Managed Infrastructure
The Ocado Developer Portal provides a comprehensive solution for automated AWS infrastructure management. It is designed to create and manage infrastructure directly within your AWS accounts, enabling your engineering teams to concentrate on innovation while ensuring a platform that is scalable, secure, and resilient for long-term growth. The portal simplifies cloud operations, allowing organisations to focus on their core product development while guaranteeing that their infrastructure adheres to the highest standards of security and compliance.
Comprehensive Account Architecture

The Ocado Developer Portal delivers a fully managed account architecture directly on your AWS accounts. This encompasses runtime, network, and permission management, removing the need for your teams to build and maintain custom tools, standards, procedures, and DevSecOps expertise. This approach ensures that you can leverage the cloud efficiently without incurring extensive operational costs.

Network Management

Provides dedicated access channels for developers and clients through separate network ingress and egress, ensuring secure and efficient connectivity. It also supports seamless integration with your existing on-premises infrastructure through managed services.

Managed Services

Ensures dedicated and secure connectivity with your existing on-premises systems, allowing for a seamless integration of your infrastructure. This includes provisioning managed services such as RDS databases or ElastiCache instances, with the platform ensuring secure configuration and access limited to relevant applications.

Fully Managed Clusters

Your applications are hosted on fully managed clusters that include features such as automatic rebalancing, autoscaling, cost-efficiency, and transparent security updates. The platform often leverages ECS (Amazon Elastic Container Service) and the Spot market to significantly reduce compute costs compared to other solutions like Fargate, EKS, or Beanstalk.

Isolated Permission Scopes

Establishes isolated permission scopes and security groups for each application, thereby ensuring resource isolation and enhanced security. This adheres to the principle of least privilege, where users are granted only the necessary access, improving overall security posture.

Effortless Application Deployment

The Ocado Developer Portal provides a simple deployment interface that can be used via a REST API or through Infrastructure-as-Code (IaC) tools. This allows you to effortlessly deploy your code to the cloud without needing to master the complexities of AWS. You can easily configure the runtime environment (Docker, Java, Node.js, or Python), select your preferred deployment strategy (e.g., in-place, highlander, or rolling deployments), specify resource allocation (CPU and memory), and define auto-scaling parameters based on demand. For your applications to utilise the managed network and runtime, they must meet a minimal set of requirements:

Be provided as a Docker image or a package of one of the supported runtimes (Docker, Java, Node.js, Python).

Listen on port 8080 and respond to /health-check with a 200 code.

Be stateless and capable of running multiple concurrent instances behind a load-balancer and start up within the configured timeout, to avoid issues with tasks restarting.

**subject/scene**: image of a modern tech setup for a travel tech
[headshot] image of customer (for a real estate tech)
Marcin Kobus
PRODUCT | GTM

More questions?

Let’s talk your challenges, our lessons learned and what engineering maturity really looks like in practice.

Connect on LinkedIn
What level of access is required for the Ocado Developer Portal
to manage my AWS accounts?
How does the Ocado Developer Portal ensure the security
of my applications and data?
How does the Ocado Developer Portal help with cost management
and optimisation?
What is the exit strategy if we decide to no longer use the
Ocado Developer Portal?