TagB: A scalable parking and valet management system
Category: Automobile/SaaS
Services: Managed Engineering Teams, DevOps, Cloud Architecture Design, and Review
- Reduction in time to first render from 3 to 1 second.
- Fast and error-free Deployments with CI/CD pipeline and IaC.
- Manual process eliminated, MTTR improved 10X
About TagB
Tag B Group is a well-known transportation, parking, garage management, and valet service provider based in Washington, D.C. It wanted to create a scalable solution to maintain a full parking and valet management system for multiple users and vendors, with a focus on multi-tenancy, security, database, and infrastructure as a code.
Problem Statement
TagB Group, a transportation, parking, and valet service provider based in Washington, D.C., faced challenges in effectively managing parking and valet services without a robust system. As an SMB (small and medium business), they lacked the ability to access real-time data from diverse user groups, including customers and parking lot owners. Additionally, they struggled with maintaining accurate records of locations and parking criteria, manually scheduling parking, and allocating valet services promptly. This led to difficulties for users who had to either manage without reservations or experienced delays in parking lot bookings.
Furthermore, the absence of a method to acquire valuable insights into user behavior hindered TagB Group’s ability to make data-driven decisions for business growth. As a small and medium business, they needed a solution that simplified infrastructure management, reduced errors, and ensured common access and security requirements were met. The client sought a reliable and secure codebase along with a highly available and cost-effective infrastructure to support their operations.
TagB Group required a scalable parking and valet management system that provided real-time data visibility, streamlined scheduling, and reservation processes for their small and medium business. They also needed the ability to gather insights into user behavior, enabling them to make informed decisions. Simultaneously, they aimed to simplify infrastructure management, ensure security, and reduce costs.
Proposed Solution & Architecture
Intuitive and engaging applications
To enhance user experiences, we developed intuitive and engaging mobile and web applications specifically tailored for SMBs. These applications catered to multiple user roles such as super admins, admins, clients, and business users. We ensured that the applications were user-friendly, accessible, and optimized for small and medium business needs. After implementing the solution, the client witnessed a notable 20% increase in the number of parking spaces managed. Our applications facilitated convenient pre-reservation of parking spaces for customers, empowered parking lot owners, who are often SMBs themselves to monitor their lots effectively, and enabled super admins to oversee the system through web and mobile apps. Other user roles, including enforcement workers and admins, benefited from the consolidated platform.
Secure and robust architecture
We implemented a secure and scalable architecture that addressed the specific needs of SMBs. This architecture utilized a microservices-based approach, allowing efficient integration of third-party services and custom-developed modules. To ensure data security, we designed the database architecture using the cloud-based service Amazon RDS. By adopting this architecture, SMBs could confidently rely on a robust and resilient system to manage their parking and valet services.
Multi-Tenancy and Data Isolation for Small and Medium Businesses
We incorporated multi-tenancy capabilities into our solution to support the requirements of SMBs. Each tenant, representing a small or medium business, had their own isolated database ensuring data privacy and separation. This approach allowed small and medium businesses to securely manage their data while benefiting from a shared infrastructure. By utilizing Amazon RDS, we provided a scalable and cost-effective solution for SMBs to effectively manage their parking and valet services.
Role-Based Access Control (RBAC)
To ensure secure access within the multi-tenant environment, we implemented a role-based access control (RBAC) model specifically designed for small and medium businesses. This model granted each tenant their own set of permissions and access controls, ensuring that their data and resources were protected. RBAC enabled small and medium businesses to have granular control over user access, enhancing security and maintaining the confidentiality of their information.
Automated Infrastructure Deployment designed specifically for Small and Medium Businesses
We leveraged AWS CloudFormation to automate the deployment of infrastructure resources required to support small and medium businesses in managing their parking and valet services. This automated approach facilitated efficient provisioning of resources and allowed for easy replication across different tenants. By adopting this automated infrastructure deployment, small and medium businesses could reduce costs, improve scalability, and ensure consistent and reliable operations.
User modules & business dashboards
SMBs like TagB require actionable insights. To empower the client with actionable insights, we created robust dashboards, reports, and visualizations. These tools provided precise information for day-to-day activities across the platform. For instance, super admins gained visibility into activities performed by clients, admins, customers, and other users, enabling effective monitoring and management. Clients, as parking lot owners, could access daily activity reports through their personalized dashboards.
As a result, the client discovered valuable insights, such as identifying the best-selling time slot, which was a 3-hour period. This information allowed them to optimize their offerings and maximize revenue during that time frame. Additionally, users experienced a 40% time savings in finding parking spaces compared to the previous system, enhancing their overall efficiency and experience.
Payment & refund management
The credibility of an SMB like TagB depends on the ease of payments and refunds. We developed a secure and reliable payment management system specifically designed for small and medium businesses like TagB. This system allowed users to add multiple payment methods, ensuring flexibility and convenience for transactions.
In terms of refunds, our solution followed industry best practices by processing refunds in the same manner as the original payment. This ensured consistency and ease of use for both users and administrators.
To provide transparency and control over payment statuses, we implemented features that allowed super admins and clients to update payment statuses. These statuses could be marked as pending, received, refunded, or advanced, providing clear visibility into the progress of payments.
Easy and secure Infrastructure management
SMBs require efficient and secure infrastructure management. To ensure efficient and secure infrastructure management, our team utilized AWS CloudFormation, which allowed us to define the cloud infrastructure as code. This approach was particularly beneficial for managing a microservice architecture, as it eliminated the challenges associated with a monolithic infrastructure.
To achieve high availability and cost-efficiency, our DevOps experts implemented a frontend service on CDN networking. This service efficiently served private Amazon S3 bucket data, ensuring fast and reliable access for users. Additionally, the backend services were deployed on Amazon ECS service, which provided scalability and flexibility for the small and medium business’s infrastructure needs. To handle data storage requirements, we set up Amazon RDS, ensuring a robust and secure data tier.
To address budget considerations, we implemented an AWS ECS service container as a service (CAAS) platform. This platform optimized resource utilization and minimized costs by effectively managing and allocating container resources. By utilizing AWS CloudFormation, we automated the provisioning and configuration of network resources, simplifying infrastructure management and reducing manual effort.
Manage common access
Networking VPC, Subnet, and NAT Gateway for Enhanced Security – Our experts leveraged Networking VPC, Subnet, and NAT Gateway to create a secure and isolated network environment specifically tailored for SMBs. This infrastructure setup ensured that their resources were protected and accessible only to authorized individuals. By implementing these networking components, we provided a robust foundation for managing common access within the infrastructure.
AWS IAM Service with Custom User Policy for Granular Control – To meet the unique needs of SMBs, we utilized the AWS Identity and Access Management (IAM) service with custom user policies. These policies were designed to grant users specific privileges and restrictions based on their roles and responsibilities. By implementing granular access controls, we ensured that each user had the appropriate level of access to perform their tasks while mitigating the risk of unauthorized access.
Less Privileged Resources for Enhanced Security – Understanding the importance of security for SMBs, we followed the principle of least privilege. By granting users only the minimum necessary permissions, we reduced the risk of potential security breaches. This approach provided an added layer of protection, ensuring that sensitive resources were accessed and utilized only by authorized individuals.
Provided a reliable and secure code
Automated Code Analysis and Review with SonarQube for Enhanced Security
Our engineers utilized SonarQube to automate code analysis and review, specifically focusing on the needs of SMBs. By leveraging this tool, we ensured that the codebase adhered to industry best practices and security standards. SonarQube’s capabilities enabled our team to identify potential security vulnerabilities, such as SQL injection and cross-site scripting (XSS), mitigating risks and safeguarding SMBs against cyber threats.
CI/CD Pipeline Automation with Jenkins for Streamlined Development
To meet the unique requirements of the client, we implemented Jenkins for Continuous Integration and Continuous Deployment (CI/CD) pipeline automation. By automating the development process, we provided the client with a reliable and efficient workflow. Jenkins facilitated automated builds, testing, and deployment, minimizing manual errors and ensuring consistent software delivery. Through this automation, SMBs were able to streamline their development efforts and achieve faster time-to-market.
Metrics for Success
Our solution delivered the following results for our client:
- Improved scalability: With our automated infrastructure provisioning and management using AWS CloudFormation, our client was able to easily scale its infrastructure up or down based on demand.
- Faster and more reliable releases: Our CI/CD pipeline using AWS CodePipeline and AWS CodeDeploy enabled our client to deploy changes faster and with a lower risk of downtime. Mean time to recover (MTTR) increases by 10x with faster rollbacks.
- Proactive monitoring and issue resolution: Our monitoring and alerting using AWS CloudWatch enabled our client to proactively identify and address issues before they affected end-users.
- Improved Security: We used AWS IAM service, custom user policies granted precise privileges based on roles, ensuring appropriate access levels, and mitigating unauthorized access risks for SMBs.
Architecture Diagram
AWS Services
Amazon RDS
- Amazon RDS was employed to store application and user data, including user account information, parking lot information, license plate number recording, and so on.
- In Amazon RDS, restricted access has been kept for specific IP addresses for security purposes.
Amazon ECS
- Containerized APIs were developed and hosted in Amazon ECS, which can be used by front-end applications.
- For delivering new modules and updates, Amazon Elastic Container Service (ECS) manages the application’s microservices backend. Examples include various modules and functionalities such as advanced parking booking, payment and refund administration, parking lot creation, etc.
AWS Task Definition
- Task definition gives commands to ECS; for example, each task will have certain configurations such as data volumes, memory utilization required, and a number of containers required.
AWS Lambda & Lambda Edge Security Headers
- The main function of AWS Lambda function is to compress users’ profile pictures.
- Lambda edge security headers add a security layer when content is displayed using CloudFront from an S3 bucket. For example, several users will book parking spots from various places using the app, posing a significant security concern.
S3 Bucket
- Documents belonging to various users, such as administrators, customers, and clients, were stored in an S3 bucket. Clients of Tag B, for example, will have access to data on revenue tracking, parking spots, and booking slots. These individuals will register as customers on the site and will need to upload documents, which will be stored in S3.
Amazon CloudFront
- CloudFront was used to distribute static and dynamic content across the application frontends. It helped create customized user experiences and deliver content with high speed using its edge computing capabilities across multiple channels.
- CloudFront distribution, for example, pulls files from S3 and displays them in the frontend, as indicated in the diagram. Also, it chooses and restricts access to particular information for specific people. For example, admin users can not access the company’s financial information.
AWS SES & SNS
- AWS SES is a service that sends emails to users. An email will be sent to the user after a successful registration with the application, for example. Alternatively, bills will be delivered through email after consumers make a payment.
- Users receive notifications from AWS SNS. Notifications for communications about offers, payment refunds, pass expiration, and other topics will be sent.
Amazon ECR
- Docker images were stored in Amazon Elastic Registry(ECR) for deployments.
Application Load Balancer
- In the case of multiple requests from different users worldwide, the application load balancer distributes traffic across various targets, such as EC2 instances of ECS containers in multiple availability zones.
Monitoring
- CloudWatch is used to keep track of infrastructure-related logs, metrics, and data, while CloudTrail is used to keep track of operational actions in AWS accounts.