We reduced our new account creation from weeks to one hour by using the Account Vending Machine on AWS Service Catalog.
Jeff Dirks Chief Technology Officer, TrueBlue

TrueBlue is a provider of specialized workforce solutions, helping clients improve growth and performance by offering staffing, workforce management, and recruitment process outsourcing solutions. The company’s specialized workforce solutions meet clients’ needs for a reliable, efficient workforce in a wide variety of industries. TrueBlue currently puts more than 730,000 people to work each year and partners with 150,000 companies around the world.

  • Automates migrations to AWS
  • Creates new AWS accounts in one hour instead of weeks
  • Empowers developers to release better software faster

TrueBlue is a global provider of specialized workforce solutions, including staffing, workforce management, and recruitment process outsourcing. For years, TrueBlue managed hundreds of critical business applications from on-premises data centers, which made it difficult for the company’s development team to create new products rapidly. “We needed a certain level of agility in our infrastructure operations to reduce the lead time for building products and services that create a competitive advantage for our three business units,” says Jeff Dirks, chief technology officer for TrueBlue. “To do that, we knew we had to automate our environment by moving to the cloud and changing to a consumption-based model instead of an upfront capital expense model.”

TrueBlue engaged Brillio for assistance in moving its application environment to Amazon Web Services (AWS). A global technology consulting, software, and business solutions company, Brillio is an Advanced Consulting Partner in the AWS Partner Network (APN). “We selected AWS because of its market leadership in cloud technology and the innovative services it offers,” says Dirks. “We also trusted Brillio’s expertise in helping us migrate to AWS.”

Brillio needed to support TrueBlue’s requirement of enabling development teams to work independently. “TrueBlue’s vision was to enable its product teams to support their own builds and spin up accounts as needed,” says Alex Roeber, a DevOps cloud architect engineer for Brillio. “We needed to implement an efficient, automated process to make that happen.” For the foundation of the new TrueBlue solution, Brillio chose AWS Service Catalog, which allows organizations to build and manage catalogs of IT services on AWS. “AWS Service Catalog was the perfect choice because it acts as the gateway to all the AWS services TrueBlue wants to consume,” Roeber says.

Brillio used AWS Service Catalog as the basis for developing the Account Vending Machine (AVM), a custom solution that automates account creation, network configuration, and provisioning of approved AWS services. The AVM launches as an AWS Service Catalog product, and it uses AWS Organizations to create new accounts, move them to the appropriate organizational units (OUs), and configure a baseline setup. The AVM also provisions approved AWS Service Catalog products in the newly created account, from which developers can access self-serve resources.

The automated setup of AWS accounts ensures security compliance by enabling AWS CloudTrail logs and Amazon GuardDuty in all accounts. “This is a fully customized, automated, and streamlined process for creating new AWS accounts, and we can modify it to suit the requirements for our different businesses. Brillio worked with us very closely throughout the project to make it successful,” says Dirks. With AWS Service Catalog, TrueBlue team members could create AWS accounts via AWS Organizations without having direct access to the AWS Organizations service, enforcing best practices for newly created AWS accounts.

Each internal product line TrueBlue supports has a different set of compliance needs for sensitive data. To satisfy compliance and business requirements, each product line’s data needs to be kept segregated from other product lines’ data and other business units. By using an AWS Service Catalog–enabled AVM, TrueBlue can automate business requirements as code. Each AVM product applies the custom policies and network configurations relevant for a distinct business unit.

By automating the creation of new AWS accounts, TrueBlue reduced manual errors of a previously time-consuming process. Each account is generated as a separate application environment for development, testing, and production. These environments are then turned over to the respective product teams to enable them to migrate their application and support their builds going forward. “We reduced our new account creation from weeks to one hour by using the Account Vending Machine on AWS Service Catalog,” says Dirks. “As a result, we easily created more than 69 accounts in different geographies in one week.” Eventually, TrueBlue plans to create 300 separate AWS accounts for developers and other team members throughout the world.

TrueBlue maintains a multi-account architecture for ease of security isolation, user access management, and cost governance. Each account is built with standardized AWS CloudFormation templates for AWS native services like GuardDuty, security groups, network subnets, VPCs, and IAM roles. By standardizing the account deployment, the company keeps a consistent architecture for all TrueBlue resources that are migrated to AWS. This maintains a level of configuration and asset management the company lacked within its on-premises data centers.

By enabling the speedy creation of new AWS accounts, TrueBlue has given its software developers the ability to complete new software releases faster than before. “We are empowering our development teams by giving them control over product stacks on AWS,” Dirks says. “They can now focus on creating clean code and sending it through our continuous integration pipeline more seamlessly than we could using the on-premises environment. Our developers can find and fix problems faster, before they become issues in production. Ultimately, this will help us deliver better software to our customers.”

Brillio, headquartered in California, focuses on digital technologies and big data analytics. It has more than 2,300 employees who work in offices located in the United States, Norway, the United Kingdom, and India. The company uses emerging technologies to create new customer experiences, achieve efficiencies, and gain differentiation and competitive advantage for its clients.

Learn more about Brillio and AWS Service Catalog.