The Challenge
As part of their mission to help every working Filipino move towards financial freedom, Advance wishes to improve their operational excellence by doing a Well-Architected Review (WAR) and implementation of a CI/CD pipeline, as well as automation of some of their manual tasks on AWS.
The Insights
Apper was sought out to provide its consulting expertise and is currently aligned with the CTO and COO of Advance.ph to coordinate this project. Jhenard Cayaban, AWS’s lead for PH startups was with us in the scoping call alongside the customer.
The Solution
As an Advanced Tier APN (Amazon Web Services Partner Network) Consulting Partner, Apper provided professional consulting services for cloud infrastructure, application architecture, cost optimization, and cloud security.
Scalable high-availability cloud infrastructure implementation
Using Amazon ECS on AWS Fargate, from manually provisioned two load-balanced instances to auto-scaled instances with a minimum of 2 and a maximum of 4 instances based on the load testing conducted by Apper.
Application instances are also designed to automatically reprovision its instances should one or more instances fail. When there are issues during deployment, Advance Tech is able to easily troubleshoot the issue, even locally, due to the containerized nature of their architecture.
As such, the need to coordinate with one person has been eliminated.
On increasing cloud security posture with AWS
Previously, resources were publicly available and were only protected by passwords which we carefully shared to relevant personnel. By provisioning jump hosts, it provides an additional layer of protection for their instances.
Through AWS CloudFormation, master credentials (username and password) for application databases are generated and stored by AWS Secrets Manager.
This ensures that database credentials are not hardcoded in any configuration file or application code and that applications can utilize the AWS SDK to retrieve the credentials from Secrets Manager to connect to the database.
Cloud automation services implemented by Apper included:
- AWS CloudFormation
- AWS CodeBuild
- AWS CodeDeploy
- Amazon CloudFront
- AWS Elastic Container Service – Fargate
- AWS Auto Scaling groups
- AWS Simple Storage Service
- AWS ElastiCache (Redis)
- Amazon Relational Database Service
- AWS Secrets Manager
- AWS Key Management Service
- VPC components and services (security groups, NACLs, NAT Gateways, EIP, etc.)
- VPC components and services (Security Groups, NACLs, NAT Gateways, EIP, etc.)
We are excited about the results we have achieved for Advance, an organization that aims to help every working Filipino move towards financial liberty. We look forward to their robust growth and will continue to extend our support for their cloud automation journey.