automated tests after deployment on each stage and added approval phases for reviewing/approving/rejecting the build/deploy sequence. To run things even more smoothly, we’ve introduced least privileges AWS cross-account roles and a central AWS CodePipeline. 

The central AWS CodePipeline is scripted in CloudFormation, making it even more robust in case of disasters – so it can quickly get up-and-running again. Overall, we are using 99% CloudFormation scripts for all resources and processes.

To approach and improve the audit and security part, we introduced CloudTrail and CloudTrail alarms on each account included in the DevOps processes. The central logging placed in an encrypted AWS S3 bucket account, dedicated to logging only. Finally, we are using Athena for interpreting logs and running queries for audit purposes.

The pipeline source code stage is integrated with GitHub repo and is listening on certain branches, which then launch the pipeline on push, merge, etc.

In addition, the CodeBuild job for stage environment is followed by a test phase with an automated UI testing using Ghost Inspector and then by a manual approval phase – meaning release managers are informed on email or slack whether they should approve/reject a certain release. 

After the approval, there is a separate stage for beta environment where we deploy and run all automated UI tests done by Ghost Inspector. Ultimately, we have a final approval phase for approving/rejecting deployment/release to production. 

The services we used are the following: CodePipeline, CodeBuild, CloudFormation, CloudFront, S3, Lambda, SNS, CloudTrail, CloudWatch, Parameter store and Secrets manager

Note: each environment (stage, beta, prod) is hosted on a separate AWS account. 

Outcomes of the Project

The results clearly show that now APSIS has better control and insights into their frontend product services. The implemented CI/CD processes resulted in a more confident, secure, robust, scalable and highly available solution.

Other benefits were the efficient CI/CD, the control over all deployment/release approvals, the shorten release times and also shorten build job times.

We achieved an increased number of daily releases, high availability of the CI/CD underlying services while avoiding the single point of failure. We also improved the overall security and audit.

Share This Post

Previous Project

Next Project

We are all about going the extra mile. We deliver not only the expected, but the wished. We work hard to understand what the challenge is, how we can help our clients fast and in depth. Our mission is to deliver the change and transform not only the business but also the way value is created.

Make it more human, more efficient, more visionary. We work closely with our partners not only to transform but to enhance the way the run their business using technology in the most efficient and inspired way

Copyright 2020 Alite International. All Rights Reserved

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top