The Orbit Blog

How we helped a multinational recruiting firm run their Windows-based business applications on the AWS platform. The Customer Our client is a recruiting firm with locations across the globe. Last year alone they placed tens of thousands of people in permanent and temporary employment positions. We were engaged by the Americas business unit to help them better leverage the AWS platform by speeding up deployment and development work, as well as streamlining the maintenance of the business applications running on AWS.

How we helped a Canadian-based multinational automotive manufacturer deploy a Windows-based SSO solution to support their national Content Management System (CMS). The Customer Our client is a multinational automotive manufacturer with operations located in Canada. We were engaged by the Canadian team to help migrate their existing national CMS to the AWS platform. As part of the migration process we also had to design and deploy a Single Sign On (SSO) solution based on the Windows platform.

Summary of Environment A large automotive manufacturing company approached us to help them with a hybrid deployment of a commercial content management system (CMS) on the AWS platform. Once deployed, the solution would provide services to a network of dealers across Canada. We worked with their in-house team to develop and implement a solution based on AWS CloudFormation and integrated it with GitLab. By combining the Continuous Integration (CI) capabilities of GitLab with the native functionality of AWS CloudFormation, we were able to create a system which allowed fast, efficient and repeatable deployments across multiple environments - including production - and AWS accounts.

Summary of Environment A multinational recruiting firm required a large hybrid deployment to support their main business functions in North America - including, but not limited to, payroll, finance, and time tracking. AWS CloudFormation is used to manage all environments - including production - across several AWS accounts and AWS regions. We took a ‘microservices approach’ to the creation of the templates used to deploy and maintain the environment. Virtually all aspects of the AWS deployment are managed via small, easy to operate and maintain CloudFormation templates.

Yes, you have responsibilities. Just because you’re using someones else’s computer doesn’t mean you get to ignore all the boring stuff and hope that someone else takes care of it for you. Want to know who’s responsible for what? Make sure you read the [AWS Shared Responsibility Model] (http://aws.amazon.com/compliance/shared-responsibility-model/). Here’s the Coles notes version for those of you who still won’t read it. AWS is responsible for the security of the cloud; you are responsible for security in the cloud.

EC2 is one of the ‘big three’ of AWS spending. In many cases, the majority of your AWS bill is made up of EC2, EBS, and RDS consumption. Reducing EC2 spending is easy - You don’t need fancy tools or in-depth analysis. When a resource like an EC2 instance isn’t in use - shut it down. If your Proof-of-Concept (POC) project is complete - terminate the resources. We recently worked through this process for a customer - you can see the results below.

In a recent post, I shared details of the AWS Security Auditprogram offered by Curious Orbit. Today I want to show you how this program helped a real customer. 3rd party validation to verify security requirements CASHiQ is a FinTech startupcompany based in Hamilton, Canada. The company produces a third party application that financial advisors can use to improve efficiency through online interactions. For example, the app can be used to store documents, share portfolio information, and even correspond with clients in real time.

The AWS Well Architected Framework (WAF) is a series of documents maintained by the subject matter experts at Amazon Web Services. The goal of the Well Architected Framework is to provide you with guidance on how to build more flexible, resilient, secure, cost-effective solutions on the platform. Currently, there are five ‘pillar’s, three ‘lens,’ and an overview document. Pillars consist of the following documents: Operations Excellence Security Reliability Performance Efficiency Cost Optimization The three lenses are:

If you’re running solutions on the AWS platform, you most likely have a Virtual Private Cloud (VPC). The majority of deployed VPCs don’t have an essential feature enabled - VPC Flow Logs.VPC Flow logs provide insight into the traffic flowing in (and out) of your VPC. You can enable logging for an entire VPC, subnets or network interfaces within a VPC. During the setup process, you can decide what you want to record - Rejected, Accepted, or All traffic.

A few weeks back, my nephew spent a few days with us to finish his March break. Like many gamers, he spends most of his time in Fortnite, but when he arrived, he reminded me about our AWS Minecraft server from the previous year. His memory is (much) better than mine, so I had to go digging - but I found the Amazon Machine Image (AMI) we created when we mothballed the Minecraft adventure from the year before.