Invisibl Cloud helps Fractional Mission to centrally implement Governance for AWS Accounts
About Customer
Fractional Mission revolutionizes the landscape of alternative investments by providing asset managers and owners with a platform for fractional ownership in a diverse array of real world assets—from real estate, solar energy to wind farms.
- The Business Challenge
Fractional Mission’s investment platform is backed by multiple systems that run on various AWS accounts. The AWS infrastructure was spread across 100+ AWS accounts using various AWS services.
Due to the large number of AWS accounts implementing governance and security controls became a tedious, time consuming exercise.
Fractional Mission wanted to consolidate the AWS accounts and centrally implement governance and security controls.
- Key Requirements
The proposed solution should meet the following key requirements:
Consolidate 100+ accounts into limited set of accounts.
Centrally implement AWS account level controls.
Migration of existing CI/CD pipelines as part of the account consolidation exercise.
Automation for account provisioning using Infrastructure as Code templates.
- Invisibl Cloud Solution
Invisibl Cloud performed a detailed analysis of existing AWS footprint of the customer and implemented the following.
Consolidation of 100+ AWS accounts to 30 accounts.
AWS Organization and OU Structuring.
AWS Control Tower for Landing Zone & Controls.
OU based access control to accounts.
Implementation of AWS Organizations Service Control Policies.
Laceworks integration for compliance enforcement based on CIS & PCI standards.
CDK based Infrastructure as Code implementation.
Security Policy & Governance enforcement using Cloud Custodian.
Bit Bucket to GitHub migration of 50+ repos.
Consolidation of repos.
CI / CD Pipeline migration from Circle CI to GitHub Workflows.
CDK based Infrastructure as Code implementation.
Serverless Framework to CDK Migration
"Invisibl Cloud Architects & Engineers have a very deep understanding of the AWS Cloud. The entire AWS Account consolidation exercise was well planned and executed by them with no disruption to the business."
- The Outcome
- Streamlined DevOps processes for account creation and infrastructure provisioning through Infrastructure as Code templates.
- Simplified AWS Account Management by consolidating from 100+ accounts to a handful of accounts.
- Improved Security & Compliance by centrally applying security and governance controls.
- Reduced downtimes during deployments through robust CI/CD pipelines.