E-wallet
Migrating Critical Workloads to AWS: A Success in Vietnam’s E-Wallet Industry
The E-wallet in question is one of Vietnam’s largest online payment platforms, developed and published by one of the most dominant
Industry
E-wallet
Technology
OVERVIEW
The E-wallet in question is one of Vietnam’s largest online payment platforms, developed and published by one of the most dominant technology players in the region. Currently, this online payment application is the strategic partner of Visa, Mastercard, and multiple domestic banks to support users in interbank money transfers, payments, and many other outstanding utilities.
KEY CHALLENGES
The mentioned E-wallet is a young and growing mobile banking platform in Vietnam, which makes continuous user base expansion its major priority, as well as the vision to become dominant player in the Vietnam market. However, as the user base grows, so does the load placed upon supporting backend infrastructure. As a result, in order for this promising digital wallet to sustainably attract new customers while keeping the retention rate in-check, it is essential to ensure the scalability of servers, databases, and other backend components that are needed to handle the increased load.
Unfortunately, its former cloud hosting provider was unable to help realize its ambition due to competence and cost incompatibility. Moving to another cloud hosting platform was inevitable but at that time, the internal team lacked necessary expertise and human resources to design, plan, and execute the migration of its Loyalty and Financial services to AWS infrastructure.
SOLUTION
Renova Cloud was proudly nominated and chosen as the official partner for this migration project. Essentially, it aimed to uplift two workloads, LOYALTY and MMF (Financial Services) to AWS.
As an experienced AWS migration partner, Renova adhered to the AWS Migration Framework which details an industry-standard path to migration, comprising three high-level phrases: Access, Mobilize, and Migrate & Modernize. Throughout each stage, Renova proactively played the role of both advisor and executor of AWS best practices concerning Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Methodologies to ensure uninterrupted cloud hosting migration.
In order to achieve that goal, Renova Cloud started off with conducting Cloud Readiness Assessment that examined the current maturity in terms of cloud understanding and expertise for this mobile banking application. Through a list of MRA assessment questions, Renova Cloud gained a more comprehensive view of its current position in their cloud journey, team structure, operation model, which laid the foundation for proposal architecture as follows:
Figure 2: Proposal Architecture for MMF post-migrationWith regard to LOYALTY, Re-host was employed for it to run on EC2 instances while the MMF migration was conducted in reference to the Re-platform approach. The two source workloads were migrated in 5 phases including:
- Setting up AWS Control Tower for Landing Zone and multi-account environment
- Prepare the environment using Infrastructure as Code with Terraform
- Perform Database migration with DMS
- Re-host the LOYALTY platform
- Re-platform the MMF platform
Identity and Access Management solution centered around AWS Control Tower and was further reinforced by the Identity Center configuration in AWS SSO, enabling the segregation of different types of access with applicable permissions. Renova’s strategy towards high-availability architecture involved 3 EC2 instances being positioned in 2 different Availability Zones that required multi-subnets. Thanks to this, if any instances failed, there would always be other instances in different Availability Zones ready to pick up the workload without any noticeable interruption.
From the very beginning, the owner of this E-wallet platform had placed Security at the top of its priority list since their application was one of the most trusted e-payment solutions in Vietnam. Therefore, as the two workloads served different purposes, Renova Cloud implemented function-specific subnets with NACL restriction and route tables (with or without NAT gateway routes) so that responses to allowed inbound traffic would be subject to the rules applied for outbound traffic (and vice versa). Security groups were also strictly restricted, only whitelisting those traffics coming from specific on-premise CIDR ranges that did not overlap with other existing on-premises addresses or VPCs.
BENEFITS
At large, after the migration, this online payment app could now reliably manage its two important workloads – Loyalty and MMF fully on AWS cloud with enhanced operation, security, and performance at lower price. The migration to AWS was believed to offer superior advantages on the grounds that the customer’s internal team eventually decided to entrust AWS with their cloud hosting. Specifically, AWS Migration Acceleration Program helped the customer accelerate migration and modernization projects by offering incentives and resources for engagement. In addition to the attractively lower cost, AWS also helped the E-wallet application reach its target growth by unifying the services under one hosting platform, enabling operational excellence, faster releases, greater transparency, and effortless maintenance.