AWS Control Tower Setup for Wine-searcher

Executive Summary

About Client

AWS Control Tower Setup

Wine-Searcher is a web search engine that helps find the price and availability of any wine, whiskey, spirit, or beer worldwide. It has been in operation since 1999 and has offices in New Zealand and the UK. In addition, They provide easy-to-use search engines, price comparison tools, an extensive database of wines and spirits, an encyclopedia, and news pages that aim to provide all “wine-finding” needs.

https://www.wine-searcher.com/
Location: New Zealand & UK

Project Background

Peritos expertly directed an AWS Control Tower setup for Winesearcher, thus optimizing their cloud infrastructure. Leveraging AWS Control Tower, the Peritos team streamlined governance and compliance, ensuring seamless scaling and enhanced security. This was needed as there were multiple different accounts the client wanted to consolidate accounts in addition to using organizations via the control tower. Additionally, Through meticulous configuration, we tailored the environment to Winesearcher’s specific needs, facilitating efficient resource management and cost control. With AWS Control Tower’s automation and governance features, Wine-Searcher gained a robust foundation for future growth, while Peritos provided invaluable expertise, empowering the company to focus on innovation and deliver an exceptional user experience in the dynamic wine market.

Scope & Requirement For AWS control tower Setup

Prerequisite: Automated pre-launch checks for your management account 

Step 1. Create your shared account email addresses 

Expectations for landing zone configuration 

Step 2. Configure and launch your landing zone 

Step 3. Then, review and set up the landing zone 

Implementation

Previous slide
Next slide

Technology And Architecture Of AWS control tower Setup

Furthermore, read on the key components that defined the Architecture for the AWS Control Tower Setup for Wine-Searcher

Technology/ Services used

We used AWS services and helped them to setup below 

  • Cloud: AWS
  • Organization setup: Control tower 
  • AWS SSO for authentication using existing AzureAD credentials
  • Policies setup: Created AWS service control policies
  • Moreover, Templates created for using common AWS services 

Security & Compliance:

  • Tagging Policies
  • AWS config for compliance checks
  • NIST compliance 
  • Guardrails
  • Security Hub

Network Architecture 

  • Site to Site VPN Architecture using Transit Gateway
  • Distributed AWS Network Firewall
  • Monitoring with Cloud Watch and VPC flow logs. 

Backup and Recovery

  • Furthermore, Cloud systems and components used followed AWS’s well-architected framework, and the resources were all Multi-zone availability with uptime of 99.99% or more. 

Cost Optimization 

  • Alerts and notifications are configured in the AWS cost 

Code Management, Deployment

  • Cloudformation scripts for creating stack sets and scripts for generating AWS services were handed over to the client  

Challenges In Implementing AWS control tower Setup

  •  Landing Zone Drift
  • Role Drift
  • Security Hub Control Drift
  • Trusted Access disabled

Project Completion

Duration Of AWS control tower Setup Implementation

Aug 2023 to Sep 2023  ~ 4 weeks

Deliverables for AWS control tower Setup

1. Control tower implemented
AWS Control Tower is a service built with a solid architecture that can , thus, assist your organization in meeting its compliance requirements by establishing controls and implementing best practices. Moreover, third-party auditors evaluate the security and compliance of several services available in your landing zone as part of various AWS compliance programs, including SOC, PCI, FedRAMP, HIPAA, and more.

2. Business Benefits
Ensuring compliance, therefore, and implementing best practices is crucial for any organization. With our solution, you can, therefore, set up a well-architected, multi-account environment in under 30 minutes. Moreover, The creation of AWS accounts is automated with built-in governance, ensuring that the set standards and regulatory requirements are met. You can also enforce preconfigured controls to adhere to best practices. Additionally, our solution enables the seamless integration of third-party software at scale to enhance your AWS environment.

Support

  • 1 month extended support 
  • A template for Cloud formation stack to create more AWS resources using the available stacks
  • In addition, Screen sharing sessions with demo of how the services and new workloads can be deployed. 

Testimonial

Awaited

Next Phase

We are now looking at the next phase of the project which involves:

1. 

 

 

 

 

 

If You Are Looking For Similar Services? Please Get In Touch

Read more