This Guidance helps retailers build their own retail management application that manages schedules, tasks, and communications for their workforce, all from a central location. Retailers start by setting up a front-end user interface to host the application. Next, retailers connect the application to data and events using a serverless GraphQL API service that can query and combine data from multiple data sources, such as job role and employee availability. The data is integrated with a fast and flexible database service, secured, stored, and, with the help of machine learning, can be imported to generate workforce demand planning. 

Please note: [Disclaimer]

Architecture Diagram


Download the architecture diagram PDF 

Well-Architected Pillars

The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

  • This Guidance leverages CloudWatch to monitor resources and Amazon SNS for alerting, helping you safely deploy this Guidance and respond to incidents. It can also be extended to automatically respond to events. 

    Read the Operational Excellence whitepaper 
  • To protect data in this Guidance, services such as Amazon S3 and DynamoDB provide features with built-in encryption at rest. By default, Amazon S3 uses server-side encryption with Amazon S3 managed keys (SSE-S3). However, you can also specify to use server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), dual-layer server-encryption with AWS KMS keys (DSSE-KMS), server-side encryption with customer-provided keys (SSE-C), or client-side encryption. DynamoDB leverages encryption keys stored in AWS KMS. These can be either an AWS owned key, an AWS managed key, or a customer managed key.

    Cognito is used for secure, frictionless user identity and access management, and AWS Identity and Access Management (IAM) is used for granular permission control for services. 

    Read the Security whitepaper 
  • This Guidance leverages AWS AppSync that provides a single endpoint to securely query or update data from multiple data sources. AWS AppSync is a serverless service which can automatically scale up to handle increases in application traffic, and scale down when traffic decreases. 

    Read the Reliability whitepaper 
  • Workforce management operates on the principle of central management and coordination, which is why AWS AppSync is an ideal service for this Guidance. It provides a single endpoint which can query multiple data sources and combine results. The other services AWS AppSync integrates within this Guidance are serverless and managed services, in which AWS manages the infrastructure. 

    Read the Performance Efficiency whitepaper 
  • This Guidance uses Lambda for serverless compute, AWS AppSync for serverless GraphQL APIs and Pub/Sub APIs, and DynamoDB for serverless storage. These services are priced based on the resources consumed, and only for the features used. Amazon S3 is also used as a low-cost storage option. Amazon S3 Lifecycle policies can move older, infrequently accessed data to lower cost storage tiers.  

    Read the Cost Optimization whitepaper 
  • This Guidance leverages serverless services such as AWS AppSync, Lambda, and DynamoDB, which will provision the minimum number of resources necessary to accomplish the task. Lambda provisions resources and runs when a new user signs up for the application. AWS AppSync only runs when handling API requests. And DynamoDB only runs when handling requests from Lambda and AWS AppSync.

    Read the Sustainability whitepaper 

Implementation Resources

A detailed guide is provided to experiment and use within your AWS account. Each stage of building the Guidance, including deployment, usage, and cleanup, is examined to prepare it for deployment.

The sample code is a starting point. It is industry validated, prescriptive but not definitive, and a peek under the hood to help you begin.

[Content Type]


This [blog post/e-book/Guidance/sample code] demonstrates how [insert short description].


The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.

Was this page helpful?