Skip to content

GREENFIELD AWS FOR MARKET EXPANSION

AWSTerraformGreenfieldGaming

Greenfield AWS infrastructure in sa-east-1 for a Czech gaming company expanding into the South American market, sized for 1K-5K req/s and tens of thousands of daily active users.

Architecture

  • VPC10.x.x.x/16 CIDR, 3 Availability Zones, 3 public subnets + 3 private subnets
  • Multi-tier compute:
    • 2x CloudFront CDN distributions with HTTP/2, HTTP/3, and Lambda@Edge for edge logic
    • Application Load Balancer routing traffic to backend services
    • EC2 instances in private subnets, managed exclusively via SSM Session Manager (no SSH bastion)
  • Multi-AZ RDS MySQL 8.0 with auto-scaling storage up to 1.5 TB
  • Redundant Site-to-Site VPN with 2 customer gateways for reliable connectivity back to the Czech data center
  • Full security stack:
    • KMS with automatic key rotation for encryption at rest
    • Multi-region CloudTrail for API audit logging
    • AWS Config for continuous resource compliance monitoring
    • VPC Flow Logs for network traffic analysis
    • Security Hub for centralized security findings
    • GuardDuty for threat detection
  • Terraform for all infrastructure provisioned as code

Key Outcomes

  • Production-ready infrastructure delivered on schedule for South American market launch
  • Architecture optimized for latency-sensitive gaming workloads via CloudFront edge distribution
  • High availability with multi-AZ database, redundant VPN tunnels, and 3-AZ subnet layout
  • Zero public SSH exposure — all instance access through SSM Session Manager