Client Profile
Money Fellows, a trusted financial platform serving over 7 million
users, offers secure and flexible solutions for achieving
financial goals. In 2017 Money Fellows introduced the concept of
digitized Money Circles to the market, providing greater
convenience, flexibility, and confidentiality, backed by legal
contracts. Users enjoy a wide portfolio of services and benefits,
including zero-fee payout slots, discounts of up to 125% on
installments, and various payment methods offered through partner
service providers. With the option to join multiple circles and
installment plans starting at just 250 EGP/month, Money Fellows is
a smart and accessible choice for users seeking reliable financial
planning.
Key Requirement
As a fintech company based in Egypt, Money Fellows was required to
comply with local regulations that mandate all user data be stored
within the country's geographic boundaries. The company needed a
technology partner to assist with migrating the existing data
center infrastructure to AWS Outposts to adhere to data residency
laws. With plans to expand operations and accommodate a growing
user base, the platform anticipates an increased demand for its
backend applications. The migration is crucial for ensuring
scalability, maintaining compliance, optimizing performance, and
meeting the evolving needs of their users as they continue to
expand.
The challenge was to execute a seamless transition to AWS Outposts
while maintaining data integrity and ensuring minimal disruption
to ongoing operations during the migration process.
Major Challenges
Data Residency Requirements and meeting PCI DSS compliance
Streamlined Infrastructure operations and security
Establishment of a private connection from MoneyFellow to the
vendor company
Solution
Backed by years of experience migrating and modernizing complex
workloads on AWS, Flentas proposed to engage with MoneyFellow to
define the roadmap, plan, design, and execute the implementation
plan, as well as work closely with the IT team to deploy
on-premises workload on AWS Outpost.
The below points highlight how Flentas helped design the roadmap,
plan and execute the migration plan on AWS Outpost:
-
Design architecture and setup applications on AWS Outpost using
the below services:
-
Local Gateway – Established network Connectivity between
On-premise and the AWS Outpost
-
AWS EC2 – Run web services consumed by the Mobile and Web
Application
-
Load-Balancer – To enable load balance on multiple EC2
Instances and manage scale
-
RDS MYSQL – Setup MYSQL database in AWS Outpost.
-
ECR – To store container images
-
ECS Cluster – To run and deploy several micro-services
applications
-
Amazon VPC – To segregate the network between multiple
environments
-
Planned cutover for MoneyFellow applications and migrated their
workloads to AWS Outpost
-
Established Site-to-Site connectivity with respective vendors
-
Set up of monitoring system to alert critical thresholds and
Identify workload patterns
Components and Services
AWS Outposts, IAM (Identity and Access Management), SSM (Systems
Manager), CloudTrail, GuardDuty, Inspector, ECR (Elastic Container
Registry), CloudWatch, EC2 (Elastic Compute Cloud), ECS (Elastic
Container Service), ALB (Application Load Balancer), RDS
(Relational Database Service), ACM (AWS Certificate Manager), S3
(Simple Storage Service), Conformance Packs, SSM Patch Manager,
Cron job, CloudWatch Dashboards, Wazuh (Third-party integration).
Our Managed Services Approach
-
Direct VPC routing was configured for Local Gateway to establish
connectivity and route outbound internet traffic from the
On-premises router
-
Firewall was configured in on-premises to monitor and control
Inbound and Outbound traffic
-
Site-to-Site VPN connection was setup to establish connectivity
between 3d party vendor and the Outpost services
-
Migration of data to the RDS on Outpost was performed
-
We established an Amazon ECS cluster on Outpost for
microservices applications, and created an ECS service and
tasks.
-
Required docker images were pulled from ECR repository
-
AWS CloudWatch was used for monitoring and setting up alerts and
logs for all metrics of the Outpost resources
Cutover Approach
-
Once the infrastructure setup was completed on Outpost, a
pipeline was established to transfer data to the Outpost
-
For microservices, the ECS cluster setup was completed first,
followed by the gradual deployment of applications into the ECS
cluster
-
Upon completion of the application server setup, including the
necessary VPN connectivity, the application was exposed via an
ALB behind the on-premises firewall
-
Following the deployment of the application, the corresponding
application database was migrated to AWS Outpost
Business Impact
Data Localization and Low-Latency
Flentas helped Money Fellows team with deploying resources on
AWS Outpost within their own data center or facilities to keep
sensitive data local for compliance or regulatory reasons
Successful security strategy
We set-up best practices around security by enhancing the
overall security posture of all the workloads
Setup disaster recovery for MySQL
We helped the client set-up the DR for MySQL database to
achieve near zero RPOÂ
Application and Infrastructure Monitoring
AWS CloudWatch dashboards were made available to monitor all
the applications. And SNS Subscriptions were created to notify
the System of changes
Seamless Infrastructure Deployment
Successfully deployed infrastructure components such as
networking, database, compute, ECS cluster in AWS Outpost
using Terraform in a Non-Prod and Production environment
