About Client
A large bank in Ireland with EUR 3.7 B annual revenue.
Key challenges
The bank had widely adopted AWS cloud but was concerned about security and governance issues while releasing new Golden & Project AMIs in the cloud environment, as well as managing the lifecycle of AMIs and monitoring the AWS infrastructure.
Actions
We designed an end-to-end golden AMI/Project AMI automation pipeline inbuilt with CIS level 1 and 2 guidelines, and custom in-house security checks passed via a secure DevOps pipeline. The entire AMI lifecycle management is automated and governed through a fully automated DevOps/DevSecOps pipeline. We used CloudWatch to set up monitoring across the bank’s infrastructure and applications for specific projects.
Outcome
As a result of our work, we fully de-risked the cloud security issues around rolling out secure AMI deployments, and reduced new AMI release timelines from months to hours. We delivered a fully automated pipeline with one-click-to-release for new customized AMIs.
