« CASE STUDIES

Woodside: Cloud native factory

Accelerating developer productivity in the cloud to go from zero to a cloud native solution in days.

Tags

Product DevelopmentApp ModernisationResources

Date

Nov 2021

Client

Woodside

The Client

Woodside is Australia’s largest independent oil and gas company with a global portfolio worth $28 billion dollars.


The company invests across its value chain to support operational excellence and reduce exploration, development and production costs. This includes advanced analytics and cognitive computing, IoT, 3D printing and the adoption of a flexible cloud native platform for specific software solutions.

Woodside's Pluto LNG Plant, onshore gas plantWoodside's Pluto LNG Plant, onshore gas plant

The Challenge

Woodside views digital transformation as a means to drive innovation. They are adopting cloud-native solutions to reduce both time-to-market and total cost of ownership for key systems. This enables them to make their workforce more agile and efficient.

However, increased development velocity potentially creates problems with security, compliance and operations.

A central InfoSec team is no longer an option for security issues or vulnerabilities. Woodside has opted to lift the overall security posture of all their teams by adopting a proactive, DevSecOps approach.

Many teams also leads to rework and lost opportunities as developers reinvent cloud solutions already adopted by other teams. A better method of cross team collaboration and sharing was required.

Woodside required a solution that would:

  1. Reduce the time for developers need to spend on non-value adding tasks.
  2. Reduce the barrier to entry for building cloud native applications.
  3. Improve compliance and reduce risk by providing guardrails for developer to work within.
  4. Provide continual assurance of the compliance status of deployed applications.
  5. Provide an easy model of collaboration for software development and security teams.

The Solution

Mechanical Rock developed an innovative architectural framework, the Cloud Native Factory, a solution that allows Cloud Native applications to be built using shared architectural patterns via AWS Service Catalog. Application patterns published to a centralised master portfolio are then distributed to local portfolios hosted in separate accounts.

The use of separate accounts makes workloads portable, reduces risk by limiting blast radius and allows team to optimise their tooling.

The solution implements the principles of the AWS Well Architected Framework in operational excellence, security, reliability, performance efficiency and cost optimisation.

The architectural framework for the Cloud Native FactoryThe architectural framework for the Cloud Native Factory

Enterprise DevOps at Scale

The Cloud Native Factory enables developers to quickly and easily build applications that are secure and scalable.

By providing approved architecture templates and automated build pipelines it enables developers to quickly and easily provision new application environments.

Using these pipelines makes it easy for them to adopt continuous delivery practices to rapidly and repeatedly deliver value.

Secure-By-Design

Secure-By-Design is a development approach that ensures security and privacy from the very beginning. Launch constraints are applied to shared products, allowing users in the account to launch products even if they do not have direct permissions to access the resources.

This allows end-users the ability to provision these resources, but only in approved configurations.

Single-Pane-Of-Glass Compliance

Products that are published to the master portfolio undergo significant review and must include a suite of tests that can be executed to confirm they are are compliant with mandatory security requirements; this is known as “Compliance-as-Code”.

These tests are scheduled to run against all the deployed instances of products that have been provisioned in an account. Results are aggregated to a central location to provide a view over the compliance status of all workloads.

The benefits of the Woodside Cloud Native FactoryThe benefits of the Woodside Cloud Native Factory

The Benefits

The Benefits of Continuous Delivery

The Benefits of Continuous DeliveryThe Benefits of Continuous Delivery

By introducing techniques such as Behaviour Driven Development (BDD) and infrastructure-as-code, the CNF allows teams to easily move to continuous delivery, reducing deployment times and risk.

Woodside Cloud Native Factory Benefits. 3 changes to production per day, everyday for 4 months.A snap shot of benefits from running the Woodside Cloud Native Factory





THINK WE CAN HELP YOU?

Get in Touch

Reach out to us and a member of our team will be in touch right away.

contact@mechanicalrock.io