Back to Case Studies
Retail Banking

How We Cut CBA Infrastructure Deployments from 13 Weeks to 2 Days

We transformed a 28-day manual release process into a 2-day automated pipeline for a major energy trader, enabling them to outpace competitors through strategic replacement of homegrown infrastructure tooling with enterprise-grade Terraform.

Published on: July 23, 2025Last Updated: July 23, 20256 min read

PISR: Problem, Impact, Solution, Result

  • Problem: Commonwealth Bank of Australia, a major enterprise in the retail banking sector, faced critical infrastructure provisioning bottlenecks caused by their homegrown DevOps Hosting Platform (DHP). This proprietary tool created a 13-week lead time for new infrastructure deployments, whilst other business units relied on inconsistent, unsupported provisioning methods including manual CloudFormation templates and unsupported open-source Terraform instances, creating widespread fragmentation across the organisation.

  • Business Impact: The monolithic DHP architecture required 24-hour refresh cycles for state changes and years-long custom development efforts to support new AWS services. This systemic inefficiency created innovation bottlenecks affecting hundreds of developers, significantly impacted engineering morale, and introduced substantial operational risk through inconsistent security postures and governance across business units.

  • Our Solution: Over 9 months, ClearRoute's team of 2 QCAs and 1 QCE partnered with CBA's Cloud Platform and CDAO teams to implement Terraform Enterprise as the bank's officially endorsed, self-service infrastructure-as-code platform. We implemented a production-ready solution with deep HashiCorp Vault integration for dynamic secret management, introduced GitHub Actions workflow automation, and established a pioneering automated module testing framework ensuring robust quality and compliance standards.

  • Tangible Result: The transformation achieved a 98% reduction in infrastructure provisioning lead time from 13 weeks to under 2 days, eliminated critical operational bottlenecks, and enabled development teams with industry-standard, self-service workflows. This directly enabled them to launch new products faster and improved developer satisfaction significantly.

The Challenge

Business & Client Context

  • Primary Business Goal: Standardise infrastructure provisioning across the organisation to accelerate product delivery cycles, reduce dependency on high-maintenance proprietary tooling, and support broader strategic DevSecOps transformation objectives.
  • Pressures: Competitive pressure from more agile financial services providers, developer talent retention challenges due to outdated tooling, and the need to rapidly adopt new AWS services to support digital banking initiatives.
  • Technology Maturity: CBA had made substantial investment in a homegrown DevOps Hosting Platform (DHP) that functioned as a proprietary reimplementation of Terraform. Despite political support, the platform demonstrably failed to scale, with any new AWS service integration requiring multi-year internal development projects.

Current State Assessment: Key Pain Points

  • Extreme Deployment Bottlenecks: The DHP platform's 13-week lead time from request to deployment was systematically destroying engineering productivity. The core architectural deficiency—reliance on a monolithic state file—necessitated 24-hour refresh cycles for any significant change.
  • Tool Fragmentation: Various teams had resorted to shadow IT solutions including manually crafted CloudFormation templates, unsupported open-source Terraform instances, and direct AWS console modifications creating audit and compliance risks.
  • Developer Experience: The complexity and bank-specific nature of DHP created significant talent management challenges, with new engineers requiring weeks to become productive with proprietary tooling.

Baseline Metrics (Where Available)

Metric CategoryBaselineNotes
Infrastructure Lead Time13 weeksDHP end-to-end provisioning process
State Refresh Duration24 hoursMonolithic state file limitation
New AWS Service AdoptionYearsCustom development dependency
Developer IaC OnboardingWeeksProprietary tool learning curve
Tool Standardisation0%Multiple inconsistent approaches

Solution Overview

Engagement Strategy & Phases

  • Phase 1: Discovery & Strategic Alignment: Conducted comprehensive Route to Live analysis, navigated political sensitivities around existing DHP investment, and secured executive sponsorship through evidence-based capability assessment.
  • Phase 2: Foundational Platform Build: Implemented Terraform Enterprise with HashiCorp Vault integration, SSO authentication, and self-service GitHub Actions workflows following "Day One Consumable" philosophy.
  • Time to First Value: Delivered self-service workspace provisioning pipeline in week 16, allowing developers to obtain secure, connected AWS environments in minutes.
  • Phase 3: Quality Engineering & Scale: Developed automated module testing framework, implemented semantic versioning, established Golden Path templates, and embedded Sentinel policy-as-code validation.

Architectural Overview

Before State: Fragmented Proprietary Chaos

After State: Unified Self-Service Platform

QCE Disciplines Applied

  • Platform Engineering: Delivered enterprise-grade, scalable Terraform infrastructure that eliminated the architectural flaws of the proprietary DHP platform, establishing self-service workspace provisioning with dynamic credential injection as the foundation of a modern operating model.
  • Developer Experience: Successfully abstracted platform complexity from end-users through a simplified workflow requiring only a single pull request to obtain fully configured environments, enabling teams to focus on application-level value delivery rather than operational overhead.
  • Quality Engineering: The automated module testing framework represented a significant innovation, validating infrastructure code against real AWS resources whilst automating semantic versioning, systematically preventing defective infrastructure code from reaching production environments.

The Results: Measurable & Stakeholder-Centric Impact

Headline Success Metrics

MetricBefore EngagementAfter EngagementImprovement
Infrastructure Lead Time13 weeks< 2 days-98%
Developer IaC OnboardingWeeksHours-95%
New AWS Service AdoptionYearsDays+365x faster
State Management Refresh24 hoursReal-timeImmediate feedback
Provisioning Consistency0% standardised100% golden pathsComplete uniformity

Value Delivered by Stakeholder

  • For the CTO / CIO:
    • Eliminated substantial technical debt associated with proprietary DHP platform, freeing engineering resources for customer-facing innovation. (debt_reduction: "Multi-year maintenance burden eliminated")
    • Established infrastructure agility matching industry standards, enabling rapid response to market opportunities. (market_agility: "Days vs weeks for new capabilities")
    • Successfully navigated complex stakeholder alignment to forge strategic HashiCorp partnership. (vendor_strategy: "Enterprise-grade tooling partnership")
  • For the VP/Director of Engineering:
    • Eliminated the primary source of engineering frustration through modern, industry-standard tooling. (satisfaction_improvement: "Industry-standard developer experience")
    • Removed significant barriers to external recruitment whilst reducing onboarding time through familiar tooling. (talent_acquisition: "Terraform expertise immediately applicable")
    • Established foundation for continuous delivery practices by eliminating infrastructure provisioning bottlenecks. (operational_velocity: "Infrastructure no longer constrains product delivery")
  • For the DevOps / Platform Manager:
    • Delivered comprehensive automation that eliminated manual, repetitive support tasks. (operational_efficiency: "Self-service with quality assurance")
    • Pioneered automated infrastructure testing approaches that garnered recognition from HashiCorp engineering teams. (technical_leadership: "Industry-recognized innovation")
    • Created platform foundation supporting multi-cloud expansion and advanced infrastructure patterns. (platform_scalability: "Enterprise-grade foundation")

Client Testimonials

"What was implemented in six months is a scope of work that we have seen take other large organisations over a year to accomplish. The speed and quality of the execution were truly top-tier."

— HashiCorp Representative

Lessons, Patterns & Future State

  • What Worked Well: The "Day One Consumable" philosophy of delivering complete, flawless user experiences rather than partial functionality proved essential for enterprise adoption. In environments where institutional confidence drives adoption, a perfect initial experience outweighs agile iteration principles.
  • Challenges Overcome: The most significant obstacle was cultural rather than technical—stakeholders had substantial emotional investment in the existing DHP platform. This was overcome through systematic evidence gathering via Route to Live analysis and reframing around infrastructure maturity rather than tool criticism.
  • Key Takeaway for Similar Engagements: When challenging substantial prior investment in enterprise environments, systematic evidence gathering and stakeholder alignment are more effective than technical superiority arguments. Focus on capability gaps and business outcomes rather than direct tool criticism.
  • Replicable Assets Created: Automated infrastructure testing framework leveraging Terraform native functionality, self-service workspace provisioning pipeline with GitHub Actions, Golden Path template library, and enterprise Terraform module patterns with automated semantic versioning.
  • Client's Future State / Next Steps: With Terraform Enterprise established as the standard platform, CBA is leveraging this foundation for multi-cloud infrastructure management and advanced capabilities including serverless architectures and container orchestration that were previously blocked by DHP limitations.