Saving £137,000 a Year While Increasing Performance Using Amazon Cognito with DVSA
DVSA delivered a reliable, cost-effective authentication system for 160,000 users using Amazon Cognito, reducing software release time by 30 percent while saving £137,000 a year on AWS.
30% reduction
in software release time
£137,000
saved in a year
140,000
accounts migrated seamlessly
6-week
core functionality setup time achieved
Increased reliability
for authentication system
DVSA improves resiliency of its critical infrastructure services using AWS
In this video, Laurence Barker, principal platform and DevOps at DVSA explains how the agency modernizes its cloud infrastructure to reduce cost, improve operations efficiency and emphasize security. DVSA’s mission is tightly connected with the road safety and requires being backed by the latest technology to ensure all systems are resilient and highly performant. AWS Professional Services team worked hand in hand with DVSA teams on several initiatives resulting in increased operational efficiency, improved compliance scores, faster release process and improved platform scalability.
Overview
The United Kingdom’s Driver and Vehicle Standards Agency (DVSA), an early adopter of cloud technologies in the public sector, wanted to improve efficiency by using a new authentication solution. The agency’s legacy system was complex to manage, and updates could not be implemented without planned outages. “We had hosted the previous solution, which was both costly and inflexible,” says Shaun Hare, principal developer of digital services at DVSA. “We wanted to move toward continuous delivery, and that meant that we had to decouple the authentication workload with a managed service.”
The agency had a contract termination point with its previous vendor that lent urgency to the initiative. It had also been using Amazon Web Services (AWS) for several years, and after evaluating several options, it chose Amazon Cognito, a secure customer identity and access management solution that scales, to streamline its authentication process. “Amazon Cognito fits very well into our architecture and our layout, so it made adoption simpler,” says Hare. “We also have a great degree of confidence in the solution’s ability to scale.” With the new offering in place, DVSA has more time to spend on improving the performance of its systems.
Using Amazon Cognito to Set Up Core Functionality in 6 Weeks for DVSA
DVSA plays a significant role in supporting road safety across Great Britain. The agency carries out driving tests, manages vehicle safety through the Department for Transport (DfT), and oversees vehicle operator licensing. To fulfill these mandates, DVSA must securely and reliably authenticate users from about 150,000 organizations. It has been running about 30 workloads on AWS since 2016. However, it used another vendor for its authentication service. “Our prior solution had stability issues, cost issues, and challenges with new releases,” says Hare. Those issues kept the DVSA team tied down with laborious maintenance work. “For us, the problem was always authentication,” says Hare. “We would have an issue, but we didn’t know what the cause was. It was open ended.”
Although it was committed to finding a new solution, DVSA was operating under a tight deadline. If it missed the contract termination point, the agency would incur a 50 percent renewal fee from the provider of its legacy solution. DVSA needed to take a strategic approach to engineering the new offering if it was to deliver on time. “We split this project into two phases. First, we built out the core solution using Amazon Cognito,” says Hare. “The ease of use and flexibility of that approach meant that we delivered the first phase in 6 weeks.” After the first phase was complete, DVSA began to focus on distributing the offering across its many services. It connected the first of two services, vehicle operator licensing, to the new backend system in June 2022.
“Our technical strategy is to move forward with serverless applications. That’s a testament to the trust we have in AWS services.”
Shaun Hare
Principal Developer, Digital Services, Driver and
Vehicle Standards Agency
Migrating 140,000 Accounts Seamlessly Using Amazon Cognito
Within the first two hours of its implementation, over 70,000 people signed into the new DVSA authentication solution on one service alone. DVSA used AWS Lambda, a serverless, event-driven compute service, in combination with Amazon Cognito to migrate a total of 140,000 accounts on its vehicle operator licensing and MOT services. Because the change was seamless, users weren’t aware that the agency had just rolled out a new solution. “In other circumstances with a major migration of this type and this size, one would expect some degree of interruption,” says Hare. “But the degree was so low that it wasn’t noticeable to us.” The agency now uses Amazon Cognito as the default authentication system in its vehicle operator licensing system and the MOT testing system, with over 160,000 total users. And when DVSA implements upgrades to its solution, it no longer has to plan downtime.
Architecture Diagram
Architecture Diagram Title
In addition, the agency delivered a significant performance improvement using Amazon Cognito. “We’ve seen at least a 30 percent reduction in software release time,” says Hare. Moreover, releases can now go live during the day instead of at night, so team members no longer have to spend their evenings and weekends on call. The greater reliability of the new solution has also boosted morale. Previously, DVSA teams would often start up a development environment and wait 45 minutes for the technology stack to come up, only to find that authentication wasn’t working. Now the agency is enjoying a more consistent experience with the new tool. In total, DVSA is saving £137,000 a year on Amazon Cognito.
Flexibility was also a core concern for DVSA. Because the agency authorizes separate entities, such as haulage or bus companies, it wanted an authentication service for both individuals and business users. The agency found it simple to meet that dual need using Amazon Cognito. “When we were developing the new system, it didn’t feel like we were migrating such a big piece of our application,” says Joshua License, senior developer at DVSA. “We went from theory to a minimum viable product on Amazon Cognito by simply clicking a button on our console, and then we got to work.”
In addition to using Amazon Cognito, the DVSA also implemented Amazon API Gateway, a fully managed service that makes it simple to create, publish, maintain, monitor, and secure APIs at scale. Instead of using bespoke code over and over again to verify that tokens are valid, the agency used Amazon API Gateway to simplify its authorization process. “We removed all our bespoke code and reduced our technical debt using Amazon API Gateway,” says License. “Now, we don’t have to worry about checking the tokens.”
DVSA teams are excited to be able to focus on developing new features that add value to the agency’s offering. “We used to have authentication issues reported to us every other week,” says License. “We no longer get those, which is an improvement.” And now that the team isn’t using a solution with multiple checks for session-based authentication tokens, page response time is 15 percent faster.
Implementing Continuous Delivery on AWS
DVSA plans to continue innovating on AWS in the years to come. “We see Amazon Cognito as the first link in the chain toward continuous delivery,” says Hare. “It was a significant step on our journey.” The team will be migrating its workloads to containers on AWS to drive value earlier and in smaller places. It’s also targeting improvements around release cadence and release processes.
The agency is steadfast in its commitment to serverless technologies. “Our technical strategy is to move forward with serverless applications,” says Hare. “That’s a testament to the trust we have in AWS services.”
About the Driver and Vehicle Standards Agency
The Driver and Vehicle Standards Agency, a part of the UK Department for Transport, supports road safety through activities such as administering driving tests, approving driving instructors, and verifying that vehicles are safe to drive.
AWS Services Used
Amazon Cognito
With Amazon Cognito, you can add user sign-up and sign-in features and control access to your web and mobile applications. Amazon Cognito provides an identity store that scales to millions of users, supports social and enterprise identity federation, and offers advanced security features to protect your consumers and business. Built on open identity standards, Amazon Cognito supports various compliance regulations and integrates with frontend and backend development resources.
Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications.
AWS Lambda
AWS Lambda is a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers. You can trigger Lambda from over 200 AWS services and software as a service (SaaS) applications, and only pay for what you use.
More Customer Stories
Get Started
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.