Minimal operational overhead solution for peak hours with a high number of requests:
- Amazon S3 and CloudFront for Static Content: Hosting static content on Amazon S3 and using Amazon CloudFront for content delivery optimizes the delivery of static resources with low latency and high transfer speeds globally. CloudFront caches the content at edge locations closest to the users, reducing the load time significantly.
- AWS Lambda and API Gateway for Backend: AWS Lambda allows you to run code without provisioning or managing servers, handling traffic bursts seamlessly. Amazon API Gateway as the front door for Lambda can manage thousands to millions of concurrent API calls, providing you with high scalability and flexibility to manage traffic patterns. This setup ensures millisecond latency in processing and responding to API requests.
- Amazon DynamoDB for Data Storage: DynamoDB is a fully managed NoSQL database service that supports key-value and document data structures. It is designed to handle high-traffic applications and can scale beyond the limits of traditional relational databases. DynamoDB’s single-digit millisecond performance makes it ideal for applications requiring fast and consistent access to data at any scale.
- Operational Overhead: This architecture minimizes operational overhead by leveraging fully managed services. S3 and CloudFront for static content delivery require minimal maintenance. AWS Lambda and API Gateway for dynamic content and backend logic eliminate the need for server management. DynamoDB provides a scalable and high-performance database solution without the operational burden of traditional database management.
Amazon S3 Intelligent-Tiering is the only cloud storage class that delivers automatic storage cost savings when data access patterns change, without performance impact or operational overhead. The Amazon S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective access tier when access patterns change. S3 Intelligent-Tiering is the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period.
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. You can use AWS Config to monitor and record changes to the configuration of your Amazon S3 buckets. By turning on AWS Config and enabling the appropriate rules, you can ensure that your S3 buckets do not have unauthorized configuration changes.
A two-way trust is required for AWS Enterprise Apps such as Amazon Chime, Amazon Connect, Amazon QuickSight, AWS IAM Identity Center, Amazon WorkDocs, Amazon WorkMail, Amazon WorkSpaces, and the AWS Management Console. AWS Managed Microsoft AD must be able to query the users and groups in your self-managed Active Directory.
Amazon EC2, Amazon RDS, and Amazon FSx will work with either a one-way or two-way trust.
https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_setup_trust.html
Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover. Both services integrate with AWS Shield for DDoS protection.
CloudFront uses Edge Locations to cache content while Global Accelerator uses Edge Locations to find an optimal pathway to the nearest regional endpoint. CloudFront is designed to handle HTTP protocol meanwhile Global Accelerator is best used for both HTTP and non-HTTP protocols such as TCP and UDP.
https://aws.amazon.com/global-accelerator/faqs/