Financial Services

Financial Services on AWS case study

Executive Summary

As part of their Digital Transformation journey, the Financial Services institution required a reliable platform to allow their customers to purchase insurance in a simple and effective way.

Francioni helped in the architecture, design and implementation of the AWS services. Delivering the landing zone following AWS multi-account structure best practices.

Implementing Infrastructure as Code using CloudFormation and the CI/CD Pipelines, to make sure that environments are 100% aligned and automated, delivering value to the end customers quickly and reliably.

The Challenge

DevOps pipeline ready from the beginning

The development team ramped-up very quickly when the project started. As a result, we had to ensure that they had an integrated environment from the beginning in order to develop and do their end to end testing. This is a key point in order to avoid delays in the project and reduce risks.

Eliminate developer's time spent on deployment tasks

One key requirement was to have the DevOps pipeline 100% automated and remove the constant need for developers to deploy code on different environments for testing teams.

Security

A key requirement for Financial Services is the Security and Controls. Even though there was a tight time frame for delivering the platform, we had to implement and demonstrate the security controls, compliance and governance.

The Solution

Francioni designed and implemented the AWS landing zone automation, which includes the baseline services such as AWS account structure, AWS Organizations Service Control Policies, Guardrails, Networking and Security Services. The implementation leveraged AWS Services such as AWS Control Tower, AWS Organizations, AWS Security Hub, AWS Config, Amazon GuardDuty, and other services. Since we had multiple accounts we had to ensure that the same resources and controls were implemented across multiple AWS accounts in multiple environments. This was achieved by leveraging AWS CloudFormation applied to multiple accounts and AWS CloudFormation StackSets.

For the application runtime, we have selected AWS ECS Fargate to deploy the application containers, leveraged Amazon Cognito for the end user's identity and Amazon Pinpoint to send notifications to the users. For the database we have decided to use Amazon Aurora MySQL.

The DevOps process was implemented leveraging AWS native services such as AWS CodePipeline and AWS CodeBuild. These services are responsible for building the applications, executing tests and deploying the application across multiple environments.

Results and Benefits

Application Runtime

By leveraging AWS ECS Fargate and Amazon Aurora, we managed to eliminate the heavy lifting of having to manage compute capacity and patching operating systems. This allowed us to deliver the solution quicker, and also provided increased availability and reliability.

CI/CD providing faster time to market

The AWS native CI/CD pipelines allowed the application to be built, tested and deployed within minutes across multiple environments. This allowed new features to be available to end customers faster.

Cost benefits

By using AWS CodePipeline and AWS CodeBuild, which are AWS managed services, allowed us to reduce the operational costs and maintenance of CI servers. As a result, our developers could focus in delivering new features.

By using AWS ECS Fargate and Amazon Aurora allowed us to scale out the infrastructure when needed, providing a better customer experience and keeping the costs down when not required.