Establishing Enterprise Serverless Adoption by Automating Java-based AWS Lambda Serverless Workloads
Challenge
Our customer is in the transportation and logistics industry, with a massive existing footprint on AWS. As a part of an ongoing application rationalization and migration efforts, there were several critical Java microservice stacks that needed to migrate to AWS. The customer wanted to leverage Serverless technologies, but had not formally defined enterprise guidance or built pipelines to deploy these applications. The applications had stringent requirements in areas of static code analysis, unit testing, integration testing, and various security constructs that need to be adhered to.
This effort was going to touch many teams and needed to work with existing components that aren’t being modernized as part of this effort. The solution needed to be highly automated, easy to scale, and supported by a fully automated CI/CD process that isn’t disruptive to ongoing team development.
Solution
We engaged the customer’s Enterprise Architecture team to define a standardized approach to deploying Java applications in a Serverless architecture. We then took these definitions to create a development and deployment framework that leveraged existing tools in the customer’s internal toolchains. The intent wasn’t to only solve for one app but to create a centralized approach around modernizing the common app stack. This would ensure consistency in onboarding and rolling out applications that use the same tooling and methodology. This framework was then beta tested with various customer teams and refined based on feedback, before being released for enterprise-wide consumption.
Tech Stack
AWS Lambda
API Gateway
CloudFormation
Gitlab
WAF
Datadog
Java App dev stack
Outcome
Focus on Strategy and Alignment – With dozens of applications needing to leverage this pattern, the time taken to engage Enterprise Architecture and create a holistic approach created a streamlined and commoditized approach to developing Java workloads in a Serverless architecture.
Baked in Security – Moving of security controls to the far left of the pipeline allowed a centralized control model for defining and enforcing security controls. Integrations with code analysis, CASB, and other toolchains gave consuming teams confidence that they are building responsible, secure cloud architectures.
Streamlined Operations – Having a single, flexible pipeline definition created a single source of truth for how Java applications are deployed in AWS. This commoditized development of disparate applications, giving Developers and Architects a single construct to discuss, learn, and implement across disparate business units.