CASE 09 · HARBOR · 2025
New AWS account in twelve minutes. No tickets.
A logistics tech company had grown to forty engineering teams. Spinning up a new AWS account took six business days and three tickets across IT, Finance, and Platform. The bottleneck was the Platform team. We replaced the process with a self-service account vending pipeline.
Logistics tech
LANDING ZONE
2025
RESULTS
What changed, by the numbers.
TIME-TO-ACCOUNT
12m
TICKETS / MONTH
−92%
POLICY DRIFT
0
COST TAGS
100%
HOW IT WENT
The Platform team was running an account-creation factory, and they hated it. Six tickets a week to provision IAM, tags, baseline networking, log routing, billing alerts — every step a manual click. Mistakes happened. So did weekends.
We wired up Customizations for Control Tower with a Backstage form that engineers filled in: team name, cost centre, compliance scope, region. A Step Functions workflow took it from there: account creation, baseline Terraform apply, SCP attachment based on compliance scope, billing tags, Slack notification when ready.
First month after rollout: 38 accounts vended, zero Platform-team tickets. The Platform team finally got time to work on the IDP they’d been talking about for two quarters. Finance got tag coverage they could actually trust.
RELATED · SAME DOMAIN
Other engagements in this space.
READY WHEN YOU ARE
Let's get your AWS bill (and architecture) in order.
The discovery call is free. You walk away with at least one concrete idea — even if we never work together.