Design and implementation of modern serverless application based on microservice architecture on AWS cloud using AWS Lambda and API Gateway
The Company is a large non-banking private-sector life insurer in India and was founded in 2000 with a distribution channel which includes banks, individual agents, brokers, and corporate agents, etc. In addition to life coverage, it also covers health, pension and annuity.
The Customer is adding new business verticals to the existing life insurance business for which new applications are being developed in micro-services architecture. The architecture is expected to be highly agile and scalable, offering greater degree of automation to speed up the process of provisioning & cost saving using auto-scaling and other advance Cloud native services.
Proposed Solution & Architecture
- The Solution diagram gives the high-level overview of the modern serverless application architecture.
- VPC creation with two Public subnets configured route tables pointing to attached IGW and with two Private Subnets with NAT gateway configuration enabling traffic control through NACL and security group.
- Provisioning and configuring of Redis and RDS master & slave cluster in private subnets.
- Provisioning 50 Mb Direct connect between customer on-premise to AWS.
- Corporate Active Directory integration with Cognito to access API gateway privately.
- Lambda functions will be called by API Gateway.
- Provisioning Bastion Host in the Public subnet.
- Backing up instances with EBS volumes.
- CloudFormation stack to recreate environment.
- SNS alerts for CloudWatch Alarms and AWS CloudTrail to monitor account activity.
- With Fully managed AWS Lambda based microservice implementation the application can handle load spikes avoiding business interruptions.
- With the usage of Redis cashing layer before DB, able to provide better customer experience with low latency with a direct positive business impact.
- Business continuity & availability through Master-Slave configuration of RDS and Redis.
- Ensuring Application security through AWS services by decoupling it from application.
To develop business centric Secure App leveraging Identity & access management, Data & Infrastructure protection & Detective controls AWS Services and achieving faster time to market.