Design and Build a scalable Ecommerce Platform on AWS
This article describe the problem statement of the project we'll be looking at over the next series of articles. The goal is to build this system from scratch - from the frontend pages, backend apis, database integrations and Cloud infrastructure
Problem statement
You're building an e-commerce platform for a small-to-medium enterprise (SME) selling handmade, eco-friendly products. The company expects seasonal traffic spikes (especially during sales like Earth Day, Black Friday), and they need the site to be highly available, scalable, and secure. They also plan to expand globally within the next year.
The MVP (minimum viable product) must be ready to handle 5,000 daily users with the capability to scale to 50,000 during sales events.
The CEO loves "serverless" buzzwords, but they’re open to containers if needed.
Business Requirements (Detailed)
1. Core Functional Requirements
- Customers must browse products, add to cart, checkout, and receive email confirmations.
- Admins need an internal dashboard to manage inventory, orders, and customer data.
- Orders should trigger payment processing (assume you’re using Stripe).
- Inventory must update in real time to avoid overselling.
- Support for user accounts, including password reset and MFA.
- All product images and static assets must load quickly worldwide.
2. Non-Functional Requirements
- Scalability: Must handle spikes in traffic without downtime.
- Availability: 99.9% uptime (no single points of failure).
- Security:
- PCI-DSS compliance for payment data (Stripe handles most of it, but your app must be secure).
- Customer data must be encrypted at rest and in transit.
- Protection from common web attacks (SQL injection, XSS, DDoS).
- Performance: Page load time under 3 seconds globally.
- Observability: Full monitoring, logging, and alerting for failures.
- Cost Optimization: Minimal operational overhead; pay-for-use preferred.
3. User Requirements
- Customer Portal: Browse catalog, search products, checkout process.
- Admin Portal: CRUD for products, view orders, manage customers.
- Authentication: Cognito (or something equivalent), with social login (Google, Facebook).
4. Data Requirements
- Product catalog (name, price, description, image, stock).
- Customer data (PII, shipping info, order history).
- Orders (customer, items, payment status, shipping status).
- Audit logs (who did what, and when).
5. Operational Requirements
- CI/CD pipeline: Push to main → automatic build, test, deploy.
- Blue/Green or Canary deployments for releases.
- Disaster recovery: Backup and restore within 4 hours (RTO). Data loss no more than 15 minutes (RPO).
- Cost reporting: Regular cost monitoring and alerts for unusual spikes.
6. Compliance & Legal
- GDPR compliance (data deletion on request, explicit consent for data processing).
- PCI-DSS (payment handling done through Stripe, but secure the backend and database).
- Data residency: Store customer data in EU and US regions based on customer location.
Next steps?
The next article will talk about Core Functional Requirements and the microservices we will be building to ensure we have an MVP.