How Web3 Pro Leveled Up Their Cloud Game with AWS

Leveraging AWS Control Tower and Account Factory for Terraform to Optimize Web3 Operations

How Web3 Pro Leveled Up Their Cloud Game with AWS
💡
This project was executed while I was working as a Cloud Architect at Caylent.

🏢 ABOUT THE COMPANY

Web3 Pro is the first white-label Web3 B2B SaaS platform designed to provide companies with enterprise-grade marketing, gaming, and record authentication applications.

Since 2017, they have helped premium brands like Lamborghini, Ducati, Lotus Cars, Atari, Adidas, Google, EY, and Juventus boost revenue streams and enhance consumer engagement by monetizing their digital identity through NFTs sold as authentic collectibles and in-game items (such as skins).

⛰ CHALLENGES

Web3 Pro aimed to establish order within their AWS environment. Our collaboration began because the client faced issues with an expanding set of AWS accounts. They sought to utilize Control Tower and Landing Zones to develop a deliberate account strategy while integrating AWS best practices for security and compliance.

Web3 Pro had ten existing AWS accounts they wanted to enroll in Control Tower. These accounts served various purposes, including subcontractor environments, development, staging, and production.

✅ SOLUTION

I helped Web3 Pro by providing expert guidance on leveraging AWS Control Tower, Account Factory for Terraform, AWS Organizations, and AWS IAM Identity Center (formerly AWS SSO).

This approach not only enabled the client to evolve and scale their systems over time but also reassured them about the project's direction.

During this engagement, I performed various tasks, including:

  • Conducted a comprehensive security workshop, presenting the AWS Shared Responsibility Model, sharing experiences with similar clients, discussing general best practices, and recommending a strategic direction. This thorough approach instilled confidence in the project's security measures.

  • Established security, governance, and compliance requirements.

  • Reviewed existing process governance, frameworks, standards, and controls.

  • Identified technical requirements based on the client's internal standards and workload isolation needs for business units and regulatory requirements.

  • Defined the AWS Control Tower mandatory, strongly recommended, and elective controls to apply in their new account strategy.

  • Enabled account-level security services, including GuardDuty and CloudTrail.

  • Determined thresholds and configured the initial budget and alarms to manage infrastructure costs effectively.

  • Established a tagging strategy for cost and inventory tracking.

This is the new accounts structure that was implemented for Web3 Pro:

To implement this architecture, I configured AWS Control Tower and AWS Organizations to build and deploy the new account structure via integration with Account Factory for Terraform. This setup allowed us to enroll existing accounts into the new organization.

Finally, I advised and assisted the Web3 Pro team in understanding how they could leverage the delivered setup to create new accounts. All this information was documented and published in their internal Confluence knowledge base.

🏆 OUTCOMES

By successfully implementing AWS Control Tower and Landing Zones, Web3 Pro can achieve a more secure, compliant, and efficient AWS environment, ultimately driving business growth and innovation.

This project delivered many benefits for Web3 Pro business, such as:

  • Improved Security Posture: Using best practices, enhanced security with AWS GuardDuty and CloudTrail.

  • Governance and Cost Management: Established a governance framework and implemented a tagging strategy for better cost control.

  • Streamlined Operations: Automated account provisioning with Account Factory for Terraform and simplified management via AWS Control Tower.

  • Accelerated Innovation: Enabled faster account provisioning for development and testing, improving market responsiveness.

  • Scalability: Created a scalable infrastructure for future growth and increasing workloads.

  • Compliance: Enhanced adherence to industry regulations, reducing security breach risks.

  • Competitive Advantage: Offered secure and compliant Web3 solutions, boosting brand reliability.

  • Increased Revenue: Achieved quicker product launches and improved customer satisfaction.

  • Sustainable Growth: Realized long-term cost savings and increased efficiency through optimized infrastructure.