ProfileSince its founding, this leading healthcare organization has been focused on improving the lives of people who are suffering. Through its use of best-in-class technology, it helps ensure safety, proper care, and best treatment options for patients in need. With a vision to respond to evolving healthcare challenges by providing its customers with superior technology and service, this healthcare organization is a leading innovator.
This healthcare organization aimed to further enhance its applications by implementing a microservices architecture and development model. The solution needed to build in high degrees of process automation and create repeatable, HIPAA compliant cloud infrastructure services. The team also desired greater visibility and agility to be more responsive to the business.
Together with Flux7, an AWS consulting partner, this organization’s IT team began building a service catalog that enables the development team to increase productivity by self-provisioning infrastructure that meets security and compliance requirements including critical separated role access. As in many organizations, this company’s development team was being tasked by the business to innovate more and more with its application — and database. The team realized that something needed to change in order to respond faster to the business. The decision was to move to a microservices environment. By breaking its single code base into small, individual services, the healthcare provider could much more flexibly and nimbly incorporate changes or introduce new services to the business.
A blueprint for the new microservices environment was created, with AWS ECS and Docker as the backbone. One of the initial concerns the team had was to create a new architecture and process flow that incorporated AWS automation, security controls, greater visibility, and repeatability of builds. As such, Flux7 recommended AWS Service Catalog to fill this role.
Flux7’s AWS Service Catalog solution brings the power of self-serve IT to this company’s AWS environment. In setting up the service catalog, Flux7 was able to identify the resources its development team would use most frequently in building its new microservices and went about the process of building a catalog that would serve these common requests.
First, the AWS DevOps experts at Flux7 coded these common development products using AWS CloudFormation, which provides the ability to provision AWS services, provision software, setup configurations, and even create resources outside of AWS. Once the CloudFormation template was created for a given product, it was sent to the IT and Security teams for review and approval. In this manner, consistency of security controls was applied to each solution that became an approved service catalog item.
With the AWS Service Catalog in place — and stocked with products for developer use — the joint development teams were able to easily achieve AWS provisioning of the assets they needed within minutes, from the AWS Service Catalog console.
This organization’s team has already begun cutting significant time from the development process by removing the asset request, approval and build time. This automation allows developers to work without a hiccup in their workflow, quickly going about the process of creating new microservices, while having confidence that they are provisioning a solution that is compliant with IT and security policies.
In addition to creating greater process standardization and repeatability of builds, AWS Service Catalog has given this healthcare company the opportunity to ‘fail fast’, knowing that they could easily start over if they needed.
In implementing this HIPAA-compliant microservices infrastructure, this healthcare provider presents a strong service catalog example and is able to achieve more for the business through AWS automation which results in higher productivity, more security, and ultimately greater business responsiveness.
AWS Service Catalog decreases the risk for this healthcare leader in that products are fully vetted for security and compliance while consistency in developer environments also serves to reduce risk and help it achieve consistent governance for both HIPAA and internal security compliance.
And, as the company’s developers are able to easily access and quickly deploy new AWS infrastructure through the catalog, they are able to much more quickly deploy new microservices clusters, databases, and individual microservices (as ECS services). By getting the resources they need when they need them, development is able to keep their work moving forward and build a foundation that would deliver greater long-term productivity for the business.
In addition to the Flux7 and internal teams reviewing each item in the service catalog for security and compliance requirements, the catalog offered important separation of duties. The Flux7 team recommended and collaboratively setup the healthcare provider’s Active Directory (AD) file system as a login provider to AWS. This means that permitted users are able to login to the AWS console using their AD credentials. In addition, Flux7 setup AWS Identity and Access Management (IAM) policies specific to AWS Service Catalog to ensure that AD groups had access to service directory products that correlate with their credentials.
In doing so, this organization’s employees are able to easily access the AWS Console and are given access to those products for which they were cleared. In this way, the two teams were able to create a clear separation of duties, for example between service catalog admins who had full access and developers who had a limited product view.
Post Date: 01/16/2017