Advanced Architectures

License tied to MAC/IP address

  1. Request ENI
  2. Connect License to ENI
  3. Store license in bucket
  4. Create Lambda (or script) to update IP address in Parameter store/DNS
  5. Create bootstrap script to attach the ENI & get script

UDP traffic

  1. Use NLB for load balancing
  2. Set up DNS to Elastic IP of NLB
  3. Set up NACL to deny non-UDP traffic to NLB

CloudFront -> ELB, Bucket

  1. Enable CF distribution with ELB & Bucket as origin
  2. Create origin access identity (OAI) in CF
  3. Create bucket policy that requires OAI
  4. Create CF behavior that route requests based on path

Full text search DynamoDB

For real-time-ish:

  1. Configure DynamoDB Stream (or Kinesis Stream for DynamoDB)
  2. Use a Lambda to parse the stream to load OpenSearch. OR batched-later-ish
  3. Load the data via CloudWatch logs using a Subscription Filter
  4. Use a Lambda to load OpenSearch.