Empowering Enterprises with Generative AI, Data, and Cloud Intelligence.
November 30,2025

Dasa Holidays AWS Cloud Infrastructure

Building a Scalable, Secure Cloud Foundation for a Growing Travel Business

 

Client Overview

 

Dasa Holidays is a rapidly growing travel and hospitality company based in India, operating a hotel booking platform powered by QloApps along with a customer relationship management system built on SuiteCRM. As the organization expanded and experienced increasing demand, it required a production-ready AWS infrastructure capable of delivering high reliability, seamless scalability during peak booking seasons, and strong security to protect customer data and business operations.

 

The Challenge

 

Dasa Holidays needed a robust cloud infrastructure to support their digital transformation. Key requirements included:

  • High Availability – Zero downtime for booking platform
  • Security – Protection against web attacks and data breaches
  • Scalability – Ability to handle peak booking seasons
  • Cost Efficiency – Optimized infrastructure within budget
  • Compliance – Audit logging and security best practices

Key Requirements

  • Support for QloApps (hotel booking platform)
  • Support for SuiteCRM (customer relationship management)
  • Multi-tier architecture with proper network isolation
  • Database with automatic failover capability
  • Web application firewall for security
  • Comprehensive logging and monitoring

Our Solution

 

Calyza Tech LLP designed and deployed a comprehensive AWS infrastructure following AWS Well-Architected Framework principles.

 

Architecture Highlights

 

Multi-Tier Architecture

  • Public tier for Application Load Balancer
  • Private tier for application servers (isolated from internet)
  • Private tier for database (maximum security)

High Availability

  • Resources distributed across 2 Availability Zones (ap-south-1a and ap-south-1b)
  • RDS MySQL with Multi-AZ deployment for automatic failover
  • Application Load Balancer distributing traffic across multiple servers

Security-First Approach

  • All EC2 instances deployed in private subnets (no direct internet access)
  • AWS WAF protecting against OWASP Top 10 vulnerabilities
  • CloudTrail audit logging enabled
  • VPC Flow Logs for network monitoring
  • Encrypted storage (EBS, RDS, S3)

Infrastructure Components

 

Network Layer

  • VPC (10.0.0.0/16)
  • 6 Subnets (2 public, 2 private app, 2 private database)
  • 1 NAT Gateway
  • Application Load Balancer

Compute Layer

  • 2 Backend Servers – r6i.2xlarge (8 vCPU, 64 GB RAM)
  • 4 Frontend Servers – m6i.xlarge (4 vCPU, 16 GB RAM)
  • Ubuntu 24 LTS
  • Nginx, PHP 8.1, Composer
  • Encrypted EBS storage

Database Layer

  • RDS MySQL 8.0 (db.m5.4xlarge)
  • Multi-AZ Deployment
  • Automated daily backups (7-day retention)
  • Performance Insights enabled
  • Enhanced Monitoring

Storage Layer

4 S3 Buckets:

  • QloApps Media Assets
  • CRM Attachments
  • Backups
  • Centralized Logs

Technical Highlights

 

Zero-Trust Network Architecture

 

All application servers are deployed in private subnets with no direct internet access. The Application Load Balancer acts as the single secure entry point.

 

Defense-in-Depth Security

  • Network isolation (VPC, Subnets, Security Groups)
  • AWS WAF protection
  • Data encryption at rest and in transit
  • Complete audit logging (CloudTrail, VPC Flow Logs)
  • Secure access via IAM roles and Systems Manager

High Availability Design

  • Multi-AZ architecture
  • RDS automatic failover
  • Load balancer health checks
  • Redundant application servers

Cost Optimization

  • Right-sized instances
  • Single NAT Gateway
  • S3 lifecycle policies
  • Reserved Instance recommendations provided

Technologies Used

 

AWS Services

  • EC2
  • Application Load Balancer
  • RDS MySQL (Multi-AZ)
  • S3
  • VPC
  • NAT Gateway
  • AWS WAF
  • IAM
  • CloudWatch
  • CloudTrail
  • Systems Manager

Software Stack

  • Ubuntu 24 LTS
  • Nginx
  • PHP 8.1
  • MySQL 8.0

Why This Solution Works

 

1. Aligned with AWS Best Practices

  • Well-Architected Framework principles
  • Security by design
  • High availability architecture
  • Cost optimization strategy

2. Future-Ready Design

  • Horizontal scalability (add servers)
  • Vertical scalability (upgrade instance types)
  • Ready for auto-scaling
  • CDN (CloudFront) ready

3. Operational Simplicity

  • Easy to manage
  • Standard AWS services
  • No vendor lock-in

Architecture Diagram

 

Ready to Transform Your Infrastructure?

 

Whether you’re migrating to AWS, scaling your platform, or building a production-ready environment, 

Calyza Tech LLP can help you design secure, scalable, and cost-efficient cloud infrastructure.

 

Leave A Comment

Up