apser performed a complete migration of its infrastructure, helping to give visibility to, and at the same time solve, your application’s bottleneck issues. Some of the tasks that were carried out were:

• Uncoupling between app and BBDD
• Use of RDS performance insight to visualize the intensive use of BBDD
• Implement AWS Web Application Firewall (AWS WAF) service to enhance protection against the most common web attacks

In order to improve security and prevent AWS WAF crashes with application-specific behaviors, some modifications were made. Zierzoware, meanwhile, implemented some changes at the application code level, while apser took care of creating custom rules in AWS WAF to prevent certain requests from the application itself from being detected such as SQL Injection or XSS (Cross-site scripting).

Ultimately, AWS WAF was adapted to the use of the application, taking advantage of the additional layer of perimeter security offered, to protect against the most frequent web attacks and vulnerabilities.

In addition, a study was carried out for the optimization of infrastructure resources and costs based on the behavior of the migrated application. Coming from traditional monolithic hosting, we initially designed an oversized infrastructure for hosting both the web application (AWS EC2) and the uncoupled database (AWS RDS) to avoid possible bottlenecks and/or performance.

With an environment already stabilized, during the first month we analyzed the behavior of the app using Amazon CloudWatch metrics. Thanks to this analysis, we achieved a reduction in infrastructure costs of about 15%, reducing the resources of the instance – including family change – for both EC2 and RDS.

Technical support was also provided for the various incidents reported as part of our MSP service, both in Platform Layer and OS Layer. Some of the most common were:

• Increases in service limits
• Problems of access to services
• Account configuration and IAM users
• Changes in configuration of Security Groups for accesses
• Load/stress tests
• Changes of type of instances
• Storage increments of EC2 or RDS disks

Currently, the infrastructure is designed to comfortably absorb the growth of the application (in terms of users and required performance), in addition to being fully monitored to detect possible failures or incidents in the service.

Possible next steps would be to implement a cloud development environment with EC2 and RDS.

apser is the AWS Advanced Consulting Partner specializing in companies, public administrations, startups and non-profit.

The apser team provides a customized, easy-to-understand and agile approach with the goal of contributing to the widespread adoption of the cloud paradigm.

Our team operates through two business units: Cloud Solutions (acting as a managed services provider) and Cloud Professional Services (acting as a consulting firm).

In 2018 we had our first experience with AWS. Since then, we have not stopped incorporating knowledge and experience that, day by day, help us improve the effectiveness of our clients’ platforms. You can consult our AWS Validated Qualifications here.