The client is a UK-based fintech company specialising in financial management systems and process reengineering. The company provides consultancy services to top financial institutions across the globe.
The company was seeking to implement a cloud-based, multi-tenant client management platform for investment companies. After the initial Cloud migration assessment, which was completed by the Auxenta team, they came up with a more cost effective and more reliable Serverless Architecture for the proposed project.
How Auxenta helped
Auxenta cloud architects along with the software development team were engaged in the completion of the following phases.
1. Cloud migration assessment
2. Technical design
3. Software implementation
4. Security evaluation and systems hardening
5. Performance evaluation and improvements
AWS Lambda Functions
AWS API Gateway
AWS Step Functions
The proposed solution consists of several steps (see Figure 1). An explanation on each is given below. It is a direct implementation of AWS Serverless Reference Architecture with some added AWS native services.
- The client of the system was to be financial organizations, their partners and their customers. Clients will access the system through the web UI and some of its partners will access the systems through API calls.
- Leveraging Amazon CloudFront not only provides a better performance experience for the consumers through caching and optimal origin routing, but limits redundant calls to the system backend.
- Amazon S3 hosts web application static assets and is securely served through CloudFront. This helps to build serverless web applications and websites by providing a highly available keyvalue store from which static assets can be served via a Content Delivery Network (CDN), such as Amazon CloudFront.
- Amazon Cognito helps to easily add user sign-up, sign-in, and data synchronization to serverless applications. Amazon Cognito user pools provide built-in sign-in screens and federation with Facebook, Google, Amazon, and Security Assertion Markup Language (SAML). Amazon Cognito Federated Identities helps to securely provide scoped access to AWS resources that are part of the serverless application architecture. For this application, we used Cognito for user management and the identity provider feature of the application.
- As static content served by Amazon S3 is downloaded by the consumer, in many scenarios, dynamic content needs to be sent to or received by your application. For example, when a user submits data through a form, the Amazon API Gateway serves as the secure endpoint to make these calls and return responses displayed through your web application.
- The AWS Lambda functions let us run the stateless serverless backend on a managed platform that supports microservices architecture, deployment, and management of execution at the function layer. For this system we have used Lambda functions to execute logics and Create, Read, Update, Delete (CRUD) operations on top of DynamoDB for the web application.
- Amazon DynamoDB helped us to build serverless applications by providing a managed NoSQL database for persistent storage. Combined with DynamoDB Streams, we can respond in near real-time to changes in the DynamoDB table by invoking Lambda functions. The DynamoDB Accelerator (DAX) adds a highly available in-memory cache to DynamoDB that delivers up to 10X performance improvement from milliseconds to microseconds, which elastically scales with the traffic of the web application.
BENEFITS TO THE CLIENT
Ease of governance