Flagship Retail Community Hub

A flagship venue operations platform handling events, reservations, pickup scheduling, queue management, and community programs. The architecture combines a serverless API (API Gateway V2 + Lambda) with an ECS Fargate background worker, five DynamoDB tables, EventBridge event fan-out, and AppConfig for live venue rules. This scenario validates Simfra's hybrid serverless/container capabilities with complex multi-table data flows.

Services

Service Role
CloudFront CDN for static venue site
S3 Static site assets and pipeline artifacts, SSE-KMS
Cognito User pool for shopper and operator identity with JWT tokens
API Gateway V2 HTTP API with JWT authorizer routing to Lambda
Lambda Python venue-api (19 routes) and notification-fanout functions
ECS Fargate Go queue optimization worker (continuous background service)
ECR Container image repository for ECS worker
DynamoDB Five tables: events, reservations, pickup-slots, queue-state, preferences
EventBridge Custom events: BookingConfirmed, PickupCompleted, CheckInCompleted
SNS Two notification topics for venue events
SQS Notification verification queue
AppConfig Venue rules and configuration (capacity limits, hours, features)
KMS Customer-managed key for all encryption
IAM Scoped roles per component
CodeCommit Source repository
CodeBuild Two build projects (Lambda zip, Docker worker image)
CodeDeploy Lambda deployment with alias shifting
CodePipeline Two pipelines: serverless API and ECS worker

Architecture

Static site (CloudFront/S3) + Cognito JWT
  |
  v
API Gateway V2 (JWT authorizer) --> Lambda venue-api (Python, 19 routes)
                                       |
                                       v
                                    DynamoDB (5 tables with GSIs)
                                       |
                                       v
                                    EventBridge (custom events)
                                       |
                                       v
                                    Lambda notification-fanout
                                       |
                                       v
                                    SNS (2 topics) --> SQS (verification)

ECS Fargate (Go worker)
  |
  ├── Polls DynamoDB queue-state table
  ├── Reads AppConfig for venue rules
  └── Optimizes queue assignments continuously

The platform uses role-based access: shoppers browse events and book slots, operators manage capacity and campaigns. EventBridge captures venue lifecycle events (BookingConfirmed, PickupCompleted, CheckInCompleted) and routes them through a notification fan-out Lambda to SNS topics. AppConfig provides live venue configuration without redeployment.

What This Validates

  • API Gateway V2 with Cognito JWT authorization and role-based access control
  • Lambda + ECS hybrid architecture: stateless API alongside a stateful background worker
  • Five DynamoDB tables with multiple GSIs for different access patterns
  • EventBridge custom event emission and rule-based routing
  • Lambda-to-SNS-to-SQS notification fan-out chain
  • AppConfig deployment and live configuration retrieval
  • CloudFront CDN for static site delivery
  • Dual CI/CD pipelines: one for Lambda (zip + CodeDeploy), one for ECS (Docker + ECR)
  • Cognito user lifecycle with shopper and operator roles

Test Coverage

Tests cover smoke checks for all 18 services, integration tests for the full venue workflow (product browsing, event registration, pickup slot booking, check-in, queue management, operator capacity and campaign management), security tests for KMS encryption and IAM role scoping, and performance tests with concurrent authenticated requests.