Resolve Parking (Smart Mobility – Amazon ECS Fargate + Control Tower)
Implementing a Well-Architected AWS DevOps Platform for a Smart Parking Solution
Executive Summary
Resolve Parking provides smart parking management solutions that streamline operations, enhance compliance, and improve the customer experience for parking operators Resolve Parking provides smart parking management solutions that streamline operations, enhance compliance, and improve the customer experience for parking operators and municipalities. To support rapid growth and deliver reliable services, Resolve Parking needed a secure, scalable, and highly available infrastructure on Amazon Web Services. GoCloud partnered with Resolve Parking to modernize their platform by deploying Amazon ECS with AWS Fargate as the core orchestration service for containerized applications. This enabled consistent deployments, seamless scaling, and high availability across dedicated development/staging and production environments, ensuring faster releases with reduced operational overhead. To strengthen governance and efficiency, GoCloud also implemented an AWS Landing Zone with AWS Control Tower, providing centralized account management, security baselines, and guardrails. Together, this foundation allowed Resolve Parking to scale their intelligent parking solutions, maintain compliance, and operate with improved efficiency across multiple markets.
municipalities. To support rapid growth and deliver reliable services, Resolve Parking needed a secure, scalable, and highly available infrastructure on Amazon Web Services. GoCloud partnered with Resolve Parking to modernize their platform by deploying Amazon ECS with AWS Fargate as the core orchestration service for containerized applications. This enabled consistent deployments, seamless scaling, and high availability across dedicated development/staging and production environments, ensuring faster releases with reduced operational overhead. To strengthen governance and efficiency, GoCloud also implemented an AWS Landing Zone with AWS Control Tower, providing centralized account management, security baselines, and guardrails. Together, this foundation allowed Resolve Parking to scale their intelligent parking solutions, maintain compliance, and operate with improved efficiency across multiple markets.
About RPS
Resolve Parking provides advanced parking management solutions designed to streamline operations, enhance compliance, and improve the customer experience. Their goal is to deliver secure, automated, and user-friendly technologies that integrate with existing property and facility systems. The services Resolve Parking offers help organizations reduce administrative burden, optimize revenue, and simplify parking enforcement across diverse environments.
About the Customer
Resolve Parking is a smart mobility platform designed to simplify parking management for cities, businesses, and drivers. By combining IoT sensors, mobile applications, and real-time analytics, Resolve Parking helps organizations optimize parking space utilization, reduce congestion, and improve the overall urban mobility experience. Its intelligent system provides drivers with seamless navigation to available spots while enabling operators to manage demand, monitor usage, and implement dynamic pricing. With a focus on efficiency, sustainability, and user convenience, Resolve Parking transforms traditional parking into a connected, data-driven service that supports smarter cities and greener communities.
Customer Challenge
Inconsistent ECS Deployments –
Non-standardized ECS deployments across Dev, Staging, and Prod caused configuration drift and compliance risks
Limited Visibility –
No centralized way to track ECS services or infrastructure changes across accounts.
Lack of Centralized Governance –
Absence of AWS Control Tower prevented consistent security guardrails, account baselines, and clear workload oversight.
Why Amazon
Web Services
Why RPS
Chose GoCloud
GoCloud’s Solution
Services Used
AWS Control Tower →
Provides a secure, governed landing zone with standardized account setup and guardrails.
AWS IAM →
Ensures least-privilege access and role-based controls for users and teams.
AWS Secrets Manager →
Centralized and encrypted storage of credentials, removing hard-coded secrets
Amazon RDS (Multi-AZ) →
Highly available and fault-tolerant database setup with automated failover
Elastic Load Balancer (ALB) →
Distributes traffic securely across services for high availability and resilience.
AWS Config →
Continuously monitors configurations and enforces compliance rules.
AWS ECS Fargate →
Runs containerized applications without managing servers, improving scalability and reducing operational overhead.
Amazon CloudWatch →
Provides unified monitoring, logging, and alerting across accounts, improving visibility and proactive issue resolution
AWS Code Pipeline →
Automates CI/CD workflows, reducing deployment risks and enabling faster releases.
AWS CloudTrail →
Complete audit logs for governance, compliance, and security investigations
AWS Security Hub →
Unified view of security posture with automated compliance checks.
NAT Gateways →
Secure outbound internet access for private resources without exposing them publicly.
Auto Scaling (ECS ) →
Automatically adjusts compute capacity based on demand, optimizing cost and performance.
Architecture Diagram
Workflow
For Resolve Parking Solutions, a multi-account setup was established using
AWS Control Tower, with dedicated Dev, Stag, and Prod environments to ensure
proper isolation, governance, and security. Within each environment, Amazon ECS with
AWS Fargate orchestrates containerized applications inside dedicated VPCs spanning
multiple Availability Zones (AZs), providing fault tolerance, high availability, and
seamless scaling.
For Resolve Parking Solution, a multi-account setup was created by using AWS Control
Tower, details of which are as follows:
• 2 Organizational Units (OUs) – Members OU (Develop, Staging, Production) and Security OU (Audit, Log Archive).
• 3 Shared Accounts – Management, Audit (for centralized monitoring), and Log Archive (for compliance and log aggregation)
• A cloud-native directory with preconfigured groups and AWS IAM Identity Center (SSO) access.
• 20 preventive guardrails to enforce security and governance policies and 2 detective guardrails to detect configuration violations.
With AWS Control Tower, a Landing Zone was established, providing Resolve Parking Solution with a well-architected multi-account baseline built on AWS bestpractices. The Landing Zone organizes accounts into OUs and enforces governance
centrally.
Core OU: Contains Audit and Log Archive accounts. The Audit account consolidates security findings, while Log Archive aggregates CloudTrail and Config logs from all accounts.
Members OU: Hosts Development, Staging, and Production accounts, each with workload isolation and environment-specific policies.
Root OU: Parent for all accounts, ensuring policies applied at the root cascade to every OU and account
Guardrails and Policies:
• Preventive guardrails (SCPs) restrict unsafe configurations (e.g., blocking public S3 buckets, enforcing strong IAM policies).
• Detective guardrails use AWS Config rules to continuously monitor compliance.
• All workloads and environments are accessed only via AWS SSO, eliminating multiple IAM credentials and ensuring federated identity.
Workloads & Applications:
• Dev & Stage: Resolve Parking Solutions runs containerized applications on Amazon ECS Fargate, integrated with Code Pipeline for CI/CD. Pipelines are connected to Bitbucket, so code changes trigger automated builds, tests, and deployments. Dev supports feature development, while Stage mirrors production for pre-release validation.
• Production: Production workloads run on ECS Fargate clusters across multiple Availability Zones for high availability. Application data resides in Amazon Aurora (PostgreSQL/MSSQL), while static media is stored in Amazon S3 and distributed globally through CloudFront for low-latency access.
• Frontend Applications: Web frontends are also deployed on ECS, allowing the platform to auto-scale with traffic spikes and deliver reliable performance during peak demand.
• S3 Buckets: Dedicated S3 buckets handle CloudFormation artifacts, backups, deployment builds, and logs. All buckets are encrypted, access-controlled, and private to ensure customer data security
AWS Config Integration:
For Resolve Parking Solutions, all containerized workloads are centralized on Amazon ECS with AWS Fargate, following best practices for security, scalability, and governance.
1. Enable ECS Across All Accounts and Environments: ECS clusters are deployed in Dev, Stage, and Prod accounts, ensuring isolation, governance, and consistent operations across environments.
2. Standardize Deployments with CI/CD: ECS is fully integrated with Bitbucket pipelines and AWS Code Pipeline/Code Build, so every code change triggers
automated builds, tests, and deployments. This enforces consistency and reduces human error.
3. Leverage Multi-AZ VPCs for High Availability: Each ECS workload runs inside a dedicated VPC spanning multiple Availability Zones, ensuring high availability, resilience, and fault tolerance.
4. Secure Workloads with Encrypted Storage and IAM: Secrets are stored in Parameter Store/Secrets Manager, containers run in private subnets, and access is restricted through fine-grained IAM roles and security groups.
5. Centralize Logging and Monitoring: ECS services across Dev, Stage, and Prod send logs and metrics to a centralized CloudWatch and Log Archive account, giving Resolve Parking a single source of truth for monitoring, troubleshooting, and audits.
Monitoring & Security:
● CloudTrail and AWS Config enabled in all regions with logs centralized in the Log Archive account.
● Amazon CloudWatch provides application and infrastructure monitoring with alarms and dashboards.
● AWS Guard Duty and Security Hub aggregate security findings across accounts into the Audit account for centralized threat detection.
● Role-based access controls ensure developers work in Dev, QA/operations in Stage, and only authorized personnel access Prod.
Results & Benefits
The solutions implemented by GoCloud resolved all of Resolve Parking Solutions’ IT challenges and delivered a range of benefits, with Amazon ECS as the foundation:
● Faster Incident Resolution:
Before Previously, application incidents were difficult to troubleshoot due to limited visibility across environments. With ECS integrated into centralized logging and monitoring, the team can now quickly trace issues back to specific container deployments, reducing downtime and accelerating resolution.
● Consistent Deployments Across Environments:
Resolve Parking Solutions’ Dev, Stage, and Prod environments often drifted, causing compliance and security gaps. By standardizing deployments through ECS with CI/CD pipelines, workloads are now consistent across all environments, minimizing risk and ensuring best practices are enforced automatically.
● Centralized Oversight for Audit
In the past, the fragmented setup made it hard for the Audit and Ops teams to gain a single view of workloads. With ECS running in a multi-account architecture and logs consolidated into a central account, the teams now have complete visibility into workloads and deployment history, simplifying audits and compliance reporting.