Core Platform Modernization Foundation: API Security and Data Migration
Challenge
A financial services provider needed to modernize its core platform, requiring secure APIs, scalable cloud-native data sources (cache, DB), and an event-driven architecture foundation to improve efficiency and support future growth for its financial servicing platform.
Solution
ClearScale designed a secure API and inter-service communication architecture using AWS API Gateway, AWS Cognito, IAM roles, and Sigv4; migrated the application cache and a core database from MSSQL to Redis, PostgreSQL, and DynamoDB on AWS; implemented AWS EventBridge as a service bus; and provided reference implementations alongside the refactoring of some major existing features leveraging the new architecture.
Benefits
The company gained a secure, scalable foundation with proven patterns for API security, modernized data sources, cross-service communications, and event-driven architecture, enabling continued cloud adoption and accelerating the modernization roadmap for its critical service application.
AWS Services
AWS Migration Acceleration Program (MAP), AWS Glue, Amazon EMR, Amazon Athena, Amazon Redshift, Amazon S3, Amazon DynamoDB
Executive Summary
The customer provides critical end-to-end operational functions for credit cards and installment loans. To continue delivering value and support future growth, the firm initiated a cloud adoption program focused on modernizing its core service platform. The existing architecture needed enhancements to security, scalability, and operational efficiency to fully leverage cloud capabilities and provide a robust platform for development teams building future features.
The Challenge
Modernizing the core service platform presented several technical challenges. The company required a standardized, secure approach for handling API access for both end-users and internal machine-to-machine communication between microservices. Existing data sources, including an MSSQL-based application cache and a core account database, needed migration to more scalable, cloud-native managed services. Furthermore, establishing a modern, event-driven architecture using a service bus was necessary to enable decoupled, performant, and scalable data flows between services. Providing development teams with clear, proven reference architectures and implemented examples for these new patterns was crucial for accelerating the ongoing modernization journey.
The Solution
ClearScale designed and implemented foundational components to kickstart the client's platform modernization, focusing on security, data, and event-driven architecture best practices.
Secure API Architecture
ClearScale designed a reference architecture leveraging AWS Cognito with OAuth2 and OpenID Connect for robust and standardized authentication and authorization. This included implementing the Client Credentials flow for secure M2M communication and defining Role-Based Access Control using OAuth scopes integrated with API Gateway's Cognito Authorizer for fine-grained permissions. Secure patterns for direct Lambda-to-Lambda communication using IAM roles augmented with Signature Version 4 signing were also defined. ClearScale delivered 3 fully implemented APIs as practical examples for customer’s teams.
Data Source Modernization:
- Cache Migration - The application cache was migrated from MSSQL to a cloud-managed Redis environment, providing improved performance and scalability for caching needs.
- Database Migration - The Zeta account database was migrated from MSSQL to AWS-managed PostgreSQL and DynamoDB. ClearScale assisted with the infrastructure provisioning and database migration strategy, including steps for schema conversion and data loading.
Event-Driven Architecture
AWS EventBridge was implemented as the new enterprise service bus. ClearScale provided a reference architecture incorporating best practices such as custom event buses for domain separation, event versioning/schema validation, event filtering, idempotency patterns, DLQ configuration for error handling, and observability strategies.
DevOps & Implementation
The infrastructure for these components was provisioned using Terraform managed via AWS CodeCommit, CodeBuild, and CodePipeline, establishing Infrastructure as Code practices. Application deployment processes integrated with Azure DevOps pipelines and Octopus Deploy were also considered. Detailed documentation and deployment steps were provided.
The Benefits
Partnering with ClearScale provided the financial services provider with essential foundational elements to accelerate the modernization of its critical service platform.
This strategic work significantly strengthened security and standardized access controls, reducing risk across the application. By implementing a scalable cloud foundation and modernizing key data systems, the firm improved platform performance and reliability while lowering operational overhead. The project delivered proven architectural patterns and best practices, empowering the company's internal teams to innovate faster, develop new features more efficiently, and confidently continue their cloud adoption journey.
Ultimately, this positions the organization to better serve its clients through a more agile, secure, and future-proof technology platform ready for growth.