CloudStraight builds Disaster Recovery site on AWS for IKY.April 7, 2022
CloudStraigh migrates and transforms KM Cube’s core application on AWS.KM3 had been using their on-premise infrastructure for their IT needs. KM3 wanted to migrate their core IT workloads to the Cloud and stop managing physical infrastructure.
At the same time, they wanted to minimize operational overhead, increase resiliency and shorten and automate their Software Development Lifecycle in a highly secure and scalable way.
KM3 chose CloudStraight as their trusted partner for migrating, re-platforming and refactoring their workloads on AWS. KM3 has achieved a significant reduction in operational overhead while automating its SDLC gaining the agility and speed required in a fast-changing environment as the Investment and Financial sector.
KM3 was operating from their on-premise infrastructure. They wanted to move to the Cloud in order to minimize operational overhead and automate their Software Development Life Cycle as they are continuously improving their existing systems and developing new solutions. For a regulated entity like KM3, security, resilience and availability are of paramount importance. The company applied the highest standards in these areas and required a solution that included monitoring and logging as well as automated incident response and remediation.
The SolutionCloudStraight reviewed the existing systems and processes along with business and regulatory requirements and successfully migrated, re-platformed and refactored the relevant workloads.
The core application was migrated to AWS using Elastic Container Service (ECS – Fargate) minimizing operational overhead using autoscaling and scheduling via Lambda and EventBridge. The application was decoupled to a three-tier architecture and the database tier was re-platformed to RDS.
To facilitate the need for agility and fast deployment, a CI/CD pipeline was created using CodePipeline, CodeCommit, CodeBuild, ECR and CodeDeploy in a Blue/Green deployment strategy.
Security / Monitoring / ManagementSecurity best practices as defined in the Security Pillar of AWS Well Architected Framework were followed.
Data is protected bot in transit and at rest (SSL / KMS). Access and network are protected at all layers (IAM / Security Groups / NACLs) using the least privilege principle while secrets are protected through SSM parameters and Secrets Manager.
Detailed monitoring and logging have been also implemented using CloudWatch, CloudTrail and Config with automated incident response, alerting and remediation.
AWS Systems Manager was leveraged for gaining visibility and control of the complete infrastructure on AWS, providing a unified user interface for viewing operational data from multiple AWS services and automating operational tasks across AWS resources.