Department for Work and Pensions
The Department for Work and Pensions (DWP) are the UK’s biggest public service department administering the State Pension and a range of working age, disability and ill health benefits to around 20 million claimants and customers. The Department for Work and Pensions (DWP) are responsible for welfare, pensions and child maintenance policy.
The Department for Work and Pensions (DWP) recently completed a migration from Private to Public Cloud with a significant proportion of the estate residing in Amazon Web Services (AWS). As part of the migration the DWP established a Cloud governance model with the formation of the Hybrid Cloud Services department.
In order to govern the configuration of the AWS estate to align with central DWP policy a solution named “Cloud Manager” was developed. This is a custom build solution used to interrogate and correct the configuration of the current AWS deployment across multiple departments and accounts.
As the scale of the DWP Cloud usage had grown to in excess of 200 AWS accounts, the existing Cloud Manager service was no longer fit for purpose, both functionally and in terms of its operation. The existing application suffered from memory consumption, thread memory leaks, duplication of services and repeated deployment failure.
Ubertas Consulting developed and deployed the new ‘Cloud Manager’ solution as a proof-of-concept project to trial various services and business processes.
The new Cloud Manager solution uses primarily AWS native tools and services to deliver the required functionality.
Ubertas Consulting worked with the Department for Work and Pensions (DWP) to re-develop and re-deploy the new ’Cloud Manager’ service.
This solution utilises AWS native tools to provide an event driven and decoupled architecture which can be used to manage and configure the DWP environment in a fast and fully automated way.
Serverless architecture allows us to build and run applications and services without having to manage infrastructure.
Serverless technologies; API Gateway and Lambda were used to transfer files from DWP’s version control Gitlab into their AWS environment which is then processed by CodePipeline.
CodePipeline is a fully managed continuous delivery service that allows for automated updates to applications and for the collection of zipped files from the S3 bucket which are then sent to CodeBuild.
CodeBuild performs logic on those files which led to the relevant deployments in the DWP infrastructure.
Infrastructure as Code
Cloudformation StackSets were utilized to provision multiple accounts in DWPs AWS estate in an efficient manner.
The replacement Cloud Manager Solution enabled the Department for Work and Pensions (DWP) to realise the following benefits:
- Helped the DWP to realise the additional benefits and functionality of AWS to improve the reliability and scalability of their AWS estate;
- The new solution resolved 90% of the bottleneck’s users experienced with the previous Cloud Manager solution;
- The use of native AWS services is scalable, more efficient and are less prone to memory consumption issues and future proof;
- The new solution used a decoupled architecture which made their infrastructure easier to maintain and update;
- The new solution uses Infrastructure as Code (Cloud Formation) which is version controlled and so changes to the infrastructure can easily be tracked;
- It is fully automated and therefore relies less on manual interventions;
- Supports faster application changes;
- A much simpler and manageable set-up.
The new solution is event-driven and proactive by allowing management of incorrect configurations, enabling errors to be flagged and resolved efficiently. There is reduced manual and user interaction as the system no longer times out.
Costs are only incurred when services are used through using AWS Managed Services, supported through the On-Demand pricing mechanism.
Running code or any operations takes only minutes, thus reducing operational time and costs.
|Management & Governance||
|Networking & Content Delivery||
|Security, Identity & Compliance||