ADFS automation with EC2 and CloudFormation
The opportunity at a glance
Reimagine process and workflows to achieve end to end automation of ADFS integration.
Our customer, an ASX100 company, is one of the largest publicly listed gaming and wagering organisations globally.
As one of the few integrated gambling and entertainment companies in the world, their iconic brands and stable of subscription television channels ignite passion and excitement in millions of customers each year.
Our customer runs Active Directory to manage all of their user permissions and profiles. The growing number of applications being developed and hosted externally in the cloud has brought to light the large amount overhead required to integrate each with Active Directory.
As a result, the organisation wanted an automated Active Directory Federation Services (ADFS) system for test environments. Their base requirements were:
In addition, they required the created Active Directory system to:
- Ease of maintenance
- Speed of provisioning
- Reproducibility for multiple test environments
- Hosted by Amazon Web Services (AWS) in Sydney
Be configured from a defined list of users, group, and claim rules, using a format and location to be determined
Be configured for Security Assertion Markup Language (SAML) authentication and direct Lightweight Directory Access Protocol (LDAP) connectivity
Working alongside our customer, we helped to refine the scope of requirements,identify appropriate implementation options, build, test, and document the solution using an iterative approach.
The original challenge was solved by creating a repeatable deployment and auto-configuration process, between Active Directory and external applications, which automated the authentication process through ADFS hosted on AWS.
During evaluation however, it was identified that because of the complexity of the Active Directory, only partial automation could be completed unless the solution was restructured. Within the original timeframe set, the entire process was re-engineered and additional workflows created to achieve end-to-end automation of the ADFS integration.
By building and deploying a fully automated system, our client was able to reduce a manual process taking upwards of 2 weeks to a push button solution completing in under 30 minutes.