https://github.com/tanishkamarrott/serverlesschatapp-websocket-api-lambda-dynamodb-integration

DynamoWave Chat is a serverless chat appliction utilising AWS Lambda, DynamoDB, and WebSocket API for real-time communication. This architecture focuses on System Design Principles, ensuring high availability, scalability, security, cost-efficiency, and optimal performance.
https://github.com/tanishkamarrott/serverlesschatapp-websocket-api-lambda-dynamodb-integration

aws aws-cloudformation chat-application cloud-computing cost-optimization dynamo-db lambda-functions real-time-communication scalability serverless websocket

Last synced: 23 days ago
JSON representation

DynamoWave Chat is a serverless chat appliction utilising AWS Lambda, DynamoDB, and WebSocket API for real-time communication. This architecture focuses on System Design Principles, ensuring high availability, scalability, security, cost-efficiency, and optimal performance.

• Host: GitHub
• URL: https://github.com/tanishkamarrott/serverlesschatapp-websocket-api-lambda-dynamodb-integration
• Owner: TanishkaMarrott
• Created: 2023-12-11T15:19:10.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2024-05-15T06:13:50.000Z (7 months ago)
• Last Synced: 2024-05-15T21:44:40.206Z (7 months ago)
• Topics: aws, aws-cloudformation, chat-application, cloud-computing, cost-optimization, dynamo-db, lambda-functions, real-time-communication, scalability, serverless, websocket
• Homepage:
• Size: 256 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# DynamoWave Chat - A Serverless, Real-time Chat Application

**DynamoWave Chat** is a modern, scalable, serverless real-time chat application built using **AWS Lambda**, **DynamoDB**, and **API Gateway**.

➡️ **Core Focus**: Enhancing scalability, performance, and security from a non-functional standpoint.

---

## System Architecture & Components



---

## Workflow Overview

1. **Establish WebSocket connection**: Two-way communication between the client and server.

2. **ConnectHandler Lambda**: Triggered when a connection is established, inserting the `connectionId` into **ConnectionsTable**.

3. **Notification to Client**: Once the connection is established, the client is notified.

4. **SendMessageHandler Lambda**: Iterates through `connectionIds` and sends messages to connected clients.

5. **DisconnectHandler Lambda**: Cleans up by removing inactive `connectionIds` after the session ends.

---

## Services & Purpose

| **Service**           | **Identifier**       | **Purpose**                                                            |

|-----------------------|----------------------|------------------------------------------------------------------------|

| **API Gateway**        | WebSocket API        | Enables real-time communication.                                        |

| **DynamoDB**           | ConnectionsTable     | Tracks and manages active connections.                                  |

| **AWS Lambda**         | ConnectHandler       | Records new connections for operational monitoring.                     |

|                       | DisconnectHandler    | Removes inactive connections from the registry.                         |

|                       | SendMessageHandler   | Handles reliable communication among connected clients.                 |

|                       | DefaultHandler       | Notifies clients when the connection has been established.              |

---

## Design Considerations

### Availability & Reliability Improvements

1. **Reserved Concurrency for Critical Lambdas**: Critical Lambda functions have reserved concurrency quotas to ensure compute availability during peak times and prevent throttling.

   

   ➡️ Allocating resources ensures the application remains functional even during high load periods.

2. **Data Durability via Point-In-Time Recovery (PITR)**: Enabled PITR for **DynamoDB** to restore data to any second in the past 35 days, ensuring data availability and fault tolerance, even in case of accidental overwrites or deletions.

   ➡️ Simplifies data recovery without operational overhead or over-provisioning costs.

3. **Backpressure Resilience**: Implemented API Gateway **throttling** and **rate limiting** to ensure backend services aren't overwhelmed during peak usage.

   ➡️ Defines a maximum threshold of incoming requests and caps client requests to avoid service downtime or DDoS attacks.

4. **Resilience to Zonal Failures**: While the application is resilient to zonal outages, to improve availability in production systems, **DynamoDB Global Tables** and regional redundancy with Route 53 DNS failover could be implemented.

   ➡️ Provides higher availability for mission-critical applications and geographically distributed user bases.

---

## Code Optimizations for Lambda Reliability

1. **Error Handling**: Incorporated error handling mechanisms in Lambda functions to prevent cascading failures and ensure system stability.

   

2. **Retry Mechanisms**: Implemented **exponential backoff** for critical functions to recover from transient errors such as network failures or database operations.

   ➡️ Increases the likelihood of successful message delivery without overwhelming the system.

3. **Graceful Error Recovery**: Configured a Dead Letter Queue (DLQ) to capture and reprocess failed messages, ensuring **zero data loss**.

---

## Performance Optimizations

1. **Dynamic Auto-scaling for DynamoDB**: Dynamically adjusts capacity based on fluctuating workloads to ensure cost-effective scalability.

   ➡️ Automatically scales based on demand, reducing costs during idle times and increasing capacity during peak times.

2. **Custom Lambda Warmer**: Implemented a Lambda warmer function to reduce cold starts and improve performance for sporadically used functions.

   ➡️ Configured a **CloudWatch event** to trigger the warmer function, maintaining low-latency performance.

---

## Security Features

1. **API Gateway Resource Policies**: Enforced HTTPS-only requests to ensure secure transport for all connections.

   

2. **KMS Encryption for DynamoDB**: Secures all data at rest with **KMS encryption**, protecting sensitive user information.

3. **Least Privilege IAM Roles**: Pruned down **IAM policies** for Lambda service roles to enforce least-privilege access, minimizing risks of privilege escalation.

4. **Throttling for DDoS Mitigation**: API throttling prevents potential DDoS attacks by limiting the number of requests a user or bot can send in a given time.

---

## Future Enhancements

1. **WAF Integration**: Adding a Web Application Firewall (WAF) on top of API Gateway to protect against excessive resource consumption and ensure application availability.

   ➡️ Managed and custom rules will prevent potential security threats.

2. **CloudWatch Alarms & SNS Integration**: Configuring **real-time alerts** for abnormal API usage patterns or security incidents via CloudWatch alarms and SNS notifications.

   ➡️ Improves monitoring and operational insights.

---

## Contributions

We welcome suggestions to further improve the architecture or performance of **DynamoWave Chat**. Feel free to contact me at **[email protected]**.

---

## Credit Attribution

Special thanks to [AWS](https://aws.amazon.com/) for providing the foundational architecture guidelines for this project: [AWS WebSocket API Chat App Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-chat-app.html).