Credit Saison onion layer for partner ingress & egress interaction with core lending system.
Explore the docs »
Report Bug
·
Request Feature
Azkaban contains nested stack templates require to automate the deployment of onion layer of Credit Saison India on AWS Cloudfomration Service. It is our ingress & egress system for all of our core lending partners. This system acts as a wrapper around our core lending system.
Azkaban is built using following tech stack
To make the setup re-useable and easy to manage, CloudFormation and nested stacks have been created.
The Templates are a logical grouping of services.
Placeholder for all parameters, definition and link to children templates.
Lambda Layers acts as a library package that can be included in lambda function for providing same functionality across all our lambda to avoid code redundancy.
-
- This layer is verifying the integrity and authenticity of a partner request message.
- This also provides secure mechanism for man-in-the-middle attack.
- It calculates a message authentication code involving a hash function in combination with a secret key.
-
- This layer is ensuring all the partner is well-structured & as per KSF data fields validation norms.
- It uses python cerberus library as a powerful yet simple and lightweight data validation functionality out of the box.
Partner Requests are asynchronous. Opt for this when incoming data is much larger & there should be a retry mechanism to post data into CLS if server is down.
-
- This lambda will post all the incoming data to a queue.
- Template & Function is built using SAM template.
-
- AWS SQS Queue to hold partner data.
- This will trigger Consumer Lambda as soon as data hits in it.
- Deadletter queue is configured to hit missed data again to same consumer lambda.
-
- Lambda which will take message from queue & hit the respective ksf microservice.
- After 5 retries, it pushes that message back to DeadLetter queue.
- Template & Function is built using SAM template.
Partner Requests are synchronous. Opt for this when you want to send immediate results to partner.
-
- Lambda to hit respective ksf microservice after data validation & computation.
Azkaban uses AWS environment global variables as an input to lambdas for hitting our ksf microservices.
-
- Using ssm parameters as an input for base urls of our microservices.
- Uses Transform function as a macro for fetching latest version of a parameter.
- Macro:
GetSSMParameter
-
- Using secret keys as an input for basic auth or api keys of our microservices.
{{resolve:secretsmanager:BasicAuth-Secrets:SecretString:username}}
-
Run ghostrider to assign AWS Profile.
-
Run
deploy.sh
script to deploy onion layer infrastructure as follows
sh deploy.sh
INPUTS for the scripts will be as follows:
- AWS Profile
Choose Default (as per ghostrider setup)
- Cloudformation StackName
onion
- AWS Region
us-east-1 / ap-south-1 / eu-west-1 (as per your account & region)
- AWS BucketName
cfn-templates-v2-{envtype} (envtype supported : {'dev' 'qa' 'qa2' 'uat' 'int' 'production'})
- Credit Saison Environment
{envtype} (envtype supported : {'dev' 'qa' 'qa2' 'uat' 'int' 'production'})
See the open issues for a list of proposed features (and known issues).
Contributions are what make azkaban such an amazing repo to learn, inspire, and create. Any contributions you make are greatly appreciated.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature
) - Commit your Changes (
git commit -m 'Add some AmazingFeature'
) - Push to the Branch (
git push origin feature/AmazingFeature
) - Open a Pull Request