AWS Cloud Architecture Context

This skill provides specialized context and guidance for working with ViewDocs Cloud, a multi-tenant serverless document management system built on AWS.

What This Skill Does

Loads comprehensive architectural context for the ViewDocs Cloud migration project, including:

Multi-tenant serverless architecture patterns

AWS service configurations (Lambda, DynamoDB, API Gateway, S3, CloudFront)

Security and compliance requirements

Deployment pipelines and strategies

Development workflows and testing approaches

Integration patterns with on-premise systems

When to Use This Skill

Use this skill when working on:

Architecture decisions for multi-tenant serverless systems

AWS CDK infrastructure code

Lambda function development with TypeScript

DynamoDB single-table design patterns

Angular frontend development for cloud applications

CI/CD pipeline configuration

Security and compliance implementation

Hybrid cloud integrations via Direct Connect

Instructions

When this skill is loaded, you will have access to detailed context about:

1. Project Overview

Multi-tenant pool model architecture with logical isolation

Serverless AWS stack (Lambda without VPC, API Gateway, DynamoDB Global Tables, S3)

Hybrid integration with on-premise systems (IES, CMOD, FRS) via Direct Connect

Multi-region deployment (ap-southeast-2 primary, ap-southeast-4 DR)

Scale requirements: 500 concurrent users across 5-500 tenants

2. Technology Stack

**Backend:**

TypeScript on AWS Lambda (Node.js runtime)

DynamoDB single-table design with Global Tables

API Gateway REST APIs

AWS Cognito with SAML 2.0 federation

EventBridge, Step Functions, SQS for event processing

**Frontend:**

Angular application hosted on S3 + CloudFront

**Infrastructure:**

AWS CDK (TypeScript) with CDK Pipelines

Bitbucket for source control

Jenkins for CI/CD with Heat System approvals

3. Key Architecture Patterns

**Tenant Isolation:**

Subdomain-based tenant identification (tenant1.viewdocs.example.com)

DynamoDB partition key design with tenant_id prefix

Strict authorization checks preventing cross-tenant access

**Serverless & Non-VPC (ADR-012):**

Lambda functions deployed WITHOUT VPC for cost savings and performance

Public endpoints with IAM authentication for AWS services

Direct Connect with IPsec VPN for on-premise connectivity

No NAT gateways or VPC infrastructure overhead

**Archive Abstraction:**

Factory pattern for different archive types (IESC, IES, CMOD)

Unified interface for search, retrieve, download operations

**MailRoom Integration (ADR-013):**

Backend for Frontend (BFF) pattern with anti-corruption layer

Wrapper service for authorization, tenant isolation, and response translation

Independent MailRoom Backend microservice

**Event-Driven:**

All document operations emit events to EventBridge

Rule-based routing to downstream systems (FRS Proxy, HUB)

**Bulk Download:**

Step Functions orchestration for large document collections (up to 5GB)

S3 staging with pre-signed URLs for download

4. DynamoDB Table Design

Single-table design with access patterns:

Tenant configuration lookups

Role-to-ACL mappings

Folder ACL queries

Audit log queries by tenant + time range

Document comments

Bulk download job status

Key schema pattern: `PK=TENANT#<tenantId>`, `SK=<EntityType>#<ID>`

GSIs for cross-partition queries (user activity, document listings)

5. Security Guidelines

**Authentication:**

Cognito-hosted UI with SAML 2.0 federation

JWT tokens for API authorization

Support for both IDM SAML and external IdPs

**Authorization:**

Role-based access control (RBAC) with folder ACLs

User roles derived from SAML claims

Tenant isolation enforced at data layer

**Secrets Management:**

AWS Secrets Manager for per-tenant credentials

Automatic rotation enabled

Least-privilege IAM roles

**Encryption:**

TLS 1.2+ for all AWS service communication

IPsec VPN for Direct Connect tunnels

KMS encryption for DynamoDB and S3 at rest

6. Development Commands

**CDK Infrastructure:**

```bash

cdk synth # Synthesize CloudFormation

cdk deploy --all --context env=dev # Deploy to dev

cdk deploy --all --context env=uat # Deploy to UAT

cdk deploy --all --context env=prod # Deploy to prod (Jenkins only)

```

**Backend Lambda:**

```bash

npm install # Install dependencies

npm test # Run unit tests

npm test -- --coverage # Run with coverage

npm run lint # Lint code

npm run build # Build for deployment

```

**Frontend Angular:**

```bash

npm start # Dev server (localhost:4200)

npm test # Unit tests

npm run e2e # E2E tests

npm run build:prod # Production build

```

7. Deployment Strategy

**CI/CD Pipeline Flow:**

1. Bitbucket PR merged to `develop`

2. Jenkins webhook trigger

3. Build & test

4. Deploy dev (jenkins-dev-agent)

5. Integration tests

6. Heat Call approval (UAT)

7. Deploy UAT (jenkins-uat-agent)

8. E2E + load tests

9. Heat Call approval (Production)

10. Deploy prod blue-green (jenkins-prod-agent)

11. Canary monitoring → gradual rollout

**Blue-Green Deployment:**

New version deployed to "green" API Gateway stage

1-2 canary tenants routed via DNS

24-48 hour monitoring period

Gradual rollout: 10% → 25% → 50% → 100%

Instant rollback via API Gateway stage swap if issues

**Heat System Integration:**

UAT deployments require Heat Call approval (24-48h turnaround)

Production deployments require Heat Change Control with CAB review (48-72h turnaround)

Scheduled deployment windows for off-peak hours

8. Testing Strategy

**Unit Tests:**

Minimum 80% coverage for backend services

Jest framework with mocked dependencies

**Integration Tests:**

Test Lambda + DynamoDB + SQS interactions

Dedicated test tables with automated cleanup

**E2E Tests:**

Frontend → API Gateway → Lambda → DynamoDB flows

Cypress or Playwright on UAT environment

**Load Tests:**

Artillery or Locust

500 concurrent user scenarios

Monitor p95/p99 latency, error rates, Lambda throttles

9. Monitoring & Alerting

Key metrics to monitor:

API latency (p95/p99 per endpoint)

Error rates (4xx/5xx per tenant)

Lambda duration near timeout warnings

DynamoDB throttles (read/write capacity)

Archive API failures (IESC/IES/CMOD)

Bulk download queue depth and message age

10. Repository Structure

```

├── docs/architecture/ # TOGAF + C4 architecture docs

├── infrastructure/ # AWS CDK code (stacks + constructs)

├── backend/ # Lambda functions (TypeScript)

│ ├── src/functions/ # Lambda handlers

│ ├── src/services/ # Business logic

│ └── src/middleware/ # Auth, logging, error handling

├── frontend/ # Angular application

│ └── src/app/features/ # Feature modules (documents, search, admin)

└── intent-statement.md # Business requirements

```

Usage Guidelines

1. **Always Consider Multi-Tenancy**: Every Lambda function must extract tenant_id and enforce isolation

2. **Follow Non-VPC Pattern**: Lambda functions connect to AWS services via public endpoints with IAM

3. **Use Single-Table Design**: All DynamoDB queries must include tenant_id in partition key

4. **Implement Audit Logging**: All document operations must log to audit table with TTL

5. **Follow Security Guidelines**: Never hardcode credentials; use Secrets Manager and least-privilege IAM

6. **Test Thoroughly**: Unit tests (80% coverage), integration tests, E2E tests, and load tests required

7. **Follow Deployment Process**: Heat System approvals required for UAT and Production

8. **Monitor Proactively**: Set up CloudWatch alarms for key metrics before deploying

Important Notes

**Cost Optimization**: Non-VPC Lambda saves ~$1,992/year (ADR-012)

**Data Residency**: All data must remain in Australia (ap-southeast-2, ap-southeast-4)

**Hybrid Integration**: Direct Connect with public VIF + IPsec VPN for on-premise systems

**No Cross-Tenant Access**: Strict authorization checks on every request - this is non-negotiable

**Blue-Green Rollout**: Always use canary tenants and gradual rollout for production deployments

Examples

**Creating a new Lambda function:**

1. Add handler in `backend/src/functions/`

2. Extract tenant_id from event.headers.host

3. Implement authorization check against DynamoDB ACLs

4. Add audit logging to DynamoDB with TTL

5. Emit event to EventBridge for downstream processing

6. Write unit tests with mocked dependencies (80% coverage target)

7. Add CDK stack definition in `infrastructure/lib/stacks/`

8. Deploy via Jenkins pipeline with Heat approval

**Adding a new DynamoDB access pattern:**

1. Design partition key with `TENANT#<tenantId>` prefix

2. Design sort key with entity type and ID

3. Consider if GSI is needed for cross-partition queries

4. Update CDK stack to add GSI if required

5. Implement query logic with tenant isolation

6. Add integration test for new access pattern

**Integrating a new on-premise system:**

1. Design abstraction interface matching existing archive clients

2. Implement SOAP or REST client with retry logic

3. Store credentials in Secrets Manager per tenant

4. Add Direct Connect routing via public VIF + IPsec VPN

5. Add EventBridge integration for audit events

6. Test with canary tenant in UAT environment

AWS Cloud Architecture Context

AWS Cloud Architecture Context

What This Skill Does

When to Use This Skill

Instructions

1. Project Overview

2. Technology Stack

3. Key Architecture Patterns

4. DynamoDB Table Design

5. Security Guidelines

6. Development Commands

7. Deployment Strategy

8. Testing Strategy

9. Monitoring & Alerting

10. Repository Structure

Usage Guidelines

Important Notes

Examples

Reviews (0)