AWS Migration for Improved Operational Efficiency


Ecommerce fashion platform


Cloud, Back-end, Front-end, QA, DevOps, Web


E-commerce & Retail


AWS, Node.js, TypeScript, Jenkins, Kubernetes, Docker

Project type

Cloud Migration, BPA


A multi-brand retailer based in Canada, it specializes in selling designer fashion and high-end streetwear. Since 2003, the platform has grown to deliver products to 114 countries worldwide, supporting websites in multiple languages, including Chinese, French, English, Japanese, and Korean​​. It generates an average of 100 million monthly page views. 

Business needs:

- Develop a new e-commerce system functionality to improve the return of goods, loyalty programs, customer notifications, etc.

- Adapt the AWS infrastructure to be more scalable and flexible, allowing for efficient handling of varying workloads and growth.

- Develop a more effective access control system to minimize risks of cross-environment errors and grant developers the necessary autonomy.

- Distribute AWS resource ownership and management to alleviate bottlenecks and enhance agility in the development process.

- Establish a comprehensive business continuity and disaster recovery strategy aligned with application needs and infrastructure capabilities.

- Restructure the AWS accounts to enable precise cost tracking and attribution, facilitating better financial management and decision-making.

Suggested solutions from Svitla:

- Adopted a Client-Oriented Approach: Focused on implementing new features and developing new pages in the e-commerce system, prioritizing customer needs and feedback to enhance the overall user experience.

- Implemented AWS Control Tower and Landing Zone: Deployed AWS Control Tower to enforce and manage governance, security, operations, and compliance across AWS accounts. A well-architected multi-account environment was established via Landing Zone, setting a baseline for multi-tenant architecture and security.

- Organized AWS Accounts with AWS Organizations and OUs: Structured AWS accounts within Organizational Units (OUs) for application environments, set permissions, restrictions and policies at the OU level, and ensured all accounts followed a standardized baseline configuration.

- Centralized Security Management: Utilized AWS Security Hub service to collect data across all accounts into the "Security" account, giving the Security team full visibility and ensuring compliance. Consolidated AWS CloudTrail logs, AWS Config, and VPC Flow Logs into the "Log Archive" account for enhanced security management.

- Standardized Access Control with Okta and AWS SSO: Provided all user access to AWS accounts through Active Directory group memberships, managed by an ITOPS ticketing system, and centralized all AWS account access and permissions via AWS Single Sign-On, moving away from IAM users to IAM roles with short-living access keys.

- Distributed Infrastructure Management: Platform teams centrally managed Terraform code for Legacy and Shared accounts, while domain teams managed infrastructure in a distributed manner for domain-dedicated AWS accounts.

- Transitioned to Modern Networking: Replaced VPC-peered environments with modern network architecture using multiple AWS accounts, AWS Transit Gateways, Route53 private resolvers, Security Groups, VPC endpoints and prefix lists, and site-to-site VPN to the office’s network. Multiple application deployments in the same environment could speak to each other via a shared account, and the Cisco CSR router controls outbound connections.

- Implemented a Migration Strategy: Developed a re-platform scenario to migrate self-managed services to native cloud services. Among them, Kubernetes cluster, MongoDB databases and ElastiCache were migrated to Amazon EKS, Amazon DocumentDB, and Amazon ElastiCache, respectively. 

- Disaster recovery scenarios: Implemented, tested, and documented disaster recovery scenarios, leveraging the built-in DR features of AWS cloud services like Amazon DocumentDB global cluster and IaC approach using Terraform.

Value delivered

Successfully increased profits by seamlessly integrating a new customer loyalty program, directly contributing to higher customer retention and increased sales.
Upgraded the e-commerce admin platform, enabling the onsite marketing team to efficiently manage orders, tracking, returns, accommodation services, and email notifications, thereby enhancing operational efficiency.
Significantly improved the visual representation of goods and overall user interface, leading to a better shopping experience and higher customer satisfaction.
Old-fashioned single-account setup was transformed into multi-account domain-dedicated AWS accounts providing significant security and observability.
Migrating to AWS cloud-native services enhanced our system's resilience and manageability, supporting scalable growth while simplifying maintenance. This move to fully managed cloud services further ensured GDPR compliance and boosted application performance and availability with serverless services.
Effectively tackled the high risk of mistakes, scalability issues, and the complexity of access control by transitioning to isolated yet integrated application environments, ensuring scalable, secure, and efficient infrastructure management.
Implemented disaster recovery scenario significantly improves business continuity and data protection.