T Digital shares lessons learned about flexibility, agility, and cost savings using AWS

T-Digital, a division of Tshwane University Technology Enterprise Holding (TUTEH) in South Africa, built TRes, a digital platform for students living in student housing and for accommodation providers. TRes connects students with available housing and verified and authorized property owners. It addresses student accommodation needs and helps verified and approved property owners fully allocate their residences, while alleviating administrative burden. The platform aims to create ongoing interaction between students, accommodation providers, and university administrators.

With help from Amazon Web Services (AWS) Professional Services, T-Digital experienced flexibility, agility, and realized cost savings. Read on for advice from T-Digital on some best practices to accelerate your journey in the cloud.

Optimize your cloud infrastructure to reduce costs

Cost management is a common challenge organizations face when adopting cloud, especially when running multiple workloads across multiple accounts managed by a big team. To reduce costs, organizations can use the cost optimization pillar of the AWS Well Architected Framework.

“At T-Digital, we’ve managed to reduce our AWS infrastructure costs by almost 60 percent by focusing on cost optimization. We adopted a strategy of tagging every resource provisioned. This approach helped us identify high-spend services and right-size the resources where possible. The strategy also helped us to identify who within the T-Digital team is behind the provisioned resource and which project the resource belong to,” said Percy Mohale, DevOps lead at T-Digital.

T-Digital also uses AWS Budgets to predict each account’s monthly costs and to receive continuous updates based on usage, especially in the developers’ sandbox accounts. The use of infrastructure as code also helped identify ways to reduce costs. Removing individual resources by hand can result in some resources being forgotten and accruing usage billing.

Improve user experience: Build for high availability with a multi-Availability Zone strategy

Using a multi-Availability Zone strategy, T-Digital built an application with high availability and low latency, which translates to an improved user experience.

The design language and architecture of TRes is user oriented, and uses Amazon Simple Nofication Service (Amazon SNS) to inform users of updates and events concerning their accounts. “We strongly believe that the best user experience is the actual accessibility of the platform. Designing for high availability and deploying our resources in multiple Availability Zones within the Region has been key to ensuring a delightful user experience,” said Musa Khosa, user interface lead at T-Digital. T-Digital uses the recently launched AWS Africa (Cape Town) Region.

“AWS has Service Level Agreements across various services, which give us confidence that we have a guarantee of performance and availability. This is important for us to win the trust of our users. Amazon CloudFront caches static files for 24 hours, allowing us to deliver content close to our student population in South Africa, and mitigate against distributed denial of service (DDoS) attacks,” said Mohale. T-Digital also uses AWS Certificate Manager to issue and store secure sockets layer (SSL) certificates. The SSL certificates help Amazon CloudFront redirect all HTTP requests to HTTPS from end-users.

Set up for success: Manage user controls

One way to improve internal workflows and resource management is to set up an architecture that applies the principle of least privilege (limiting user, application, and service permissions to only those necessary to perform a function or task). Architecting this way from the beginning will help as teams grow and projects progress from development to deployment.

Initially, the T-Digital team had one AWS account housing all the applications—regardless of whether an application was in development, testing, or production, everything was in one account. “AWS Organizations helped us to construct a structure for the TUTEH organization in the AWS Cloud. Each organization unit (OU) can have a dedicated service control policy governing permitted actions for any workload account within that OU,” said Tshepo Makhubela, lead developer at T-Digital. The team uses AWS Control Tower to provision workload accounts and developer sandboxes and AWS Identity and Access Management (AWS IAM) roles to implement cross-account access to deploy code across the development, staging, and production environments.

Separating the accounts also played a role in terms of defining permissions in each account depending on the designated purpose. Developers only have access to the development account; the staging and production account are only accessed by AWS CodePipeline during deployments. AWS IAM policies govern the merge rules for T-Digital’s AWS CodeCommit repository, along with the repository users maintained in a dedicated account.

Focus on code, not infrastructure: Going serverless with a microservices strategy

Serverless services from AWS have helped T-Digital maintain a lean team that spends its time and energy on developing rather than provisioning and maintaining infrastructure.

Makhubela explains, “Being a small team, we needed to spend more time developing the platform rather than maintenance and scaling. The AWS Cloud takes away many of these tasks with serverless services.” AWS Lambda, Amazon Simple Storage Service (Amazon S3), Amazon API Gateway, and Amazon DynamoDB, automatically scale to meet an increase in requests.

T-Digital uses the Serverless Framework to facilitate deployments into developer sandboxes and workload accounts. In the early stages of developing TRes, everything was bundled into one service, which caused challenges. To address this, T-Digital decided to split their application into microservices. Using a microservices strategy also gives T-Digital the flexibility to use different languages for different use cases.

Manage version control for faster deployments

T-Digital uses the agile methodology of software development to continuously, quickly, and efficiently deliver updates and new features to users.

“With AWS, we managed to take most of the workload off our team, allowing them to focus on developing features. We are now able to deploy to different environments with different configurations for each environment, and the best part is all these processes are automated. We use AWS CodeCommit to manage version control and collaboration,” said Mohale.

Mohale further explained, “Whenever changes are pushed to either master or develop branch, AWS CodePipeline automates all our builds and deployments, we can track how the build are processing via the AWS console and getting updates on Slack through an integration with AWS Chatbot. And with the help of AWS CloudFront, our users always have the latest version of our application.”

Learn more about how AWS Professional Services (AWS ProServe) can help you accelerate your cloud adoption journey.