Building a unified hybrid cloud with Infrastructure as Code at RBC

Hybrid cloud strategy: A unified approach Secure and controlled deployments Standardization and GitOps best practices Solving the on-premises infrastructure challenge Building a custom IaC provider for on-premises environment Achievements and future plans Final words Posted on October 31, 2025 by John Nixon, Royal Bank of Canada Managing infrastructure across a hybrid cloud environment—spanning public platforms and private data centers—presents a major challenge. Organizations must balance compliance, cost control, and developer experience while delivering consistency at scale. At RBC, we addressed this by building a secure and scalable Infrastructure as Code (IaC) strategy tailored for hybrid environments. Our ambition extends beyond being a leading financial institution—we’re developing the internal capabilities, engineering practices, and developer platforms to operate like a modern technology company. To deliver a consistent infrastructure experience, RBC embraced three guiding principles: compliance, cost management, and developer convenience. Security and regulatory requirements were prioritized, cloud spending was closely monitored and optimized, and developer productivity was enhanced by making infrastructure management seamless. A centralized IaC platform enabled uniform workflows. By deploying execution agents within each cloud or on-premises zone, deployments became faster, localized, and more secure—keeping sensitive data within appropriate boundaries. This was a foundational step in our broader transformation: elevating infrastructure as a first-class product and treating platform engineering as a core competency, not a support function. It’s how we’re enabling RBC to scale, while preserving the security and trust expected of a global financial institution. Operating in a regulated industry means security is non-negotiable. RBC embedded policy-as-code into every stage of the infrastructure lifecycle.