Aws Solution Architect | Skills Pool
Aws Solution Architect Expert AWS solution architecture for startups focusing on serverless, scalable, and cost-effective cloud infrastructure with modern DevOps practices and infrastructure-as-code
alirezarezvani 702 스타 2025. 10. 21. AWS Solution Architect for Startups
This skill provides comprehensive AWS architecture design expertise for startup companies, emphasizing serverless technologies, scalability, cost optimization, and modern cloud-native patterns.
Capabilities
Serverless Architecture Design : Lambda, API Gateway, DynamoDB, EventBridge, Step Functions, AppSyncInfrastructure as Code : CloudFormation, CDK (Cloud Development Kit), Terraform templatesScalable Application Architecture : Auto-scaling, load balancing, multi-region deploymentData & Storage Solutions : S3, RDS Aurora Serverless, DynamoDB, ElastiCache, NeptuneEvent-Driven Architecture : EventBridge, SNS, SQS, Kinesis, Lambda triggersAPI Design : API Gateway (REST & WebSocket), AppSync (GraphQL), rate limiting, authenticationAuthentication & Authorization : Cognito, IAM, fine-grained access control, federated identityCI/CD Pipelines : CodePipeline, CodeBuild, CodeDeploy, GitHub Actions integration
빠른 설치
Aws Solution Architect npx skills add alirezarezvani/claude-code-skill-factory
스타 702
업데이트 2025. 10. 21.
직업
Monitoring & Observability : CloudWatch, X-Ray, CloudTrail, alarms, dashboards
Cost Optimization : Reserved instances, Savings Plans, right-sizing, budget alerts
Security Best Practices : VPC design, security groups, WAF, Secrets Manager, encryption
Microservices Patterns : Service mesh, API composition, saga patterns, CQRS
Container Orchestration : ECS Fargate, EKS (Kubernetes), App Runner
Content Delivery : CloudFront, edge locations, origin shield, caching strategies
Database Migration : DMS, schema conversion, zero-downtime migrations
Architecture design requires:
Application type : Web app, mobile backend, data pipeline, microservices, SaaS platformTraffic expectations : Users/day, requests/second, geographic distributionData requirements : Storage needs, database type, backup/retention policiesBudget constraints : Monthly spend limits, cost optimization prioritiesTeam size & expertise : Developer count, AWS experience level, DevOps maturityCompliance needs : GDPR, HIPAA, SOC 2, PCI-DSS, data residencyAvailability requirements : SLA targets, uptime goals, disaster recovery RPO/RTO
Text description of application requirements
JSON with structured architecture specifications
Existing architecture diagrams or documentation
Current AWS resource inventory (for optimization)
Architecture diagrams : Visual representations using draw.io or Lucidchart formatCloudFormation/CDK templates : Infrastructure as Code (IaC) ready to deployTerraform configurations : Multi-cloud compatible infrastructure definitionsCost estimates : Detailed monthly cost breakdown with optimization suggestionsSecurity assessment : Best practices checklist, compliance validationDeployment guides : Step-by-step implementation instructionsRunbooks : Operational procedures, troubleshooting guides, disaster recovery plansMigration strategies : Phased migration plans, rollback procedures
How to Use "Design a serverless API backend for a mobile app with 100k users using Lambda and DynamoDB"
"Create a cost-optimized architecture for a SaaS platform with multi-tenancy"
"Generate CloudFormation template for a three-tier web application with auto-scaling"
"Design event-driven microservices architecture using EventBridge and Step Functions"
"Optimize my current AWS setup to reduce costs by 30%"
Scripts
architecture_designer.py: Generates architecture patterns and service recommendationsserverless_stack.py: Creates serverless application stacks (Lambda, API Gateway, DynamoDB)cost_optimizer.py: Analyzes AWS costs and provides optimization recommendationsiac_generator.py: Generates CloudFormation, CDK, or Terraform templatessecurity_auditor.py: AWS security best practices validation and compliance checks
Architecture Patterns
1. Serverless Web Application Use Case : SaaS platforms, mobile backends, low-traffic websites
Frontend : S3 + CloudFront (static hosting)API : API Gateway + LambdaDatabase : DynamoDB or Aurora ServerlessAuth : CognitoCI/CD : Amplify or CodePipeline Benefits : Zero server management, pay-per-use, auto-scaling, low operational overhead
Cost : $50-500/month for small to medium traffic
2. Event-Driven Microservices Use Case : Complex business workflows, asynchronous processing, decoupled systems
Events : EventBridge (event bus)Processing : Lambda functions or ECS FargateQueue : SQS (dead letter queues for failures)State Management : Step FunctionsStorage : DynamoDB, S3 Benefits : Loose coupling, independent scaling, failure isolation, easy testing
Cost : $100-1000/month depending on event volume
3. Modern Three-Tier Application Use Case : Traditional web apps with dynamic content, e-commerce, CMS
Load Balancer : ALB (Application Load Balancer)Compute : ECS Fargate or EC2 Auto ScalingDatabase : RDS Aurora (MySQL/PostgreSQL)Cache : ElastiCache (Redis)CDN : CloudFrontStorage : S3 Benefits : Proven pattern, easy to understand, flexible scaling
Cost : $300-2000/month depending on traffic and instance sizes
4. Real-Time Data Processing Use Case : Analytics, IoT data ingestion, log processing, streaming
Ingestion : Kinesis Data Streams or FirehoseProcessing : Lambda or Kinesis AnalyticsStorage : S3 (data lake) + Athena (queries)Visualization : QuickSightAlerting : CloudWatch + SNS Benefits : Handle millions of events, real-time insights, cost-effective storage
Cost : $200-1500/month depending on data volume
5. GraphQL API Backend Use Case : Mobile apps, single-page applications, flexible data queries
API : AppSync (managed GraphQL)Resolvers : Lambda or direct DynamoDB integrationDatabase : DynamoDBReal-time : AppSync subscriptions (WebSocket)Auth : Cognito or API keys Benefits : Single endpoint, reduce over/under-fetching, real-time subscriptions
Cost : $50-400/month for moderate usage
6. Multi-Region High Availability Use Case : Global applications, disaster recovery, compliance requirements
DNS : Route 53 (geolocation routing)CDN : CloudFront with multiple originsCompute : Multi-region Lambda or ECSDatabase : DynamoDB Global Tables or Aurora Global DatabaseReplication : S3 cross-region replication Benefits : Low latency globally, disaster recovery, data sovereignty
Cost : 1.5-2x single region costs
Best Practices
Serverless Design Principles
Stateless functions - Store state in DynamoDB, S3, or ElastiCacheIdempotency - Handle retries gracefully, use unique request IDsCold start optimization - Use provisioned concurrency for critical paths, optimize package sizeTimeout management - Set appropriate timeouts, use Step Functions for long processesError handling - Implement retry logic, dead letter queues, exponential backoff
Cost Optimization
Right-sizing - Start small, monitor metrics, scale based on actual usageReserved capacity - Use Savings Plans or Reserved Instances for predictable workloadsS3 lifecycle policies - Transition to cheaper storage tiers (IA, Glacier)Lambda memory optimization - Test different memory settings for cost/performance balanceCloudWatch log retention - Set appropriate retention periods (7-30 days for most)NAT Gateway alternatives - Use VPC endpoints, consider single NAT in dev environments
Security Hardening
Principle of least privilege - IAM roles with minimal permissionsEncryption everywhere - At rest (KMS) and in transit (TLS/SSL)Network isolation - Private subnets, security groups, NACLsSecrets management - Use Secrets Manager or Parameter Store, never hardcodeAPI protection - WAF rules, rate limiting, API keys, OAuth2Audit logging - CloudTrail for API calls, VPC Flow Logs for network traffic
Scalability Design
Horizontal over vertical - Scale out with more small instances vs. larger instancesDatabase sharding - Partition data by tenant, geography, or timeRead replicas - Offload read traffic from primary databaseCaching layers - CloudFront (edge), ElastiCache (application), DAX (DynamoDB)Async processing - Use queues (SQS) for non-critical operationsAuto-scaling policies - Target tracking (CPU, requests) vs. step scaling
DevOps & Reliability
Infrastructure as Code - Version control, peer review, automated testingBlue/Green deployments - Zero-downtime releases, instant rollbackCanary releases - Test new versions with small traffic percentageHealth checks - Application-level health endpoints, graceful degradationChaos engineering - Test failure scenarios, validate recovery proceduresMonitoring & alerting - Set up CloudWatch alarms for critical metrics
Service Selection Guide
Compute
Lambda : Event-driven, short-duration tasks (<15 min), variable trafficFargate : Containerized apps, long-running processes, predictable trafficEC2 : Custom configurations, GPU/FPGA needs, Windows appsApp Runner : Simple container deployment from source code
Database
DynamoDB : Key-value, document store, serverless, single-digit ms latencyAurora Serverless : Relational DB, variable workloads, auto-scalingAurora Standard : High-performance relational, predictable trafficRDS : Traditional databases (MySQL, PostgreSQL, MariaDB, SQL Server)DocumentDB : MongoDB-compatible, document storeNeptune : Graph database for connected dataTimestream : Time-series data, IoT metrics
Storage
S3 Standard : Frequent access, low latencyS3 Intelligent-Tiering : Automatic cost optimizationS3 IA (Infrequent Access) : Backups, archives (30-day minimum)S3 Glacier : Long-term archives, complianceEFS : Network file system, shared storage across instancesEBS : Block storage for EC2, high IOPS
Messaging & Events
EventBridge : Event bus, loosely coupled microservicesSNS : Pub/sub, fan-out notificationsSQS : Message queuing, decoupling, bufferingKinesis : Real-time streaming data, analyticsMQ : Managed message brokers (RabbitMQ, ActiveMQ)
API & Integration
API Gateway : REST APIs, WebSocket, throttling, cachingAppSync : GraphQL APIs, real-time subscriptionsAppFlow : SaaS integration (Salesforce, Slack, etc.)Step Functions : Workflow orchestration, state machines
Startup-Specific Considerations
MVP (Minimum Viable Product) Architecture Goal : Launch fast, minimal infrastructure
Amplify (full-stack deployment)
Lambda + API Gateway + DynamoDB
Cognito for auth
CloudFront + S3 for frontend
Cost : $20-100/month
Setup time : 1-3 days
Growth Stage (Scaling to 10k-100k users) Goal : Handle growth, maintain cost efficiency
ElastiCache for caching
Aurora Serverless for complex queries
CloudWatch dashboards and alarms
CI/CD pipeline (CodePipeline)
Multi-AZ deployment
Cost : $500-2000/month
Migration time : 1-2 weeks
Scale-Up (100k+ users, Series A+) Goal : Reliability, observability, global reach
Multi-region deployment
DynamoDB Global Tables
Advanced monitoring (X-Ray, third-party APM)
WAF and Shield for DDoS protection
Dedicated support plan
Reserved instances/Savings Plans
Cost : $3000-10000/month
Migration time : 1-3 months
Common Pitfalls to Avoid
Technical Debt
Over-engineering early - Don't build for 10M users when you have 100Under-monitoring - Set up basic monitoring from day oneIgnoring costs - Enable Cost Explorer and billing alerts immediatelySingle region dependency - Plan for multi-region from start
Security Mistakes
Public S3 buckets - Use bucket policies, block public accessOverly permissive IAM - Avoid "*" permissions, use specific resourcesHardcoded credentials - Use IAM roles, Secrets ManagerUnencrypted data - Enable encryption by default
No caching - Add CloudFront, ElastiCache earlyInefficient queries - Use indexes, avoid scans in DynamoDBLarge Lambda packages - Use layers, minimize dependenciesN+1 queries - Implement DataLoader pattern, batch operations
Cost Surprises
Undeleted resources - Tag everything, review regularlyData transfer costs - Keep traffic within same AZ/region when possibleNAT Gateway charges - Use VPC endpoints for AWS servicesCloudWatch Logs accumulation - Set retention policies
Compliance & Governance
Data Residency
Use specific regions (eu-west-1 for GDPR)
Enable S3 bucket replication restrictions
Configure Route 53 geolocation routing
HIPAA Compliance
Use BAA-eligible services only
Enable encryption at rest and in transit
Implement audit logging (CloudTrail)
Configure VPC with private subnets
SOC 2 / ISO 27001
Enable AWS Config for compliance rules
Use AWS Audit Manager
Implement least privilege access
Regular security assessments
Limitations
Lambda limitations : 15-minute execution limit, 10GB memory max, cold start latencyAPI Gateway limits : 29-second timeout, 10MB payload sizeDynamoDB limits : 400KB item size, eventually consistent reads by defaultRegional availability : Not all services available in all regionsVendor lock-in : Some serverless services are AWS-specific (consider abstraction layers)Learning curve : Requires AWS expertise, DevOps knowledgeDebugging complexity : Distributed systems harder to troubleshoot than monoliths
Helpful Resources 02
Capabilities
클라우드
Cloudflare Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
Mcp Integration This skill should be used when the user asks to "add MCP server", "integrate MCP", "configure MCP in plugin", "use .mcp.json", "set up Model Context Protocol", "connect external service", mentions "${CLAUDE_PLUGIN_ROOT} with MCP", or discusses MCP server types (SSE, stdio, HTTP, WebSocket). Provides comprehensive guidance for integrating Model Context Protocol servers into Claude Code plugins for external tool and service integration.
클라우드
Setup Deploy Configure deployment settings for /land-and-deploy. Detects your deploy
platform (Fly.io, Render, Vercel, Netlify, Heroku, GitHub Actions, custom),
production URL, health check endpoints, and deploy status commands. Writes
the configuration to CLAUDE.md so all future deploys are automatic.
Use when: "setup deploy", "configure deployment", "set up land-and-deploy",
"how do I deploy with gstack", "add deploy config".