Samuelkb Logo

Cloud onboarding platform that cut provisioning time by 90%

Bash,  Terraform,  Python
vRA,  vRO,  ServiceNow,  Jenkins,  Terraform Cloud

Author

Samuel Hernandez

Date Published

Architecture diagram for Cloud onboarding automation platform

Overview

Developed a self-service cloud onboarding platform that automated the provisioning of secure infrastructure for new enterprise customers by integrating VMware vRealize Automation (vRA), ServiceNow, and AWS. This end-to-end workflow reduced onboarding time from up to 3 weeks to under 5 hours, significantly improving customer experience and accelerating time-to-value. The solution ensured consistent security and infrastructure standards across all tenants, simplified compliance, and centralized AWS account and budget management. This platform not only unlocked early revenue opportunities but also relieved operational teams from manual and error-prone tasks, allowing them to focus on higher-impact work.


Architecture diagram for Cloud onboarding automation platform

Automation system diagram for onboarding platform.


My Role

I co-led the design and development of the platform, partnering with another engineer to build cloud automation workflows. I proactively engaged with cross-functional teams to understand their onboarding processes and translated them into streamlined automation solutions. We split the work of coding the automations and tackled the project iteratively, breaking it into smaller tasks with support from our product manager which allowed us to deliver value quickly and consistently. The tech stack included VMware Assembler, vRO, vRA Service Broker, AWS, Terraform Cloud, JavaScript and Python for REST calls to ServiceNow, and Bash for automation scripts. Throughout the project, I regularly demoed our progress to stakeholders, which led to positive feedback and immediate adoption for new client onboarding processes.


Situation & Challenge

As the company steadily acquired new enterprise customers, demand surged for our ad personalization services. To enable those offerings, clients needed to quickly stand up data pipelines and connect multiple data sources, a process that required proof of concept (POC) in sandbox environments, strict compliance checks, and coordination across teams.

However, once contracts were signed, customers had to manually submit several ServiceNow tickets to request infrastructure and onboarding services. These requests came in with mixed priorities and were often incomplete or submitted out of order, leading to long wait times, confusion across teams, and missed compliance steps. For example, some users were onboarded without all AWS guardrails in place due to tracking gaps.

While Terraform was already in use to provision AWS accounts and create workspaces in Terraform Cloud, the overall process was mostly manual and fragmented. The product owner pushed for a better onboarding experience, and our engineering team was tasked with designing and implementing an automated solution. We collaborated with stakeholders in security, compliance, audit, and customer success.

Tooling constraints added complexity: the company had just adopted VMware vRA and vRO, which we had to integrate with Terraform and ServiceNow. Outdated Terraform provider support for vRA forced to implement API-based workarounds, and connecting stateless tools (like Terraform) with stateful platforms (like vRA) presented major challenges. On top of that, we operated with limited engineering bandwidth — only two part-time engineers (myself included) and reduced availability from the solution architect.


Solution

To streamline enterprise onboarding and eliminate manual handoffs, I built a VRA-driven pipeline that automated AWS account provisioning end-to-end. The key components of the solution included:

Single Entry Point via Service Broker

Exposed a user-friendly catalog item in VMware Service Broker, backed by a VRA blueprint. This allowed clients to initiate provisioning through one self-service request — replacing the multiple ServiceNow tickets.

Orchestration with VMware Orchestrator (vRO)

Connected the VRA blueprint to:

  • ServiceNow, using REST APIs to pull governance-critical data and validate inputs (e.g., ensuring business unit and team alignment).
  • AWS (via Boto3) to propagate governance data from ServiceNow into resource-level tags.

Account Provisioning in AWS

  • Triggered provisioning using AWS Control Tower within a managed Organizational Unit.
  • Applied security and compliance guardrails automatically via AWS Customizations.
  • Created an initial IAM user for VRA to provision future AWS resources from catalog items.

Account Registration & Monitoring

Once the account was provisioned, vRO updated relevant ServiceNow tables and raised an automated monitoring ticket via API.

Integration with Jenkins & Terraform Cloud

Jenkins pipelines propagated the new AWS account config across all VRA instances.

Triggered Terraform Cloud runs to update infrastructure configurations and ensure changes were committed to Git, keeping everything defined as code.

Error Handling & Resilience

The pipeline included safeguards to handle partial failures and ensure the integrity of infrastructure and process automation.

Outcome

Once completed, the customer received immediate access to a compliant AWS account via Okta, ready for use.


Impact & Results

  • Reduced customer onboarding time from several weeks of manual ticket handling to just a few hours by consolidating the request process into a single automated workflow.
  • Decreased ticket errors and compliance oversights by eliminating manual dependencies, improving data consistency and ensuring all AWS accounts met security guardrails from day one.
  • Enabled proactive governance by integrating ServiceNow and AWS tagging strategies, which streamlined audit reporting and cloud resource visibility.
  • Significantly improved internal efficiency by automating coordination across security, compliance, and infrastructure teams, reducing operational load and speeding up delivery cycles.
  • Adoption grew rapidly; the platform became the standard onboarding path for all new enterprise clients immediately.
  • Received positive feedback from leadership for enabling faster onboarding at scale while maintaining strong compliance controls.
  • The automation framework became a blueprint for future internal automations using VRA + Terraform + Jenkins.