Skip to main content
AWSClient Story

Craveable Brands – Mantel Group Managed Service

Industry
Retail

Service
Managed Service

The Client

Craveable Brands Ltd (formerly known as Quick Service Restaurant Holdings) is an Australian Fast Food holding company. It owns the franchise chains Red Rooster, Oporto, Chicken Treat and Chargrill Charlie’s brands with 580 restaurants throughout Australasia and Southeast Asia. The company has been a subsidiary of Hong Kong-based private equity firm PAG Asia Capital since July 2019.

Overview

Craveable reached out to Mantel Group December 2020 looking for a AWS partner for hosting resell and managed services, an architectural review and cost optimisation was performed and continued managed services of the accounts to AWS best practices over the course of the period and with continued to reduce AWS costs, enhance security initiatives through Cloud Conformity/Trusted Advisor and providing AWS advisory services for Craveables new serverless e-commerce platform.

Project Outcomes

Outcomes of Project & Success Metrics

  • Scalability – capacity not constrained by capital purchases – grow and shrink dynamically
  • Reliability – automatically recover from failures
  • Security – secure by default foundations
  • Innovation – Experiments are quick to set up and cheap to run, seamlessly migrate to serverless at velocity
  • No upfront commitment – pay only for what you need, when you need it

Mantel Group have proven to be a vital and trusted partner to manage the hosting and security of our customer facing online ordering platforms, ensuring maximum uptime and performance.

Simon Revelman | CIO, Craveable Brands

The Challenges

Craveable Brands reached out to Mantel Group to help securely manage their AWS environment using our DevSecOps approach across 35 x AWS accounts, including IaaS platform and Serverless eCommerce platform which runs online services including orders at stores. Craveable Brands needed a partner that could manage AWS hosting and reselling which included end to end managed services of their AWS assets.

  • Manage and maintain their AWS resources
  • Improve their cloud security and compliance posture
  • Maintain and enhance the stability of their Redhat ROSA platform
  • Improve their observability
  • Optimise their rising AWS costs

Requirements

Initial requirements given by the business and detailed in the statement of work.

  • Craveable requires the management of all AWS accounts and services
  • Both Production and Non-Production AWS environments have up to ~60 EC2 instances running (support up to OS)
  • Serverless eCommerce platform (Red Rooster) requires maintenance and minor changes
  • Perform monthly cost optimization
  • Introduce patching, automation, cost efficient auto scaling over time utilizing up to 2 days per month of proactive consulting days to continually improve the environment
  • Monitor mobile application using Splunk Enterprise Cloud subscription

The Solution

Network Patterns

  • Multiple VPCs connected through VPC peering.
  • Load balancers to applications, AWS WAF on public facing Load Balancers and Cloudfront.

Metrics Reporting

  • Cloud Watch is used along with Cloud Watch Agent to retrieve metrics within EC2 instances.
  • Grafana is used for monitoring and alerting.

Computing

  • Lambda and EC2 instances are being used as part of the solution.

How AWS was used as part of the solution

  • Amazon Virtual Private Cloud (VPC): Multiple VPCs spread across 2 availability zones (AZs), segregated into network tiers for hosting component services within subnets – DMZ, Application, Data and VPN.
  • VPC Peering: VPC Peering was used to connect VPCs in the same account as well as inter account.
  • Amazon S3: used for storage and backup.
  • AWS Systems Manager – Parameter Store, Patching and Reporting
  • AWS Key Management Service (KMS) for controlled key management through customer managed keys.
  • SNS (send SMS content to customers)
  • Amazon Cognito used for User pool for serverless application
  • Amazon GuardDuty, AWS WAF, AWS Config, AWS Shield and Amazon Security Lake to provide security in depth.
  • Amazon EC2 used for compute power
  • Amazon DynamoDB, NoSQL database solution used for the serverless application.
  • AWS CloudTrail, Amazon CloudWatch for monitoring, logging.
  • Amazon API Gateway
  • Amazon CloudFront
  • Amazon Relational Database Service
  • AWS CloudShell
  • AWS Support Business and Developer
  • AWS Transfer Family
  • Amazon Glacier
  • Amazon Kinesis Firehose
  • Amazon Lightsail
  • Amazon Route 53

Third party applications or solutions used

  • CrowdStrike
  • Cloud Conformity (now Trend Micro)
  • Grafana
  • Splunk
  • Gitlab
  • Microsoft Windows Server
  • OpenVPN Access Server
  • N2W-CPM Server (check backups solution, aws marketplace bp-qsrh)
Close Menu