In the rapidly evolving world of finance, flexibility, security, and regulatory compliance are key to success. One of the largest banks in Poland decided to leverage AWS Cloud technologies to accelerate the development of its banking applications and strengthen its IT foundations for future growth.

Tech Stack: Terraform + AWS + GitHub + AWS AFT (Account Factory for Terraform)

Project Objective To design and implement a fully automated, secure, and compliant AWS Landing Zone — enabling the controlled and auditable development of banking applications in the cloud.

Challenges • Lack of a centralized and standardized approach to AWS account creation. • Need to ensure compliance with strict financial sector security regulations. • Requirement for full automation of infrastructure management processes. • Implementation of GitHub and establishment of new CI/CD pipelines. • Integration with multiple existing banking systems.

Our Approach The project was built using Terraform, AWS Control Tower, and AWS Account Factory for Terraform (AFT). A team of cloud architects and engineers developed a unified process for creating AWS environments, integrated with the bank’s internal service management systems. Key Steps:

1. Landing Zone Architecture Design – defined foundational accounts (Security, Shared Services, Network) and implemented Service Control Policies (SCP) aligned with audit and compliance requirements.
2. Deployment Automation – developed GitHub repositories integrating Terraform and AFT to manage AWS accounts using the Infrastructure as Code (IaC) approach.
3. Jira Integration – automated application account creation through Jira tickets, providing full control, traceability, and auditability.
4. Security & Compliance – implemented Guardrails, IAM baselines, and integrated AWS environments with internal security monitoring systems.
5. Disaster Recovery (DR) Extension – designed and deployed DR-ready AWS accounts and recovery strategies.
6. Team Enablement – conducted workshops and introduced best practices in Infrastructure as Code, Terraform, and GitHub Actions for the bank’s internal teams.

Results • Full automation of AWS account provisioning – from Jira ticket submission to a fully operational environment. • Standardized and secure AWS Landing Zone architecture meeting financial sector audit and compliance standards. • Accelerated cloud adoption and faster deployment of banking applications through modern CI/CD pipelines. • Enhanced Disaster Recovery capabilities, improving operational resilience and service availability.

Summary By implementing the AWS Landing Zone, the bank achieved a modern, scalable, and secure cloud platform ready for regulated financial workloads. The integration of Terraform, GitHub, and Jira enabled complete automation, governance, and traceability, forming a solid foundation for the bank’s continued digital transformation and cloud-driven innovation.