KairoAI Systems
Back to Playbooks
Resilience & Edge

Multi-AZ edge delivery with CloudFront, API Gateway, and Lambda

Stand up an edge-aware stack that keeps ingest, compute, and static delivery healthy across Availability Zones.

What this covers

Architecture, deployment, scaling, failure drills, and security controls for a dual-AZ edge footprint with serverless ingestion and S3 origin failover.

Implementation trail

  • Foundation and networking prerequisites
  • Template deployment and DNS cutover
  • Ingestion routing and fan-out patterns
  • Scaling, cache, and AZ-failure handling
  • Operations, observability, and security

Lay down VPC and edge foundations

Allocate two public subnets across AZs, attach an internet gateway, and ensure ALB and API Gateway endpoints are reachable through CloudFront.

  • Parameterize VPC and subnet CIDRs in the template to match your landing zone conventions.
  • Keep ALB and instance security groups minimal-HTTP/HTTPS from the world and SSH only from trusted CIDRs.
  • Enable CloudFront origin failover so static assets can flow from S3 if the ALB origin degrades.

Deploy and cut over traffic

Deploy cf_templates/multi-az-edge-workload.yaml, then point DNS at the CloudFront distribution or attach a custom domain with ACM.

  • Seed health checks for ALB targets before sending production traffic.
  • Validate CloudFront behaviors for static assets versus API paths backed by API Gateway and Lambda.
  • Warm caches for high-traffic paths to reduce cold-start latency during launch.

Keep ingestion online across AZs

Route ingestion to API Gateway (HTTP API) that triggers Lambda to fan out to Kinesis or S3; keep Lambda outside subnets unless VPC access is required.

  • Enable throttling and JWT/authorizer controls on API Gateway to manage bursty producers.
  • Use DLQs for Lambda and monitor function errors alongside API Gateway 5xx metrics.
  • Keep stateful dependencies (RDS/DynamoDB) in Multi-AZ or global table mode for consistent ingest.

Scale and recover from AZ loss

Let the Auto Scaling Group span both AZs with cross-zone load balancing on the ALB; temporarily raise desired/max capacity when one AZ is impaired.

  • Tune scaling policies on CPU or request counts and ensure instance profiles allow S3/CloudWatch access for bootstrap scripts.
  • Document runbooks for promoting capacity in the healthy AZ and draining impaired nodes.
  • Confirm CloudFront health checks continue to pass when only one AZ serves traffic.

Operate with observability and guardrails

  • Create CloudWatch dashboards for ALB 5xx, Lambda errors, API Gateway latency, and ASG capacity.
  • Mirror TLS enforcement end-to-end and attach AWS WAF to CloudFront for L7 protections.
  • Schedule game days that rehearse CloudFront origin failover and AZ-isolation scenarios.

Need resilient edge delivery patterns?

We can deploy and harden the CloudFront, API Gateway, and ALB stack so ingestion and user traffic stay healthy across AZ events.

Plan your edge stack