4da

About 4da: 

4da Scriptio health is a digital platform act as a pathway to send and receive prescriptions and other medical documents. Their motto is to streamline the medication process for both patients and healthcare providers. Scriptio allows healthcare providers to prescribe medications to pharmacies digitally which highly minimize the risk of errors.  

Overall, Scriptio aims to improve the efficiency and effectiveness of the healthcare system by simplifying the prescribing and dispensing process, and by facilitating better communication between healthcare providers. 

The Challenge: 

Medical data is the primary resource for their business. Since, they wanted to provide shielded security to their data base. So, 4da came up with the specific requirement to make their platform highly secured for their users. Scriptio wanted to store prescriptions, medical records and other media data securely as well as to retrieve the medical records instantly without no delay time. 

Scriptio needed a standard solution to provide seamless user experience to their customers and also to gain user trust. 

Solution: 

We analysed the requirements of 4da and crafted a solution with our proficient skill set. We used the CloudFormation templates to automate the services. We incorporated cloud microservices architecture and applied them to the workloads. Microservices helps to enhance the efficiency of cloud resource and it decouples the application layer from the underlying infrastructure. 

We used docker to containerize the Application and Amazon ECS to manage them. Over all, we adopted 12 services in one ECS cluster which is implemented with service autoscaling. Each Service has a task(container). Application-hosting Containers are configured in a private subnet and Application Load balancer is used to distribute the loads between the containers.  

We also used CloudWatch for monitoring, Lambda service for cross-account deployment, Code pipeline for continuous delivery, For quick and dependable application updates, release pipelines were automated. 

Architecture

AWS Services Used: 

• · Amazon Elastic Container Service (ECS) 
• · Amazon Relational Database Service (RDS) 
• . Amazon Virtual Private Cloud (VPC) 
• . Amazon CloudFormation 
• . Amazon Lambda 
• . Amazon Code Pipeline 
• . Amazon Elastic Container Registry (ECR) 
• . Amazon Simple Storage Service(S3) 
• . Amazon Elastic Compute Cloud (EC2) 
• . Amazon Web Application Firewall (WAF) 
• . Amazon Systems Manager Parameter Store 

Amazon Elastic Container Service (ECS): 

ECS is a high-performance container managed service that supports the docker containers and run applications on managed cluster of EC2 instances. It is a highly scalable and fast container management Service. We can manage container on a cluster. In the ECS cluster our containers are defined in the Taskdefintion that is uses to run an individual task within a service. 

Amazon Relational Database Service (RDS): 

Amazon Relational Database Service (Amazon RDS) is a managed service which is easier to set up, operate, and scale relational databases in the cloud. It allows to choose from seven popular database engines like Amazon Aurora with MySQL compatibility, Amazon Aurora with PostgreSQL compatibility, MySQL, MariaDB, PostgreSQL, Oracle, and Microsoft SQL Server. 

Amazon Virtual Private Cloud (VPC): 

Amazon Virtual Private Cloud (Amazon VPC) enables us to launch AWS resources into a virtual isolated network. Amazon VPC provides full control over virtual networking environment, including resource placement, connectivity, and security. 

Amazon CloudFormation: 

AWS CloudFormation is a service that helps to model and set up AWS resources so that we can spend less time managing those resources and more time focusing on applications that run in AWS. We create a template that describes all the AWS resources that we want and CloudFormation takes care of provisioning and configuring the resources. We mostly used CloudFormation to provision AWS services for infrastructure. 

Amazon Lambda: 

AWS Lambda is an event-driven, serverless computing platform. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code. Continuum used lambda function for cross-account deployment. 

Amazon Code Pipeline: 

AWS CodePipeline is a fully managed continuous delivery service that helps to automate the release pipelines for fast and reliable application and infrastructure updates. Continuum created multiple code pipelines for multiple repositories based on the branches. 

Amazon Elastic Container Registry (ECR): 

Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. We created multiple repositories to store the container images build by the code build. These images are used to deploy application in to ECS cluster services. 

Amazon Simple Storage Service(S3): 

Amazon Simple Storage Service (S3) is an object storage service. With this, one can store small as well as large volume of data. It’s cost-effective storage classes and easy-to-use management features, allows us to optimize costs, organize data, and configure fine-tuned access controls to meet specific business needs. 

Amazon Elastic Compute Cloud (EC2): 

Amazon EC2 provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. It allows us to add virtual servers based upon the requirements. Continuum used EC2 server as a bastion host server by using this server to connect to a private Amazon RDS. 

Amazon Web Application Firewall (WAF): 

AWS WAF is allowing users to protect their web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF includes a set of security rules and web access control lists (ACLs) that can be used to block, allow, or monitor HTTP and HTTPS requests based on various criteria such as IP address, headers, and query strings. It also allows to block requests that match specific patterns or criteria, such as SQL injection attempts, cross-site scripting attacks, or requests from known malicious IP addresses. 

Amazon Systems Manager Parameter Store :  

AWS Systems Manager Parameter Store is a convenient way to store hierarchical parameters in AWS. You can use it for any configuration values, including secure values like passwords Usernames. It integrates well with other AWS services too. Continuum used Systems Manager Parameter Store for storing the database details. And used Those parameters in the container environments variables. 

Impact 

4da need not to worry about the cyber security threats anymore, thus our cloud engineers provided tightened security to their data base. With AWS ECS and CI/CD, the duration for application deployment is reduced to 30 minutes from hours to days. 4da is now focus on developing their business rather than thinking about cloud infrastructure. 

Conclusion: 

Working With 4da is a wonderful experience. They are happy and satisfied with the solution we provided. We enjoy working with 4da and want to continue doing so for many more years to come.