βββ βββ ββββββ βββββββββββββββββ ββββββ βββββββ ββββββ ββββ ββββββ βββ
βββ ββββββββββββββββββββββββββββββββββββ βββββββββββββββββββββ ββββββ ββββ
βββ βββββββββββββββββββ βββ ββββββββ ββββββββββββββββββββββ ββββββββββ
ββββ ββββββββββββββββββββ βββ ββββββββ βββββββββββββββββββββββββββββββββ
βββββββ βββ βββββββββββ βββ βββ βββ βββββββββββ ββββββ βββββββββ βββ
βββββ βββ βββββββββββ βββ βββ βββ βββββββ βββ ββββββ ββββββββ βββ
Microservices Β· Event-Driven Β· Cloud-Native Β· Production-Ready
- Project Overview
- Why VASTA Bank Stands Out
- System Architecture
- Backend Microservices
- Security Model
- Frontend
- Monitoring & Observability
- DevOps & Deployment
- Kubernetes (K8s)
- Tech Stack
- Quick Start
- Service Access URLs
- What This Project Proves
VASTA Bank is a real-world, production-inspired enterprise banking platform β not a CRUD demo.
It simulates how modern FinTech companies architect digital banking systems at scale: distributed microservices with clearly defined boundaries, event-driven communication via Kafka, bank-grade JWT security, payment gateway integration, real-time monitoring, and full Kubernetes orchestration.
Built to demonstrate mastery of backend engineering, distributed systems, DevOps, and cloud-native architecture β all in a single cohesive project.
| Capability | Implementation |
|---|---|
| π Bank-Grade Security | JWT RS256 + RBAC + Redis token management + BCrypt |
| β‘ Real-Time Event Streaming | Apache Kafka for transactions, notifications, auditing |
| π³ Live Payment Gateway | Razorpay integration for real money flow |
| 𧩠True Microservices | 9 independently deployable services |
| π Service Discovery | Netflix Eureka + Feign Clients |
| π Full Observability | Prometheus + Grafana dashboards |
| π³ One-Command Startup | Docker Compose β everything up instantly |
| βΈοΈ Kubernetes Ready | HPA auto-scaling, rolling deployments, health probes |
| β‘ High Performance | Redis caching for low-latency reads |
| π§ͺ Production Reliability | DB transactions, pessimistic locking, Kafka DLQ |
ββββββββββββββββββββββββββββββββββββββββββββββββ
β CLIENT LAYER β
β React + Vite Frontend (SPA) β
β Customer Portal Β· Admin Dashboard β
βββββββββββββββββββββββββ¬βββββββββββββββββββββββ
β HTTPS
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β API GATEWAY (8080) β
β JWT Validation Β· Rate Limiting Β· Routing Β· API Security Β· Logging β
βββββββββ¬βββββββββ¬βββββββββ¬βββββββββ¬βββββββββ¬βββββββββ¬βββββββββ¬ββββββββ
β β β β β β β
ββββββββββββββββββββββΌβ βββββββΌβββββ βββΌββββββββ ββΌβββββββ ββΌβββββββ ββΌβββββββ ββΌβββββββββ
β Auth Service β βUser Serv.β βAccount β βTxn β βLoan β βPaymentβ βNotif β
β (8081) β β (8082) β βService β βServiceβ βServiceβ βServiceβ βService β
β JWT Β· OAuth2 Β· RBAC β βProfiles β β(8083) β β(8084) β β(8086) β β(8087) β β(8085) β
βββββββββββββββ¬ββββββββ ββββββ¬ββββββ ββββββ¬ββββββ ββββ¬βββββ ββββ¬βββββ ββββ¬βββββ ββββ¬ββββββ
β β β β β β β
ββββββββββββββββββββΌββββββ ββββββββΌββββββ ββββββΌββββββ ββββΌβββββββ ββΌβββββββββ ββΌβββββββββ ββΌβββββββββ
β KYC Service β β Fraud Det. β β Admin β β Audit β β Report β β Config β β Search β
β Identity Verification β β Risk Check β β Service β β Service β β Service β β Service β β Service β
β Document Validation β β ML Rules β β Controls β β Logs β β BI Data β β Feature β β Global β
β Aadhaar / PAN APIs β β AML Check β β Roles β β History β β Export β β Flags β β Search β
βββββββββββββββ¬βββββββββββ ββββββββ¬ββββββ ββββββ¬ββββββ ββββ¬βββββββ ββββ¬βββββββ ββββ¬βββββββ ββββ¬βββββββ
β β β β β β β
βββββββββββββββββββββ΄βββββββββββββ΄ββββββββββββ΄ββββββββββββ΄ββββββββββββ΄ββββββββββββ
β
βββββββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββ
β KAFKA EVENT BUS β
β account.events Β· transaction.events Β· loan.events β
β payment.events Β· notification.events Β· audit.events β
β fraud.events Β· kyc.events β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββββββββββββΌββββββββββββββββββββββββββββ
β β β
βββββββββΌβββββββββ βββββββββΌβββββββββ βββββββββΌβββββββββ
β MySQL Cluster β β Redis Cluster β β Elasticsearch β
β Transactions β β Cache Β· Tokens β β Logs Β· Search β
β Accounts β β Rate Limits β β Audit Queries β
ββββββββββββββββββ ββββββββββββββββββ ββββββββββββββββββ
β
βββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Service Discovery & Infrastructure Layer β
β β
β Eureka Server Β· Config Server Β· Distributed Tracing (Zipkin/Jaeger) β
β Centralized Logging (ELK Stack) Β· Circuit Breaker (Resilience4j) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Observability & DevOps Layer β
β β
β Prometheus Β· Grafana Β· Alertmanager Β· Loki β
β Kubernetes HPA Β· CI/CD (GitHub Actions / ArgoCD) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Each service is independently deployable, owns its own database schema, and communicates asynchronously via Kafka and synchronously via Feign Clients where needed.
| Service | Port | Responsibility |
|---|---|---|
| API Gateway | 8080 |
Single entry point β JWT validation, rate limiting, intelligent routing |
| Auth Service | 8081 |
Login, registration, JWT RS256 issuance, refresh token lifecycle |
| User Service | 8082 |
User profiles, KYC management, account linking |
| Account Service | 8083 |
Bank account creation, balance management, account types |
| Transaction Service | 8084 |
Fund transfers, transaction validation, history & ledger |
| Notification Service | 8085 |
Email, SMS, in-app alerts triggered by Kafka events |
| Loan Service | 8086 |
Loan applications, EMI calculations, repayment lifecycle |
| Kyc Service | 8087 |
Identity verification, document upload (PAN/Aadhaar), KYC approval workflow |
| Admin Service | 8088 |
Admin dashboard, user management, system-wide oversight |
| Payment Service | 8089 |
Razorpay integration β money top-up, payment verification |
| Eureka Server | 8761 |
Service discovery & health registry for all microservices |
VASTA Bank implements bank-grade, multi-layered security throughout the entire stack.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SECURITY LAYERS β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 1. JWT RS256 Asymmetric signing (private/public) β
β 2. RBAC ADMIN / MANAGER / USER roles β
β 3. Redis Token Store Stateless sessions with revocation β
β 4. BCrypt Hashing Salted password storage β
β 5. OTP Verification High-value transaction approval β
β 6. Rate Limiting API Gateway β per-IP request limits β
β 7. IP Tracking Suspicious access detection β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Why RS256? Unlike HS256 (symmetric), RS256 uses a private key to sign and a public key to verify β meaning only the Auth Service can issue tokens, while all other services can validate them without knowing the secret. True zero-trust design.
Stack: React Β· Vite Β· Tailwind CSS Β· Axios Β· JWT Auth Flow
Features:
- π JWT-based authentication with token refresh
- π€ Role-based UI β Admin sees different panels than Users
- πΈ Real-time fund transfer with OTP confirmation
- π Transaction history with filtering & pagination
- π¦ Loan application wizard with EMI preview
- π³ Razorpay payment modal for account top-up
- π± Fully responsive across all screen sizes
Full observability stack for understanding system health in real time.
| Tool | Purpose |
|---|---|
| Prometheus | Scrapes metrics from Spring Boot Actuator endpoints |
| Grafana | Dashboards for visualization and alerting |
| Spring Actuator | Exposes /actuator/metrics, /health, /info |
The entire platform runs with a single command:
# Clone the repository
git clone https://github.com/Akash-Adak/VASTA-Bank.git
cd VASTA-Bank
# Start all services
docker-compose up -d
# Stop all services
docker-compose downServices started automatically:
- All 11 microservices
- MySQL (with schema auto-init)
- Redis
- Apache Kafka + Zookeeper
- Prometheus + Grafana
- Eureka Server
β³ First startup may take 3β5 minutes as images are pulled and services initialize.
VASTA Bank is fully Kubernetes-ready for production-grade deployment.
K8s Features:
- βΈοΈ HPA (Horizontal Pod Autoscaler) β services auto-scale under load
- π Rolling Deployments β zero-downtime updates
- π₯ Liveness & Readiness Probes β automatic restart of unhealthy pods
- π Secrets management β credentials never in plain config
- π‘ Service mesh ready β clean service-to-service communication
- π Prometheus + Grafana deployed in-cluster for full observability
# Deploy to Kubernetes
kubectl apply -f k8s/
# Check status
kubectl get pods -n vasta-bank
# Scale a service manually
kubectl scale deployment transaction-service --replicas=3 -n vasta-bank| Technology | Version | Usage |
|---|---|---|
| Java | 17 | Core language |
| Spring Boot | 3.x | Microservice framework |
| Spring Security | 6.x | Auth & RBAC |
| Spring Cloud Gateway | Latest | API Gateway |
| Spring Cloud Eureka | Latest | Service Discovery |
| Spring Cloud OpenFeign | Latest | Sync inter-service calls |
| Apache Kafka | Latest | Event streaming |
| MySQL | 8.x | Primary database |
| Redis | 7.x | Caching & token store |
| Razorpay Java SDK | Latest | Payment gateway |
| Technology | Usage |
|---|---|
| React | UI framework |
| Vite | Build tool & dev server |
| Tailwind CSS | Utility-first styling |
| Axios | HTTP client |
| React Router | Client-side routing |
| Context API | Global state management |
| Technology | Usage |
|---|---|
| Docker | Service containerization |
| Docker Compose | Local orchestration |
| Kubernetes | Production orchestration |
| Helm (optional) | K8s package management |
| Prometheus | Metrics collection |
| Grafana | Visualization & alerting |
| Spring Boot Actuator | Metrics endpoint exposure |
β
Docker & Docker Compose
β
Git
β
(Optional) kubectl + K8s cluster for K8s deployment
git clone https://github.com/Akash-Adak/VASTA-Bank.git
cd VASTA-Bank
docker-compose up -d# Apply all manifests
kubectl apply -f k8s/
# Watch pods come up
kubectl get pods -n vasta-bank --watch| Service | URL | Description |
|---|---|---|
| Frontend | http://localhost:9090 | React + Vite app |
| API Gateway | http://localhost:8080 | Single entry point |
| Auth Service | http://localhost:8081 | Auth endpoints |
| User Service | http://localhost:8082 | User/KYC endpoints |
| Account Service | http://localhost:8083 | Account management |
| Transaction Service | http://localhost:8084 | Fund transfers |
| Notification Service | http://localhost:8085 | Alert management |
| Loan Service | http://localhost:8086 | Loan lifecycle |
| Kyc Service | http://localhost:8087 | Kyc lifecycle |
| Admin Service | http://localhost:8088 | Admin dashboard |
| Payment Service | http://localhost:8089 | Razorpay integration |
| Eureka Dashboard | http://localhost:8761 | Service registry |
| Grafana | http://localhost:3000 | Monitoring dashboards |
| Prometheus | http://localhost:9090 | Metrics explorer |
| Skill Domain | Demonstrated By |
|---|---|
| Backend Engineering | 9 Spring Boot microservices with clean service boundaries |
| Distributed Systems | Kafka, Eureka, Feign, Redis across services |
| Security | RS256 JWT, RBAC, Redis sessions, OTP, BCrypt |
| Payment Systems | Real Razorpay integration with signature verification |
| Event-Driven Design | Kafka producers/consumers with DLQ and retry |
| DevOps | Docker, Docker Compose, full K8s manifests with HPA |
| Observability | Prometheus metrics + Grafana dashboards |
| Frontend | React + Vite + Tailwind with role-based UI |
| System Design | End-to-end ownership β infra, backend, frontend |
Contributions, suggestions, and reviews are welcome.
If you are an interviewer, reviewer, or recruiter β feel free to explore the codebase deeply. Every architectural decision is intentional and documented.
# Raise an issue
https://github.com/Akash-Adak/VASTA-Bank/issues
# Submit a PR
Fork β Branch β Commit β Pull RequestMIT License β free to use, modify, and distribute with attribution.
Built with precision. Designed for scale. Ready for production.
VASTA Bank β Enterprise Digital Banking, End to End.