AWS Serverless Solutions

API Gateway & AWS Lambda

We're experts in Serverless solutions

We are experts in Serverless solutions based on Amazon Web Services and we can create secure, highly scalable solutions that do not require investment in technological infrastructure.

Serverless is the model of cloud computing that is changing the conception of cloud services and is that just Serverless allows us to focus on the development of a project without the need to occupy time or invest money in renting or buying equipment or servers to host these solutions.

In Droptek SRL we know in depth each of the services that AWS makes available to us to offer our customers the best combination of them, achieving results for success.

Amazon API Gateway, AWS Lambda, AWS Step Functions, Amazon DynamoDB, among others are the pillar of serverless solutions in AWS Cloud.

Solutions in AWS Cloud

API GATEWAY

Amazon Api Gateway is the AWS solution we use to connect our customers' users to their applications and services. Security, elasticity, flexibility and cost on demand are some of the features that make this service the ideal solution for applications that use APIs to send and receive data.

AWS LAMBDA

AWS Lambda is AWS's cloud computing solution that allows you to execute code without provisioning or renting any type of server instance.

This feature of AWS Lambda is undoubtedly the main advantage since its costs of use are based on execution having zero cost when not used.

STEP FUNCTIONS

AWS Step Function is a very important tool because it allows us to interrelate different AWS serverless services and visualize it graphically, with it we design the workflow for all the services involved in a solution.

DYNAMODB

Amazon DynamoDB is a non-relational database service managed entirely by Amazon Web Service, freeing us from thinking about technical issues related to scaling or data backups and focusing exclusively on making the most of this powerful engine to build applications that scale without any difficulty.

Digital Transformation

Banking Platform

business registration for clients

With Banco Comafi's Digital Transformation platform, several bank procedures were automated, saving hours of manual processes and filling out physical forms with repetitive information for both customers and the bank. Implemented 100% in AWS.
-

Application: PEC and DEi

Customer: COMAFI Bank - Argentina

Detail of the Case
Health Procedures

Health Care Cloud

Administrative processes automation system

Multitenant job management system for service personnel. The management of searches and selection is carried out through videos and text messages.

Application: Health.CC

Client: Argentina

Detail of the Case
Case study

Banco Comafi

How Droptek helped the bank transform its manual and paper processes, improve operational efficiency and internal collaboration through Digital Transformation.

Banco Comafi is a commercial bank of private Argentine capital. It has its headquarters in the City of Buenos Aires and has 65 branches distributed all over the country.

As a commercial bank, it operates in all sectors: individuals, microenterprises, small and medium enterprises, corporate, foreign trade, investment, trading, private banking and fiduciary business.

Among the various services the Bank provides to its Clients, we find the service of acquiring credit and debit cards. This is the process through which the bank pays the money of the purchases made with Credit or debit cards to the company through this process, providing financing and more payments options. This service requires a process of interaction between different areas (Center of Altas, Branch Officers, Marketers, Credit Cards, Risks, Frauds), communication with external companies and card processors mediators and the exchange of Forms and Documentation regulatory paper.

The Challenge: Renew and innovate the processes through the Digital Transformation.

Implement a product / solution in the cloud at low costs with an architecture / model that is capable of:

  • Replicate to different processes: the implemented architecture must be reusable for different business processes with minimum changes and efforts.
  • Automate the interaction between different sectors, the transfer of tasks between them, the online monitoring of the execution.
  • Incorporate the digitalization of documents for online sharing eliminating the circulation of paper.
  • Track and control progress.
  • Manage multiple user profiles
  • Give a correlated and synchronized order to the execution of tasks between the parties
  • Provide monitoring of the status of each stage of the process.
  • Teamwork from different physical places.
  • Traceability of execution times.
  • SLA Metrics
  • Make a clearer and more understandable division of the corresponding tasks of each department of the company, this way the efficiency improves and more tasks are achieved.

The Proposal

  1. To implement Droptek’s serverless based workflow manager to integrate all areas in bank and reduce informal and paper based processes
  2. To expose legacy systems as web services in order to integrate with the workflows platform
  3. To create an authorization and authentication architecture that allows the usage of existing and future authorization methods (Azure AD/On Premise AD federation, also API and Cognito were integrated and any other future authentication based on Oauth 2 or other token based technologies)
  4. To transfer knowledge and train customer’s maintenance and development teams to support the new aws based infrastructure

Outcomes and Achievements

  • Reduction of execution time. Each process of the Bank, for example the Registration of a product always requires an established follow-up of tasks that must be executed in order. Each step must be completed on time and form and at the end must be sent to another level until the total process is completed. With the solutions developed we manage to reduce the resolution times of each area, centralizing all the tasks in a simple and performing product, giving more immediate answers to the client.
  • Immediate and online notification to each area and to the clients; each area receives punctually its tasks so that they are executed in time and form, when receiving the online notifications at the moment in which the previous step was completed.
  • Optimization of resources (paper and people printing and scanning) and information traffic. It was a functional improvement, because the client receives information from another workflow system and after that information was copied to another.
  • Provide the actual status at any time indicating in which area is the execution of the process, information about the client, request dates, user comments on the process and information can be shared between areas, according to defined permissions.
  • Enable monitoring of bottlenecks and potential non-compliance by providing SLA information to users.
  • Improvement in the attention and service to the client since there is an order, pursuit of completeness of tasks and delays, centralization of the information.
  • Building its solution on AWS has helped Comafi to easily manage multiple environments: development, quality assurance and production. With other providers the creation of environments was complex and expensive and difficult to run in parallel. Our solution used a set of CloudFormation scripts that allowed developers to create the environments they wanted.
  • Reduce implementation and maintenance costs due to Serverless architecture, no servers to maintain or manage.
  • It was the first product in the Comafi bank that was 100% made in the cloud, developed and implemented in AWS and first with CI / CD. The creation of APIs in API Gateway, domain configuration, SSL certificates, buckets for logs was developed using CloudFormation scripts that were triggered from Jenkins after the Quality Gates.
  • It allowed to assist in the transformation of the bank's internal teams, best practices, maintenance and support on the cloud. The tools and knowledge were transmitted to the bank's team
  • Incorporation of Automated QA Testing. Applications that integrated with API Gateway used Cucumber and Selenium for automated testing.
  • We obtained a product at a reduced cost compared to a previous customer solution with another cloud provider paying a premium plan at more than 1500USD per month versus 500USD.
  • We used external APIs, which were exposed on the internet. Lambdas Authorizer was used for all authentication. Cors was managed by API Gateway. All APIs were deployed over Customs Domains with an SSL managed by ACM.

How AWS services were used as part of the solution

Droptek’s workflow engine uses API Gateway and Lambda as it main interfaces and serverless processing platform, they are used to authenticate, authorize and process the user requests.

Step functions are used to coordinate tasks execution and to decouple business logic from base software

We use DynamoDB as main transactional database, it milliseconds response time help us to deliver high throughput from our web services, Elastic Search Service is used to provide reporting, search and analytics, by integrating both services using data streams we are allowed to provide real time information to business and technical users.

To allow proper support and troubleshooting we used CloudWatch logs for logging collection and processing, CloudWatch metrics to monitor and alerts reporting (envio de alertas). The application is X-Ray ready form comprehensive tracing from browsers or other clients across the application and AWS services and can be configured to propagate the trace to non aws backend systems

Cloudformation is used for new deployments and using the change set features we are allowed to update the system with minimal or no downtime.







Case study

Health Cloud Center

Case Study: Administrative processes automation system.

About Health Cloud Center

HCC is a leading company in the Labor Medicine Service with more than 15 years of experience in the professional field. Their goal is to become the ideal tool to resolve licensing situations that arise in the dynamics of Human Resources.

Our client has placed special emphasis on developing a management platform that facilitates communication between the parties involved with the consequent saving of time and effort.

The application handles processes in forms of procedures and tasks that are generated to the different actors. The procedures and tasks are displayed in the generic worktray depending on the permissions and roles.

There are 2 types of procedures at this time: requests for vacation licenses and medical licenses and subsequently after the procedure are started the corresponding tasks are generated for the corresponding actors to complete them.

Features:
  • Different types of procedures can be managed: Orders for Medical licenses, Holidays, Paternity / Maternity, as well as order of documents to employees, etc.
  • The login is configured for each client depending on their requeriments, at this moment Cognito is being used with username and password
  • We have a generic worktray that shows the content depending on the role of the users where their procedures and tasks are displayed.
  • The Roles are defined by the client.
  • The procedures go through an evaluation / audit process for approval / rejection.
  • The information can be analyzed in a Dashboard and the users with the corresponding roles can access it

The Challenge

Implement a solution that allows to reduce the time of request and response in the generation of procedures that is low cost and flexible to adapt it to different types of procedures and end users, elastic so that it adapts to the demands and dimensions of the company.

Initially the project focuses specifically on reducing the management time and the digitization of the documents required for the employees sick leave and vacation leave requests, also improve the response time for the approval or rejection of the requests.

Problem Statement/Definition:

Reuse our workflow engine to add extra functionality and thus generate new solutions for different types of clients. It was required to have access to specific employee data via mobile and web applications and create a flexible and simple online paperwork management product for companies.

The customer's employee information was accessed through the web service provided by the customer. Only the minimum information needed to use the application (ID Number) was stored and the web service was called whenever additional information was needed. The rest of the information is stored in DynamoDB and Elastic Search and was always encrypted in transit and at rest.

We integrate the triggers that were used to execute the lambdas:

Api Gateway: They triggered lambda using Proxy Integration or Custom Authorizer. This integration was used to resolve access to data via all external customers (web/mobile).

SQS and Cloudwatch events: When the product was developed, Step Functions did not support any method of integration other than lambda functions (it was not enough for the case we had), so a CloudWatch events was integrated to process certain pending tasks in Step Functions executions.

Dynamo triggers and Elastic Search Service(Lambda Triggers): They were used to synchronize the data stored by transactional processes in DynamoDB with Elastic search. This allowed us to have statistical data in real time.

Cognito: was integrated to validate OAuth tokens from a lambda used in a custom Authorizer.

Proposed Solution & Architecture:

A module for the management of employee files was developed and 2 additional modules were developed on our workflow engine:

  1. Analytics Module that is responsible for obtaining Elastic Search reports, need for advanced reports, were obtained via lambda that spoke to Elastic Search. The lambda used information added by the customauth to validate the access permissions to the information that the user had. The info in Elastic Search was sent via Dynamo trigger.
  2. Notifications Module that manages user subscriptions and interacts with SNS to send push notifications and other types. Solved the problem of the need to communicate with users by different means and devices (Android, IOS, SMS). It was used to establish the relationship between users and phone numbers or device ids and to separate from the application the logic of adapting to changes (e.g., phone change). This module was also integrated with API Gateway and DynamoDB.

Operational Excellence: Cloudwatch was used to centralize logs and metrics and X-Ray to perform tracing. And the team was instructed in the use of X-Ray and Cloudwatch Insights for tracking and troubleshooting.

Security: We used the Droptek security and preferences application that makes use of Api Gateway and Authorizer functionality to allow invocations using API Keys and OAUTH Token. For Lambdas were defined roles and policies through the Cloud Formation scripts that installed them.

Reliability: The entire installation of the stack was automated with Cloud Formation to have the possibility of reconstructing the environment if necessary. The deployment is automated using Continuous Integration, with the possibility of performing rollbacks if necessary.

Native AWS backup services are used to safeguard data from all databases. All services are stateless and the configuration is applied from the continuous integration environment.

Performance Efficiency: VPCs and subnets were used with enough IP to support the assumed load peaks. At the data level, was used autoscale (Dynamo feature) from dynamodb. A sizing of memory and execution time of the Lambdas was performed according to the estimates delivered by the client.

Cost Optimization: Lambdas were designed thinking of the minimum possible use according to the requirements estimated by the customer. Cost task was applied in all the lambdas and the client was given an estimated monthly cost according to the load estimates delivered.

Outcomes and Achievements.

A simple tool was developed at low cost that can be adapted to different needs. Promptly our client received a positive impact with a low cost investment, little development time and low resources, measured in the following benefits:

  • Integration of the management of procedures in a single platform. Reduction of paperwork
  • Increase in the efficiency of Human Resources personnel to manage employee requests because they now have an established process to which they must adhere and follow.
  • Reduction in search times by 70%: all the information is consolidated in a single place. Previously, information was stored in folders, making a simple search process a complex task that could lead to unwanted or inconsistent results.
  • Reduction in the time of the staff in their tasks of approval or rejection of requests, because each area communicated by mail which always causes delays in responses.
  • Availability of automatic information for immediate decision making.
  • Control of resources and reduction of absences. Having a platform where employees are required to present a medical certificate as an obligatory form, reduces absences in cases of unjustified medical absence.
  • The required documentation is digitized, so the request for the procedure is linear and transparent.
  • Ease of compliance with documentation delivery and approval requirements.
  • The process was manual and not digitized and involved employees having to take the paper to a physical location. So the reduction of paper was 100%.

Having an order in the tasks, a defined process to follow in each step brings the benefits of improving the efficiency of who executes it and reduces completion times.

After this solution was implemented the HCC client made a new implementation using the same workflow engine architecture to solve another different business topic.

FD goes by file exchange via S3 with M-control-managed transfer

Prisma goes for integration via RPA

The integration with On Premise is done through the connection: Direct Connect that the bank has with AWS and connecting to the services exposed by IBM Message Broker.

Step Functions is used to coordinate the sequence of executions and connects with the lambdas via API both to launch new state machines to interact with them or to take pending tasks using CloudWatch Event Rules (when the project was developed there was no possibility to push SQS directly from Step Functions).







We are reliable

We go hand in hand with AWS respecting the most important pillars of architecture

Servicios y tecnologías

AWS Services

Tools and Technologies