Case Studies

SNAPDRAGON

MIGRATION

SnapDragon provide brand protection to help against counterfeiters, their goal is to protect clients of all sizes from online threats and infringements. They help to defend global innovators’ strong reputations, whilst also keeping customers safe. The purpose of working with Rebura was to improve their logging/audit solution to improve observability whilst maintaining optimal application performance.

THE CHALLENGE

The objective was to outline requirements for a centralised logging service alongside a list of suggested designs for the solution to increase visibility of audit data to track usage across the SaaS platform – this deliverable is a prerequisite to being able to generate usage reports across the platform for customers. The product is multi-tenant however Snapdragon are currently unable to trace activity at the aggregate and individual tenant level.

As a SaaS provider it is essential to have a clear picture of how tenants are exercising your system, being able to have visibility of usage is key to improving technical strategies of a SaaS organisation. Without this it will be difficult to visibly see how to improve the service for the tenants from an infrastructure and functionality perspective.

THE SOLUTION

They needed a way to audit user activity across the application in a centralised way (due to the multi-tenant architecture in place). This centralised logging service would allow Snapdragon to track tenant and user usage of the SaaS platform. The value of capturing these metrics can help the business to evolve and improve functionality and operations of tenants, this would require creating the infrastructure and mechanisms that can enable capture and analysis.

One of the requirements was to have strong data consistency. In the event of a write (of audit data) to persistent storage failing – a recovery mechanism should be in place to ensure that all audit data pushed to the message queue can be recovered and sent to the data store.

OVERVIEW OF KEY DELIVERABLES:

Audit Service

The Audit database should store all changes made in a source Amazon Aurora database, this data store should also include an alerting mechanism when a change or deletion occurs. The solution must contain the data of all tenants in one central locations with appropriate access controls in place. Using CloudWatch in conjunction with AWS Lambda, DynamoDB Streams and Amazon SNS this would be possibly. Gathering these insights would help shape the technical and strategic direction of the SaaS offering, it would also help influence the architecture by reviewing how tenants are imposing on the system. In doing so it would be clearer how the system is responding to the evolving nature of the multi-tenant workload. See architecture:

Process Findings

The audit service requires SnapDragon to add Ruby code to the code base to write out to Dynamo when a write to Aurora occurs. The solution proposed in the report instead relies on the Aurora database event stream – outputting events. This solution removes the requirement to manage errors that could cause data inconsistency.

Monitoring and Alerting

CloudWatch proposed as a general-purpose logging solution to track performance and stability. The CloudWatch alarms will also trigger an alert to the operations team in line with their current alerting process. Through the logging it is useful to detect anomalies and provide valuable insights that further help move the SaaS business in the right direction.

Scalability

Kinesis provisioned to on-demand to ensure the business scales the solution provided scales with writes from Aurora RDS. DynamoDB can also be set to on-demand scaling to help reduce cost / increase performance as required. As a SaaS provider using the metrics it is easier to predict future consumption and make business projections to improve scalability.

THE RESULTS

The SaaS discovery provided SnapDragon with a report detailing a prioritised list of tasks to build an audit framework (implementation) that records all activity within Snapdragon’s Aurora database. The objective was to outline the requirements for the audit database and associated implementation required. In delivering this – Snapdragon can have an audit database that provides an accurate and up to date representation of changes made to the database alongside monitoring and alerting to maintain integrity between the source Aurora database and the audit database.

The audit database created as part of this solution allows Snapdragon (who deliver their product in a B2B SaaS delivery model) to have a centralised source of truth around actions carried out as part of their product offering. Securing a SaaS application is a top priority, implementing security measures to create boundaries that adequately isolate and protect one tenant from another is beneficial to the client and business alike. The audit database must be robust and scalable, with access controls in place to ensure that the contents of the data store hold up to legal scrutiny and compliance standards when Snapdragon’s customers are attempting to remove suspected IP breaches from online retailers.