AWS-Powered OTT Transformation: Scalable, Resilient Streaming for Hoichoi

About Customer

Hoichoi is a leading Bengali OTT platform by SVF Entertainment Pvt. Ltd., delivering a rich library of original web series, blockbuster films, music videos, and exclusive digital content. With a rapidly growing global subscriber base across India, Bangladesh, the USA, the Middle East, and other regions, the platform witnesses substantial traffic peaks during major releases and festive seasons.

To continue delivering a seamless and high-quality viewing experience at scale, Hoichoi aimed to adopt a secure, resilient, and fully automated cloud-native architecture on AWS — ensuring platform stability, operational efficiency, and future-ready growth.

Customer Challenges

Hoichoi faced several operational and architectural limitations that impacted both user experience and ability to scale during major content launches:

• Frequent Traffic Surges Impacting Performance
Hoichoi regularly experienced massive spikes during blockbuster film and series releases. The earlier environment lacked elastic autoscaling, leading to slow API responses, buffering, streaming interruptions, and reduced subscriber satisfaction.

• Limited Microservices Independence
Key microservices—authentication, subscription, catalog—were tightly coupled, preventing independent deployment and scaling. Release delays, increased rollback risk, and slower time-to-market negatively affected business agility.

• Manual and Delayed Media Supply Chain
Content onboarding relied on complex manual steps like validation, transcoding, packaging, DRM attachment, and final publishing. This increased operational overhead and delayed content availability during high-demand periods.

• Suboptimal Content Delivery for Global Audiences
International viewers outside core Indian markets frequently faced:

High latency
Reduced bitrate quality
Increased playback failures
Inefficient CDN caching contributed to inconsistent Quality of Experience (QoE) for global audiences.

• Security Posture Gaps & Operational Risk
The legacy setup lacked strong network segmentation, automated guardrails, and strict identity enforcement such as MFA. This increased vulnerabilities related to unauthorized access and digital content protection.

• Fragmented Observability & Slow RCA
Monitoring components were siloed across tools — logs, CDN traffic, traceability, database metrics, and service health weren’t unified. This slowed incident detection and root-cause analysis during critical live load events.

Our Solution Approach

To support Hoichoi’s global delivery requirements, Workmates Core2Cloud implemented a highly available, secure, and scalable microservices-driven AWS architecture.

🔹 Microservices Hosting

The application is divided into six independent microservice domains —
Identity, Core API, CMS, Analytics, Subscription, and Partner — deployed using Amazon ECS Fargate with multi-AZ replicas.
This ensures:

Independent scaling and faster rollouts
High availability and reduced interdependency risks
Automated service discovery via ECS Service Connect

🔹 API & Traffic Management

A multi-layered ingress strategy was introduced:

Amazon API Gateway for large-scale REST API handling
Network Load Balancer → ALB for secure private integration
Dual ALB layers for frontend and backend services

This supports 1M+ API calls/day with predictable performance.

🔹 Data Layer Modernization

Amazon RDS PostgreSQL (Multi-AZ) for resilient relational storage
Redis ElastiCache Cluster for performance acceleration and low latency
Strict network-level access control with isolated Security Groups

🔹 Media Processing Workflow

All media uploads trigger automated workflows using:

AWS Elemental MediaConvert for QVBR transcoding
Multi-bitrate HLS packaging for global playback
Delivery of finalized assets to distribution S3 buckets

This accelerates content publishing and reduces manual work.

🔹 Storage, Backup & DR

Amazon S3 with lifecycle policies for cost efficiency
Daily automated backups and EBS snapshots
Point-in-time recovery aligned with DR commitments

🔹 Global Content Distribution

Amazon CloudFront integrated with Route 53
Sub-second startup latency for worldwide users
Heavy caching at edge to reduce origin loads

🔹 Networking & Access Security

A dedicated AWS VPC ensures compliance and controlled access:

Private subnets for core workloads
Public ALB for secure frontend exposure
NAT Gateway for safe outbound communication

🔹 DevOps Automation

GitHub Actions + AWS CloudFormation for CI/CD automation
Zero-downtime deployments and consistent infrastructure provisioning

🔹 Observability & Governance

Amazon CloudWatch for unified real-time monitoring
AWS CloudTrail for audit and compliance enforcement

Results and Benefits

Hoichoi now delivers uninterrupted streaming performance even during major premieres, eliminating past slowdowns during large traffic spikes.
Content publishing speed has increased by 50–60%, enabling rapid release of new episodes and highlights across platforms.
Viewer experience has significantly improved with lower startup latency and reduced buffering across both domestic and international regions.
Positive streaming quality improvements resulted in higher user engagement, better session duration, and increased application ratings.
End-to-end security maturity improved with hardened access controls and enforced protection against piracy and unauthorized access.
Centralized monitoring and automated incident response have reduced resolution time, ensuring quick action during anomalies.
Autoscaling and modernized serverless components have reduced annual infrastructure costs while supporting growth without operational strain.

Security Considerations

IAM Role-Based Access: Enforced least-privilege access across all services using fine-grained IAM policies.
VPN-Bound Remote Access: Admins and developers access resources only via SSL VPN; RDP/SSH ports are restricted to VPN subnets.
Network Segmentation: Public-facing components are isolated from backend services using ALBs and Security Groups.
Encrypted Communication & Data: All data is encrypted at rest (AWS KMS) and in transit (TLS/SSL).
API Logging & Activity Auditing: CloudTrail and AWS Config track all access and infrastructure changes for full visibility and audit compliance.
Secure CI/CD Pipeline: Credentials are stored securely in AWS Secrets Manager, and artifact integrity is ensured throughout pipeline execution.

AWS Services used:

AWS EC2, AWS ECS, RDS, redis, ALB, S3, CloudFormation, CloudWatch, AWS Systems Manage, Media Convert, media Live, Lambda, EC2 Lifecycle manager, VPC Endpoint, CloudTrail, IAM Role, AWS Config, Route 53

Solution Architecture

Category: ConsultingNovember 23, 2025

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.