Icon close

Uplifting DevOps for academyEX

AcademyEX to modernise their cloud platform with runCMD Managed Services.



Key Results

CMD’s Managed Services offering includes Site Reliability and Continuous Improvement activity that will assist academyEx on a hosted AWS environment facilitating the management of your environment using modern cloud tooling, automation and monitoring with the backing of our team of Site Reliability engineers.

Company Overview

academyEX is a fast-growing education institute providing innovative learning programs to keep up with the quickly-evolving technical landscape. They are a NZQA Category 1 rated organisation and have over 80,000 learners online and in person.

The Problem

academyEX was created to address the imbalance of what children were learning at school and the skills that the future requires by introducing them to collaborative, creative, hands-on digital discovery and problem-solving. Now their suite of programmes is rapidly expanding as they identify and seek to build capability in the classroom, the workplace, and beyond, and enable New Zealanders to lead change.
To enable this transformation, academyEX has an AWS Cloud environment that would benefit from adopting best practices to be Well Architected, Cost Optimised and Secure.

With current resource constraints and the challenge with attracting, retaining and training suitably skilled AWS experts in-house, academyEx have engaged CMD Managed Services/DevOps Management, which will asses/uplift the legacy tech, alleviate cyber security risks and privacy concerns, along with helping to leverage underutilised tech.


Initial discovery has established the following high level requirements, that will be assessed and prioritised during the establishment phase of this service:

  1. Removal of legacy technologies
  2. Uplift of automation, and CI/CD
  3. Establish best practice monitoring capabilities
  4. Uplift security posture
  5. Cost optimization
  6. Establish best practice documentation and assist with upskilling team members
  7. Establish any new tooling as part of DevOps as a Service, e.g. PagerDuty
  8. Establish SSO capabilities

The Solution

  • Network Patterns: VPC / account basic isolation. Double layer (public / isolated) subnets planned upgrade to 3 layers and adding NAT GW.
  • DNS and URI Structures: Subdomains used for each component. academyEX manages domains for each customer. DNS is managed in cloudflare.
  • Security and Monitoring: Onboarded to MS monitoring
  • Metrics Reporting: From MS reporting
  • Availability: Using RDS and Fargate

Key Products/Services we used

  • Amazon Virtual Private Cloud
    • Environment segregation
  • Amazon API Gateway
    • Proxy for lambdas
  • Amazon Elastic Container Service (ECS) – Fargate
    • Run academyEX’s product components → Laravel: API + Frontend
  • AWS Lambda
    • Used for third party integration endpoints (eg: captcha)
  • Amazon Relational Database Service (RDS).
    • Hold each customer’s products DBs
  • S3
    • Hold multimedia assets per product component type
  • Elastic transcoder
    • Processes all of the platform’s video assets.
  • AWS Key Management Service
    • Added for backup and uplift
  • AWS Certificate Manager
    • Attached to Load balancers

Third party applications or solutions used

  • Cloudflare Managed WAF
  • Grafana
  • Google recaptcha


CMD have assisted academyEx to continue their cloud platforms’ development objectives through the ongoing design of resilient architecture, implementing strong controls and operational processes, and creating an efficient infrastructure platform that can be deployed in a repeatable pattern using customised automation tool chains.

Ready to get going?