About the Customer
TYP TMS offers a service and an operational platform for managing shipments integrated from orders to delivery across a fixed network of warehouses with some functions to manage some operations on web portals and Android apps.
Challenges of Supply Chain Management
It was previously a manual and time-consuming task with very little order tracing to the customers and recipients. After Analyse the current state of the TYP TMS platform and data handling processes. Some key challenges and limitations impacting performance, scalability, and customer experience have been identified. Therefore, it recognizes the need for modernization and improved data-handling capabilities. Real-time metrics, logging and alerting, are also not available.
The system provides an event-driven strategy to deliver and basic track and trace with movements of parcels by scanning the barcodes themselves and assigning progress status to each scan. Customers can access the portal and place orders, enter instructions for the courier, and download transportation documents. The company has positioned itself on special courier services, especially for the fashion industry. In contrast, the software requires extreme flexibility in scaling performances as an ecosystem across customers, recipients and the network of operational partners. Furthermore, TYP has decided to invest strategically in value-added services to customers as data products for the post-purchase experience. Hence, modernization of the platform and data handling is a pressing issue.
Services used and Architecture used for system
- TMS has adopted a serverless architecture by leveraging various AWS services, including AWS Lambda, Amazon API Gateway, Amazon RDS, Amazon Cognito, and AWS Transfer.
- AWS Lambda is at the core of our serverless architecture. It allows us to run code without provisioning or managing servers. With Lambda, we can focus solely on writing the business logic for our microservices or functions, while AWS handles the underlying infrastructure and scaling automatically. This enables us to achieve high levels of scalability, as Lambda functions can scale seamlessly based on the incoming workload, ensuring optimal performance for our application.
- To expose our functions or microservices as HTTP endpoints, we utilize Amazon API Gateway. It is a fully managed service for creating, publishing, and managing APIs. API Gateway provides features such as request routing, authentication, and authorization, allowing us to securely expose our Lambda functions to clients and other application components.
- We leverage Amazon RDS, a managed database service for data storage. RDS simplifies the setup, operation, and scaling of relational databases. It provides options for various database engines like MySQL, PostgreSQL, or Amazon Aurora, offering high availability, automated backups, and software patching. By utilizing RDS, we ensure that our serverless functions store our data securely and can be accessed efficiently.
- To handle user authentication and authorization, we rely on Amazon Cognito. This fully managed service enables us to add user sign-up and sign-in, user profile management, and multi-factor authentication to our applications. With Cognito, we can ensure that our serverless functions are accessed by authenticated users only, maintaining the security and integrity of our system.
- Additionally, we utilize AWS Transfer for managing file transfer workflows. AWS Transfer provides a serverless solution for transferring files over SFTP, eliminating the need to manage traditional FTP servers. This allows us to securely handle file uploads and downloads without the complexity of server management.
- By combining these AWS services with AWS Lambda, we have created a robust and scalable serverless architecture. It enables us to focus on writing the application logic while abstracting away the infrastructure management. This approach brings benefits such as improved scalability, reduced operational overhead, enhanced security, and efficient utilization of AWS cloud resources.
Primary Benefits of Supply Chain Management (SCM)
We have created a robust and scalable AWS cloud architecture for hosting our microservices-based application. Leverages the power of AWS services, focusing on utilizing VPC, private and public subnets, API Gateway, and Lambdas. The design is highly scalable and built primarily using serverless services, ensuring efficient resource utilization and cost optimization.
- We have reviewed customer requirements for organization structure, account structure, operations, security, governance, and compliance.
- The application is hosted within a Virtual Private Cloud (VPC) with carefully configured private and public subnets.
- We have implemented a microservices-based architecture, utilizing AWS services such as API Gateway and Lambda functions.
- Scalability is ensured by leveraging serverless services to handle varying workloads effectively.
- We have applied industry best practices for security, including exposing public endpoints via SSL and implementing other recommended AWS security practices.
- SSL/TLS encryption has been implemented for secure data transmission between clients and the application.
- AWS Identity and Access Management (IAM) securely manages access to AWS resources.
- Network security measures such as Security Groups and Network ACLs have been employed to control inbound and outbound traffic flow.
- Data at rest has been encrypted using AWS-managed encryption keys to enhance data protection.
- Continuous monitoring and logging are enabled using AWS CloudWatch to promptly detect and respond to security-related incidents.
- Infrastructure as Code (IaC) has been utilized to provision or tear down infrastructure via a combination of IaC tools and CI/CD pipelines.
- We have used Bitbucket as our source code management system, where repositories consist of all the Terraform and serverless scripts alongside the application code.
- The Terraform scripts deploy the Infrastructure services on target environments.
- Every infrastructure resource has a single IAC module that deploys the resource into multiple environments with configurable inputs.