This is a mimic project I created for my self-employed construction company, “Give You A Home Construction Ltd.” The company has a front-end website that offers tiles, laminate, carpet, and installation services. Its back-end handles shopping carts, estimation calculations, invoicing, and accounting functions.

To get started, I launched two EC2 instances—one for the front-end website and one for the back-end system. To store customer information such as names, phone numbers, and addresses, I chose Amazon DynamoDB, which is fast and serverless. For all other files, like service estimations and invoices, I used Amazon S3.

To monitor performance, I integrated Amazon CloudWatch to track metrics and set alarms, which trigger EventBridge for automated actions. Through CloudWatch metrics, I noticed that once I added AutoCAD drawings for estimation, my EC2 instances were no longer sufficient—so I added another one to handle the extra workload. I also enabled AWS CloudTrail to log all actions across my account and routed those logs to AWS Config for auditing and compliance tracking.

Since low latency is important for accessing customer information, I added Amazon DAX (DynamoDB Accelerator) to improve read performance for my DynamoDB tables. After some sales, I began using Amazon Athena to analyze data in S3, like estimation files and invoices, to understand which services were generating the most revenue for my company.

To support growing demand and ensure the system remains responsive, I expanded the environment by configuring an Auto Scaling Group with up to 10 EC2 t2.micro instances. This way, whenever a customer submits multiple estimation requests—especially with heavy AutoCAD and Planswift files—the system automatically adds more instances to handle the load. I also placed an Elastic Load Balancer (ELB) in front of the Auto Scaling group to distribute traffic evenly and ensure high availability.

All components are isolated within a custom VPC, with public subnets hosting the front-end and private subnets running backend services like estimations and accounting. To deliver static content like product images and speed up the front-end experience, I added Amazon CloudFront as a CDN in front of the entire application.

After integrating Amazon Athena to analyze estimation and invoice data from S3, I added Amazon QuickSight to build interactive dashboards. This helps me quickly visualize trends, like which services are generating the highest revenue, and make more informed decisions based on customer behavior and seasonal demand.

As the project matured, I continued enhancing the system with user engagement, messaging, and cost controls. For customer login and identity management, I integrated Amazon Cognito, which allows secure sign-up, sign-in, and access control. When customers place an order, Amazon SNS sends them instant email confirmations. Later, I added Amazon Pinpoint to build more personalized and targeted communication campaigns—helpful for promotions or reminders after estimates are submitted.

To keep internal services loosely coupled and more resilient, I used Amazon SQS to queue estimation jobs separately from the main backend logic. This prevents delays even when one part of the system is under heavy load. For API communication between front-end and back-end, Amazon API Gateway helps manage secure, scalable access to backend services.

To deliver smarter user experiences, I experimented with Amazon Personalize to offer relevant service suggestions based on past interactions. On the financial side, I started using AWS Budgets, Cost Explorer, and other Billing and Cost Management Tools to track usage and avoid unexpected charges. Finally, AWS Trusted Advisor became my go-to assistant for ongoing optimization, continuously recommending improvements for performance, security, and cost-efficiency.

Security is woven throughout the entire architecture. All resources are deployed inside a custom VPC with carefully managed public and private subnets to isolate traffic. To defend against DDoS attacks, I rely on AWS Shield (Standard), and I’ve configured AWS WAF (Web Application Firewall) to block suspicious requests to the website. Firewall Manager makes it easier to apply consistent WAF rules across accounts. At the network level, AWS Network Firewall controls and inspects traffic within the VPC for advanced protection.

To detect and respond to threats, I use Amazon GuardDuty, which continuously monitors for malicious activity or unauthorized behavior. AWS Security Hub brings all findings together in one place for easy review. For ongoing visibility, AWS Systems Manager helps me patch EC2 instances, automate maintenance, and run secure remote commands. With this layered approach, my application is not only functional and scalable—but also well-guarded against threats.

In summary, building “Give You A Home Construction LTD” on AWS allowed me to create a flexible, scalable, and secure environment tailored to the unique needs of a self-employed construction business. By leveraging a mix of compute, storage, database, monitoring, and security services, I ensured that every part of the workflow—from customer estimation to invoicing and insights—is efficient and reliable.

This architecture not only supports current demands but is also ready to grow as the business expands, embracing automation, personalization, and cost management to stay competitive. If you’re considering moving your own business to the cloud, I hope this project provides useful insights and inspiration for your journey.

Created By Yao Zhang Using Eraser.io