MFCentral

Summary: 

MFCentral is the investor services hub conceived by KFintech & CAMS powering a new era of collaboration by providing convenience to transact across all folios of an investor with unparalleled user experience. Leveraging best in class technology, MFCentral brings ease, convenience and speed to your service requirements across all the Mutual Funds. While investing in a mutual fund scheme has become a lot easier over the years, many investors still face difficulty in carrying out various non-financial transactions, such as updating nominee details, changing mobile numbers across funds, etc. But not anymore. Now with MFCentral, a new mutual fund platform, do all these activities and many more with ease. This new platform integrates all your investments into one single window, thereby enabling you to know various aspects of your investments. 

Challenge: 

– CAMS and KFIN planned to have Prod Infra for MFCentral setup with enhanced security. 

– CAMS and KFIN need to host infrastructure on AWS Cloud. They didn’t have internal expertise on cloud native deployments and needed expert help to provision quickly, deploy and go live. 

– Implementing the CICD for project development. 

– Design and create application architecture and its networking.  

Why AWS and Why ACC? 

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. 

AWS enables us to rapidly provision the AWS resources and help to get to production in a short span of time cost effectively. Using AWS managed services, they enable us to quickly deploy applications with headache of managing and maintain servers. 

ACC had several successful migrations from the Banking and Financial Services sector under its belt. As an AWS Financial Services Competency partner, ACC became a preferred choice of recommendation from AWS.  

CAMS and KFIN knew they were in good hands. It was a no-brainer decision for them to join hands with ACC and this decision continues to serve them well.  

Solution: 

  • The network requirement to connect an on-premises data center with an Amazon VPC using AWS VPN Site-Site Connection both KFIN and CAMS. Another one is Direct Connect is also configured. 
  • The security monitoring was enabled through the Amazon Guard Duty service also application monitoring was done using Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Amazon Cloud Watch is used to monitor AWS resources such as Amazon EC2 instances, Amazon RDS DB instances, as well as custom metrics generated by the applications and services, and any log files of applications. Also used Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. These insights were used to react and keep your application running smoothly. 
  • We configured the EKS cluster and Node group. Node group specific no of nodes and it always maintain it. Whenever one of the nodes goes it will create new ones and maintain the count. In the nodes microservices are running. We have also configured the ingress load balancer and the Route 53 having the domain mapping to DNS.   
  • For the CICD in MFCentral AWS ECR is used for storing docker images of all the environment and versioning of docker image is also enabled. AWS Code-commit was implemented for storing the deployment files and for Code separation branching is used for different env. On the top of the EKS cluster backend microservices are running. For the backend container services the docker images are built accordingly. These services code is stored in AWS code commit. If any update in any service the updated code is pulled from AWS code commit and a new docker image is created and get deployed to the env accordingly. Different jobs are created for each microservice in Jenkins. For deployment jobs are built accordingly. 
  • API and Activity usage tracking is done by using AWS CloudTrail. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. When activity occurs in your AWS account, that activity is recorded in a CloudTrail event.

Services Used: 

  1. Amazon EC2 
  2. Amazon VPC 
  3. AWS Config 
  4. Amazon S3 
  5. Amazon SNS (Mumbai Region) 
  6. AWS CloudWatch 
  7. AWS KMS 
  8. Amazon inspector 
  9. AWS Security Hub 
  10. AWS EKS 
  11. Amazon Guard duty 
  12. AWS CloudTrail 
  13. AWS RDS 
  14. AWS Elasticache  
  15. Amazon CloudWatch 
  16. AWS Backup 
  17. AWS ACM 
  18. Route 53 
  19. Direct Connect

Results and Benefits: 

  • Created 3-tier application using static website hosting using S3 bucket (Frontend), microservices (Middle Layer) deployed in EKS and for database RDS (backend) is used.  
  • Security Hub, Guard-Duty and Trusted Advisor used to enable best security practices. 
  • Normal manual deployment takes 1-2 hours, were as automated deployment using CICD (Jenkins) takes only 10-15 minutes with minimal downtime.

About ACC: 

Applied Cloud Computing (ACC) is an advanced AWS consulting partner. ACC accelerates end-to-end cloud adoption with the best implementation services, software, and processes available. ACC’s comprehensive framework for cloud adoption and dedicated software development capabilities help clients achieve business results faster, no matter where they are in their cloud transformation.