Version: 1.7 - September 2023
All infrastructure is hosted in a single AWS region. No data will be stored or processed outside of this region. Within a region multiple Availability Zones (AZ) exist, which represent different physical locations within the same region. In order to provide our service in case one AZ is down, we ensure that our infrastructure spans at least two AZ’s.
graph LR
classDef s3 fill:#4A902A,stroke:#333,stroke-width:4px,color:#fff
classDef ec2 fill:#dc6c11,stroke:#333,stroke-width:4px,color:#fff
classDef rds fill:#3c48cc,stroke:#333,stroke-width:4px,color:#fff
classDef client fill:#6980e9,stroke:#333,stroke-width:4px,color:#fff
classDef aws fill:#DD3070,stroke:#333,stroke-width:4px,color:#fff
classDef sec fill:#8450e1,stroke:#333,stroke-width:4px,color:#fff
subgraph VPC
EC2a(EC2):::ec2 --> RDSa(RDS az1):::rds
EC2b(EC2):::ec2 --> RDSa(RDS az1):::rds
RDSa --> RDSb(RDS az2 standby):::rds
end
LB:::ec2 --> EC2a
LB:::ec2 --> EC2b
subgraph AWS
Client:::client --TLS--> LB((Loadbalancer))
SQS:::aws
MediaConvert:::aws
CloudFormation:::aws
KMS(Key Management):::aws
VPC -.-> S3[(S3)]:::s3
Client --TLS--> Cloudfront(Cloudfront CDN):::aws -.-> S3
CloudTrail:::sec
CloudTrail --> CloudWatch:::sec
GuardDuty:::sec <--> CloudTrail
end
Within the region a Virtual Private Cloud (VPC) is created. This VPC logically separates our network from other users of the region, so that traffic between services in the VPC is secured.
Access to the application is routed through a load balancer (LB). The purpose of the LB is to route a request to an available application server (App). It is also the point where SSL connections are terminated. SSL termination is configured with TLS 1.3 and using the recommended cipher configuration.
The App is run on EC2 servers through Auto Scaling Groups (ASG). The ASG maintains a flexible number of servers and registers them with the LB. We automatically scale up and down the number of servers depending on the load, and faulty servers are also replaced automatically.
The relational database (RDS) is also provisioned in two AZ. One database server is designated as Primary and will receive all queries. The changes are then replicated to a secondary database server in a different AZ so it can act as a hot standby. In case the primary database server has a failure, the roles will be swapped so that no data is lost and service will be not impacted.
S3 is an Amazon managed service that provides storage for all sorts of objects. Objects stored in S3 are replicated across multiple locations within the same region to reduce the chance of loss to <0.00001 %
SQS is an Amazon managed service that provides a queue. The queue is used to store work orders that need to be processed by the Application. The queue only stores a reference to the work order, and ensures that work can be picked up by any available server.