Hanbaobao – AWS Landing Zone

Customer Overview

Hanbaobao Pte Ltd is the Singapore licensee of Mcdonald’s Restaurants Pte Ltd, operating more than 135 McDonald’s restaurants island-wide and serving 6.5 million customers every month. Their service includes online and mobile order, and delivery. All their marketing applications, games applications, online order system, corporate websites, business intelligence applications and Singapore-based core IT applications run on AWS cloud.  


Hanbaobao experienced a surge in customer accounts in their newly launched mobile order app function, resulting in increasing workload and security demands. Their AWS account was not able to cope as it lacked structured management, resulting in low baseline security and poor visibility into resource utilization. They also have minimal control over account creations, and the Standard Operating Procedures and Service Control Policies were not progressively developed to meet the growing business.


Cloud Comrade helped Hanbaobao build a scalable and secure AWS Landing Zone, automating the set up of AWS account creation using vending machines and AWS environment using Terraform. This helped them meet the growing demand for customer account creation and mobile ordering. AWS Guardrails, service control policies and security features such as IAM and MFA helped strengthen baseline security and meet security compliance. Audit manager allows them to gain continuous governance and compliance audits.


With the new setup, Hanbaobao could easily implement AWS best practices and meet the shared responsibility requirements. With stronger security baseline in place, continuous threat hunting and prevention capabilities, they can now better secure their IT infrastructure and data. Hanbaobao also gained point-in-time access through elevated permission using Infraguard and was able to have more accurate tracking statistics of their inventory using AWS Configuration and Infraguard.

Hanbaobao achieved operational excellence, improve its resource optimization and usage efficiency . Increase in overall sales were supported by reliable infrastructure systems in AWS cloud with autohealing and auto recovery systems to increase operation and availability of the applications. Every application rollout achieved near-zero downtime of 99.99% SLA. Security defense was enhanced through implementation of security at all layers.  

Additional Notes

Cloud Comrade helped Hanbaobao implement an organization structure on AWS cloud with multiple core accounts, providing them with structured IAM creation with grant and attribute-based controls. We also implemented single sign-on to manage access to user accounts. The ability to scale on demand on AWS cloud enabled Hanbaobao to address sudden spikes such as during the launch of new menu items or games during festive seasons – while being protected by continuous threat prevention capabilities using Trend Micro, AWS WAF and AWS Shield. Cloud Comrade also implemented cloud financial management for Mcdonald’s to deliver cost optimization and helped them adopt a consumption model to measure overall efficiency.