Forem: emmanuela Opurum

𝗔𝗺𝗮𝘇𝗼𝗻 𝗖𝗼𝗻𝗻𝗲𝗰𝘁 𝗖𝗼𝗻𝘁𝗮𝗰𝘁 𝗖𝗲𝗻𝘁𝗲𝗿 𝗼𝗻 𝗮 𝟯‑𝗧𝗶𝗲𝗿 𝗔𝗪𝗦 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲

emmanuela Opurum — Mon, 23 Feb 2026 10:07:36 +0000

I designed an architecture that blends a modern 3‑tier web application with a fully integrated Amazon Connect contact center. The goal was to create a seamless support experience where authenticated users can reach an agent instantly, and the agent receives full customer context the moment the call arrives.

The user journey begins on a web application delivered through Amazon CloudFront and S3. Authentication is handled by Amazon Cognito, which issues a secure JWT token that unlocks the full application experience, including access to support.
All authenticated requests flow through Amazon API Gateway, which validates the token before routing traffic to the application layer running on AWS Fargate behind an Application Load Balancer. The application interacts with DynamoDB for user profiles and S3 for transactional or historical data, keeping the environment scalable, resilient, and fully managed.

When a user selects “Contact Support,” a Lambda function is triggered behind the scenes. This function calls Amazon Connect APIs to initiate a contact, route the user to an available agent, and pass along the customer context automatically. There’s no need for IVR menus, the system already knows who the user is and what account they’re coming from.
Inside Amazon Connect, additional Lambda functions retrieve customer information from CRM. This data is surfaced directly in the agent workspace, giving the agent everything they need to assist the customer quickly and effectively. Once the interaction ends, the session is logged for analytics and compliance.

All call recordings and transcripts are stored in Amazon S3, with a lifecycle policy that automatically transitions data after 60 days into S3 Intelligent‑Tiering Flexible Retrieval to optimize long‑term storage costs. Analytics teams can query this data using Amazon Athena and build dashboards in Amazon QuickSight to uncover trends, customer behaviour, and agent performance insights.

This architecture brings together identity, application logic, customer context, and real‑time support into one cohesive flow. It’s a strong example of how AWS services can be combined to deliver a modern, intelligent, and efficient customer support experience.

hashtag#AWS hashtag#AmazonConnect hashtag#CloudArchitecture hashtag#Serverless hashtag#AWSCommunity hashtag#SolutionArchitecture hashtag#CloudComputing hashtag#AWSSolutionsArchitect hashtag#TechLeadership hashtag#Fargate hashtag#Lambda hashtag#DynamoDB hashtag#APIgateway hashtag#CloudCareers hashtag#WomenInTech hashtag#TechInnovation

𝗖𝗵𝗼𝗼𝘀𝗶𝗻𝗴 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗖𝗼𝗺𝗽𝘂𝘁𝗲 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗪𝗼𝗿𝗸𝗹𝗼𝗮𝗱

emmanuela Opurum — Fri, 23 Jan 2026 19:32:27 +0000

𝗣𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻-𝗥𝗲𝗮𝗱𝘆 𝗔𝗪𝗦 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲: 𝗖𝗵𝗼𝗼𝘀𝗶𝗻𝗴 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗖𝗼𝗺𝗽𝘂𝘁𝗲 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗥𝗶𝗴𝗵𝘁 𝗪𝗼𝗿𝗸𝗹𝗼𝗮𝗱
I designed a real-world, multi-tier AWS architecture that combines EC2, EKS, Lambda, and SQS, mirroring how modern engineering teams build scalable, resilient, and cost-efficient platforms in production.
•Serverless for frontend & lightweight APIs
•Kubernetes (EKS) for scalable microservices
•EC2 Auto Scaling for long-running batch workloads
•Event-driven design with SQS
•CI/CD + GitOps for safe, repeatable releases
•Terraform for full infrastructure automation
•CloudWatch & Prometheus for deep observability

This design shows how and why teams mix compute models to achieve high availability, operational efficiency, and production-grade reliability, not just how to deploy resources.
hashtag#DevOps hashtag#PlatformEngineering hashtag#CloudEngineering hashtag#AWS hashtag#EKS hashtag#Kubernetes
hashtag#Serverless hashtag#InfrastructureAsCode hashtag#Terraform hashtag#CloudArchitecture
hashtag#SRE hashtag#DevSecOps hashtag#CI_CD hashtag#GitOps hashtag#EngineeringCareers hashtag#Hiring

𝗗𝗲𝘀𝗶𝗴𝗻𝗲𝗱 𝗮 𝗣𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻‑𝗥𝗲𝗮𝗱𝘆 𝗠𝘂𝗹𝘁𝗶‑𝗥𝗲𝗴𝗶𝗼𝗻 𝗔𝗪𝗦 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 𝗘𝗞𝗦 | 𝗖𝗜/𝗖𝗗 | 𝗖𝗮𝗻𝗮𝗿𝘆 𝗗𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁𝘀 | 𝗗𝗥 𝗙𝗮𝗶𝗹𝗼𝘃𝗲𝗿

emmanuela Opurum — Mon, 19 Jan 2026 22:35:37 +0000

I designed a production-grade multi-region AWS architecture to demonstrate how cloud-native platforms achieve high availability, safe deployments, and resilient disaster recovery using Kubernetes and DevOps best practices.
𝗞𝗲𝘆 𝗛𝗶𝗴𝗵𝗹𝗶𝗴𝗵𝘁𝘀:
• Automated CI/CD pipelines pushing images to Amazon ECR
• Canary deployments with automated rollback on EKS
• Multi-region EKS (Active + Warm Standby)
• Route 53 failover for seamless regional recovery
• Aurora Global Database for fast failover and low-latency reads
• S3 Cross-Region Replication for durable storage
• CloudWatch + Prometheus for observability and rollback triggers
𝗛𝗼𝘄 𝗜𝘁 𝗪𝗼𝗿𝗸𝘀:
Traffic flows through Route 53 → CloudFront → WAF → ALB → EKS.
New releases roll out via canary pods in the primary region, while the DR region stays in sync.
On failure, traffic automatically shifts, clusters scale up, and the database is promoted.
This design reflects how enterprises build resilient, cost-optimised, and secure production systems.
hashtag#AWS hashtag#DevOps hashtag#DevSecOps hashtag#EKS hashtag#CloudArchitecture hashtag#SRE hashtag#PlatformEngineering

Modernizing Legacy Systems with AWS: Scalable, Secure & AI-Ready

emmanuela Opurum — Tue, 29 Jul 2025 21:56:23 +0000

In today’s business landscape, organizations face the critical need to modernize legacy applications to not only enhance performance but also unlock capabilities for real-time analytics, AI integration, and scalable operations.

As a Solutions Architect, I recently spearheaded the development of an AWS architecture that facilitated a client's transition from a legacy on-premise monolithic system to a cutting-edge cloud-native microservices platform. The primary objective was to align with performance, security, and AI-readiness goals.

Business Need:

High operational costs associated with legacy monolithic systems
Lack of support for real-time data processing and machine learning workloads
Downtime during updates and limited horizontal scalability
Complex compliance and audit trail requirements

AWS Cloud-Native Solution (Best Practices Aligned):

Leveraging Amazon EKS for secure and scalable container orchestration
Utilizing AWS App2Container to transform monolithic structures into Dockerized workloads
Implementing Amazon RDS + ElastiCache for high-performance and scalable data layers
Employing Amazon S3 + AWS Glue + Athena for real-time analytics and ML readiness
Harnessing Amazon SageMaker for operationalizing AI/ML workloads
Ensuring security and compliance through IAM, CloudTrail, and GuardDuty for a zero-trust environment

Outcomes Achieved:

70% reduction in deployment time
Enhanced real-time analytics and AI-powered decision-making
Seamless CI/CD integration with AWS CodePipeline
Robust, secure, and cost-optimized infrastructure

Modernization goes beyond mere migration; it entails a holistic transformation of your business model. Explore the architecture diagram below, crafted using Lucidchart.

Deploying a Static Website with S3 and CloudFront: A Simple and Scalable Solution

emmanuela Opurum — Wed, 26 Feb 2025 08:30:35 +0000

When it comes to hosting static websites, Amazon Web Services (AWS) provides an excellent combination of S3 and CloudFront to deliver fast, secure, and scalable content. Whether you're launching a personal portfolio, a blog, or any other static content, AWS offers an ideal solution for high-performance delivery across the globe. In this article, I'll guide you through deploying a static website using S3 and CloudFront.

Architecture Overview

The architecture follows a simple flow:

Diagram Flow:

👤 User (Client Browser) → 🌐 Internet (Request via CloudFront URL) → 🚀 CloudFront (CDN for Fast Delivery) → 📦 S3 Bucket (Stores Website Files) → 🔒 IAM (Access Control) → 📤 CloudFront Delivers Content

Key Security Requirement:

The S3 bucket should not be directly accessible from the internet. Instead, access should be restricted to CloudFront only.

Step 1: Set Up S3 Bucket

Go to the AWS S3 Console and create a new S3 bucket.
Ensure the bucket name is globally unique.
Disable public access to the bucket by keeping the default settings.
Upload your static website files (HTML, CSS, JavaScript, images, etc.).
Do not enable Static Website Hosting as CloudFront will serve the content.

Step 2: Configure IAM for Secure Access

To restrict direct access to the S3 bucket:

Go to AWS IAM and create an IAM policy.
Use the following policy generated by AWS= to allow CloudFront to access your S3 bucket:

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Effect": "Allow",
               "Principal": {
                   "Service": "cloudfront.amazonaws.com"
               },
               "Action": "s3:GetObject",
               "Resource": "arn:aws:s3:::your-bucket-name/*",
               "Condition": {
                   "StringEquals": {
                       "AWS:SourceArn": "arn:aws:cloudfront::your-account-id:distribution/your-distribution-id"
                   }
               }
           }
       ]
   }

Attach this policy to your S3 bucket.

Step 3: Set Up CloudFront Distribution

Go to AWS CloudFront Console and create a new CloudFront distribution.
Select S3 bucket as the origin and configure it:
- Origin Access Control (OAC): Enable OAC to restrict access to the S3 bucket.
- Restrict Bucket Access: Yes.
- Bucket Policy: Update to allow CloudFront access only.
Configure settings for performance and security:
- Enable caching to improve performance.
- Enable HTTPS for secure content delivery.
- Restrict viewer access if required.
Deploy the CloudFront distribution and note the CloudFront domain name.

Step 4: Test Your Website

Wait for CloudFront to propagate (can take up to 7-15 minutes).
Visit your CloudFront URL (https://your-cloudfront-url.cloudfront.net).
Verify that the website loads correctly and that direct access to the S3 bucket URL is denied.

Why This Setup Works

Security: Direct S3 access is blocked, ensuring only CloudFront serves your content.
Performance: CloudFront caches content at edge locations, reducing latency.
Scalability: AWS handles traffic spikes without additional configuration.
Cost-Effective: S3 storage and CloudFront’s pay-as-you-go pricing keep costs low.

Final Thoughts

Deploying a static website using S3 and CloudFront is an efficient, scalable, and secure way to ensure fast delivery of your content worldwide. By combining the reliability of S3 for storage with CloudFront’s global CDN capabilities, you can achieve superior performance for your static website with minimal effort. Whether you're just starting or refining your deployment process, AWS provides a powerful and cost-effective solution.

Have you deployed a static website using AWS? Share your thoughts and experiences in the comments!