Multi-AZ three-tier web app leveraging Route 53, CloudFront CDN, WAF, and Application Load Balancers across us-east-1a and us-east-1b. Traffic flows through Shield and Certificate Manager to public subnets, then to Auto Scaling Groups of EC2 t3.large instances in private app subnets, which connect to RDS PostgreSQL primary and read replica databases plus ElastiCache clusters for session and query caching. This architecture demonstrates AWS best practices for fault tolerance, auto-scaling, and defense-in-depth security with CloudWatch, CloudTrail, IAM, and Secrets Manager integration. Fork and customize this diagram on Diagrams.so to match your VPC CIDR blocks, instance types, and monitoring thresholds. The read replica pattern enables read-heavy workloads to scale independently while maintaining strong consistency for transactional writes.