One-Click Multi-Country Contact Center

Discover the journey from a proof of concept to the creation of a multi-country contact center solution. This innovative project showcases how strategic planning and meticulous execution can transform ideas into reality. Seamlessly integrating technology and expertise, the result is a scalable and efficient contact center model spanning multiple countries. From initial concept to operational success, each step demonstrates the power of innovation and adaptability in meeting diverse country needs. Explore how this groundbreaking approach revolutionizes customer engagement and fosters growth across international borders.

Board the rocket with us and start exploring the universe of the cloud contact center!🚀

The journey to advanced contact center

THE BIRTH OF BASE CONTACT CENTER

Once upon a time, in a faraway land filled with wonder, there existed a company, yearning to transform its legacy contact center into something extraordinary. They dreamed of a solution that could not only diminish their expenses but also elevate their productivity to wondrous heights.

Unfortunately, not living in a fantasy poem, they had to face reality and started looking for a concrete solution. As developers we had the possibility to engage the client with a proof of concept run with the help of AWS services, and its main contact center service: Amazon Connect.

Main AWS services for a basic contact center solution

Amazon Connect is a user-friendly omni-channel cloud contact center designed to enhance customer service while reducing costs. It offers seamless integration across voice and chat channels, streamlined tools for skills-based routing, task management, and real-time analytics, all with flexible pay-as-you-go pricing. Setting up a contact center takes minutes and can scale to accommodate millions of customers.

Key benefits include rapid implementation, allowing for quick adjustments without lengthy development cycles. The platform offers significant cost savings, up to 80% compared to traditional solutions, with no minimum fees or long-term commitments. Its scalability enables easy adjustment to fluctuating demand, supporting tens of thousands of agents with a secure and reliable infrastructure accessible globally.

In summary, Amazon Connect offers a straightforward solution for organizations seeking efficient, cost-effective, and secure omni-channel contact center capabilities. Its simplicity in setup and management, coupled with its scalability and adherence to security best practices, make it a compelling option for businesses of all sizes looking to enhance their customer service operations.

As part of a base contact center solution, many AWS services can be easily integrated with Amazon Connect:

• AWS Lambda to execute custom code in response to events within the contact center. For example, Lambda functions can be triggered to perform tasks such as data validation, customer authentication, or back-end system integration.
• Amazon DynamoDB to store and retrieve customer data, interaction history, and session information. DynamoDB offers low-latency performance and scalability, making it suitable for real-time data access in Amazon Connect deployments.
• Amazon Kinesis Data Stream to ingest, process, and analyze streaming data from Amazon Connect. By integrating Kinesis Data Streams, organizations can capture and analyze real-time contact center metrics, enabling insights into customer interactions and operational performance.
• Amazon S3 as a storage solution for various purposes such as storing call recordings, chat transcripts, and other media files generated during customer interactions. S3 provides durable, scalable, and cost-effective object storage for Amazon Connect deployments.
• Amazon API Gateway to facilitate the integration of AWS Lambda functions with external Customer Relationship Management (CRM) systems in Amazon Connect environments. By defining RESTful APIs with API Gateway, Lambda functions can seamlessly interact with external CRM endpoints to retrieve or update customer information, enabling personalized and efficient customer interactions.

ASSET CREATION AND REPLICATION

In a realm stretching far beyond its borders, the land found itself expanding beyond measure. Thus, it resolved to evolve into the distant, even more vast domain known as the far, far, faraway land. In tandem, it sought swift and robust methods to augment its territory with utmost efficiency.

With the consolidation of the project, the customer began to appreciate the world of the cloud more and more, driven by the desire to improve a contact center that was seeing its numbers grow month after month. This natural progression led to a multi-country necessity, reproducing what had already been done and making it adaptable according to the needs of different countries.

The main challenge was to obtain an asset from the infrastructure already deployed on the cloud and create a framework via pipelines capable of reproducing this infrastructure and making it custom according to customer requests.

Requirements

The objective was to establish an environment ready to host various features, each equipped with standard functionalities and manageable through the associated repository. Custom configurations entailed the flexibility to select and release features across countries independently.

Asset versioning through features

Features

Starting from the foundations, a Basic feature allows to easily deploy a ready-to-use contact center with basic voice functionality to which custom features, developed following customer requests, can be added gradually.

Each feature groups AWS resources into a single entity. Consequently, the individual resource is seamlessly integrated only into the compact infrastructure and cannot be modified in any way.

The framework is designed to be country-agnostic, acting as a versatile “plug-in” structure. Features can be associated and configured for individual countries without altering their fundamental behavior.

Repositories

The features are centralized in a repository, where they are maintained and new versions are developed. Within the repository, there are two code components: IaC code for deploying the cloud infrastructure and the application code for the Lambdas functions. These two packages generate two components:

• Docker Images: these images are mounted on Lambdas and retrieve the relevant application code from the repository.
• Infrastructure Code: the features are centralized in an S3 bucket, where their versioning is managed.

Common libraries & modules

A repository of shared libraries supports the features, containing both IaC and application libraries. AWS Elastic Container Registry is used to store private common libraries, which include reusable code fragments for Lambda functions. A dedicated pipeline is allocated for this service, catering to various needs such as standard database accesses, query execution methods, and construction of each lambda code snippet.

Organizing common libraries that work with the cloud provider’s API, in this case AWS, also allows to speed up code version update phases, being able to intervene in a single repository to manage delicate moments such as upgrades of deprecated libraries.

Similarly, the repository also hosts Common IaC modules, containing basic infrastructure code utilized among the features: the structure of this architecture follows a hierarchical organization similar to the Construct levels (L1, L2 and L3) within the AWS Cloud Development Kit (CDK). This approach not only aligns with best practices but also enhances the scalability, reusability, and maintainability of our infrastructure codebase.

Moreover, it’s important to note that the features themselves are categorized as L3-level stacks representing the infrastructure’s highest level. Meanwhile, the repository contains two types of stacks:

• L2-level stacks: encompass assembled AWS resources, provide a layer of abstraction over the underlying infrastructure, simplifying configuration and management through well-defined APIs.
• L1-level stacks: implement individual AWS resources, serving as the basic building blocks of the infrastructure.

This approach allows to define and deploy infrastructure resources programmatically and at scale, facilitating efficient management of the IaC and enabling automation of resource provisioning within each environment.

Countries

For each country, a dedicated repository and pipeline are established. Feature libraries from the Standard Modules bucket are imported into the country repository, enabling the management of “pointers” to specific features and their versions according to customer requirements. From here, assets can be modeled and configured appropriately.

The process involves using standardized infrastructure code from the initial architecture phase and enhancing it with custom features tailored to the specific national requirements.

Pros & cons

When considering the advantages of the system, one notable benefit is data independence. This feature ensures that information from one country is kept separate, thereby safeguarding the integrity of data in other regions. Additionally, the versioning control framework offers a streamlined approach to managing and deploying different versions across various locations. This not only facilitates efficient testing but also allows for scalability, as specific versions can be tested in one country and then seamlessly expanded to others.

Another advantage lies in the code reusability aspect of the system: shared libraries between features enhance bug management, making it more efficient and less prone to errors.

However, amidst these benefits, there is a notable drawback: the system presents difficulty in diverging, as the behavior of assets cannot be easily modified or customized for specific countries. This limitation restricts flexibility, leaving only two degrees of freedom on the assets: versioning capability and country configurability.

SINGLE SIGN-ON DEVELOPMENT

As the kingdom expanded with each passing day, the owners found themselves pondering a way to manage the influx into the realm. Seeking wisdom, they consulted the greatest theorists, whose counsel ultimately led to the decision of fortifying the realm’s defenses.

Following increasingly important security requests, we were asked to integrate Single Sign-On (SSO) on the Amazon Connect instance to allow safer access to contact center employees.

The inclusion of Single Sign-On provides the possibility of accessing Amazon Connect via the SAML protocol. Because the integration between the Identity provider and Connect is not possible as AWS does not allow multiple SAML providers, a custom integration with Keycloak has been introduced.

By adding Keycloak in a container as an intermediate proxy, it was possible to integrate Identity provider and Amazon Connect to log in via SSO on the cloud contact center instance.

Keycloak

Keycloak is an open-source Identity and Access Management (IAM) platform that provides advanced security features for applications and services. Some key features include:

• Authentication and Authorization: offers robust mechanisms for user authentication, allowing secure access to applications. It also manages authorization and access control, defining who has access to which resources.
• Single Sign-On (SSO): supports Single Sign-On, allowing authenticated users to access other applications automatically without re-authentication, improving user experience and simplifying credential management.
• Identity Federation: enables identity federation, allowing users to use their existing credentials (such as Google, Facebook, or LDAP accounts) to access applications supported by Keycloak.
• User and Role Management: provides an administration panel for managing users, allowing administrators to create, modify, and delete user accounts. It also offers a role assignment system to regulate access to resources.
• Integration with Applications and Services: can be integrated with various applications and services through standard protocols like OpenID Connect, OAuth 2.0, and SAML, enabling easy implementation of authentication and authorization in existing applications.

Saml

Security Assertion Markup Language is an XML-based standard used for exchanging authentication and authorization information between entities, often in Single Sign-On (SSO) scenarios. The main goal of SAML is to enable one entity (e.g., an authentication service) to communicate security information to another entity (e.g., an application or service) in a standardized and secure manner.

Key features addressed during the configuration of this solution include:

• Identity Provider (IdP): responsible for user authentication. It issues assertions containing information about the authenticated user.
• Service Provider (SP): the entity that wishes to provide services to the authenticated user. It receives and consumes assertions issued by the Identity Provider to grant access to users. In this case, Keycloak acts as both the SP for the IdP and as a proxy to ensure access to Amazon Connect.
• Single Sign-On (SSO): one of the primaries uses of SAML. After users are authenticated by an Identity Provider, they can access multiple services or applications without having to re-authenticate.
• Metadata: SAML uses a metadata system to allow IdPs and SPs to communicate their configuration details.

Workflow

Given the underlying principles and framework, the evolution of the workflow within the project culminated in the realization of this innovative solution:

1. Keycloak as Intermediary: Keycloak acts as a proxy between the Identity Provider (IdP) and Amazon Connect, handling authentication and authorization.
2. User Authentication: the user is redirected to the Client’s login page and enters LDAP credentials. Keycloak authenticates the LDAP user.
3. IdP Configuration on AWS: an IdP is configured on AWS to assume roles on Amazon Connect, returning session tokens and setting them as cookies on the HTML page via SAML 2.0 metadata.
4. Access to Amazon Connect: Keycloak logs the user into Amazon Connect using LDAP credentials.

Single Sign-On Workflow

CONCLUSION

And so, with the defenses’ fortification, peace and harmony reigned throughout the kingdom. The owners, satisfied with their decision, saw their realm prosper, and all lived happily ever after.

In conclusion, we’ve just experienced the transformative power of AWS services in redefining contact center solutions. Through strategic re-engineering, we’ve seamlessly transitioned legacy systems into dynamic, cloud-based applications tailored for corporate success. With enhanced agility and custom features, our solution facilitates seamless country expansion.

Thank you for joining us on this journey of innovation and empowerment. We trust this article has inspired you to unlock new possibilities for your business!