AWS CloudFormation helps you automate your infrastructure building and deployment through IaC templates, helping you limit human error and make small, repeatable, incremental, and reversible changes. AWS X-Ray traces functions and events, generating an application topology map that you can use to improve performance and identify bottlenecks during troubleshooting. Amazon CloudWatch acts as the central telemetry storage and provides log collection, dashboards, alarms, and analysis capabilities from Lambda and Step Functions. AWS CloudTrail monitors and records all API activities across your AWS accounts, giving you the ability to audit activity or API calls made to EventBridge, Lambda, and Step Functions.

AWS Identity and Access Management (IAM) establishes a strong identity and authorization foundation, and you can set up identity-based policies following the least-privilege principle to limit the access Lambda, Step Functions, and EventBridge have to downstream AWS services. You can also use resource-based policies to limit access further. Additionally, this Guidance lets you encrypt sensitive data from start to finish. AWS Key Management Service (AWS KMS) provides the ability to securely decrypt and encrypt data at rest. Step Functions and EventBridge encrypt data at rest and in transit, and Lambda encrypts data in transit. You can securely store Lambda code secrets using AWS Secrets Manager.

This Guidance enables you to use EventBridge, Lambda, and Step Functions in combination to create an event-driven, fault-tolerant architecture. These three services are regional and are deployed across multiple Availability Zones (AZs). EventBridge uses buses and rules to enable a publish-subscribe model with downstream targets, and this model enables loose coupling, enabling components to scale independently. Powertools for AWS Lambda (Python) lets you write and implement idempotent functions so that each request is completed exactly once. Lambda functions are stateless by design and can scale independently, and Lambda sends failed requests to an Amazon SQS dead letter queue for fault isolation and further troubleshooting. Step Functions provides built-in error handling, time-outs, and parallel processing to handle your distributed application reliably.

Lambda manages its own scaling mechanism when invoked asynchronously by EventBridge, and the serverless architecture removes the need for you to run and maintain physical servers for compute activities. Step Functions orchestrates business processes, and in the event of a time-out, you can gracefully terminate long-running or stuck calls or implement an alternative task. Additionally, DynamoDB is inherently designed to process large volumes of data with high performance. Its on-demand mode enables it to serve a large number of requests without any capacity planning. By carefully designing the DynamoDB primary key, you can build tables with a large number of distinct values and avoid throttling while reading or writing.

This Guidance uses serverless services with a pay-for-value billing model, so you can lower your total application cost because you don't pay for overprovisioning, and resource utilization is optimized on your behalf. This also lowers your operational costs, because you don’t have to manage the infrastructure or create patches. Additionally, EventBridge pipes provide a consistent and cost-effective way to create point-to-point integration between event producers and consumers. The DynamoDB on-demand capacity mode scales based on traffic and helps you avoid overprovisioning or underprovisioning database resources. Additionally, you can use Arm-based Lambda architecture powered by AWS Graviton2 processors to gain up to 20 percent cost efficiency.

The architecture uses AWS serverless services, which are elastic by design and only provision the resources necessary to complete the required tasks. The use of AWS Graviton2 processors in Lambda can deliver up to 19 percent better performance at 20 percent lower cost, reducing your energy consumption. By using direct service integration with Step Functions, you can further reduce the carbon footprint of your workload and avoid running unnecessary components.