Sign up for our newsletter! →
A global education technology provider, offering a Software-as-a-Service (SaaS) Learning Management System (LMS), needed to expand into new AWS regions while preparing for SOC 2 compliance. They sought a robust DevOps solution to codify infrastructure and streamline deployments. By partnering with HanaByte to implement AWS Landing Zone Accelerator (LZA), AWS Control Tower, and CloudFormation StackSets, along with CI/CD pipelines powered by CodePipeline, CodeBuild, and CodeDeploy, this organization achieved automated multi-region deployments in under an hour. Additionally, they lowered operational costs by 20% and laid the foundation for a SOC 2 audit.
This customer operates in the education technology sector, delivering a full-featured LMS as a SaaS platform. They provide 24/7 access to curated learning paths, supporting both enterprise clients and educational institutions. With a growing global customer base, they required a reliable way to extend services seamlessly to new regions without compromising compliance or performance.
Already using AWS for part of their existing infrastructure, the customer expanded on the platform due to its global reach, scalability, and extensive portfolio of SOC 2-compliant services. They recognized AWS’s ability to support rapid deployment of secure, multi-region environments—critical for their growing LMS SaaS offering. The combination of built-in compliance features and a mature ecosystem of services made AWS a natural choice to further their expansion plans.
The customer had been an early adopter of AWS, but much of their infrastructure was deployed manually without fully adhering to best practices. Over time, various legacy scripts and some AWS Serverless Application Model (SAM) templates provided partial automation, but these were insufficient to handle new region expansions or align with SOC 2 compliance requirements. Without a robust, repeatable way to provision and manage AWS accounts, the customer risked escalating operational overhead, costly misconfigurations, and non-compliance with industry regulations. Faced with the imperative of global expansion and the looming SOC 2 audit, they urgently needed a standardized and automated approach.
AWS Services
AWS Control Tower
AWS CloudFormation
AWS CodePipeline
AWS CodeBuild
AWS CodeDeploy
AWS Organizations
AWS Lambda
AWS API Gateway
Amazon S3
Amazon RDS
Amazon EC2
Third Party Integrations
BitBucket
Apache Tomcat
The customer selected HanaByte because of its blend of DevOps, security, and compliance expertise—all critical components for a successful IaC strategy and SOC 2 preparation. HanaByte’s proven experience in deploying AWS Landing Zone Accelerator (LZA) and expertise in automating account creation and governance helped them stand out from other partners and the in-house approach that the customer had considered. Resource constraints and tight timelines further solidified their decision to engage with HanaByte to quickly achieve results without compromising on security or compliance.
HanaByte began by spinning up a new AWS Organization and implementing the AWS Landing Zone Accelerator (LZA) aligned with the AWS Well-Architected Framework. This included setting up a secure baseline, guardrails, and best-practice configurations across multiple AWS accounts and regions—particularly focusing on the European and U.S. West regions.
CloudFormation StackSets were used to create and manage reusable templates, ensuring consistent infrastructure across accounts. Bitbucket served as the version control system, triggering AWS CodePipeline whenever commits were made. CodePipeline orchestrated the build and deployment phases via CodeBuild and CodeDeploy, enabling continuous integration and delivery of both the LZA and custom CloudFormation templates. AWS Control Tower was also leveraged to provide a standardized, multi-account environment, making it simpler to roll out new accounts with guardrails and compliance controls preconfigured.
HanaByte conducted knowledge transfer sessions throughout the project, ensuring the customer’s team understood the newly automated processes. This enabled the organization to take ownership post-deployment and remain confident in maintaining and scaling the solution.
The solution delivered both immediate and long-term benefits. By codifying all infrastructure with AWS LZA and AWS CloudFormation, the customer can now launch new AWS accounts in under an hour—drastically faster than the manual process that could take weeks. Automated guardrails and governance reduced inconsistent deployments, which previously led to errors and security gaps.
Financially, the organization realized a 20% reduction in operational costs through more efficient resource utilization and optimized deployments. They also freed up their internal teams, allowing them to shift focus from day-to-day AWS configuration tasks to higher-value activities, such as strategic security planning and feature development. Critically, the comprehensive and repeatable infrastructure framework puts them on track for a successful SOC 2 audit, ensuring they meet regulatory and customer expectations for data security and privacy.
Post-deployment, the customer received comprehensive documentation and participated in multiple training sessions. This prepared their staff to maintain and adapt the AWS environment, ensuring long-term sustainability and compliance for their rapidly growing SaaS platform.
HanaByte is a cloud security consultancy focused on compliance automation based out of Atlanta, Georgia. We are a remote-first consulting firm, working with cloud-native technologies and processes on Amazon Web Services and Google Cloud.
Join our satisfied clients and experience customized protection. Contact us now to start your journey.
