Standardizing Infrastructure Across 19 AWS Accounts Using Harness IaCM
From fragmented Terraform and manual provisioning to a governed Golden Pipeline built for scale.
Customer Overview
The client is a high-growth organization managing a complex cloud footprint spread across 19 AWS accounts. To maintain their competitive edge, they rely on a robust infrastructure that supports rapid scaling and diverse environment requirements.
As their cloud presence expanded, the need for a unified approach to infrastructure management became critical to ensure security, compliance, and operational agility across their entire ecosystem.
The Challenge
The platform team was managing infrastructure with no consistent structure or governance, leading to significant operational friction. The lack of a centralized strategy created a "snowflake" environment where each account operated under different logic.
Key challenges included:
Fragmented Environments: Inconsistency across 19 unique AWS accounts.
Manual Workflows: Reliance on manual provisioning that slowed down deployment cycles.
Hardcoded Blocks: Terraform resource blocks were hardcoded, limiting reusability and scalability.
Tool Silos: Limited integration between Terraform (provisioning) and Ansible (configuration).
Operational Risk: High risk of configuration drift and complex troubleshooting.
The Breaking Point: As the environment scaled, small inconsistencies turned into major risks. Provisioning slowed to a crawl, and the issue shifted from a technical hurdle to a fundamental lack of control.
The Avyka Approach
Avyka leveraged Harness Infrastructure as Code Management (IaCM) to architect a "Golden Pipeline," standardizing infrastructure delivery and embedding governance into the core of the client's operations.
Solution Overview
Modular Architecture: Moved from hardcoded resources to a modular, config-driven Terraform structure.
Centralized Config: Utilized terraform.tfvars for centralized configuration management.
State Security: Implemented secure S3 backends for reliable state management.
Orchestrated Workflows: Built Harness pipeline stages that seamlessly orchestrate both Terraform and Ansible.
Dynamic Integration: Developed dynamic EC2 IP extraction to feed infrastructure data directly into Ansible workflows in real-time.
What We Did
Re-architected Infrastructure | Built a Golden Pipeline | Integrated Workflows |
Replaced rigid, hardcoded resources with reusable, modular components to support multi-account scaling. | Established a standardized provisioning process that enforces governance across every environment. | Unified the stack by connecting Terraform and Ansible into a single, automated end-to-end system. |
Engineering Insights
OIDC Token Duration Matters: We discovered that default 15-minute sessions caused EKS deployment failures. Extending these to 60 minutes significantly improved pipeline stability.
Design Thinking for Tool Limits: Standard Terraform limitations regarding selective resource destruction required creative pipeline-level workarounds within Harness IaCM to ensure precision.
Results
The transition to a governed, automated pipeline transformed the client’s infrastructure capabilities:
Zero Configuration Drift: Eliminated manual touchpoints and unauthorized changes.
Reduced Provisioning Time: Accelerated environment setup through full automation.
Centralized Control: Unified visibility across all 19 AWS accounts.
Enhanced Reliability: Improved troubleshooting with real-time logs and standardized error handling within Harness.
Scalable Governance: A repeatable framework ready for the next 20+ accounts.
Conclusion
By transitioning from fragmented manual processes to Harness IaCM, the client regained control over their cloud ecosystem. The "Golden Pipeline" implemented by Avyka not only solved the immediate bottleneck of provisioning but also provided a future-proof foundation for secure, governed, and lightning-fast infrastructure delivery at scale.