Democratizing access to higher education for 1.2 million students (WPS319)

Democratizing University Access for 1 Million+ Brazilian Students with AWS

Introduction

  • The presentation is given by Maria Kolina, a Customer Solutions Manager for Government in AWS Brazil, along with her colleagues Alesandra Faria (Solutions Architect of Public Sector) and Hiard Minino (Solutions Architect at AWS Brazil Public Sector).
  • The team discusses how they have helped the Ministry of Education (Mec) in Brazil to democratize university access for more than 1 million students through the Unified Selection System (SiSU).

What is SiSU?

  • SiSU is a unified selection system implemented in 2010 by the Ministry of Education in Brazil.
  • It allows students from all over Brazil to apply to different universities nationwide without the need to travel for entrance exams.
  • SiSU supports the accessibility of access to higher education and the reduction of social disparities by incorporating affirmative action policies.
  • SiSU impacts the lives of millions of students every year, and the decision was made to migrate it to AWS to benefit from the power of the AWS cloud.

SiSU Migration Objectives

The team had five main objectives in mind when deciding to migrate the SiSU infrastructure to the AWS cloud:

  1. Cost reduction
  2. Returning the management of the process to the Ministry of Education
  3. Improving performance to handle the growing number of candidates
  4. Ensuring supplier and component compatibility for seamless integration
  5. Availability of dedicated support resources

SiSU Architecture on AWS

  • The SiSU architecture on AWS is designed to be highly scalable, secure, and reliable.
  • It includes a Virtual Private Cloud (VPC), Amazon Route 53 for DNS, Amazon CloudFront for static content delivery, and a SQL Server database cluster.
  • The applications are deployed on Amazon EC2 instances running Red Hat OpenShift, which provides a containerized and self-managed environment.
  • The architecture leverages a wide range of AWS services to create a robust, scalable, and secure platform.

Governance and Control

  • A multi-account structure within AWS Organizations was implemented to ensure proper governance and control over the SiSU infrastructure.
  • This includes a management account, dedicated accounts for backup, security, and logging, as well as separate environments for integration, UAT, testing, and production.
  • This governance structure allows for a high degree of control, visibility, and security over the resources while enabling the flexibility to manage different environments independently.

Security and Authentication

  • AWS Identity and Access Management (IAM) was used to implement a segregation of responsibilities and the least-privileged principle for managing SiSU.
  • Infrastructure as code (IaC) using GitLab was leveraged to automate the deployment and management of the AWS environment, with IP restrictions added for further security.

DDoS Protection

  • AWS Shield Advanced was used to protect the SiSU architecture from distributed denial-of-service (DDoS) attacks, automatically detecting and mitigating such threats.
  • CloudWatch was integrated to monitor metrics and logs, helping to quickly identify and mitigate any security events or disruptions.

Performance and Load Testing

  • Comprehensive performance and load tests were conducted to ensure the robustness of the system and its ability to handle the expected traffic and volume.
  • Four different test scenarios were designed to simulate diverse user patterns, and the results exceeded the team's expectations, with the API latency staying well below the 1-second requirement.

Countdown and Well-Architected Review

  • The team used the AWS Countdown framework to ensure alignment and proper governance for the large-scale SiSU launch.
  • They also leveraged the AWS Well-Architected Framework to assess the stability and efficiency of the SiSU solution, focusing on the six pillars: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability.

SiSU Go-Live and Results

  • SiSU went live on January 22nd, 2023, with a peak of over 104,000 candidate access and around 11,000 registrations per minute.
  • Despite some unexpected issues, the team's proactive and collaborative approach helped address the challenges and ensure a successful launch.
  • The results were impressive, with over 1.4 million students making more than 2.4 million registrations to apply for 260,000 vacancies across 127 universities in Brazil.
  • SiSU maintained zero downtime during the 4-day execution window, demonstrating the platform's stability and reliability.

Next Steps

The team plans to take the following actions to further improve the SiSU solution:

  1. Regularly review the Well-Architected Framework
  2. Improve operational efficiency through optimization and automation
  3. Implement autoscaling for the OpenShift clusters and pods
  4. Automate runbooks
  5. Modernize the applications into microservices

Conclusion

The presentation showcases how the AWS team worked closely with the Ministry of Education in Brazil to migrate the critical SiSU system to the AWS cloud, ensuring a secure, scalable, and reliable platform that democratizes university access for over 1 million students in the country.

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.

Talk to us