nClouds | AWS Case Studies Superside

• Amazon CloudWatch - Monitors applications, responds to system-wide performance changes, optimizes resource utilization, and provides a unified view of operational health.
• Amazon ElastiCache for Redis - An in-memory data structure service to enhance the ease-of-use and power of Redis, and improve availability, reliability, scalability, security, and performance.
• Amazon Elastic Container Service (Amazon ECS) - A highly scalable, high-performance container orchestration service that supports Docker containers and enables Superside to run and scale containerized applications on AWS easily.
• Amazon Elasticsearch Service - A fully managed service that makes it easy for Superside to deploy, secure, and operate Elasticsearch at scale with zero downtime.
• Amazon GuardDuty - A managed threat detection service that provides Superside with a more accurate and easy way to continuously monitor and protect their AWS accounts and workloads.
• Amazon Route 53 - A highly available and scalable cloud Domain Name System (DNS) web service, to provide a reliable and cost-effective way to route Superside’s end users to internet applications.
• Amazon Simple Notification Service (Amazon SNS) - A highly available, durable, secure, fully managed pub/sub messaging service that enables Superside to decouple microservices, distributed systems, and serverless applications.
• Amazon Simple Queue System (Amazon SQS) - Allows Superside’s team to send, store, and receive messages between different applications in their environment.
• Amazon Virtual Private Cloud (Amazon VPC) - Enables Superside to provision a logically isolated section of the AWS Cloud where they can launch AWS resources in a virtual network that they define.
• Amazon VPC NAT Gateway - A Network Address Translation managed service that makes it easy for Superside to connect to the internet from instances within a private subnet in an AWS Virtual Private Cloud (VPC).
• AWS Application Load Balancer (AWS ALB) - To support content-based routing and applications that run in containers.
• AWS Auto Scaling - Monitors Superside’s applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost.
• AWS Fargate - Enables Superside to run containers without having to manage servers or clusters.
• AWS Identity and Access Management (AWS IAM) - To control users' access to AWS services.
• AWS Security Hub - Aggregates, organizes and prioritizes security alerts or findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions. It continuously monitors the environment using automated security checks based on the AWS best practices and industry standards.
• AWS Systems Manager Parameter Store - Provides Superside with secure, hierarchical storage for configuration data management and secrets management.
• AWS Web Application Firewall (AWS WAF) - Helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
• Internet gateway - A horizontally scaled, redundant, and highly available VPC component that allows communication between Superside’s VPC and the internet. It provides a target in Superside’s VPC route tables for internet-routable traffic and performs network address translation (NAT) for instances that have been assigned public IPv4 addresses.

Superside‘s solution stack also included additional, essential third-party tools:

• Clair - An open-source API-driven analysis engine that inspects containers — App Containers (appc) and Docker containers — layer-by-layer for known security flaws.
• Datadog - A cloud monitoring service providing visibility into Superside’s entire environment.
• GitOps - A methodology where git is the single source of truth for the entire DevOps workflow.
• HashiCorp Terraform - An open-source tool that codifies APIs into declarative configuration files to enable Superside to safely and predictably create, change, and improve infrastructure.
• Jenkins - An open-source automation server written in Java, to support CI/CD.
• OpenVPN Access Server - A full-featured SSL VPN software solution to provide fine-grained access control of the infrastructure.
• SonarQube - An open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.