Secure E-Commerce Architecture

Browser

CDN / WAF

App / API (blue/green)

Auth (OIDC)

Observability

Cache (Redis)

Payments (Hosted)

DB Primary (PostgreSQL)

DB Replica (Read-only)

Object Storage (S3)

MQ / Workers

Developer

PR opened

CI Pipeline

G1: Unit • SAST • SCA

G2: Build & SIGN artifact (artifact + hash + sig + SBOM)

Staging

G3: Deploy to STAGING (blue)

G4: E2E • DAST • PERF (p95/p99 SLOs)

Production

G5: CANARY 5–10% traffic (error budget guards)

Auto-ROLLBACK hooks

G6: Full rollout (blue→green)

Assignment 3