Developing a Unified Authorization System for a Major Corporation
The client operated multiple IT systems, each requiring employees to use distinct accounts. To streamline processes and enhance efficiency, the implementation of a unified authorization system was essential.
Client
Our client is a prominent Russian company specializing in the construction and development of residential and commercial real estate.
Task
The objective was to design and implement an authentication server.
Team
The project involved three specialists: a Project Manager (PM), a Software Development Engineer in Test (SDET), and a DevOps Engineer.
An Infrastructure-as-Code approach was successfully adopted.
Solution
After designing the project infrastructure within the client's cloud service, we provisioned two virtual machines and a Managed PostgreSQL database service, along with configuring the necessary networking. On these virtual machines, we set up a NAT service and deployed NGINX as a proxy server, as well as Keycloak using Docker. The infrastructure was documented using Terraform and Ansible, and the authentication process was configured through a login page featuring the client's logo. Throughout the project, we also addressed challenges related to load testing and cloud monitoring.
Result
Users gained the ability to access work services using a single account. The Infrastructure-as-Code methodology was effectively implemented, and the environment was successfully deployed in Yandex Cloud.
Technologies
Yandex.Cloud, Terraform, Ansible, NGINX, Traefik, Docker, Docker Compose, Keycloak, PostgreSQL.