Written by Cass Zara
In the dynamic realm of Managed Services and Site Reliability Engineering (SRE), the need for a centralised hub to manage customer information and streamline operations became evident. Our goal was clear – to create a unified application Customer Central that addresses the pain points faced by our team in managing customer data access, utilisation tracking, and reporting.
The Pain Points Unveiled
Customer Central emerged from a strategic review of key challenges faced by our team:
- Lack of a Centralised Information Hub: No single source of truth for customer information, making it difficult to access key contacts, account overviews, and access methods efficiently.
- Complex Access Management: A need for an integrated UI to manage access requests, including a view for active sessions and expiry, alongside a CLI access profile generator.
- Utilisation and Billing Tracking: Difficulty tracking contract-specific utilisation and generating monthly reports efficiently.
Building Customer Central: A Holistic Solution
Versatile Serverless Architecture:
CC’s architecture leverages AWS services to provide a seamless experience. A React UI serves as the front end, while a robust relational database stores and manages data. A nimble API layer, powered by a mix of Lambda functions and ECS, integrates with key tools such as Salesforce, JIRA, AWS, and 3rd party cloud security platform tools. This combination ensures a responsive user interface and facilitates automated monthly reporting.
GitLab CI/CD for Seamless Deployments:
GitLab CI/CD integrated with AWS CDK streamlines our deployment pipeline. Automation is the key, as GitLab runners in the form of AWS EC2 ensure continuous testing and deployment. The tight integration with CDK facilitates Infrastructure as Code (IaC), enabling updates to both the application code and cloud infrastructure.
Containerised Workloads with ECS and Fargate:
To handle containerised workloads efficiently, we employ Amazon ECS Fargate for container deployment. This allows us to abstract away server management and focus solely on our application, deploying tasks such as the data persistence layer and report application to a single service. Amazon ECR ensures secure and scalable storage for container images. This integration ensures a reliable and consistent environment across development and production stages, facilitating seamless deployment of containers.
Unleashing the Power of Customer Central
Access Management
Customer Central simplifies the complex landscape of customer interactions:
- Breakglass sessions: Facilitates write access with 2 person approval workflow.
- Account switching: Enables quick navigation between customer information and active sessions.
- Billing information: Provides insights into unexpected cost jumps and identifies delegated master accounts.
Access methods for customer environments can vary. Detailed account information indicates how accounts can be accessed, either through SSO customer IDPs, or by using roles deployed during our onboarding process. Customer Central provides shortcuts to easily launch AWS console read roles and facilitates a UI for the established MS ‘Breakglass’ request process.
SREs provide justification, and receive temporary write access approval from a Senior or Lead, they can track their active sessions in Customer Central. AWS billing information is regularly retrieved from customer accounts and displayed in Customer Central. This provides a single pane of lass with quick insights into the overall environment and helps identify any unexpected cost increases at a service per account level. Additionally, Customer Central highlights and identifies delegated management accounts to assist in troubleshooting and monitoring processes.
Profile Generator for CLI Access
Efficiently handle multiple customer environments with multiple access roles:
- Generates configuration files for AWSCLI and IAC access.
- Streamlines the generation of profiles for potentially hundreds of accounts.
Team members at MS are experienced in context-switching, as we regularly work with multiple customer environments. Each environment can have numerous accounts with differing permissions and access conditions. For a team member working with 4 customers, each having 5-10 accounts, there could be easily be 80+ profile entries. One of the advantages of cloud environments is the ability to quickly and dynamically change accounts, access, and resources based on demand. As a result, these profiles can be regenerated in seconds whenever the configuration is updated in the UI.
Utilisation Tracking
Captures contract-specific utilisation data:
- Retrieves contract information from Salesforce
- Leverages hours logged through timesheets and task codes to generate team utilisation overviews.
- Enables tracking of changes in entitlement and excess allocated hours.
Contract information is used in conjunction with hours logged through timesheets and task codes to generate an overview of team member utilisation that helps to answer questions like “How many hours have we used” and “How many do we have left,” which assist the delivery team in planning and tracking workload. This enables effective communication, efficient planning, and optimal use of stakeholders’ time in meetings.
We capture changes to entitlement and determine if allocated hours are consistently exceeded as customer needs evolve, which allows for better tailoring to customer needs in the corresponding contract.
Automated Monthly Reports
The reporting service draws on UI configurations and team-entered data:
- Stores and version reports within the AWS environment.
- Captures configuration details and team-entered data for custom summaries.
- On-demand report generator
The Managed@Mantel team generates a report every month, providing a holistic view of our managed services and a snapshot of the customer environment. The report covers key aspects such as billing, compliance, any upcoming pre-purchased resource renewals, and cost optimisation suggestions. It aims to provide insights that empower informed decision making.
One of the main goals of Customer Central was to develop an automated reporting service. Some of the pain points associated with the old reporting pipeline included confusing configuration, time-consuming pipeline runs, pipeline failures, and difficulties in making code changes. The customer central report service runs on a schedule, stores and versions reports, and can be regenerated from the user interface with the addition of custom summaries.
Conclusion: Empowering Managed Services Excellence
In the competitive arena of Managed Services, Customer Central stands as a testament to innovation. By leveraging AWS services, CDK, and GitLab CI/CD, we’ve not only addressed critical pain points but also paved the way for streamlined operations, enhanced efficiency, and data-driven decision-making. Customer Central isn’t just a tool; it’s a strategic asset empowering our team to deliver exceptional service in the ever-evolving landscape of Managed Services.