With its freight forwarding cloud solutions in high demand, Flexport sought to maximize its team resources.
Flexport worked with NTT DATA to implement automation that delivers best practice-based infrastructure with built-in security standards and self-service capabilities, allowing its engineering team to focus on building.
“Security by design is a key element to everything we build. As a rapidly growing company, we have the opportunity to establish security standards as we build from the ground up. The AWS-as-a-Service offering embodies that principle.”
Flexport is a rapidly growing organization that is reshaping how global trade gets done. Through its advanced technology, logistics infrastructure and supply chain expertise, Flexport provides modern freight forwarding services. Demand for Flexport’s cloud software and data analytics services has risen so quickly that the company has doubled in size over the past three years to keep pace.
Flexport began its AWS journey with a single account; yet, undergoing multiple years of explosive growth meant the company needed to scale out its AWS infrastructure. With team members’ time already in high demand, Flexport turned to the NTT DATA team to help. Flexport’s Cloud Infrastructure team led the charge, working closely with Flexport Engineering teams and NTT DATA’s AWS consultants.
NTT DATA helped Flexport implement automation that delivers infrastructure built with cloud and security best practices, and self-service capabilities that abstract away the complexity of multi-account AWS account architectures.
To establish a secure foundation for workloads, a baseline is necessary, which was achieved for Flexport with NTT DATA’s Build Cloud Foundations solution. It creates a secure, scalable and extendable cloud structure with AWS services including AWS Control Tower. These services work together to form a security baseline that enables greater agility and flexibility through a sound foundation.
Using AWS Control Tower
AWS Control Tower makes it easy to set up, govern and secure multiple accounts using built-in AWS services. New accounts can be quickly provisioned using the AWS Control Tower dashboard and it provides built-in guardrails to protect AWS accounts. The first step to deploying the new solution was to enable and enhance AWS Control Tower’s Account Factory with a customization pipeline. The customization deploys:
Self-Service Networking at Scale
To avoid networking challenges that can crop up when creating new accounts, NTT DATA helped Flexport achieve networking at scale with self-service patterns that create a unified, secure, scalable and extendable cloud foundation.
"Our goal is to empower engineering to focus on building Flexport’s platform for global logistics rather than worrying about the complexity of underlying multi-account AWS infrastructure. We do this by abstracting away the foundational infrastructure, giving the team an AWS-as-a-Service offering managed and maintained by our Cloud Infrastructure teams,” said Taylor Merry, Flexport Director of Security Operations. “Thanks to new layers of automation, this offering has improved our overall productivity while standardizing security efforts, which means we can spend more time on the company’s growth initiatives.”
Within the AWS Service Catalog self-serve solution, engineers can access a portfolio of pre-approved network products, streamlining the coordination between teams for network product requests while providing standardized network solutions. The self-service pattern includes VPC deployment, IP address space management, AWS Transit Gateway, and network connectivity.
Secure account best practices
Every AWS account is provisioned to ensure security best practices are built in with:
The entire Flexport solution is based on AWS and industry best practices that result in a foundational architecture built with security best practices. “Security by design is a key element to everything we build,” said Merry. “As a rapidly growing company, we have the opportunity to establish security standards as we build from the ground up. The AWS-as-a-Service offering embodies that principle.”
Flexport has established automation that delivers self-service capabilities to its engineers, abstracting away underlying complexity so they can focus on building Flexport’s platform for global logistics. With a network that scales to fully deliver on the cloud’s promise of greater agility, Flexport has the business flexibility it needs to quickly pivot to changing market demands and customer needs, ensuring its continued momentum.