A leading Canadian media company needed assistance migrating its workloads from a self-managed AWS environment to AWS Control Tower. HCLTech helped streamline account management, enhance governance and ensure a smooth transition without disrupting business-critical operations.
The Challenge
- Migration complexity: Transitioning from a self-managed environment to AWS Control Tower without downtime
- Governance and compliance: Ensuring compliance across 140+ AWS accounts under the new governance framework
- Account management: Managing many AWS accounts while minimizing operational disruption
The Objective
The goal was to implement AWS Control Tower for centralized governance, improved compliance and streamlined account management.
- Current environment review: Analyzed existing AWS Landing Zone (ALZ) structure and identified governance and account management gaps
- Migration planning: Developed a detailed roadmap for migrating workloads and accounts with minimal impact on operations
The Solution
HCLTech facilitated the transition to AWS Control Tower:
- Control tower setup: Designed and implemented the Control Tower environment with Organizational Units (OUs) to streamline account management
- Migration execution: Migrated all resources and workloads from ALZ to Control Tower, ensuring seamless service continuity
- Customization and automation: Customized Control Tower settings to fit the client's security and operational needs, automating account creation and security posture enforcement
- Post-migration support: Provided ongoing support for monitoring and log management integration with third-party platforms
The Impact
- Automated account creation: Reduced manual intervention by automating the account creation process within AWS Control Tower
- Centralized governance: Centralized management of policies and compliance across 140+ accounts
- Improved scalability: Provided a flexible environment for expansion, supporting current and future cloud operations
- Operational efficiency: Minimized downtime during migration and streamlined ongoing operations post-migration
AWS services used:
AWS Control Tower, AWS Organizations, AWS CloudTrail, AWS Config, AWS Lambda
