Tech synopsis

1. Identity access management

This section outlines our approach to Identity and Access Management (IAM) using Keycloak.

  • Keycloak provides centralized authentication, authorization, and user management, enabling single sign-on (SSO) and secure access control.

  • It supports fine-grained role-based access control (RBAC), multi-factor authentication (MFA), and integration with various identity providers.

  • By utilizing Keycloak, we ensure robust security and seamless user experiences across our applications.

For detailed information, refer Keycloak

2. Secret management

This section details the implementation of secrets management using HashiCorp’s Vault.

  • Vault securely stores, manages, and dynamically generates secrets such as API keys, passwords, and certificates.

  • It ensures fine-grained access control, audit logging, and automatic secret revocation and renewal.

  • By leveraging Vault, we enhance our security posture, ensuring that sensitive information is accessed and managed securely across our infrastructure.

For detailed information, refer HashiCorp vault

3. Audit logs

This section describes the implementation of audit logging using AspectJ.

  • AspectJ provides powerful aspect-oriented programming capabilities to intercept and log key actions within our applications.

  • By integrating AspectJ, we capture comprehensive audit trails of user activities, system events, and access to sensitive data.

  • This approach ensures transparency, aids in compliance with regulatory requirements, and enhances our ability to monitor and respond to security incidents effectively.

For detailed information, refer AspectJ

4. Microservices

Overview

This section outlines our approach to building microservices using Spring boot.

  • Spring boot simplifies the development of microservices by providing a framework with pre-configured defaults, reducing boilerplate code and streamlining deployment.

  • It offers features such as embedded servers, seamless integration with various databases, and robust support for RESTful APIs.

Microservices architecture

  • Each microservice is an independent unit of functionality, allowing for scalable and maintainable application development.

  • Spring boot’s support for microservices patterns, such as service discovery and fault tolerance, ensures that our services can interact efficiently and resiliently.

Spring boot features

  • Key features include automatic configuration, production-ready metrics, and health checks.

  • Spring boot also integrates well with other components in our stack, including data sources, messaging systems, and API gateways.

By leveraging Spring boot, we build robust, scalable, and easily manageable microservices that enhance our application’s flexibility and resilience.

5. API gateway

This section describes our API Gateway implementation.

  • The API Gateway acts as a reverse proxy, handling requests from clients and routing them to appropriate backend services.

  • It provides essential features such as request routing, load balancing, security, and rate limiting.

  • By centralizing these functions, the API Gateway simplifies client interactions with microservices, enhances security, and improves performance.

  • This approach ensures efficient and secure communication between clients and our backend services.

For detailed information, refer spring cloud gateway

6. Persistence

This section outlines our persistence strategy using PostgreSQL and Liquibase.

  1. PostgreSQL

    • PostgreSQL is our robust, scalable relational database management system, providing reliable data storage and complex query capabilities.

    For detailed information, refer PostgreSQL

  2. Liquibase

    • Liquibase is used for database version control, enabling automated tracking, management, and deployment of database schema changes.

      For detailed information, refer Liquibase

  3. Microsoft Azure

    • Azure offers cloud-based database hosting and management services. By leveraging Azure, we ensure high availability, security, and scalability of our database infrastructure. Azure’s managed services reduce operational overhead and provide advanced features like automated backups, performance monitoring, and disaster recovery.

For detailed information, refer Azure portal

This combination ensures data integrity, simplifies database management, and enhances overall application stability and performance.

7. Documentation

This section covers our documentation process using Asciidoc and Antora.

  • Asciidoc provides an intuitive, readable markup language for writing documentation, while Antora organizes and generates a cohesive, navigable documentation site.

Key benefits

  • Key benefits include modular documentation, version management, and consistent styling.

  • Documentation is structured with Asciidoc syntax, organized into modules and components using Antora, and built into a user-friendly site.

  • This approach ensures maintainable, scalable, and easily accessible documentation for our users.

For detailed information refer

8. Cloud infrastructure

Azure is Microsoft’s cloud computing service providing a range of cloud services, including those for compute, analytics, storage, and networking.

  • Users can choose and configure these services to develop and scale new applications, or run existing applications in the public cloud.

  • Azure Hosting offers reliable, scalable, and flexible cloud hosting solutions.

Azure Container Apps

  • Azure Container Apps is a managed service that enables users to run microservices and containerized applications on a serverless platform, simplifying the deployment, management, and scaling of apps in containers without managing the underlying infrastructure.

For more details, visit Azure Container Apps Documentation.