Amazon Cloud Reference Architecture

(Link to download original Figjam file)

Notes

  • Amazon S3 is used to store web portal assets, training data and models.
  • User authentication services (not shown in diagram) provided by Authgear, which can be hosted in the same cluster or as an external service.

Optional Training Pipeline

  • FormX training pipeline is based on Kubeflow. Hence the rights to create CustomResourceDefinitions (CRD) in the cluster is required.

Cloud Resources Requirements

Products

Purposes

Minimum Specification

Amazon Elastic Kubernetes Services

Pods to run the applications, workers
Redis: Cache authentication tokens
Authgear: Authentication

m5.2xlarge (8 vCPUs, 32GiB RAM)
x 3 minimum for k8s
(See here for detailed requirements for training pipeline)

Amazon RDS for PostgreSQL

Store the configs, audit logs, temporarily result for async requests

m5.xlarge (4 vCPUs, 16GiB RAM)
x 2 for high availability

Amazon S3

Storage of the portal assets; (optional) images for training and models

N/A

Amazon Textract

OCR

N/A

(Optional Components)

Networking:

  • Amazon Web Application Firewall
  • Amazon Application / Elastic Load Balancer
  • Amazon Cloudfront (CDN)
    CI/CD:
  • Amazon Secrets Manager
  • Amazon Elastic Container Registry

N/A