Secure and effective development without access to sensitive data

Executive summary

SavvyMoney is an online tool that provides users with free access to their credit score, explains factors impacting it and gives suggestions on how it can be improved. The aim of the company is to empower the control of financial health with easy understandable advice about credits and debts, help monitor the credit score according to the interest rates and provide users with more economic options.

 

Get a free consultation

Challenge

Application works with sensitive data of real users and limited access to it is required. From the one side, all passwords for database access, API tokens or any other sensitive configuration parameters for Production instances must be securely stored with limited access to them only by authorized personnel and removed from the application code level.

On another side, there must be a way for effective development and testing on QA and Staging Environments. So strict separation of application’s codebase from its configuration is required here.

 

Solution

The huge variety of AWS services for different cases was a key reason the SavvyMoney team chose to work with AWS. Two of them AWS Systems Manager Parameter Store and CodeCommit were used to overcome this challenge. 

Microservices architecture is built in Java Spring Boot framework. Each microservice is a separate REST API that performs required business logic and is running on EC2 instance in the Autoscaling Group. Launch Configuration has attached the IAM role with read-only access to the parameter store. So any sensitive parameter is known only for the application on startup and there is no way to see it.

All sensitive configuration parameters from classic *.properties files are moved into the AWS Parameter Store and all *.property files with other parameters are moved into the CodeCommit. Spring Cloud Config service reads properties from CodeCommit and REST API application calls Spring Cloud Config for required properties on startup or on-demand refresh. Write access to Parameters store and CodeCommit has only authorized personnel.

Secure and effective development without access to sensitive data

AWS Parameter Store architecture

AWS Services List

 

ElementDescription
aws-codecommitCodeCommit AWS repository. It contains all application’s properties, except sensitive data like DB passwords, etc.
AWS parameter storeAWS System Manager Parameter Store. It contains sensitive data like DB passwords.
AWS IAM RoleAWS IAM role attached to EC2 instance with permission to Read parameters from Parameter Store.

AWS IAM User that has permissions to edit records in the Parameter Store.

For Sandbox/Beta env development team has these permissions

For PreProduction/Production only account administrator has these permissions.

Amazon-EC2

Restful API, Spring Boot 2 application launched an EC2 instance within the Autoscaling group.

On startup app performs two actions:

  • connects to the Configuration Server to get configuration properties.
  • having attached IAM Role connects to the Parameter Store to get sensitive parameters.

Tools and Frameworks

The following AWS services were utilized:

  • Systems Manager Parameter Store
  • CodeCommit
  • EC2 in Autoscaling Group with Launch Configurations
  • IAM Roles 
  • Identity Access Management (IAM)
  • Virtual Private Network (VPC)

 

Benefits

  • No access to sensitive data for a development team in Parameter Store and no way to see it being logged on the EC2 instance.
  • The application code is separate from configurations. The same application with the same codebase can be launched in different environments: Staging, QA, Production.
  • Separation parameters storage on Parameter Store and Code Commit allows better security, handling, and maintenance.
  • There is a possibility to reload parameters from Code Commit on the fly without application rebuild or restart.
  • There is a possibility to reload parameters from Parameter Store without application rebuild. Restart is required.

 

About the Partner

Romexsoft is a Ukrainian outsourcing provider of cloud and software engineering services with over 15 years of experience in the rapidly growing tech industry. During this time we’ve developed and successfully delivered more than 100 projects to our clients in Fintech, HealthCare, and Broadcast Media industries.

Partnership and Membership

Portfolio