Workshop

IELTS Self-Learning Web System - AWS Infrastructure Workshop

Overview

This comprehensive workshop guides you through building a production-ready AWS infrastructure for the IELTS Self-Learning Web System. You will learn how to deploy a highly available, scalable, and secure web application using modern AWS services and best practices.

The architecture implements an active-passive Multi-AZ deployment pattern on Amazon ECS, with a serverless AI service layer for intelligent assessment and content generation.

Architecture Overview

What You Will Build

By completing this workshop, you will have deployed:

ComponentAWS ServicePurpose
Network LayerVPC, Subnets, NAT GatewayIsolated, secure network infrastructure
Container PlatformECS Fargate, ECRServerless container orchestration
Load BalancingALB, Route 53, ACMTraffic distribution and SSL termination
Data LayerRDS PostgreSQL, ElastiCache, S3Relational database, caching, object storage
AI ServicesAPI Gateway, SQS, Lambda, DynamoDBServerless AI processing pipeline
CI/CDCodePipeline, CodeBuildAutomated deployment pipeline
SecurityIAM, Secrets Manager, WAFIdentity management and protection
MonitoringCloudWatch Logs, AlarmsObservability and alerting

Architecture Highlights

High Availability Design:

  • Multi-AZ deployment across two Availability Zones
  • Active-passive failover for ECS services
  • RDS Multi-AZ with automatic failover
  • Application Load Balancer with health checks

Serverless AI Architecture:

  • API Gateway for RESTful AI endpoints
  • SQS for asynchronous message processing
  • Lambda functions for Writing Assessment, Speaking Assessment, and RAG-based Flashcard Generation
  • DynamoDB for storing AI results
  • Amazon Bedrock integration for AI models (Gemma 3 12B, Titan Embeddings)
  • Google Gemini API for smart query generation

Security Best Practices:

  • Private subnets for application and database tiers
  • Security groups with least-privilege access
  • AWS WAF for application-level protection
  • Secrets Manager for credential management
  • IAM roles with minimal required permissions

Prerequisites

Before starting this workshop, ensure you have:

  • An AWS account with appropriate permissions
  • AWS CLI installed and configured
  • Basic understanding of AWS services (VPC, EC2, ECS)
  • Docker installed locally for container builds
  • Git for version control

Time to Complete

SectionEstimated Time
Prerequisites15 minutes
VPC & Network Setup30 minutes
ECS & Container Setup45 minutes
Load Balancer Configuration30 minutes
Database & Storage Setup45 minutes
AI Service Architecture60 minutes
CI/CD Pipeline30 minutes
Security & IAM30 minutes
Monitoring Setup20 minutes
Total~5 hours

Content

  1. Workshop Overview
  2. Prerequisites
  3. VPC & Network Setup
  4. ECS & Container Setup
  5. Load Balancer Configuration
  6. Database & Storage Setup
  7. AI Service Architecture
  8. CI/CD Pipeline
  9. Security & IAM
  10. Monitoring & Logging
  11. Clean Up