Serverless Content Delivery on AWS
Social Network Community
A large social networking company developed a program that provides a forum for developers worldwide to connect and collaborate. Developers build skills and gain experience to contribute to their knowledge base. The program allows for idea incubation while fostering a strong sense of community.
The developer communities exist mostly in emerging nations, where facilities, access to quality learning resources, and technology can be scarce. The social networking company wanted to provide these developer communities with ready access to curated, premier learning materials. In addition, the company wanted a platform that could search, track, and manage learning.
The solution had to be highly available, globally delivered, developed quickly, and able to perform at scale, all while meeting stringent security requirements.
In order to meet these requirements, Unicon developed a serverless content development and delivery system solution using AWS services. The solution leverages a number of services including AWS CloudFront, AWS Lambda, AWS API Gateway, AWS S3, AWS Cognito, AWS Athena, AWS Glue, AWS DynamoDB, AWS Route53, and AWS Kinesis. Each of these does not require infrastructure to be managed by the delivery team. Instead, infrastructure is fully managed by AWS.
The services are highly available and performant. All of the services work together to provide a highly available solution, capable of withstanding failures. By using these serverless components, the delivery team did not have to focus or worry about the availability needs of the solution. This allowed them to focus on the innovation required to bring the solution into service.
The requirements of the project demanded that a solution be delivered to production in less than two months. In order to design, implement, and test the solution at a rapid pace, a fully automated DevOps process was implemented using AWS CloudFormation, AWS CodePipeline, AWS CodeCommit, AWS CodeBuild, and AWS Lambda. These tools allowed developers to commit their code and see their changes in a fully functional test environment within minutes. Build and deployment notifications were integrated into the team’s Slack channel so that all developers were aware of the changes the moment they were available for viewing. These AWS tools also provided a high level of confidence in the deployment of the production pipelines to produce the same behavior as the test environments, giving the team a fully functional production environment within minutes. Innovation was not slowed by the need to manually build and debug code, or to manually deploy the solution on AWS.
Performance at Scale
The solution needed to be able to scale from a minimal set of users to thousands at any given time. To accomplish this requirement, the solution was implemented using services such as AWS CloudFront, AWS S3, and AWS Cognito. By using CloudFront, the solution is able to deliver content globally at faster speeds. Using S3 as an origin, the solution is not only able to perform at scale, but there is also no need to be concerned about the storage space required to hold the content that will continually increase in size.
The solution also required that user authentication and authorization be implemented. AWS Cognito provided this service and allowed for a performant user management solution that could quickly and easily be incorporated into the product by taking advantage of its integration with the company’s federated identity service.
AWS Kinesis, AWS Glue, and AWS Athena services enabled near real-time analytics data to be achieved at-scale, regardless of the user traffic being serviced. Lambda and API Gateway services gave the solution the ability to scale seamlessly with business logic needs without hampering the solution’s ability to serve requests within the application itself.
The solution also had to provide a secure infrastructure. All of the AWS services used in the solution are able to meet these requirements.
AWS CloudFront provided security at the delivery edge, with ‘no-cost’ protections such as AWS Shield Standard and the ability to integrate with services such as AWS WAF.
AWS Cognito provided a secure user management solution with encryption of data in-transit and at-rest, along with the ability to assign only the necessary permissions to specific user accounts.
As the solution integrates many AWS services, all API calls in the solution are logged through AWS CloudTrail. Using IAM Roles and Policies, the solution and its developers have access to only the services they need while providing a full audit trail for any compliance requirements.
Meeting the Challenges: Unicon Cloud Services for AWS
With experience in all of the AWS services discussed above, Unicon was able to deliver the solution on time while successfully addressing all of the desired requirements. Expertise in AWS services, as well as in the development of cloud solutions, enabled the team to create a fully automated, scalable, performant, and secure production workload in a condensed timeframe.
Unicon is an Advanced Consulting Partner in the AWS Partner Network (APN) and has achieved an AWS Education Competency. Advanced Consulting Partner status indicates that Unicon has the experience to leverage AWS to its fullest potential. Unicon has deep expertise in deploying and operating applications on AWS, as well as providing application design and development. Unicon has deployed and operated large-scale education technology applications that serve global users on AWS services for over 9 years. Additionally, Unicon has staff certified in many current AWS certifications, including AWS Certified Professional level Solution Architects and DevOps Engineers.
- Using AWS Managed Services allows the solution to remain fully serverless, providing confidence that it will be available at any given time with zero dependency on manual management
- Through the use of AWS DevOps tools such as AWS CodePipeline, AWS Lambda, and AWS CodeBuild, the team could deploy, view, and implement new changes efficiently and effectively. The team was able to focus on delivering the solution instead of worrying about the infrastructure
- AWS CloudFront provides the solution with a global network of low latency and high transfer speeds for delivery to end users
- AWS Cognito provides a scalable and performant user management solution that integrates with federated identities
- The solution leverages AWS Kinesis, AWS Glue, and AWS Athena to handle near real-time analytics requirements that can be viewed inside of the solution by end users
- AWS CloudTrail provides an audit trail of all API calls made to AWS services at both a solution and developer level
- AWS CloudFront provides a secure delivery network that is able to be integrated with AWS Shield and AWS WAF providing DDoS protections and securing the origin locations inside of S3
- AWS Cognito stores user information in-transit and at-rest using encryption. By integrating with federated identities, it only uses information required by the solution itself to reduce the need to store vast amounts of user information
- AWS IAM Roles to access AWS API interfaces are implemented inside of the solution and can be monitored by AWS CloudTrail for auditing purposes
- AWS KMS provides a secure key management infrastructure for securing data at-rest in the solution
To learn more about Unicon’s services for AWS, contact a Unicon Solutions Consultant.