AePS Switch implements a command-and-event-driven architecture for processing Aadhaar-enabled Payment System transactions across two availability zones with strict security isolation. Terminal and Mobile Applications submit commands to a Command Processor, which routes requests through a Security Manager for validation before publishing events to Kafka MSK for asynchronous processing. The Tenant Database in RDS is replicated across AZ-1 and AZ-2, while Kafka brokers are mirrored for fault tolerance, ensuring no single point of failure in the transaction pipeline. This multi-tier design with public-facing WAF and ALB, isolated application and integration subnets, and dedicated data layer separation demonstrates defense-in-depth for regulated financial workloads. Fork this diagram on Diagrams.so to customize subnet CIDR ranges, add additional AZs, or integrate with your compliance and monitoring requirements.