rights reserved. Building SaaS Enablement Platform with AWS Serverless – An Experience Report Lalit Kale C O M 4 0 2 Platform Architect Globalization Partners
rights reserved. AWS SaaS Factory Program Your place for all things SaaS on AWS The AWS SaaS Factory Program helps AWS Partners at any stage of the software-as-a-service (SaaS) journey. https://aws.amazon.com/partners/programs/saas-factory
rights reserved. Business Overview Telecom and Media Enterprise ~10B > 60 Products SaaS as a side offer GreenField SaaSify All Products Java, K8s, No previous SaaS Experience, Jr. Eng > Sr. Eng 4 Teams Israel, Ireland, India, USA, Canada
rights reserved. Product A Product A Product A Tenant A Product A Tenant 1-A Tenant 2-A Tenant 3-A customer1 customer2 customer3 Product C Product B Tenant A Product A Tenant 1-A Tenant 2-B Tenant 3-C customer1 customer2 customer3 Tenant 4-A+C customer4 Platform’s Unconventional Challenge Typical SaaS Player Product Portfolio SaaS Player
rights reserved. Product Onboarding Identity Monitoring, Metrics and analytics Billing and metering Management and monitoring DevOps and provisioning Routing Shared Characteristics of SaaS Product Disaster Recovery Product Delivery and Upgrades Product Configurations Product Integrations
rights reserved. • AWS DynamoDB and S3: Cross Region Replication • Disaster Recovery • Less Operations and Toil • Focus on Customer Value and Delivering Capabilities • Team Composition and Expertise Why Serverless?
rights reserved. Platform Landing Zone Management Account Network OU Dev Network Account Prod Network Account Security OU Log Achieve Account Audit Account Dev OU Control Plane Dev Account Test OU Test Account Prod OU Tenant UAT Tenant LIVE
rights reserved. Platform Infrastructure Key Decisions • Region Selection – NO US-East-1 Failures • Hub and Spoke Architecture • Networking – Single Ingress-Single Egress • Availability via Redundancy • Account Pool – 50 Accounts • Security is job zero –Design Validation with Infosec and AWS SAs
rights reserved. Infosec • Overworked and Understaffed • Age-old security practices • Not significantly aware of Cloud Security Practices • Roadblocks Instead of Guardrails • IT Security and Compliance Intermingle • Security Theater
rights reserved. Architecture Product Mgt Collaboration - Shared Responsibility Models Platform Team Responsibility For Security ’OF’ the Platform AWS Responsibility For Security ’OF’ the Cloud software Compute Storage Database Networking Hardware/Global Infrastructure Platform AWS Infrastructure Platform Data Platform Security Platform Availability Networking Backbone Platform Control Plane API and Services Product Team Responsibility For Security ’OF’ the PRODUCT Product AWS Account Resources End-Customer Data Platform App Security Product Access Management Platform Team Responsibility For Security ’OF’ the Platform Platform AWS Infrastructure Platform Data Platform Security Platform Availability Networking Backbone Platform Control Plane API and Services
rights reserved. Once upon a time… • New Organization • People Churn + Contractors • No Customer • Lack of Better Engineering Practices • Telco – Traditional Development Culture • SaFe - Not So Agile • Lack of Technical Product Management Expertise
rights reserved. Production Deployments A C C E L E R AT E : T H E S C I E N C E O F L E A N S O F T W A R E A N D D E V O P S : B U I L D I N G A N D S C A L I N G H I G H P E R F O R M I N G T E C H N O L O G Y O R G A N I Z AT I O N S Change Advisory boards are useless. Industry doesn’t matter Integration times and branch lifetimes lasting hours are better than days
rights reserved. Deployment Improvement F R O M M O R E T H A N 6 M O N T H S → E V E R Y W E E K Teams taking Ownership Collaboration Improvement Inner sourcing Utilization of Modules Push to production Every week 5 Days -> 30 minutes
rights reserved. Backup Challenges AWS Cognito Product Data Customer Data CICD – Github Enterprise Server Github Cloud Solution Platform Shared Responsibility Model
rights reserved. DR Firedrill / Mockdrill Pre-requisite – Monitoring and Observability of System Conduct DR exercise as if there is real disaster happened Wheel of Misfortune – (Failure Hypothesis) Backups are good but Restore!! Restore!! Restore!!
rights reserved. DR Firedrill / Mockdrill Complexities Involved - • CICD Pipelines Flaws • Auth0 Restoring Users and Permissions • Sequence of Activities • Team’s Measuring RTO and RPO (No cheating! No Beating!!) • Share the Trends as wins with Management • Runbooks • Transitioning runbooks to L1 Support
rights reserved. Outcome - Growth focus for transformation Procurement to Product Use– 12 Months → 48 Hours Increased Conversations – Customers can try and then buy → Free Trials Operational Efficiency – Streamline Sales Channel 5G Market Readiness New Markets– Ability to reach New Geos and New Logos 0 Deals →4 Deals/Qtr ($500k)
rights reserved. Takeaways SaaS is a business strategy Serverless makes Control Plane easier SaaS is a team sport Think Value Streams and Capabilities Instead of Features Platforms can’t solve culture Start Imperfect and follow Continuous Improvements Build Tenant Oriented Observability and Operations
phaya72
satos
uhyo
katsuhisa91
harukiabe
skmkzyk
findy_eventslides
databricksjapan
hhiroshell
gree_tech
kazuho
sansan33
skipperchong
marcelosomers
lauravandoore
bluesmoon
honnibal
malarkey
rasmusluckow
garrettdimon
keithpitt
eileencodes
lara
samlambert
