Membership Organization Gains Rewards With AWS Migration
A new reward card program required leading-edge security and reduced maintenance that would grow the member organization’s responsiveness.
Replatform the gift card ecommerce application to AWS, setting the stage for this membership organization to extend its new AWS microservices architecture.
Serving nearly a million people, a membership organization wanted to help members further their common interests. In its effort to serve them in new and creative ways, the organization launched a rewards card program that allows members to purchase reloadable gift cards from different vendors for everyday purchases like food and gas -- while earning cash back.
Once activated, the card can be reloaded online. To further grow its member responsiveness, stay on the front-edge of security and reduce maintenance of the offering, the association sought to re-platform and migrate the gift card ecommerce application from Azure to Amazon Web Services (AWS).
To get started, the NTT DATA AWS consulting team conducted a proof of concept (POC) in which it tested the ecommerce application for compatibility with AWS. In the process, the team learned of several areas that needed attention before the Azure to AWS migration could begin. Indeed, this quick test resulted in a prioritized list of changes that needed to be made to the application code before it could be successfully moved. For example, the team made several changes to move the application from Azure SDKs to AWS SDKs.
With these initial changes made, the team could progress to address:
- Automation like Infrastructure as Code (IaC) and CI/CD pipelines
- Applying best practices
- Building security in with encryption, AWS Secrets, and monitoring with Amazon CloudWatch and managing access with Cognito and AWS IAM
- Establishes leading-edge security with WAFv2 and AWS monitoring
- Delivers updates to members faster, growing member loyalty
- Reduces maintenance needs, freeing time for strategic initiatives
- Furthers system efficiency and effectiveness
The road from Azure to AWS Migration
The ecommerce application itself was built with .NET Core. While .NET is a Microsoft technology, it’s a misnomer to think it can only run on Microsoft Azure. In fact, .NET Core applications are easy to migrate to any cloud provider, including AWS. Given the .NET application’s agnostic nature, it was easily moved to the new AWS infrastructure where it gained enhanced scalability.
The team chose to containerize the application and run it on AWS Fargate -- the AWS serverless platform for containers -- in conjunction with Amazon Elastic Container Service (ECS). To speed the deployment for the association, NTT DATA consultants used its Deploy Containers for AWS reference architecture, building multiple environments. Now when a change is made to the application in the code repository in the development branch, it triggers the CI pipeline and the new container image can be promoted from the development environment to production environments.
Embracing AWS cloud security
Encryption, secrets management, scanning for vulnerabilities and monitoring a web application firewall are all key components of security for the new architecture. The teams:
- Encrypted data at rest with encryption of Amazon S3, Amazon RDS, and Redis data.
- Encrypted data in transit with AWS Certificate Manager for SSL Certificates for external traffic.
- Migrated secrets management from Azure Key Vault to AWS Secrets Manager, which allows the security team to easily rotate, manage, and retrieve credentials, keys, and other secrets.
- Achieved application monitoring with Amazon CloudWatch which collects data into performance changes, resource utilization, and general operational health.
- Protected the application against web exploits with AWS Web Application Firewall (WAF). Specifically, AWS WAFv2 was implemented alongside managed rules by Fortinet that protect against the OWASP Top 10 web application threats.
- Container scanning was very easily implemented by enabling the feature in Amazon Elastic Container Registry (ECR).
Reaping the benefits of AWS
The Azure to AWS migration has enabled this organization to embrace cutting-edge security with WAFv2 and AWS monitoring while delivering updates to members faster. In addition, automation has vastly reduced maintenance needs, freeing time for the client’s team to focus on strategic initiatives that deliver direct member benefits.
With the new application now running in production for member use, the organization is looking forward to extending its new AWS microservices architecture to other components, furthering the virtuous cycle of greater efficiency and effectiveness the AWS migration has brought to the organization.
About Membership Organization
Membership organization migrates its rewards card program to AWS, adopting cutting-edge security while delivering updates to members faster, growing member satisfaction and loyalty.