AWS Migration Strategy & Analysis for the Estonian Transport Administration

The Challenge: Breaking Free from Vendor Lock-in

The TEET (Tee elukaare infosüsteem) system is critical for managing data across the entire road lifecycle—from design and construction to maintenance. However, its hosting architecture posed a strategic risk to the Estonian Transport Administration (TRAM).

Core Problem:

Eliminating Vendor Lock-in and Operational Dependency on AWS. TEET was the only application within TRAM hosted on AWS. This outlier status created a significant competency gap, as maintenance required specialized AWS knowledge not needed for any other internal systems.

• Technical Dependency: The system was heavily integrated into AWS-specific services, including Datomic Cloud, DynamoDB, S3, AWS Lambdas, and automated scaling tools.
• Operational Blind Spots: TRAM didn’t have a complete overview of how these proprietary components interacted, making it difficult to assess the risks of migrating to local environments.
• Authentication Risks: The system relied on a specific technical exception for its TARA authentication module that was at risk of being discontinued, which would have rendered the entire system inoperable.
• Strategic Risk: TRAM was tethered to a high-cost environment with no clear path for relocation to Riigipilv or their private Nutanix cloud.

The Solution: A Strategic Path to Sovereignty

Wenture delivered the TEET AWS Migration Strategy & Analysis, a solution focused on decoupling application logic from cloud-specific providers by replacing proprietary AWS “Ions” and Datomic Cloud with vendor-neutral alternatives like Datomic Pro and standard REST APIs.

Key Technical Components:

1. Lambda-to-REST Transformation: A plan to convert Ion-based logic and AWS Lambda functions into independent REST endpoints, allowing the backend to run as a standalone Clojure application.
2. Database Hybrid Migration Path: A two-stage strategy proposing an immediate move to Datomic Pro (to maintain data structures outside AWS) followed by a gradual migration to PostgreSQL.
3. Frontend Refactoring: Updates to the ClojureScript Single Page Application (SPA) to redirect queries from AWS-specific triggers to standard backend services.
4. Infrastructure Substitution Map: Detailed mapping of AWS Load Balancers, S3 storage, and DynamoDB to their counterparts in Riigipilv/Nutanix (e.g., local S3 buckets or SQL-based storage).
5. Risk & Downtime Mitigation Plan: A comprehensive matrix identifying risks like data desynchronization and service downtime, with specific countermeasures for each.

Tech Stack & Integrations:

• Core Technologies: Clojure, ClojureScript, Datomic Pro, Docker.
• Target Environments: RIIGIPILV (Estonian Government Cloud) or Nutanix (TRAM Private Cloud).

Results & Impact: A Blueprint for Independence

The analysis provided TRAM with the confidence to reclaim sovereignty over their data. By standardizing the TEET environment with the rest of their application portfolio, the path was cleared to eliminate the need for specialized AWS consultants.

Key Results:

• Validated Migration Path: Identified that Datomic Pro (Apache 2.0 licensed) could serve as a free, high-compatibility bridge to exit AWS quickly.
• Precise Effort Estimations: Provided granular estimates—from 1–2 days for API updates to 30–60 days for a full SQL migration—enabling accurate budgeting for the next phase.
• Infrastructure Ready: Mapped all AWS-managed DevOps tasks (monitoring, logging, backups) to standardized local procedures.
• Operational Stability: The strategy ensures the long-term stability of the system’s authentication protocols by removing the reliance on the risky TARA exception.

Future Plans

With the Blueprint delivered, TRAM is now equipped to execute the migration. The strategy allows for a phased approach, moving first to a vendor-neutral setup on Datomic Pro before eventually transitioning fully to a standard PostgreSQL environment within the secure perimeter of Riigipilv or Nutanix.