Building a Multi-Tenant SaaS Application on AWS

Customer Profile

Our customer is a major player in providing SaaS applications for Oil and Gas industry. They are based in Nordics and work extensively with large data sets to solve complex problems for their customers. Their applications use Machine Learning, Data Science and AWS Services to solve some of the most difficult tasks, accurately for their customers.


During our discussion with customer CTO we zeroed in for following goals:

  • Make application multi-tenant as well as scalable
  • Avoid insecure Docker Compose environment variables
  • Move production out of Docker Compose
  • Remove single point of failure, one EC2 instance running all of application and its components


By utilizing principles of AWS’ well architected framework, we implemented following solution:

  • Converted web product application to web based multi-tenant SaaS application
  • Used a managed service Elastic Container Service (ECS) instead of an EC2 to run Docker
  • Converted entire infrastructure into a code through Terraform

Tech Stack

This solution used following tool, platforms, services and programming languages:

  • Public cloud platform–AWS. Following services are prominently used:
    1. Elastic Container Service
    2. Lambda
    3. API Gateway
    4. CloudWatch Logs
    5. Key Management Service
    6. Simple Storage Service
  • MongoDB Atlas – Global cloud database service for public cloud platform, fully managed.
  • Docker – Containers for Node.js and Python
  • Programming languages – Node.js, Python

Solution Architecture

Click to see large view


Based on changes implemented as per AWS’ well architected framework, customer gained following in addition to predefined goals:

  • New customer on-boarding takes less than 4 hours as opposed to 3-5 days it used to take previously
  • Cost of infrastructure reduced by using multi-tenant model. Separate EC2 instances are not required for various customers.
  • Entire infrastructure can be recreated in less than an hour in an event of disaster, thus reducing disaster recovery time significantly
  • Lot of functions were converted to serverless using Lambda, reducing dependency on an EC2 instance.
  • Configurations and other secrets are stored in Systems Manager Parameter Store and are encrypted using AES 128-bit encryption