Healthcare institutions like medical universities, hospitals, surgery clinics, and blood banks comprise several departments each specializing in a specific field/task. With the advancement of health-tech innovations, we have seen rapid adoption of digital technology-enabled care services. Digital technology is advancing exponentially and its cost is plummeting. At the same time, the demand for and cost of healthcare is rising, which is challenging most health economies around the world. The need to adopt technology to meet these challenges seems obvious.
With the adoption of technology by individual departments of a healthcare institution, there needs to be in place a connected health model for management and successful delivery of services. These institutions after deploying their applications may face the major problem of scaling like running out of IP addresses and infrastructure as there will be a rapid increase in the number of users with the adoption of technology.
The following AWS architecture aims at solving this primary problem of scaling:
- If we have had simply set a range of say 1000 IP addresses, then after reaching the limit, we run out of IP addresses, hence, to allocate IP Addresses more flexibly, we need to create a smaller CIDR(Classless Inter-Domain Router) block to a set of proxies and a larger CIDR block for allocating IP Addresses to users into two different AWS VPC(Virtual Private Cloud).
- The smaller CIDR range will be applied to a set of proxies, while the larger CIDR block will be scaled using Lambda functions and a larger VPC. This will help in utilizing only the required amount of the CIDR block, functions, and the VPC that can be increased/decreased as per the need which is also a great measure for cost savings.
- Even if we run out of IP addresses in the larger VPCs, we can easily create another VPC having a large CIDR block and connect it with the set of proxies in the smaller CIDR block, thereby resulting in an auto-scaling solution.
- Any service that wants to connect back with the central platform connects using private VPC endpoints. The endpoint connects with proxies, then the proxies connect with the Institutions using AWS Direct Connect with separate segregation because there is a larger separate VPC.
- These proxies in the smaller CIDR block are handled by a security team that whitelists all the domains the proxies can talk to.
AWS Services Used:
- AWS DX: AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS
- AWS CIDR: Classless Inter-Domain Routing is a method for allocating IPs. In AWS, we allocate a range of IPv4/IPv6 using CIDR.
- AWS VPC: Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including the selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 for most resources in your virtual private cloud, helping to ensure secure and easy access to resources and applications.
- AWS Lambda: Serverless compute service that lets you run code without provisioning or managing servers, creating workload-aware cluster scaling logic, maintaining event integrations, or managing runtimes.