SEED

The New South Wales SEED Platform Plants New Ideas with Cloud Modernisation

2021

Environmental Data Empowers Decision-Making

For landowners in New South Wales (NSW) who are curious about koala sightings or fire history in their area, the Sharing and Enablement of Environmental Data (SEED) portal is a comprehensive resource. Launched in 2016 by the NSW government and managed by the NSW Department of Planning, Industry & Environment (DPIE), SEED aims to streamline the discoverability of environmental data, empowering evidence-based decision-making and increasing trust through greater transparency. SEED has a broad remit of stakeholders including researchers and academics, environmental regulators, and the community at large.

As of 2021, the open-access, web-based portal acts as a centralised hub for over 2,700 public and private datasets, up from 70 in 2016. SEED includes many user-friendly tools, including an interactive map with over 400 layers that users can manipulate to create custom queries. They can then download the query results for further analysis.

kr_quotemark

We want to grow the number of datasets and are focused on improving the user experience rather than the operational side of things. We’re thinking more about the business and the platform, and that’s where we want to be.”

Sten Christensen
Senior Team Leader, SEED

Optimising to Embrace Best Technology Practices

SEED was operating on the Amazon Web Services (AWS) Cloud, but inefficiencies crept into the platform design over the years. The SEED team, which includes project managers and a marketing lead, undertook a systematic overhaul aimed at modernising the portal with the assistance of AWS Partner PolarSeven. This partnership involved optimisation of platform reliability, adopting best technology practices, and the introduction of innovative tools to accommodate growing datasets.

In line with the vision of the SEED platform, the goals of the modernisation project were to improve management efficiency and enable fast, transparent data access. To maximise efficiency and enhance SEED’s capacity, PolarSeven came on board to manage the service desk and backend infrastructure of the portal.

Simplifying Workloads in a Cloud-Native Environment

For SEED, modernisation goes hand-in-hand with simplification. By re-architecting the platform in a cloud-native environment, SEED’s stakeholders have improved visibility and a deeper understanding of workflows.

“We’ve taken a disciplined approach to refining and redefining processes in the AWS Cloud, which provides a clearer picture to manage issues and understand the implications of change,” says Sten Christensen, DPIE’s senior team leader for SEED. “We also have a more accurate view of timelines and costing when we want to scale up or enhance the platform, so we know immediately whether we can proceed from a budgeting perspective.”

The modernisation and resulting improvements in SEED’s change management process have enhanced DPIE’s partnerships with vendors on platform innovations. The organisation has implemented a detailed schematic of SEED’s architecture that’s always up to date. “The modernisation has facilitated new work with partners and vendors in an open way,” Christensen says. “Having that understanding and architecture readily available allows us to drive new service delivery plans and isolate problems faster.” Previously, it could take a full day to trace the chain of events causing a system failure, whereas now it only takes 1–2 hours.

Streamlining Security for Improved Data Access

One of the first points on the modernisation agenda was to streamline user access and security management. Previously, there was a complex structure to access and navigate SEED datasets. After optimising the portal, users, developers, and administrators benefit from single sign-on to retrieve data across multiple directories in the SEED portal.

SEED is a growing entity. To minimise system vulnerability as data is added to the portal, PolarSeven has enabled end-to-end data encryption and group policies following the principle of least privilege. Additionally, PolarSeven implemented AWS Security Hub to detect deviations from security best practices and aggregate alerts. A monitoring solution using Amazon CloudWatch and Amazon Simple Notification Service (Amazon SNS) immediately reports abnormal behavior and system lags to the PolarSeven service desk for remediation.

SEED’s elevated security posture not only fulfills the requirements of Australian regulators, but also saves time for users when downloading data as well as ensures easy access.

Driving Automation with Infrastructure as Code

Following SEED’s modernisation vision, automation of workflows was next on the list toward system optimisation. Automated provisioning with AWS CloudFormation templates reduced the manual effort associated with release management and made the process replicable and auditable. The team also rebuilt four Windows applications using infrastructure-as-code templates as part of the modernisation project. Similar to release management, version control was automated within the deployment process, which reduced the requirement for SEED app vendors to directly access servers or databases associated with the platform. This, in turn, mitigates SEED’s vulnerability to any potential threats. DPIE also uses Amazon WorkSpaces to streamline remote vendor access and has integrated single sign-on controls for each vendor to centralise identity management.

Adopting infrastructure as code through AWS CloudFormation and AWS Lambda has not only enhanced security due to the ease of tracking changes, but also enabled a DevOps approach to infrastructure management. SEED has built in AWS CodeBuild and AWS CodePipeline as fully managed continuous integration/continuous delivery (CI/CD) services. Scaling is simpler with these CI/CD tools because builds are not left waiting in a queue.

Time Savings Enable More Focus on New Tools

Christensen estimates the team is saving about five days a month from automated provisioning, deployments, scaling, and reduced issue resolution time. Time savings have also resulted from smoother integrations on the AWS Cloud. The SEED team has eliminated one of four IT environments, systems integration testing, which further condenses the release cycle for updates and new features. 

With platform modernisation now complete, the SEED team is turning its attention to developing new tools and planning enhancements to the SEED map user interface. Christensen says, “We want to increase the number of datasets and are focused on improving the user experience rather than the operational side of things. We’re thinking more about the business and the platform, and that’s where we want to be.”

To Learn More

 To learn more, visit thinkwithwp.com/government-education.


About SEED

New South Wales' (NSW) Department of Planning, Industry & Environment manages the Sharing and Enablement of Environmental Data (SEED) web portal to provide open access to environmental data in NSW. SEED stakeholders include researchers and academics, regulators, and community users.

Benefits of AWS

  • Enables straightforward user access to over 2,700 public and private datasets
  • Facilitates and reduces risk of collaboration with vendors and partners
  • Saves 5 days a month with automated processes
  • Automates version control of Windows workloads
  • Reduces issue resolution time to 1–2 hours from 1 day
  • Improves security management with single sign-on, end-to-end encryption
  • Promotes innovation of new tools and improved UI

AWS Services Used

AWS CloudFormation

AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code.

Learn more »

AWS Security Hub

AWS Security Hub is a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation.

Learn more »

AWS CodePipeline

AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates.

Learn more »

AWS CodeBuild

AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. 

Learn more »


Get Started

Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.