Secure and Effective Development without Access to Sensitive Data

Executive Summary

SavvyMoney is an online tool that provides users with free access to their credit score, explains factors impacting it and gives suggestions on how it can be improved. The company aims to empower the control of financial health with easily understandable advice about credits and debits, help monitor the credit score according to the interest rates and provide users with more economic options.

Get a free consultation

Challenge

The application works with sensitive data of real users and limited access to it is required. On one hand, all passwords for database access, API tokens or any other sensitive configuration parameters for Production instances must be securely stored with limited access to them only by authorized personnel and removed from the application code level.

On the other hand, there must be a way for effective development and testing on QA and Staging Environments. That’s why the strict separation of application’s codebase from its configuration is required here.

 

Solution

The huge variety of AWS services for different cases was a key reason the SavvyMoney team chose to work with AWS. Two of them, AWS Systems Manager Parameter Store and CodeCommit, were used to overcome this challenge.
Microservice architecture is built in Java Spring Boot framework. Each microservice is a separate REST API that performs required business logic and is running on EC2 instance in the Autoscaling Group. Launch Configuration has attached the IAM role with read-only access to the parameter store. So any sensitive parameter is known only for the application on startup and there is no way to see it.

All sensitive configuration parameters from classic *.properties files are moved into the AWS Parameter Store and all *.property files with other parameters are moved into the CodeCommit. Spring Cloud Config service reads properties from CodeCommit, and REST API application calls Spring Cloud Config for required properties on startup or on-demand refresh. The access to Parameters store and CodeCommit have only authorized persons.

 

Secure and Effective Development without Access to Sensitive Data

AWS Parameter Store architecture

 

The List of AWS Services

 

Element Description
aws-codecommit CodeCommit AWS repository. It contains all properties of the application, except for sensitive such as DB passwords, etc.
AWS parameter store AWS System Manager Parameter Store. It contains sensitive data such as DB passwords.
AWS IAM Role AWS IAM role attached to EC2 instance with permission to Read parameters from Parameter Store.

AWS IAM User that has permissions to edit records in the Parameter Store.

The development team has these permissions for Sandbox/Beta env.

Only account administrator has these permissions for PreProduction/Production.

Amazon-EC2

Restful API, Spring Boot 2 application launched an EC2 instance within the Autoscaling group.

The startup app performs two actions:

  • connects to the Configuration Server to get configuration properties.
  • having attached IAM Role connects to the Parameter Store to get sensitive parameters.

Tools and Frameworks

java logo
spring cloud logo
spring boot logo

The following AWS services were utilized:

  • Systems Manager Parameter Store
  • CodeCommit
  • EC2 in Autoscaling Group with Launch Configurations
  • IAM Roles
  • Identity Access Management (IAM)
  • Virtual Private Network (VPC)

 

Benefits

  • No access to sensitive data for a development team in Parameter Store and no way to see it being logged on the EC2 instance.
  • The application code is separate from configurations. The same application with the same codebase can be launched in different environments: Staging, QA, Production.
  • Separation parameters storage on Parameter Store and Code Commit allows better security, handling, and maintenance.
  • There is a possibility to reload parameters from Code Commit on the fly without application rebuild or restart.
  • There is a possibility to reload parameters from Parameter Store without application rebuild. Restart is required.

Partnership and Membership

Amazon Web Services
Scrum Alliance
lviv it cluster logo
Clutch Romexsoft TOP B2B Companies 2019 Ukraine
Clutch Romexsoft TOP IT Services Firms 2019
GoodFirms Top Java company 2019 Romexsoft

Portfolio

ZAXID.NET News Portal Development Case Study

ZAXID.NET Online News Portal – high load web application architecture design and development by Romexsoft.

TIM Media

TIM is an ad serving platform, offering advertisers and publishers a variety of robust tools to maximize revenues, increase ad ROI and eliminate budget waste – powered by innovative tech solutions and granular data analytics. TIM is a trusted partner of Fortune 500 companies including Nissan, McDonalds, AT&T, Danone, Disqus and other well-known tech and product brands.

SavvyMoney

SavvyMoney is an online tool that provides users with a free access to their credit score, explains factors impacting it and gives suggestions how it can be improved. The aim of the company is to empower the control of financial health with easy understandable advice about credits and debts, help monitor the credit score according to the interest rates and provide users with more economic options.