AWS Threat Modeling App - VPC Architecture

aws · network diagram.

Diagrams.so

About This Architecture

Multi-tier VPC architecture for a threat modeling application leveraging AWS WAF, CloudFront CDN, and Application Load Balancer in the public access layer. Three Fargate services—API, Threat Model Engine, and Document Processor—run in private subnets within an ECS cluster, communicating with Aurora Serverless PostgreSQL, ElastiCache Redis, and S3 document storage. Security is enforced through Secrets Manager, KMS encryption, IAM policies, Cognito authentication, and observability via CloudWatch, CloudTrail, and GuardDuty. This architecture demonstrates defense-in-depth with network isolation, encrypted data at rest and in transit, and centralized logging for compliance and incident response.

People also ask

How do I design a secure multi-tier AWS VPC architecture for a threat modeling application with Fargate and Aurora?

This diagram shows a three-subnet VPC design: public access layer with WAF and ALB, private distribution layer running Fargate microservices, and core data layer with Aurora Serverless and encrypted S3 storage. Security is layered with Cognito authentication, KMS encryption, Secrets Manager, and observability through CloudWatch, CloudTrail, and GuardDuty.

AWS Threat Modeling App - VPC Architecture

AWSadvancedVPCFargateSecurityMulti-tier ArchitectureAurora
Domain: Cloud AwsAudience: AWS solutions architects designing secure, multi-tier threat modeling applications
1 views0 favoritesPublic

Created by

March 20, 2026

Updated

March 24, 2026 at 10:48 AM

Type

network

Need a custom architecture diagram?

Describe your architecture in plain English and get a production-ready Draw.io diagram in seconds. Works for AWS, Azure, GCP, Kubernetes, and more.

Generate with AI