US 12,348,488 B2
Devices, methods, and computer-readable media for deploying modular network architecture
Ian Cheng, Vancouver (CA); Carlos Eduardo Martell Ayala, Coquitlam (CA); I-Cheng Wang, Surrey (CA); Christopher Zhu Tan, Richmond (CA); Jonathan Pelletier, Montreal (CA); and Saad Zaamout, Calgary (CA)
Assigned to MASTERCARD TECHNOLOGIES CANADA ULC, Vancouver (CA)
Filed by MASTERCARD TECHNOLOGIES CANADA ULC, Vancouver (CA)
Filed on Feb. 8, 2022, as Appl. No. 17/667,437.
Claims priority of provisional application 63/147,597, filed on Feb. 9, 2021.
Prior Publication US 2022/0255901 A1, Aug. 11, 2022
Int. Cl. H04L 9/40 (2022.01); G06Q 20/38 (2012.01)
CPC H04L 63/0272 (2013.01) [G06Q 20/382 (2013.01); H04L 2463/102 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A server comprising:
a memory that stores cloud infrastructure definitions, the cloud infrastructure definitions including a plurality of microservices and security groups that define communication between each of the plurality of microservices;
and an electronic processor communicatively connected to the memory, the electronic processor configured to:
deploy an initial instance of a first virtual private cloud including a first portion of the plurality of microservices and all of the security groups, the first portion excluding PCI-compliant microservices and including less than all of the plurality of microservices, and a first portion of the all of the security groups included in the first virtual private cloud are first empty security groups that do not include ingress or egress rules;
deploy an initial instance of a second virtual private cloud including a second portion of the plurality of microservices and the all of the security groups, the second portion including PCI-compliant applications with production data and less than the all of the plurality of microservices, and a second portion of the all of the security groups included in the second virtual private cloud are second empty security groups that do not include ingress or egress rules;
and deploy an initial instance of a third virtual private cloud including a third portion of the plurality of microservices and the all of the security groups, the third portion including PCI-compliant applications with test data and less than the all of the plurality of microservices, and wherein a third portion of the all of the security groups included in the third virtual private cloud are third empty security groups that do not include ingress or egress rules, wherein the second empty security groups and the third empty security groups are different from the first empty security groups and wherein upon deployment, each microservices of the plurality of microservices will add in appropriate ingress and egress rules and two microservices of the plurality of microservices must match their ingress and egress rules in order to communicate with each other.