Multi-AZ VPC architecture spanning us-east-1a and us-east-1b with public-facing WAF, Route 53 DNS, and dual Application Load Balancers routing traffic to t3.medium EC2 instances across availability zones. Private app and data subnets isolate compute from databases, with NAT Gateways enabling outbound internet access and VPN Gateway supporting secure remote office connectivity. RDS Primary and Standby instances provide synchronous replication and automatic failover for zero-downtime disaster recovery. This design demonstrates AWS best practices for fault tolerance, security segmentation, and operational resilience. Fork and customize this diagram on Diagrams.so to match your CIDR ranges, instance types, and regional requirements.