SDK

Low-Code

Workflow

DWS API

Secure AWS private cloud infrastructure for enterprises

This guide provides a detailed overview of Nutrient Workflow Automation Platform’s AWS private cloud infrastructure, highlighting key components designed for enterprise security, scalability, and performance. It covers our use of virtual private clouds (VPCs), secure SSL communication, load balancing, and high availability through EC2 instances. Additionally, you’ll learn about our optimized database solutions using Amazon RDS for Microsoft SQL and a SaaS MongoDB deployment, along with optional enhancements like ElastiCache for improved caching and scalability. This comprehensive overview is intended to help developers and IT professionals understand the architecture supporting Workflow Automation’s secure and resilient cloud environment.

private-cloud-architecture.png

Architecture overview

All private clouds are self-contained within their own virtual private cloud (VPC) or utilize SSL communication when connecting to external resources to ensure security. We use an Amazon Application Load Balancer (ALB) both as a firewall and to manage SSL termination.

Our application servers run on EC2 instances, allowing horizontal scaling to maintain high availability. MongoDB is deployed as a SaaS solution hosted in AWS, with encrypted communication to secure data in transit. Microsoft SQL Server is implemented using Amazon RDS for enhanced security, performance, and flexibility.

Core components

Firewall and load balancing

  • Amazon Application Load Balancer — Acts as a firewall device and performs SSL termination by translating incoming HTTPS (port 443) traffic to HTTP (port 8080) within the secure VPC environment.

Application server

  • Instance type — EC2 t3.medium running Windows Server 2016

  • Resources — 2 vCPUs, 4 GB RAM, 40 GB system drive, 100 GB data drive

  • Services — Runs Redis by default; stores all file-based assets (attachments, reports, etc.)

Database servers

Microsoft SQL Server

  • Instance type — RDS t2.small running SQL Server 2017 Web Edition

  • Resources — 1 vCPU, 2 GB RAM, 100 GB storage

  • Security — Supports remote customer access over SSL-encrypted connections

MongoDB

  • Hosted as an autoscaling SaaS solution through Compose

  • Uses encrypted communication for data security

Email communication

  • All emails are routed through a centralized cloud mail server to simplify troubleshooting of notification issues.

Optional enhancements

  • ElastiCache — Can be deployed within the VPC to offload Redis from the application server, improving performance.

  • Additional application servers — More EC2 instances can be added to support increased traffic loads and ensure high availability.

  • Database scaling — Amazon RDS can be easily scaled up to meet growing database performance and storage demands.