h1. Request Details
h2. Background
In order to transform our current system towards microservices, we want to create service that will be responsible for getting and updating data to support Pay At Hotel (one of example: pay at hotel data will be used to validate user eligibility when search and book hotel). As a POC this service will be used for Pay At Hotel Worry Free.
Pay At Hotel Worry Free is pay at hotel without credit card guarantee that enable users who have no credit card to be able to enjoy the benefit of delayed payment. However this feature is prone to abuse thus we need to add some user restrictions. For example if a customer didn’t come to the hotel (no show), they will be restrained to use pay at hotel worry free for 30 days.
In other hand, this service will help us shaping our system towards microservice because all of additional data that support pay at hotel will be separated from the monolithic hotel data storage. With this request, we are requesting several new instances, such as EC2, ALB and Postgres RDS.

h2. Purpose

To store and get all data that related to support Pay At Hotel.
Have a separate service for Pay at Hotel Data, and hence, having a clear separation of services which is the goal of microservices.

h2. Impact
This service enable us not only to store and get Pay At Hotel related data but also to prevent abusive customer behavior. In other words, for a user to use pay at hotel worry free, they need to pass several criterias before stated as eligible to search or book. One of possibility that will appear from abusive customer behavior is that user trying to emptied out the hotel allotment or hotel trying to emptied out the allotment of their competitor.
Failing to deliver this service and the database will cost us several aspects as follow:

Pay at Hotel Worry Free is launched without sufficient fraud protection, causing our business to be vulnerable to attack.
This cost is a company reputation to customer wide. Failing to deliver Pay At Hotel Worry Free at all will cost us a huge opportunity loss to tap a new customer segment.
Launched using the monolithic hotel-mongod data. We will lose the opportunity to invest on building a long-lasting and scalable system. This will cost us a lot to migrate to multi account and to fire-fight any issue that could come later.

Increase load for those services that connect to this new service.
Minimal - this service will only be used to serve data and default value will always available for each operation.

h2. Resources
h3. EC2
h4. Configuration
{code}
count = "2"
instance_type = "m4.large"
ebs_optimized = "false"
disable_api_termination = "false"

root_block_device = {
volume_type = "gp2"
volume_size = "8"
delete_on_termination = "true"
}

tags = {
Service = "aprphd"
Cluster = "aprphd-app"
ProductDomain = "apr"
Application = "java-7"
Environment = "production"
Description = "Accomodation Product Pay at Hotel Data"
}
{code}

h3. ALB
h4. Configuration
{code}
name = "aprphd-lbint-<random_id>"
security_groups = "aprphd-lbint"
internal = "true"
idle_timeout = "60"
enable_deletion_protection = "false"

tags = {
Name = "aprphd-lbint-<random_id>"
Service = "aprphd"
ProductDomain = "apr"
Environment = "production"
Description = "Application Load Balancer for Accom Product Pay at Hotel Data"
}
{code}

h4. Listener
{code}
port = "443"
protocol = "HTTPS"

default_action {
target_group_arn = "aprphd-app"
type = "forward"
}
{code}

h4. Target Group
{code}
name = "aprphd-app-<random_id>"
port = "61269"
protocol = "HTTP"
deregistration_delay = "300"

tags = {
Name = "aprphd-app-<random_id>"
Service = "aprphd"
ProductDomain = "apr"
Environment = "production"
Description = "Target Group for Accom Product Pay at Hotel Data"
}

health_check = {
interval = "10"
path = "/healthcheck"
port = "traffic-port"
protocol = "HTTP"
timeout = "5"
healthy_threshold = "5"
unhealthy_threshold = "2"
matcher = "200"
}
{code}

h4. DNS Record
aprphd.main.tvlk.cloud

h3. Postgres RDS
h4. Purpose
It would be used to store data validation that related to Pay At Hotel. The reason PostgresSQL is chosen as database because:

From our use case, the data already have predefined structure and should be strongly consistent.
From troubleshooting and maintainability, we choose RDS because RDS managed by AWS.

Currently there are two data that contains sensitive information such as deviceId and bookingId. One of impact when lost of data or data inconsistency of this database are it would affect user eligibility when search hotel and book with pay at hotel worry free. The DB would be accessed by aprphd and the other services will call to aprphd when they need to get or modify the data.
Services that will get or modify the data:

hinv: to retrieve data for validation when search.
aprbapi: to retrieve data for validation when book.
aprbap: to retrieve data for display.
aprpbo: to store/modify data when hotel is claim no show.
aprops: to store/modify data when booking is issued or cancelled.

h4. Risk
Once it’s used, if an unauthorized person accesses the DB and modify the data, it will affect user eligibility when search hotel and book with pay at hotel worry free.

h4.Configuration
{code}
identifier = "aprphd-postgres-<random_id>"
allocated_storage = "20"
allow_major_version_upgrade = "false"
auto_minor_version_upgrade = "true"
backup_retention_period = "7"
backup_window = "17:00-19:00"
engine_version = "10.3"
instance_class = "m4.large"

tags = {
Name = "aprphd-postgres-<random_id>"
Service = "aprphd"
ProductDomain = "apr"
Environment = "production"
Description = "Database for Accom Pay at Hotel Data"
}
{code}

h3. Connectivity
https://docs.google.com/spreadsheets/d/1sY4JI61k4ZVF7eqvq1BbasUBYqJS3DQrLo0VImyhw5Y/edit?usp=sharing
h4. Rules
SourceId, Destination, from_port ,to_port, tcp
aprphd-lbint, aprphd-app, 61269, 61269, TCP
aprphd-app, aprphd-postgres, 5432, 5432, TCP
aprbapi-app, aprphd-lbint, 443, 443, TCP
hinv-app, aprphd-lbint, 443, 443, TCP
aprpbo-app, aprphd-lbint, 443, 443, TCP
aprops-app, aprphd-lbint, 443, 443, TCP
aprbap-app, aprphd-lbint, 443, 443, TCP

APRPHD Stack Infra Request