Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Healthcare Payers and Serverless Batch Processing Engines - HLC308 - re:Invent 2017

165 views

Published on

In this session, hear how Cambia Health Solutions, a not-for-profit total health solutions company, created a self-service data model to convert a large-scale, on-premises batch processing model to a cloud-based, real-time pub-sub and RESTful API model. Learn how Cambia leveraged AWS services like Amazon Aurora, AWS Database Migration Service (AWS DMS), AWS Lambda, and AWS messaging services to create an architecture that provides a reasonable runway for legacy customers to convert from old mode to new mode and, at the same time, offer a fast track for onboarding new customers.

  • Be the first to comment

Healthcare Payers and Serverless Batch Processing Engines - HLC308 - re:Invent 2017

  1. 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Refactoring to the Cloud H e a l t h c a r e P a y e r s a n d S e r v e r l e s s B a t c h P r o c e s s i n g E n g i n e s H L C 3 0 8 N o v e m b e r 2 7 , 2 0 1 7 T i m M i c k o l & J o h n S t a e l e n s
  2. 2. 22 Our Cause To serve as a catalyst to transform health care, creating a person-focused and economically sustainable system.
  3. 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CURRENT ARCHITECTURE
  4. 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CURRENT ARCHITECTURE CHARACTERISTICS • Mishmash of domains in a monolithic data model • Knotted workflows with time-sensitive dependencies • Too many interfaces and too little abstraction • Opaque scattered business logic • Difficult to change and test • Laden with tech debt, dead ends, cruft • Painful and costly to support
  5. 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NO LIFT & SHIFT • Leave technical debt behind • Bridge bi-modal IT model • Continuously replicate selected on-premises data • Reasonable legacy migration runway • De-emphasize legacy, favor evolution in the cloud • Disrupt, but do so gently...
  6. 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EMERGENT ARCHITECTURE CHARACTERISTICS • Pub/sub-enterprise integration pattern • RESTful APIs in a microservices ecosystem • Domain-driven design • Event sourcing • Serverless computing • Managed services • Unlocking innovation
  7. 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EMERGENT ARCHITECTURE
  8. 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. HIPAA & PHI • Ensure the confidentiality, integrity, and availability of all e-PHI we create, receive, maintain, or transmit • Identify and protect against reasonably anticipated threats to the security or integrity of the information • Protect against reasonably anticipated, impermissible uses, or disclosures • Ensure compliance by our workforce
  9. 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SATISFYING SECURITY REQUIREMENTS
  10. 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. INFOSEC & APPSEC • Engaged office of CISO early and often • All PHI & PII encrypted in flight & at rest • Submitted to multiple architecture security audits • Internal – office of CISO • Third party – AWS Well Architected Review • All services HIPAA Eligible and covered by BAA https://aws.amazon.com/compliance/hipaa-eligible-services-reference/
  11. 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IAC IS GOODNESS • Ideation rapidly becomes concrete • Explicitly self-describing systems • Cost optimization can be automated • Created many new Ansible roles • Ansible roles become reusable enterprise resources • Immutable components stood-up, torn-down easily, rapidly
  12. 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONVERT ORACLE SCHEMA TO MYSQL w/SCT
  13. 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SCT: SCHEMA CONVERSION TOOL • Intuitive UI • Become rapidly proficient • Create conversion mapping rules • Used for initial conversion, DDL generation • Great conversion reporting feature • Create table-mapping.json for input to IaC
  14. 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONTINUOUS REPLICATION VIA DMS
  15. 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DMS COMPONENTS • Replication subnet groups • KMS Customer Managed • SSL certificates • Replication Instance • Source and target database endpoints • Migration task(s) • All provisioned via IaC
  16. 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DMS MIGRATION CONSIDERATIONS • Full load or CDC only or both • Read the documentation carefully, ask questions! • Experiment with settings (scores of them!) • Use Amazon CloudWatch for granular instrumentation • Iterate and tune for performance and transactional integrity • Tune your choice of instance class
  17. 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CUD STREAMING VIA LAMBDA AND SNS
  18. 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RDS AURORA MYSQL TO LAMBDA CALL mysql.lambda_async ( lambda_function_ARN, lambda_function_input )
  19. 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SUBSCRIPTION OPTIONS
  20. 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EVENT PUBLICATION SEQUENCE >> On-premises database transaction >> DMS replication transaction >> Aurora MySQL triggers >> Stored procedure wrapper >> mysql.lambda_async() >> Lambda function >> SNS
  21. 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ASYNC PUBLISH ERROR HANDLING
  22. 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EVENT SOURCING “Event Sourcing ensures that all changes to application state are stored as a sequence of events. Not just can we query these events, we can also use the event log to reconstruct past states, and as a foundation to automatically adjust the state to cope with retroactive changes.” – Martin Fowler
  23. 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EVENT { “id”: “b2a26034-a7c1-11e7-abc4-cec278b6b50a”, “when”: “2020-01-31T21:00:00.000Z”, “action”: “create” }
  24. 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD HOC QUERIES & EVENT REPLAY VIA API
  25. 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. INDIVIDUAL EVENT SOURCING
  26. 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. REPLAY TO SINGLE SUBSCRIBER (DESIRED)* *SQS directly to Lambda is not currently supported
  27. 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. REPLAY TO SINGLE SUBSCRIBER (CURRENT)
  28. 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. HERE WE GO, READY TO REFACTOR IN FLIGHT • Defined interfaces • New integrations consume events, including our solutions • Runway of new customers lined up • Monolith deconstructed into two applications (so far) • Microservice architecture foundation • Event sourcing implementation
  29. 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LESSONS LEARNED • Prototype, POC fast and dirty in a sandbox • Start IaC development early • Start SSL configuration early (firewalls and security groups and packet sniffing) • Understand your IAM requirements • Pair development – faster development, fewer mistakes • Engage your AWS Solution Architect • If you want it, ask your AWS TAM for PFR
  30. 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. REFERENCES AWS Well Architected AWS HIPAA Eligible Download SCT Set CloudWatch Alarms for Amazon SQS Martin Fowler on Event Sourcing Martin Fowler on CQRS Martin on DDD Bounded Context Glad to be here
  31. 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you! Y e n , R o n , R o b , S c o t t , E r i c , J a m e s , K i r k , B r i a n , S c o t t , B r e n t , D a n i e l l e , T a m m y , B r a d . . . G L A D T O B E H E R E

×