CASE 87 · VESPER · 2024
Two engineering orgs, one AWS organisation, zero customer surprises.
A health insurance tech company acquired a smaller competitor with eleven production AWS accounts and a different identity provider. We merged the smaller org into the larger one, unified identity through Identity Center, and didn’t cause a single customer-visible incident.
Health insurance tech
LANDING ZONE
2024
RESULTS
What changed, by the numbers.
CUSTOMER-VISIBLE INCIDENTS
0
ACCOUNTS MIGRATED
11
IDENTITIES UNIFIED
430
COST POST-MERGE
−7%
HOW IT WENT
M&A AWS work is a logistics exercise as much as a technical one. Both teams had to keep shipping. Customer contracts referenced the smaller company’s AWS account IDs, which meant we couldn’t just kill them. The cutover plan had to be reversible at every step.
We moved the eleven accounts one at a time via the AWS account-movement process, leaving the customer-facing account IDs intact. Identity Center subsumed the smaller company’s Okta tenant after a SCIM-bridged transitional period. Transit Gateway bridged the networks so cross-team services could still call each other during the transition.
Sixteen weeks, zero customer-visible incidents. The smaller company’s engineers can now log into either codebase with their original credentials; the larger org gets the blended-pricing tier improvement (−7% on the consolidated bill).
RELATED · SAME DOMAIN
Other engagements in this space.
READY WHEN YOU ARE
Let's get your AWS bill (and architecture) in order.
The discovery call is free. You walk away with at least one concrete idea — even if we never work together.