Notes based on ibCom's use of AWS to host
mydigitalstructure is a fully hosted webapi and platform - a "backend as a service" - it allows developers to use a common model and set of methods to rapidly build modern enterprise apps.

Functionality ranges from hosting a public website through to full accounting.

There are 25 core objects (ie contacts, projects, invoices etc) with 700+ methods (ie add contact, search for contact).

mydigitalstructure is a fully hosted multi-tenanted environment that services 1000s of enterprise spaces - with demand changing from one moment to the next.

  • Highly dynamic infrastructure that can react quickly to demand both on the up and the down.

  • Self-managing - allowing the ibCom model and code to run within a set of infrastructure rules that requires minimal human interaction.

  • Supply costs that are economically aligned with a competitive marketplace.
  • Work with common well-proven standards (protocols) above and below the mydigitalstructure layer.

  • IAM, Identity Access Management, with Multi Factor Authentication (MFA)
  • ELB, Elastic Load Balancers x 6
  • Route53, DNS Management
  • EIP, Elastic IP x 1
  • EC2, Elastic Compute Service x 2+
  • EBS, Elastic Block Store (Volume) with EC2
  • RDS, Relational Database Service
  • VPC, Virtual Private Cloud
  • SES, Simple Email Service
  • CLI, Command Line Interface
  • Phase 1 +
  • DynamoDB, Non-relational database service
  • S3, Simple Storage Service



Security Groups For managing port access - https access onto load balancers and then http to the EC2 app services within the VPC.

Control access to services and access via command line interface, using sourceIP restrictions as a condition of the access policy.
VPC Virtual private cloud (network) - for isolated communication between services.
ELB Five load balancers to handle the core platform SSL/https access points:
  • webapi:
  • platform:
  • + 2 to handle "classic" platforms
  • + 1 to handle a retail service

ELB IP addresses are referenced via DNS names - allowing for arraying of the ELB appliances.

Route53 DNS for CNAME entries for friendly names - including alias entries for root domains.
EIP One elastic IP address for administrative access.  Not 100% required - may be eliminated in phase 2.
EC2 Servicing the http based app (where the code lives) and also for sharing the primary EBS volume.
EBS For file storage; as attachments to objects.  Current app needs synchronise access to files - next phase will introduce the "in-lab" S3 based file storage.
RDS For model data storage.
SES For sending emails - each space (tenant) has its own domain verified for sending emails.  Services adhoc emails and also eNews campaigns.  Uses SMTP.  Phase 2 will convert to webservice - so app lives with-in the http protocol.
CLI More a tool than a service - but important for scripting commands.  Important use of sourceIP condition in policy.


What is cloud computing? (video)
Shared responsibility model


Accelerating AWS enterprise app development with mydigitalstructure (READ)
Key usage statistics
Integration with AWS