Multi-AZ three-tier web application architecture on AWS VPC 10.0.0.0/16 spans presentation, application, and data tiers across two availability zones. Internet traffic flows through Route 53 DNS and CloudFront CDN, protected by AWS WAF and Shield DDoS, reaching an internet-facing Application Load Balancer that distributes requests to Auto Scaling Groups of EC2 t3.medium instances in private subnets 10.0.10.0/24 and 10.0.20.0/24. Application servers connect to RDS PostgreSQL 14.x Multi-AZ primary (10.0.100.10) with synchronous standby replication and cross-region read replica for disaster recovery, while static assets serve from versioned S3 buckets. This architecture demonstrates AWS best practices for high availability, fault tolerance, and security with defense-in-depth across network zones, making it ideal for production workloads requiring 99.99% uptime SLAs. Fork this diagram on Diagrams.so to customize subnet CIDR blocks, modify instance types, add ElastiCache layers, or export as .drawio for infrastructure-as-code documentation.