Cloud Design for Serverless Application (Like Lambda)
AWS Cloud Services :
A journey is started by the user. He/she typed in the URL, which will be connected to DNS, and the user’s request will be sent to Cloud front, which will either display cached data or get the code from S3.
At the same time, WAF will ensure the request’s authenticity, and ACM will provide SSL encryption.
In Backend, if a user wants to access anything, he may utilize the search engine and then add something to his basket, which means he is accessing two services. Elastic search aids him in product discovery, and when he adds data to his basket and then abandons it, the product creates a record in the database. API Gateway helps users to interact with these two services.
So that’s how the journey from beginning to conclusion went.
Description of these services.
- Cognito will help the company to provide authentication and authorization
- DNS will help to manage the users to reach CloudFront.
- The load balancer will help Company to manage the n number of requests if the load increases and vice versa.
- The firewall will only allow legitimate requests to access the CloudFront.
- ACM will help in SSL encryption.
- Cloudfront will help Company to Show the cached data of the user as soon as possible or it will find the data from the s3 bucket
- S3 bucket is where we have hosted our application (React/Angular)
- API gateway will help to use any API successfully. (Ex: search, find)
- VPC will have some policies that will only run on private networks.
- In subnet, we can distribute the IP as per our need to particular services which will help in VPC access. (IP/CIDR approach)
- ASG will provide a security firewall to our service
- Lambda is a serverless approach in AWS which allows us to work and run code smoothly.
- AES is an additional service that helps to search anything in our Company product which gives an endpoint to access in VPC
- Database (Like dynamo DB) is a database where we store our data and also provide an endpoint to access in VPC
VPC: Virtual private cloud
A virtual private cloud (VPC) is a private cloud that is housed within a public cloud and is safe and separated. Customers using VPCs can execute code, store data, host websites, and do anything else that a private cloud can do, but the private cloud is hosted remotely by a public cloud provider. (This isn’t the case for all private clouds.) VPCs combine public cloud computing’s scalability and convenience with private cloud computing’s data separation.
BY using IP/CIDR we will provide network distribution for user load management.
172.16.0.0 →Default AWS Port.
It provides Firewall security to our service.
Ex: Distribute in subnets 255.255.255.0 or /24
Refer to some links: