CTAC AWS DevOps Case Study for Automation Services

CTAC chose AWS (and over 20 AWS services) and several AWS technology partners to build the GSA intranet DevOps platform. CTAC was able to securely integrate AWS services with Jenkins, an open source automation server. Jenkins orchestrates multiple types of defined Jobs in which predefined processes can be established for each team/project. The Job categories we utilized include:

• Admin Only
• Build
• Deploy
• Utility

Three roles were established within Jenkins to include:

• Admin
• Developer
• Release Manager

The Admin role administers the systems and services, and manages permissions to project resources. The Developer role accesses project logs, initiates application builds, and performs actions on pre-production such as deployments and database loading. The Release Manager role has all of the same permissions as the Developer role, plus the ability to deploy to production. Each user needs to be provided both role type permission and project permission to access the specific, predefined Jobs.

The solution lessened the reliance on and burden upon the System Administrator group. While only the Admin has access to the systems, the Developer and Release Manager now have access to the logs and information necessary to diagnose issues without compromising the system. This allows real-time troubleshooting to determine the cause of potential build or runtime errors. Because each build creates the server from the most up to date templates — allowing this process to serve as automated patch management solution — every team is now directly involved in the patching process. This level of self-service greatly enhances the users’ ability to work in an agile environment, servicing their business needs and utilizing time effectively.  With multiple projects working in parallel, it was important to keep track of user actions. The solution provides traceability such that details of each user’s actions in the system are tracked.