Customer Stories / Financial Services / United States

2023
SIXTH STREET ONLINE PREVIEW LARGE IMAGE_03

Sixth Street Supports Business Growth by Rapidly Building a Secure, Scalable, Multi-Account Environment Using AWS

Learn how global investment firm Sixth Street quickly built a flexible account solution to drive innovation for development teams using AWS.

Automated setup

and governance of accounts quickly at scale

Simplified

account management

Facilitated

account logging and auditing

Cut time to build and deploy

IAM policies from several days to a few hours

Overview

Global investment firm Sixth Street faced a deadline to migrate its cloud assets to a new platform while avoiding downtime for the business. The company wanted to build in scalability and flexibility to drive innovation while maintaining strict security controls for account access. Sixth Street turned to Amazon Web Services (AWS) to centralize and build consistency into its business processes. Using AWS, Sixth Street automated the assignment and management of granular access permissions, deploying roles in minutes and facilitating innovation for developers through a secure, distributed solution.

Young woman presenting her idea to colleagues

Opportunity | Using AWS to Quickly Migrate Workloads for Sixth Street

Established in 2009, Sixth Street is a global investment firm with more than $70 billion in assets under management. In 2018, the company began to map out a new infrastructure platform. “We wanted to take a different direction with application infrastructure,” says Adam Dutko, head of cloud platform engineering at Sixth Street. “The breadth and depth of AWS services made it simple for us to build a resilient, loosely coupled application architecture.”

Sixth Street was eager to explore the use of data science and other technology tools to transform its business within the investment management sector. “Within the industry, a lot of tech runs better on AWS,” says Dutko. “It’s the sweet spot. And that’s why we thought the use of AWS could benefit us.” The company worked alongside Logicworks, an AWS Partner that provides expertise in the design, automation, and management of custom AWS infrastructure for industries with high security and compliance requirements.

Together, Sixth Street’s small infrastructure team and Logicworks specialists laid out a migration plan that used various services from AWS to establish a centralized view of the company’s accounts. Sixth Street also wished to streamline identity management by deploying preventive controls, customizing access permissions, and performing operational updates in minutes. The solution had to work seamlessly alongside Okta Inc. (Okta), an AWS Partner that Sixth Street uses as an identity provider. “We wanted to challenge everything and build something that wouldn’t be just a monolithic repositioning of our data,” says Dutko. “On AWS, a lot of the services are already cloud native, distributed, and scalable.”

kr_quotemark

Within the industry, a lot of tech runs better on AWS. It’s the sweet spot. And that’s why we thought the use of AWS could benefit us.”

Adam Dutko
Head of Cloud Platform Engineering, Sixth Street

Solution | Establishing Centralized Governance at Scale for Company Accounts

To automate the setup of 30 AWS accounts at its peak and govern the landscape at scale, Sixth Street uses AWS Control Tower, which simplifies AWS experiences by orchestrating multiple AWS services on an organization’s behalf while maintaining its security and compliance needs. “By spinning up AWS Control Tower, we put a centralized view over all the accounts we had in play and all the identities involved,” says Sebastian Smith, cloud platform engineering lead at Sixth Street. Sixth Street migrated its entire business to AWS, including business-critical applications such as financial applications, trading applications, its analytics and reporting suite, and hundreds of terabytes of data from its data warehouse.

To implement additional controls, Sixth Street uses service control policies (SCPs) from AWS Organizations, which companies use to centrally manage their environments as they scale their AWS resources. Sixth Street groups distinct AWS accounts into organizational units that the company administers as a single entity, which simplifies account management and facilitates logging and auditing. Although teams work in shared accounts, individuals control and interact only with the resources for which they have permission.

Sixth Street uses SCPs for broader, coarse-grained access controls and implements fine-grained controls through AWS Identity and Access Management (AWS IAM), a secure way to manage identities and access to AWS services and resources. “We have a nice mosaic of controls versus just one big hammer,” says Dutko.

The company created a novel pipeline to build access controls to encapsulate workflows in its accounts. The pipeline uses a combination of Okta groups, account assignments, and AWS permission sets, a feature of AWS IAM Identity Center (Successor to AWS Single Sign-On), which organizations can use to securely create or connect workforce identities and manage access centrally across AWS accounts and applications. Developers have a single view into their accounts using Okta, and administrators save time in the deployment of IAM roles. “It used to take hours to refine policies and a lot of copying and pasting with potential errors,” says Smith. “Now, we’ve got it down to minutes.”

To prepare accounts in a consistent, standardized way, Sixth Street uses AWS Cloud Development Kit (AWS CDK), which accelerates cloud development using common programming languages to model applications. Rather than manually creating dozens of templates, Sixth Street uses code to push out permission sets and correctly map names to accounts. Sixth Street’s self-service model automates the deployment or updating of an IAM role, a process that used to take up to 1 hour and now takes minutes using its deployment pipelines and AWS CDK. “Python is ubiquitous in the cloud and in the industry, and I’m glad that AWS CDK supports it,” says Smith. In fact, the ability to scale up resources previously took months as engineering teams sourced equipment and waited for installation. “Now, I can do it in a few clicks plus about 30 minutes to refresh,” says Smith. “Our mature deployment pipelines can quickly roll out solutions at the speed of the internet.”

Architecture Diagram

Outcome | Modernizing Business Processes through Automation

As of the spring of 2023, Sixth Street had completed about 80 percent of its migration. The team now wants to modernize its current processes and build automation further into the company’s continuous integration and delivery pipeline while looking to do the same for client portfolio companies. “AWS is top notch when it comes to supporting Windows workloads while we position ourselves to look at nontraditional things in the future,” says Dutko. “Now, we have the ability to compete in this new marketplace that the financial services sector is building on top of AWS.”

About Sixth Street

Sixth Street is a global investment firm with more than $70 billion in assets under management.

AWS Services Used

AWS Control Tower

AWS Control Tower orchestrates multiple AWS services on your behalf while maintaining the security and compliance needs of your organization.

Learn more »

AWS Organizations

AWS Organizations lets you create new AWS accounts at no additional charge. With accounts in an organization, you can easily allocate resources, group accounts, and apply governance policies to accounts or groups.

Learn more »

AWS IAM Identity Center

AWS IAM Identity Center helps you securely create or connect your workforce identities and manage their access centrally across AWS accounts and applications.

Learn more »

AWS CDK

AWS Cloud Development Kit (AWS CDK) accelerates cloud development using common programming languages to model your applications.

Learn more »

More Financial Services Customer Stories

Showing results: 5-8
Total results: 507

no items found 

  • Chile

    Capital Express Reduces Monthly Operating Costs by 94% with NetRed and AWS

    Factoring services company Capital Express wanted to improve client evaluations and grow its business, but it had an outdated system that made accessing data difficult. The company teamed up with AWS Partner NetRed to migrate its data using capabilities from Amazon Web Services (AWS). Migrating helped Capital Express create Advance, an innovative financial management tool that offers real-time data processing. Implementing Advance cut monthly operating costs by 94 percent. It also reduced the time needed for client enrollment and IT consultations to just five minutes. These improvements streamlined operations and enabled faster service delivery, dramatically increasing the growth potential of Capital Express and helping it meet customer needs faster.

    2025
  • United States

    Affirm Reduces Manual Security Response Efforts by 50% with AWS Partner Expel

    Affirm is a payment network that empowers consumers and helps merchants drive growth through flexible and transparent financing options. The company wanted to streamline its security operations program to address manual triage, decentralized tooling, and increasing alert fatigue. AWS Partner Expel offered a managed detection and response (MDR) service that integrated seamlessly with Affirm’s Amazon Web Services (AWS) environment. Expel MDRTM centralizes monitoring, automates routine tasks, and enhances detection and response workflows Expel reduced the volume of security alerts fielded by engineers by 50 percent and helped Affirm scale the foundations of its security operations program efficiently.

    2025
  • United States

    MarketReader Launches Its Real-Time Market Analysis Platform and AI Newsletter in Eight Months Using Nasdaq® and AWS

    MarketReader is an artificial intelligence (AI) analytics platform providing the financial sector with data-driven explanations of real-time asset movement. During development, MarketReader experienced delays in data delivery and received incomplete datasets from its initial data provider—which reduced the quality of the platform’s insights. To launch its differentiated product, the MarketReader team moved to cloud-based data solutions from AWS Partner Nasdaq, hosted on Amazon Web Services (AWS), to obtain direct access to high-quality, real-time market data for all US-listed securities. This approach elevated MarketReader’s US market coverage, increased data delivery time by 98 percent, and helped the platform go live within eight months. MarketReader now delivers timely, accurate insights. It publishes a daily newsletter in only seven minutes, driving customer engagement and expanding the newsletter’s reach up to 400 percent beyond MarketReader’s current client base.

    2025
  • United States

    Transforming Payments with AWS and Visa Cloud Connect

    Moov, a payment processor with direct connections to major card networks and payment systems, ensures scalability and availability for high-demand scenarios, from political campaigns to exclusive product drops. With AWS as the backbone, Moov’s solutions connect seamlessly, enabling faster and more scalable money movement across its network. Thanks to AWS Partner Visa and Visa Cloud Connect on AWS, Moov eliminated the need for traditional data centers and infrastructure, streamlining access to payment networks. This innovation delivers immediate transaction insights to customers already on AWS, enhancing the end-user experience and redefining payment processing.

    2025
1 127

Get Started

Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.