Solution Architecture Review

Review Template
Project Description
The purpose of this project is to develop an e-commerce web application for The Funny Hat Shop. The project includes building a
solution architecture according to the IT architecture vision and business requirements.

The business outcome is to drive additional sales by implementing an e-commerce web site to sell its products online

The web site should be easy to use, but fast and friendly to use on any channel, such as mobile phones, tablets and personal
computers.

The Funny Hat Shop made an agreement with an external Vendor for deliveries of the products to the customers. The solution needs to
integrate with the delivery companies API’s.
In Scope
The following architecture building blocks are in scope of this project:

● Create an e-commerce web application hosting on the AWS platform

● Integration with the stock management and invoicing systems
● Stand up a e-mail service to communicate to customer
● Work with a new Delivery Vendor to pick up and deliver products sold on the
web site
● Integrate with the Delivery Vendor API to automate status updates and
delivery requests
● Add images to the stock management system for each product
Out of Scope
Upgrading the stock management system is not in scope
Business Architecture: Capability Map
Application Impacted
Business Capability Application/System Buy/Build/Reuse Application
Roadmap

Online Sales E-commerce Web Application Build New

Customer Accounts CRM Database Build New

Customer Insights BI Reporting Build New

Order Management Stock Management System Reuse Change

Product Management Stock Management System Reuse Change

Delivery Service External Vendor - Funny Delivery Buy New

Invoicing Invoice System Reuse Change

Communications AWS SES Service Build New

IT Support AWS CloudWatch Build New

AS-IS Context Diagram
No As-Is architecture exist
TO-BE
Context
Diagram
Use Case View
Non-Functional Requirements
Availability

Requirement Description Answer

Hours of Operations Describe hours of operation for the Solution. E.g. 24/7 or 24/7
weekdays only between 8am and 5pm

Availability (%) Percentage of time that the application, process or capability 99.99%
needs to be available (i.e. 99.99%)

SLA Service Level Agreement as measured by time (E.g. 30 minutes for Deliver emails to customers not more than 10 minutes
completion of the process or batch). If external interfaces are part after order placed
of the solution, provide the SLA for these individual interfaces (E.g.
file delivered by 2 AM)

Maintenance/Upgrade When do you plan for upgrades on the system? Define a Planned downtime for Monday mornings 1 to 2 hours
Time maintenance window (E.g. Sundays from 1:00 AM – 4:00 AM) only at 1am

Unplanned Downtime Describe the impact of any unplanned downtime on the business Sales will be impacted
Impact or process

Batch Processing Times Define any batch process time windows (E.g. batches can only run Batches are expected to run to check delivery status.
between 2 AM and 4 AM) This should run every 10 minutes
Non-Functional Requirements
Performance

Requirement Description Answer

Response Time Measurement in time of the response of the system, to include the - Website response time less than 2 seconds
average expected response time and the maximum acceptable - Allow for a thousand hit per day
response time. This can either be the screen response time (E.g. - Solution should allowed for auto scalability on
Less than 2 seconds) evenings and weekends

Data Latency Define the acceptable data latency of data required for the No data latency expected
Solution. E.g. customer address can be a maximum of 1 day.
 Non-Functional Requirements
Volumes

Requirement Description Answer

Average Volume Measure of the average volume of the solution over a period of 500 transactions per month, but website can be hit 1000
Estimates time such as daily or monthly (E.g. 1000 transactions per day) times per day

Peak Estimates Define the peak time period for high volumes of data. (E.g. end of Peak times expected in the evenings and weekends
the month) Also define a peak time time period during a day or
week (E.g. Between 5pm and 8pm or weekends)

File Sizes & Interface Size in gigabytes, megabytes or kilobytes of any files that is Product images are stored on AWS S3 Buckets for the
Type required for processing E.g. interface size on a web services, stock management. Images are about 50kb average
image files or any other document files, etc.)

Backups / Archiving Describe the percentage of data that needs to be either purged or The solution should include replication for the database.
archived, and define the percentage over time. Also indicate when Daily backups using AWS Backup top the AWS RDS
and how backups should be taken. database

History Describe how long you need to keep data history. E.g. the solution Keep sales for 10 Years
needs 2 years of history for online transactional data

Database Growth Indication of the percentage increase or decrease of the size of the 10% growth expected after 12 months
Projections database over time. E.g. 5% increase over the first 12 months
Non-Functional Requirements
User Interactions

Requirement Description Answer

Number of Total Users Total number of users expected to use the solution The company expect 500 customer for the first 3 months,
and 2000 after 12 months

Number of Concurrent Number of concurrent users expected to use the system at the Allow for at least 10 concurrent users accessing the web
Users same time. site

User Locations & User Provide total number of users per each locations. Describe from User locations should only be from America, Europe and
Totals where in the world will the solution be accessed or allowed to be South Africa
accessed

User Roles & Role List the user roles that will access the system. Include the total 1x administrator, 2000 customers, 1x store manager
Totals number of users per role. E.g. 2x admin, 1000x customer, 1x store
manager, etc.
Non-Functional Requirements
Business Continuity

Requirement Description Answer

Business Continuity Describe the high level Business Continuity Plan. This is usually a Utilize AWS high availability, by using multi-availability
Plan created by business and IT management or IT governance. zones. Use AWS CloudFront for pushing content to 3
regions, us-east-1, eu-west-1, af-south-1

Minimum Acceptable Give a percent that indicates the minimum number of acceptable Not applicable
Number of Users users in a disaster recovery situation. E.g. total users are 200, but
in a disaster recovery, allow only for 10% user base

Minimum Acceptable Give a percentage indicating the minimum number of acceptable Not applicable
Number of transactions in a disaster recovery situation. For example 50% of
Transactions the average transaction volume

Minimum Acceptable Describe the minimally acceptable hours of operation and/or Not applicable
Availability availability of the system in a disaster recovery situation

Acceptable Give a percentage indicating the acceptable performance Not applicable

Performance degradation that is acceptable in a disaster recovery situation. E.g.
Degradation the existing UI performance is less than 2 seconds, however in a
disaster recovery situation acceptable performance would be 4
seconds
Non-Functional Requirements
Security

Requirement Description Answer

Authentication Describe what authentication is required, and if required additional details Use AWS Cognito to implement user
should be provided to further clarify the authentication requirements (for authentication with Google and Facebook logins
example):
• Username / Password Requirements (Complexity, Length, Numerical
Numbers, etc)
• Password change requirements (initial login, every 30 days, etc.)
• Password Storage

Authorization Details on the authorization requirements for the system. E.g. is the user or Ensure that only the web application can access
system authorized to access the database or API’s the database.

Attestation Details on the attestation requirements for the solution. E.g. managers need No attestation needed
to review or approve user access, or process owner needs to review or
approve user access

Audit Controls Details on any audit controls that are required for the solution When user change address, add an audit table
to capture the change

Confidentiality of Data Details on the confidentiality of the data for the solution. E.g. is it customer Customer data should be encrypted on the
personal information, secret information or public information database
 Non-Functional Requirements
Security

Description Answer

Integrity of Data Requirements in regards to the integrity of the data. E.g. the integrity of the public Validate the the customer is a real person. Use
facing internet site would be considered high due to the reputational risk captcha to validate that it is not a bot trying to add an
associated with unauthorized changes to the content. account.
Use SMS to verify that the customer is valid. Use AWS
Cognito

Logging Requirements Detail on whether logging is required. Provide further details for logging: Build exceptional handling to add an error to the
• System Events to Log: Security, Configuration, Admin Events system events.
• Log File Details: Date, Time, User Initiating Activity, Details, etc. Developers should create a log file for error handling.
• Time period for keeping log information Keep log files for 7 days, then auto delete the log files
• Required reviews of log information (timing / responsibility)

In Transit / At Rest Describe the security requirements when data is in transit and when data is in Use X509 Certificates for data in transit.
storage or at rest. Use AWS KMS for security at rest on S3 Buckets
Ensure AWS RDS uses the AES-256 encryption
algorithm

Functional Level Authorization Details on the Functional Level Authorization requirements for the solution.E.g. Is Not required
a user allowed to perform a specific function on the system

Data Level Authorization Details on the Data Level Authorization requirements for the solution. Not required
Non-Functional Requirements
Operations and Monitoring

Requirement Description Answer

Monitoring Requirements Describe the monitoring requirements for the solution Add AWS CloudWatch to check system health
and report using AWS SNS if any issues occur

Operational Support Roles Describe any operational support roles and responsibility requirements for IT Operations should monitor support emails
and Responsibilities the final solution from AWS CloudWatch
Non-Functional Requirements
Networking

Requirement Description Answer

LAN/WAN Requirements Describe any LAN or WAN requirements for the solution Not applicable

Cloud Networking Describe any Cloud Networking requirements. E.g. VPC on AWS or Create new VPC, use a public subnet for the web
VNet on Azure. Include the address spaces if known site, and private subnet for the database

Network Bandwidth Describe the the network bandwidth requirements for the solution Data : 5 kbps up and down
Requirements Image : 500 kbps up and down

Inbound/Outbound Traffic Requirements on whether a firewall usage is required for the solution for Configure security groups for inbound traffic to
inbound and outbound traffic allow all on public subnet, and deny all on private
subnet

Internal / External Describe any internal or external connectivity requirements for the Use AWS API Gateway to access Delivery
Connectivity solution. E.g. VPN, SFTP, API Gateways, etc. Vendor API’s. Vendor requires to whitelist the IP
Address and accepts a secret and key.

Load Balancing Describe whether a load balancer is needed for the solution Use Application load balancer for handling web
site traffic to multiple EC2 instances
Non-Functional Requirements
User Interface Requirements

Requirement Description Answer

User Interface Details on the User requirements for the solution. If this solution is This is a web application that will only be
required to run on a laptop or desktop, describe the hardware accessed via browsers
requirements.

UI Channels Describe which channels will use the solution. Desktop, Mobile, Web application should be access from the
Browsers, Tablets, IoT Devices, etc. following browsers: Chrome, Internet Explorer,
FireFox, Edge and Safari
Non-Functional Requirements
Architectural Requirements

Requirement Description Answer

Architecture Requirements Describe any specific architecture requirements for the solution: Use the Microservices architecture patterns.
·System Design - N Tier, Web Services, API, Containers, Kubernetes, etc Design should include using containerization
·Required Patterns, Pub/Sub, Queues, ESB, Microservices, etc. technology, such as docker. API’s should use
RESTful web services using json files.

Environment Requirements Details on the number of environments required and sizing for each of the Create 4 environments: Dev, QA, UAT and
environments. E.g. the application will require Development, Quality Production. Each environment needs to be in its
Assurance, User Acceptance Test, and Production environments. own VPC on AWS
Production and UAT might have the same size, while Development,
Quality Assurance can all be 10% of the Production environment

Virtualization Support Information on any requirements for virtualization support within the Use EC2 to and apache to host the web
solution. E.g. on-premise use VMWare, Cloud use EC2 or ECS application.

Development Stack Detailed requirements on development stack that need to be supported Use the following development stack: C#
as part of the build of the solution ASP.Net Core 3.1, MVC Pattern, XUnit,
Bootstrap, Docker, MySQL on AWS RDS,
Apache Web Server, Angular and Javascript
Current State Solution Architecture Diagram
There is no current state. This is a new e-commerce web application.
Target State
Solution
Architecture
Diagram
Architecture Objectives
● Create a secure private network on AWS using VPC’s for all environments
● Create a responsive single-page web application using bootstrap
● Use AWS Platform services for the solution, such as EC2, Elasticache for
Redis, Amazon RDS on MySQL, ALB load balancer, Route 53 Hosted Zones
and CloudWatch for monitoring
● Ensure auto scaling is enabled on the load balancer
● Deployments should use a DevOps pipeline for continuous integration and
continuous deployments
● Adhere to security standards for both data in transit and data at rest by using
X509 Certificates, AWS KMS encryption on S3 Buckets
Architecture Constraints
● The business only have a limited budget of $200,000 set out for development.
The solution should consider as a constraint.
● The company relies on this solution to keep the business open and would like
this solution in 3 months
● The company standard is to only use the Amazon AWS Cloud services
Architectural Risks
Risk Mitigation Owner

Project Not Delivered in time Business are willing to get contractors to speed up Business User (Sarah)
development

IT Operational Cost Might be high Solution Architecture will include auto scaling capability Solution Architect
Data Model Diagram
Data
Interaction
Sequence
Diagram
Application Component Model
Application Development Stack
Deployment Model (DevOps)
Networking / Infrastructure
AWS Regions
Development Requirements
Development The Funny hat store doesn’t have their own developers, and this project will be outsourced. (In a real-life example,
teams are split into different areas of concerns, E.g. Systems of Insight. Systems of Record, Systems of Integration
and Systems of Engagement)

Configuration Create (Amazon Machine Images) AMI images for three container services using Ansible playbooks: Single-page web
application, Web API application, and Comms Service. Use AWS KMS for secret keys and AWS Cognito service to
control and authorize user access to the web site.

Databases Create and design new database, thefunnyhatDatabase on MySQL AWS RDS. Database should include synchronous
replication between different availability zones. Enable RDS encryption. Use db.m5.xlarge MySQL Instance. Use
Multi-AZ deployment

File Storage Attach an AWS Elastic Block Storage to each EC2 Instance for configuration files, exception files, and log files.
Allocate 10gb per instance.

Data Migration The only data capturing required is the images to be added to the stock management system. Use S3 Bucket to store
the images, include a URL for each image on the stock management database.

Deployment Strategy Refer to the logical deployment model, by using the DevOps deployment strategy

Reports Create a custom sales report

Cost Model Breakdown

Solution

Infrastructure Application Tools

Cloud Services Monitoring & Web Site App

Database
Costing Yearly Operational Costs Hosting Services
Example Amazon AWS Cost - Per year
Additional Diagram
Examples
BMPN - Business Process
Azure Solution Architecture Diagram
On-Premise
Network
Infrastructure
Security Architecture Sample