Eurail sells European rail passes for 31 European countries to travellers from across the globe. The Eurail.com headquarters are located in Utrecht, the Netherlands. Its’ fulfilment centers, where the rail passes are printed and distributed, operate from the U.S.A., Singapore and Ireland. The order support call centers are located in the U.S.A. and the Netherlands.
Eurail wanted to update their homegrown Rail Planner app to enable their customers to search train timetables offline, make train reservations, and use the Eurail and Interrail tickets on their smartphones. The new application was to handle thousands of users and their data in real-time, and, says Daniel Vijge, solution architect for Eurail, “difficulties to secure and maintain the app needed to be addressed. We really needed a more professional approach to our AWS accounts.”
The software development company Elastique and Oblivion came on board to build and develop the new Rail Planner mobile app and the AWS infrastructure.
We set out to help Eurail to realize a secure AWS environment. To accomplish this, we customized our proven CloudFoundation blueprint from Oblivion to the requirements of the Rail Planner mobile app. We kickstarted the collaboration with a design workshop with the Eurail and Elastique Team. We agreed on the landing zone design, the application design and focused on the security of the customer data.
Our Cloud Foundation hosts the Rail Planner mobile app, developed by Elastique. The cornerstone of our CloudFoundation is the implementation of a mature AWS multi-account structure, grounded on a highly resilient foundation that is secure and perfectly manageable. We based this on the Well Architected Framework and amended it to the Eurail case, using the most innovative services from AWS with a strong focus on serverless services like Appsync, Lambda, DynamoDB and S3. This enabled us to build a highly automated environment through Infrastructure as Code. Minimizing the risk of human error and reducing the time spent on administering the platform.
To further strengthen the security of the environment we implemented the Oblivion CIS rules. Eurail’s AWS infrastructure is based in Frankfurt and Oblivion can ensure that not only the data but also access to the infrastructure is controlled through fine-grained access control. With Infrastructure as code and relying on a CI/CD pipeline we are able to contain the risk of human error. For Eurail, we implemented AWS Config, Guard Duty and CloudTrail as our main pillars for the Eurail Trip Planner App, generating an audit trail and improving security at the same time.
This project is a joint success between Eurail, Elastique and Oblivion. The application is now hosted in AWS in the secure landing zone and integrates the application from Elastique seamlessly, improving the user experience for thousands of travelers across Europe.
The new application was to handle thousands of users and their data in real-time. Difficulties to secure and maintain the app needed to be addressed. We really needed a more professional approach to our AWS accounts.