EZ Cloud: Accounts Payable Automation Software Deployment on Oracle Cloud
To help satisfy the $4 billion demand for accounts payable (A/P) automation software, EZ Cloud has developed a cloud-native A/P application that runs on Oracle Cloud Infrastructure.
With its built-in dashboards, routing rules, compliance policies, and on demand reporting capabilities, companies can use the EZ Cloud platform to reduce delayed payments, satisfy regulatory requirements, and eliminate fraudulent transactions.
Founded in 2018, EZ Cloud's AI-powered A/P platform easily integrates into Oracle ERP applications, helping companies capture, authorize, and pay invoices up to 80% faster than on-premises A/P applications. Although the EZ Cloud platform is already integrated into Oracle Enterprise Resource Planning Cloud (ERP) and Oracle E-Business Suite applications, the company is currently developing integrations into Oracle NetSuite, Oracle JD Edwards EnterpriseOne, and Oracle PeopleSoft.
Today, companies use the EZ Cloud web and mobile applications to:
- Capture invoices: Suppliers for EZ Cloud's customers can upload, submit, and access invoices through the EZ Cloud web and mobile applications. By using a supplier portal, EZ Cloud users can also capture invoices through emails, uploads, or scans. With EZ Cloud's platform, users prevent duplicate invoices, get multi-language and multi-currency support, and have automated PO matching.
- Authorize users: Users can assign single or multiple approvers for invoice processing, set approval thresholds, approve invoices, create priority payment approvals, use audit trail features, and view progress using an integrated dashboard.
- Collect payments: Because EZ Cloud is a systems-agnostic platform, the company gives all of its customers the full breadth of features, regardless of what enterprise resource planning (ERP) system they're using, without any overhead or payment delays.
Architecture
This function also calls the AWS Textract service to extract the invoice data from an AWS S3 bucket, and then sends it to Oracle Cloud Infrastructure Object Storage. Invoices captured by the EZ Cloud platform are then permanently stored in an Oracle Content Management repository.
Using Oracle Integration, EZ Cloud links the invoice images that are stored in Oracle Content Management to the customer's enterprise resource planning (ERP) system. After the invoice image has been received and validated, a link appears within the backend ERP system, allowing users to select the approved invoice image. Users can also view the data that's been extracted from the image. The front end web application is containerized and orchestrated by using Oracle Container Engine for Kubernetes (OKE).
Initially, the EZ Cloud platform ran in 10 different virtual machines (VMs), supporting 10 simultaneous users. Today, the company runs its platform using an Oracle Autonomous Database. This serverless environment now supports 50 simultaneous users, can easily scale out on demand, and do it all for a fraction of the cost of running on VMs.
EZ Cloud leverages the followingOracle Cloud Infrastructure (OCI) features to enable ongoing growth:
- Cloud-native development with OCI Managed Services such as OKE, Oracle Autonomous Database, Oracle Cloud Infrastructure Registry, Oracle Content Management, Oracle Cloud Infrastructure Document Understanding, Oracle Functions and Events, and Oracle Integration
- Scaling and performance with autoscaling and high availability of the OCI Managed Services
- Native integration with Oracle ERP and SaaS applications
While the majority of services and resources that EZ Cloud consumes currently run on Oracle Cloud Infrastructure (OCI), there are a few services running on AWS. Over the next few months, EZ Cloud will transition 100% of its workloads to OCI. Among the changes EZ Cloud plans to make in its "future state" architecture include moving its email capture service from AWS to Oracle Content Management and switching from AWS Textract to Oracle Cloud Infrastructure Document Understanding for extracting invoice data.
The following diagram illustrates the current implementation of this reference architecture.
The following diagram illustrates the near-future implementation of this reference architecture.
ez-cloud-oci-phase2-oracle.zip
The architecture has the following components:
- Region
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Identity and Access Management (IAM)
Oracle Cloud Infrastructure Identity and Access Management (IAM) is the access control plane for Oracle Cloud Infrastructure (OCI) and Oracle Cloud Applications. The IAM API and the user interface enable you to manage identity domains and the resources within the identity domain. Each OCI IAM identity domain represents a standalone identity and access management solution or a different user population.
- Policy
An Oracle Cloud Infrastructure Identity and Access Management policy specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy.
- Monitoring
Oracle Cloud Infrastructure Monitoring service actively and passively monitors your cloud resources using metrics to monitor resources and alarms to notify you when these metrics meet alarm-specified triggers.
- Availability domain
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Fault domain
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
- Compartment
Compartments are cross-region logical partitions within an Oracle Cloud Infrastructure tenancy. Use compartments to organize your resources in Oracle Cloud, control access to the resources, and set usage quotas. To control access to the resources in a given compartment, you define policies that specify who can access the resources and what actions they can perform.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
- Route table
Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
- Internet gateway
The internet gateway allows traffic between the public subnets in a VCN and the public internet.
- Dynamic routing gateway (DRG)
The DRG is a virtual router that provides a path for private network traffic between VCNs in the same region, between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.
- Service gateway
The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.
- Local peering gateway (LPG)
An LPG enables you to peer one VCN with another VCN in the same region. Peering means the VCNs communicate using private IP addresses, without the traffic traversing the internet or routing through your on-premises network.
- Load balancer
The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.
- Container Engine for Kubernetes
Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing tenancy. Container Engine for Kubernetes uses Kubernetes to automate the deployment, scaling, and management of containerized applications across clusters of hosts.
- Compute
The Oracle Cloud Infrastructure Compute service enables you to provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
- Autonomous Data
Warehouse
Oracle Autonomous Data Warehouse is a self-driving, self-securing, self-repairing database service that is optimized for data warehousing workloads. You do not need to configure or manage any hardware, or install any software. Oracle Cloud Infrastructure handles creating the database, as well as backing up, patching, upgrading, and tuning the database.
- Bastion host
The bastion host is a compute instance that serves as a secure, controlled entry point to the topology from outside the cloud. The bastion host is provisioned typically in a demilitarized zone (DMZ). It enables you to protect sensitive resources by placing them in private networks that can't be accessed directly from outside the cloud. The topology has a single, known entry point that you can monitor and audit regularly. So, you can avoid exposing the more sensitive components of the topology without compromising access to them.
- Integration
Oracle Integration is a fully managed service that allows you to integrate your applications, automate processes, gain insight into your business processes, and create visual applications.
- Object storage
Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.
- Registry
Oracle Cloud Infrastructure Registry is an Oracle-managed registry that enables you to simplify your development-to-production workflow. Registry makes it easy for you to store, share, and manage development artifacts, like Docker images. The highly available and scalable architecture of Oracle Cloud Infrastructure ensures that you can deploy and manage your applications reliably.
- Events
Oracle Cloud Infrastructure services emit events, which are structured messages that describe the changes in resources. Events are emitted for create, read, update, or delete (CRUD) operations, resource lifecycle state changes, and system events that affect cloud resources.
- Functions
Oracle Functions is a fully managed, multitenant, highly scalable, on-demand, Functions-as-a-Service (FaaS) platform. It is powered by the Fn Project open source engine. Functions enable you to deploy your code, and either call it directly or trigger it in response to events. Oracle Functions uses Docker containers hosted in Oracle Cloud Infrastructure Registry.
- Content Management
Oracle Content Management is a cloud-based content hub to drive omnichannel content management and accelerate experience delivery. It offers powerful collaboration and workflow management capabilities to streamline the creation and delivery of content and to improve customer and employee engagement.
- Document Analysis
Oracle Cloud Infrastructure Document Understanding is an AI service for performing deep-learning–based document analysis at scale. With prebuilt models available out of the box, developers can easily build intelligent document processing into their applications without machine learning (ML) expertise.
Get Featured in Built and Deployed
Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.
- Download the template (PPTX)
Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.
- Watch the architecture tutorial
Get step by step instructions on how to create a reference architecture.
- Submit your diagram
Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.