Building secure serverless microservices rapidly using AWS

Enhanced application availability, improved performance, faster time-to-market, and easy scalability have made microservices a popular architectural choice for enterprises. Focused on building business functionalities, microservices make it easier to build and maintain secure, scalable applications. They allow decoupled services written in different programming languages to coexist with other fragments, giving businesses the flexibility to use multiple technologies.

This blog shares our experience of helping a print e-commerce company deploy a highly scalable, available, and easily manageable microservices architecture in a short time frame, using AWS services. They had multiple services spread across business units in different geographies and wanted to set up a consistent communication and service access protocol.

The print e-commerce firm already had a gateway server to access its backend services, which also acted as a router and token validator. Therefore, they wanted a microservice architecture that would be compatible with their gateway server and route requests. Since some of their core services like shipping, price calculator, etc. used legacy endpoints, they wanted a microservice that would also be compatible with these.

Building serverless microservices on AWS

To address the customer’s requirements, we designed microservices using a combination of API Gateway and Lambda. API Gateway can route requests to various backend layers like applications hosted on EC2, Lambda functions, etc. We chose Lambda because of its inherent serverless capabilities. The API Gateway-Lambda combination had the following advantages:

  • High-availability with 99.99% uptime
  • Flexibility to choose the technology stack for writing business logic
  • In-built security and automatic updates with support for authorizers, number of requests handled, and validating request models
  • Compatibility with open source frameworks to design, deploy, and manage microservices

Securing microservices

Securing microservices is important as this ensures that business applications can be accessed only by eligible users (Authentication), and they can only access the services required to perform their job (Authorization).

OAuth 2.0 is the most widely used protocol for authentication and authorization. However, ensuring scalability and security compliance of the OAuth 2.0 server can be time and resource consuming. To address this challenge, we used AWS Cognito, a serverless user directory that integrates easily with AWS services. It authenticates customers using frontend interfaces like mobile and web applications and generates a token to authorize their access to various endpoint microservices and REST resources.

The diagram below details the microservices architecture:

microservices architecture

Conclusion

The microservices architecture enabled the client to:

  1. Reduce 60% time (from 3 days to less than a day) for marketing new offers and updating their product catalog

  2. Reduce web application deployment time by ~20% by decoupling business logic from application code

  3. Save ~35% time in new backend application deployment by simplifying the web portal of a business unit

  4. Upgrade a 15-year-old legacy platform of a business unit to a new application framework in 40% less time than planned. This helped achieve:

    • 20% revenue growth due to high availability of the application
    • 30% increase in online sales

This is just one example of how we helped a client build a highly scalable and easily manageable microservices architecture in a short time frame, without compromising on security, availability, and flexibility. With extensive experience in data platform modernization and cloud expertise, Impetus is well-positioned to help you leverage the agility of serverless architecture to achieve your digital transformation goals.

To know more, get in touch with us today.

Author
Aditya Parasrampuria
Lead Software Engineer