Photo by Mark König on Unsplash

Note: This is part 3 of a three-part article series on Event-Driven Architecture implementation methods. Following are the previous articles on this series: Part 1, Part 2

Organizations can generate a large number of events during business operations such as reception of sales orders, complaints filed by customers, notifications of inventory levels, temperature readings from warehouses, etc. Multiple processing steps need to be executed in order make these events useful and integrate those with existing business systems as we have discussed in previous articles [1][2].

Once we process and extract useful information out of event streams, we need to make…


We have discussed a generic architecture for event-driven systems and some use cases of integrating business systems in to the event-driven architecture (EDA) in previous posts [1], [2]. In this article, we are considering event streams and how we can capture, filter, summarize and integrate various event streams into event-driven systems.

When handling event streams, it is necessary to receive, process and output continuous flows of data items (or events). These events may occur at very high rates and it may be necessary to provide outputs with very low latency (e.g. generating alerts if an unusual behavior is detected). Therefore…


Use cases and methods for integrating business systems with events backbone

We discussed about a generic architecture for event-driven architecture (EDA) based systems in a previous post. In this article, we will be exploring implementation approaches for such event-driven systems by focusing on specific products and their interactions.

Figure 1 depicts a generic architecture of an EDA based system (details about this were discussed here). Here, we will narrow down to few interesting sections of this architecture (highlighted in the diagram below) and explore possible implementation methods.

Figure 1: Generic architecture for an EDA based system highlighting the section focused in this article

Focus of this article is mainly on the events backbone, specifically on its interactions with the rest of the system. …


In the first part of this article series, we discussed about some concepts of geographically distributed applications and ways of building such multi-regional application with an API layer. Main focus of the architecture discussed in part 1 is to support API traffic in all regions (i.e. active-active deployment).

In this article, we are discussing about extending that architecture to support failover regions. In order to support failover, one or more sub regions should contain all components of the deployment. Figure 1 shows such failover deployment with a main region (region 1) and one sub region (region 2).

Note that as…


Any business organisation that is planning to expand its operations across multiple counties have to consider some key technology aspects:

  • Latency in serving customers in different countries
  • Minimizing the effect on other regions when a regional IT systems fail
  • Data privacy laws in different countries and regions
  • Ability to offer country/region specific services

Main approach for addressing above concerns is to deploy IT systems in (or closer to) most of the operating countries, which results in a multi-regional architecture.

Generic multi-region architecture

In such architecture, usually one region acts as the main active data center, hosting all components of the IT system. Then…


We have to consider a wide range of use cases in digital transformation projects. Some of these use cases are short-term interactions such as a user or a system invoking a service and expecting an immediate response. An example would be to getting the list of products under a certain category in a shopping portal. However, there can be a significant number of use cases that require more complex interactions with multiple systems as we discuss below.

A customer placing an order in a shopping portal

Multiple internal and external systems as well as shopping company’s staff could be involved in this process. Each of involved entity must receive…


Organizations undertake digital transformation initiatives to utilize technology as much as possible to support business operations. Therefore, many applications have to be developed for various business operations carried out by an organization such as inventory management, procurement operations, supplier management, payroll handing, advertising / sales campaigns, building space management and vehicle fleet management.

State of a typical organization

Even before a digital transformation project, organizations use many IT systems. These can be commercial systems, which may be deployed on-premise data centers, on cloud VMs (e.g. AWS, Azure, etc) or consumed as SaaS systems (e.g. Salesforce, NetSuite, etc). Further, an organization may have some custom developed…


Ballerina is a JVM based programming language targeted for developing integrations. Therefore, it provides built-in support for communicating over many protocols and handling many data types as first-class constructs. In addition, there are a large number of connectors and modules available in Ballerina Central to simplify the integration and data processing tasks. This makes it suitable for developing ETL flows as an alternative to using ETL tools as we discuss in this article.

ETL is the process of gathering data from various sources, performing required data cleansing, transformation, mapping, enriching, etc operations and loading those to target data stores. …


APIs are the entry point for accessing an organization’s functions and data. However, exposing an API to unintended parties can cause considerable damages to organization’s digital assets and could result in leakage of sensitive information. Therefore, security aspects related to APIs are a main concern when implementing a digital transformation project.

We have considered authentication problems of APIs in a previous article, which is also related to API security. This article looks at other important factors related to API security and possible methods of implementing those.

Access control in API invocations

First, let’s consider access control in APIs, which ensures that only intended parties can…


APIs are becoming the main interface for interacting with many things, from enterprise services, public services offered over the internet to physical devices. As there can be a large number of APIs deployed within an organization and there can many consumers for those APIs, properly authenticating all parties involved in API-based interactions is a major step of API security. This article looks at different authentication scenarios related to APIs and possible implementation approaches.

Figure 1: High level view of an API deployment

First, let’s look at main entities involved in a simple API deployment (Figure 1). We have a set of services that need to be exposed as APIs…

Chathura Ekanayake

PhD, Software Architect, Academic, Works @ WSO2

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store