Global bank migration to AWS (on-premises API platform)

Challenges
  1. Complexity of the platforms and systems.
  2. Thousands of APIs to migrate or assess for impact.
  3. Hundreds of customised API policies to reduce and simplify in the new Target Model.
  4. Setting up the AWS infrastructure and automation to allow the creation of Gateways to manage access to the back-end.
  5. Complexity in the IaC and infrastructure automation using Jenkins, Terraform and Helm chart.
  6. Security and sensitivity in accessing mainframe based APIs and applications.
  7. Time, money, stakeholder management.
Industry: Finance Global Bank

Very competitive market which usually means the mandating of cloud native deployments and automatic scalability.

Solution
  1. Target Model greatly different than legacy model, based on Kubernetes and Containers to allow scalability and elasticity.
  2. AWS EKS and other components chosen and all services and pipelines were patterned and standardised.
  3. Automation in the migration of policies and code adopted and standardised.
  4. In the target model ‘standard’ plugins or policies used if possible, with some exceptions based on security risks and use cases.
  5. Patterns using Jenkins pipelines, Terraform and Helm built and deployed as templates and standards.
  6. Agile processes and small teams were setup to address specific parts of the overall migration.  Approximately 10 teams were needed to cover the entire landscape and complexity.
  7. Teams ‘joined up’ using Scrum of Scrums, planning sessions, demonstration of work done and coordinated cross-team delivery planning mapped to agile processes.
  8. Delivery was mapped to Architecture with engineering and security mapped to Architecture as well.
Benefits
  1. Migration process was systemic and followed a detailed roadmap.
  2. Agile was used with an emphasis on learning and adaptability.
  3. Requirements and scope changes were built into the Agile process as hands-on uncovered various issues, dependencies.
  4. Cross platform or cross team cooperation naturally developed.
  5. The target model was a standard set of patterns and automation.
  6. Security was built into all designs up front.
  7. The process was auditable and though at times slow, was thorough.
  8. Pre-production and Production environments were the same making a prod-deployment a non-event.
  9. Monitoring and Telemetry or Observability were built into the designs very early.
  10. Mapping of development and Operations or SRE was performed during the entire life cycle.