AWS WAF protects the API’s from common web exploits such as SQL injection (SQLi) or cross-site scripting (XSS) attacks. The AWS CloudFormation script helps make frequent, small, and reversible changes to the environment, resulting in an agile platform. Billing and logging details are also captured, making it easier to do any subsequent exercises. Using Amazon CloudWatch Events, customers can respond to each breach of thresholds to ensure they do preventive controls.

The core services are securely made available through API Gateway that leverages IAM and Cognito to provide authentication and authorization. Lambda uses identity-based security policies to connect to DynamoDB securely. Amazon SNS integrates with IAM so that customers can control which Amazon SNS actions a user can perform in their AWS account. DynamoDB protects user data at rest and in transit between Regions.

The core menu management services run on Lambda, which scales seamlessly and with high reliability. DynamoDB also scales based on load.

Resource provisioning and management is automated through serverless architecture including: Lambda, API Gateway, Amazon SNS, and DynamoDB.

Monitoring expenditure and usage is done through the AWS Billing Console. The use of serverless compute, such as Lambda, ensures cost optimization, as services are billed on usage. Lambda costs are based on the number of transactions whose usage is governed by AWS Cost Explorer. DynamoDB can be provisioned for auto-scaling, which incurs costs proportional to the usage.

Workloads are always scaled to the right-size with dynamic auto-scaling of serverless services like Lambda, DynamoDB, and API Gateway. This ensures high utilization and maximizes the energy efficiency of the underlying instances, services, and its hardware.