GDPR compliance and high availability of an e-commerce site through DevOps transformation

Scott Sports is a 60 years old company that develops cutting-edge technology sport’s equipment’s. They early built their e-commerce platform on AWS to support their business need of product distribution, first by being B2B only and now by targeting the B2C channel. This platform have a worldwide presence and support many brands owned by Scott Sports (Scott Sports, Poivre Blanc, Dolomite, … ) which means they now have less downtime windows to manage the platform.

“Organization focused on delivering e commerce customization”

“DevOps foundation with many manual activities (e.g. infrastructure, deployment)”

“Product based eCommerce platform powered by SAP Hybris”

“Not yet fully compliant with GDPR requirements”

First we’ve worked with Scott Sport’s technical team to assess the situation, this was done by performing a series of exploratory & projections workshops. Then we’ve exposed to them our recommendations and we built with them a 1 year roadmap achieving their target.

Among the large number of topics covered, the following 3 projects have been successfully delivered :

Mass migrate workloads between regions

During this agile migration that moved all US workload from a US region to a EU region, we had to respect a new constraint that improved the segregation of assets by introducing multiple new accounts, each one dedicated to a specific purpose. We also took advantage of this migration to introduce the usage of CloudFormation and Ansible which helped us having a high level of automation and reliability the moment we were provisioning all the assets.

Implement Cloud Governance for using AWS at scale

The challenge of any company using AWS is to control the cost and the security without limiting the experimentation and the innovation. To do so we’ve initiated a strategy, based on a set of rules we defined, automatically enforced across all the isolated AWS accounts using tags, AWS Config and remediation actions .

Go serverless with DevOps

To ensure a high level of reliability and to be sure that the delivery toolchain is always ready to use, we’ve made use of CodeBuild and their environment custom image feature to build Hybris source code using a Hybris Docker image we’ve built. Then we’ve created the CodeDeploy templates managing the deployment workflow of Hybris’s servers and we’ve used a CodePipeline instances to orchestrate all the steps that deliver the application from the source code to each of the servers in a multi AWS account context.