Cloud infrastructure design, implementation, and maintenance for a FinTech startup: Volt

18 September 2020

Cloud infrastructure design, implementation, and maintenance for a FinTech startup: Volt

FinTech projects require a secure and scalable infrastructure, which is why we recommended the AWS Cloud and implemented deployment using Infrastructure as Code for the FinTech startup Volt.

Introduction

Volt provides a solution to deliver real-time direct-to-account payments, enabled by Payments Service Directive 2 which reduces payment costs and fraud. Using the rails of Open Banking, Volt enables integration to some of the largest European Payments Service Providers and merchants.

Problem

Volt was looking for a secure and highly scalable infrastructure capable of handling its innovative applications that enable real-time bank direct payments. Volt was looking for a best-in-class partner to design, implement, and maintain that infrastructure in a very short time, to allow Volt to focus on their core development activities.

Solution

Hostersi advised Volt which infrastructure to choose for their application and designed a multi-account, highly available, secure, and reliable cloud infrastructure using PCI-DSS and ISO27001 as North-Star compliance objectives. The entire AWS infrastructure, including network, security, storage, and application resources was implemented as Infrastructure as Code (IaC). Hostersi also set and deployed an Intrusion Prevention System and provided CI/CD setup and configuration for Volt applications.

Hostersi team maintains Volt’s AWS cloud infrastructure 24/7 with a guaranteed response time and provides ongoing cloud consulting services.

Diagram

volt_diagram

Technologies

The frontend is a static website, hosted in Amazon S3 and Amazon CloudFront. The backend consists of API (Amazon ECS) and Database (Amazon RDS). DNS is configured in Amazon Route53. Backend spans multiple Availability Zones to provide High Availability. There is an Application Load Balancer in front of the API, distributing incoming traffic to ECS and terminating SSL connections. This is the single public point of contact with the backend.

The ECS Cluster provides a containerized packages and is configured in an Auto Scaling Group to automatically adjust capacity. A SQL database is created using an RDS managed service (PaaS) to provide resizable capacity and high availability with a Multi-AZ architecture.

CloudTrail is used to record all activity and operations performed on AWS accounts and has log file integrity checking enabled by default. Login data is permanently stored in files in an S3 bucket.

S3 also stores network access logs from the API (Load Balancer) and Frontend (CloudFront) applications. Logs from containers are stored in CloudWatch. An Elastic Container Service is configured in EC2 mode with configurable cluster instances deployed in an autoscaling group for high availability and adjustable capacity.

Container images are stored in the Amazon Elastic Container Registry. Environment variables are set up directly in the service configuration and passed to those images. A load balancer in front of the ECS redirects calls.

Deployment is done by building a docker image, passing it to ECR, then updating ECS ​​forcing a new deployment.

Business Benefits

The infrastructure designed and implemented by Hostersi meets all the requirements set for FinTech projects, provides data security and the containerised deployment solution based on AWS ECS enables continuous implementation and delivery of new stable versions.

“We very much appreciated the super fast availability and responsiveness of Hostersi’s senior experts, their proactive and requirement-driven solution design, as well as their autonomous workstyle during implementation, which allowed us to focus on our main business - application development and venture building.” - Steffen Vollert - CTO

ANY QUESTIONS? CONTACT US

Read also: