This Guidance helps consumer packaged goods (CPG) companies keep customers on their brand sites, even while purchasing products from a third-party online retailer. By keeping customers on the brand site, CPG companies can capture higher-quality, first-party data on the customer based on their purchase. CPG companies can still send the sales transactions to the retailer, while maintaining the customer experience on their brand site. 

Please note: [Disclaimer]

Architecture Diagram


Download the architecture diagram PDF 

Well-Architected Pillars

The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

  • Amazon CloudWatch provides centralized logging with metrics and alarms to raise alerts for operational anomalies. You should also consider using tags for better organization, identification, and cost accounting. Tags help in identifying how to respond to alarms and events on a granular level.

    Read the Operational Excellence whitepaper 
  • DynamoDB encrypts data at rest by default using the DynamoDB-owned AWS Key Management Service (AWS KMS) key. You can use the default AWS-owned encryption key, an AWS-managed key, or a customer-managed key.

    By default, Lambda encrypts the environmental variables at rest using the AWS-managed KMS key. You can optionally configure Lambda to use a customer-managed key instead of the default AWS-managed key. By default, CloudWatch encrypts the logs at rest using server-side encryption. You can use customer-managed KMS keys for more control over log encryption.

    Read the Security whitepaper 
  • This Guidance uses a Step Functions workflow that provides built-in retry capabilities.  It also uses Amazon SNS, which supports built-in retry capabilities that can be configured for a reliable, loosely-coupled architecture. Amazon SNS also uses a dead-letter queue to capture events that fail, even after multiple retries.

    Read the Reliability whitepaper 
  • You can optimize DynamoDB read operations through Amazon DynamoDB Accelerator (DAX). Using DAX improves the performance of the application and reduces the read capacity units (RCUs) used by DynamoDB.

    Additionally, you can enable API-caching for API Gateway to enhance responsiveness. This will reduce the number of calls made to the endpoint and improve the latency of the requests to the API. You can also enable payload compression for your API to improve responsiveness.

    Read the Performance Efficiency whitepaper 
  • By choosing the most appropriate RCUs and write capacity units (WCUs) for DynamoDB, you can reduce overall costs for this service. Analyze data access patterns to confirm that you are not overprovisioning RCUs and WCUs. You should also use efficient data modeling and querying to reduce the amount of consumed capacity. 

    One of the major factors for determining cost of running Lambda functions is the high frequency of invocation. You can reduce this frequency by adding Amazon CloudFront caching in front of API Gateway. This approach is helpful for infrequently changing data, such as the list of products available on the site. While adding CloudFront increases CloudFront cost, it decreases API Gateway and Lambda costs.

    Read the Cost Optimization whitepaper 
  • Based on the query patterns for this Guidance, we have created a data model that works with a single DynamoDB table. When you use this Guidance, you should identify and remove unused DynamoDB resources based on your use case and avoid overprovisioning RCUs and WCUs. Use the Time to Live (TTL) feature to clear old data and compress data.

    Read the Sustainability whitepaper 

Implementation Resources

The sample code is a starting point. It is industry validated, prescriptive but not definitive, and a peek under the hood to help you begin.

AWS Architecture


This post demonstrates how...


The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.

References to third-party services or organizations in this Guidance do not imply an endorsement, sponsorship, or affiliation between Amazon or AWS and the third party. Guidance from AWS is a technical starting point, and you can customize your integration with third-party services when you deploy the architecture.

Was this page helpful?