Taashee helps a multinational healthcare giant create an end-to-end AWS DevSecOps CI/CD pipeline with open-source SCA, SAST and DAST tools.Learn More
Taashee Linux Services, through its dedicated AWS Team, continues to provide end-to-end managed support and services for the AWS cloud infrastructure of one of our prestigious clients in the healthcare services industry. AWS engineers at Taashee continuously coordinate with the client’s IT team to provide 24x7x365, real-time, cost-effective support and solutions, which resulted in an uninterrupted cloud workflow and increased efficiency.
Our client is an established healthcare services provider headquartered in India, with global footprints in South Asia and the Middle East. Besides maintaining a massive hospital chain infrastructure across multiple cities, our client has also ventured heavily into related verticals like pharmacies, diagnostic centers, home care and online doctor consultations.
Taashee had previously successfully helped the client migrate and sync their database and resources from their premises to AWS cloud.
This project is an extension of the former, where the client required 24x7x365 end-to-end support to maintain this AWS cloud, which presently consists of 93 servers. The major aim of this work is to ensure quick troubleshooting and maximizing the uptime of all the servers, since due to the essential nature of the healthcare industry, especially during global emergencies like the Covid pandemic, a server outage of even a few minutes can turn into serious complications for patients and their families.
Server creation and migration
Our AWS team creates, restarts, stops, and terminates EC2 and RDS instances and also migrates on-premise applications to AWS services (e.g., EC2, LightSail, etc.) according to the client’s requirements. We also accomplished the process of PostgreSQL advanced migration along with extended Oracle compatibility
Server and Patch management
In terms of server management, our responsibilities include configuring bastion servers to control network access to EC2 instances and maintaining replicated copies of databases across different availability zones (AZs) in the cloud with Master/Slave/Secondary Slave configurations. Vacuuming is done for database servers on a monthly schedule or as directed by the client. We also conduct version upgradation for production and UAT servers. Our patch management responsibilities include deployment of patches in UAT and production servers as well as reverting patches when required.
VPC, Subnet and S3 bucket management
Taashee’s AWS team creates VPCs, Subnets for specific regions and S3 buckets when required. Our responsibilities also include backing up raw data or log files in S3 buckets.
IAM User, Role & Policy Management
In terms of IAM user management, our duties include creating users who can access the client’s AWS services infrastructure, creating roles, attaching roles with policies and implementing periodic forced password change policy for the authorized users.
Backup policies have been created for the client using AWS Lifecycle Manager. Our elaborate backup strategy includes configuring automated snapshots for production servers and RDS databases. Moreover, AMIs and snapshots are created before any major activities are conducted in the production environment.
Dynamic storage management is an important cornerstone of our cloud support mantra. Our team always maintains some free storage space in the systems in case of sudden storage spikes, and we have configured alarms on top of installing SSM agents to monitor the diskspace. Additionally, as per the client’s requirements, we add/modify storage volume, create S3 buckets and enable S3 bucket life cycle policies.
Security Group Management
Each server has been configured with its own Security Group with necessary whitelisted IPs, based on the client’s approval. We regularly check Security Groups for unidentified IP accesses and NACLs are used for subnet-level firewalls.
Network Interface configuration
The client’s cloud infrastructure currently has 4 VPCs and 19 subnets which include both public and private subnets. We use 3 Customer gateways and 1 Virtual Private Gateway for private connections. Internet gateways are used to connect the VPCs to the internet, while NAT gateways are used to establish connections to private subnets.
OS & DB User Management
Users are created with necessary approval from the client for OS and DB. We are currently using Ubuntu and Windows OS in the production servers. MySQL databases are used in the RDS servers, while PostgreSQL is used in the production-side EC2-Instances.
AWS System Manager
We deploy OS patches with help of AWS System Manager. We also configure custom cloud watch metrics using this application.
Some of our other responsibilities and one-time implementations include:
The benefits to the client have been multifold. Controlling network access to EC2 instances, for example, resulted in ensuring robust network-based access control, while migration to PostgreSQL Advanced led to 40% cloud speed enhancement. Our 24×7 monitoring activity led to an overall 25% increase in server uptime, as well as a 36% reduction in costs!
Taashee’s technical team helps organizations that require increased developer productivity, higher quality applications, and lower maintenance costs. Taashee programmers specialize in multiple technologies with add-on features and advanced support. The biggest advantage for customers approaching Taashee is that they do not need to approach multiple vendors to implement different technologies.