Infrastructure Overview

Infrastructure Resources

Infrastructure resources for Drop project: deployment, monitoring, CI/CD.

Current Architecture (2026-03-06)

~~Compute:~~ ~~AWS App Runner (eu-north-1) — drop-app (port 3000) and drop-api (port 3001)~~

~~Database:~~ ~~PostgreSQL 16 on AWS RDS —~~ db.t3.small~~, Multi-AZ enabled (~~db_multi_az = true~~), 30-day backup retention~~

~~Job Queues:~~ ~~Redis (ElastiCache) + BullMQ — AML worker, notification dispatch (ADR-015)~~

~~Secrets:~~ ~~AWS Secrets Manager — JWT_SECRET, BANKID_CLIENT_SECRET, DATABASE_URL, REDIS_URL, SENTRY_DSN~~

~~Edge:~~ ~~Cloudflare — DNS, CDN, WAF (OWASP rules), DDoS protection, geo-block~~

~~Registry:~~ ~~ECR — container images with vulnerability scanning~~

~~Monitoring:~~ ~~CloudWatch + BetterStack + Sentry (see docs/infrastructure/MONITORING.md)~~

~~Health check:~~ GET /api/health ~~— checked every 10s, 5s timeout, 3 retries~~

Directories

terraform/ ~~— Infrastructure as Code (AWS resources)~~

monitoring/ ~~— Monitoring configuration, alert rules~~

cloudwatch/ ~~— CloudWatch dashboards and log groups~~

cloud-audit/ ~~— AWS security audit results~~

Key Documents

~~Deployment Architecture~~

~~Deployment Guide~~

~~DR Runbook~~

~~CI/CD Pipeline~~

~~Monitoring~~

~~Environment Variables~~

~~ADR-012: App Runner~~

~~ADR-014: PostgreSQL-Only~~

~~ADR-015: BullMQ + Redis~~

Back to top