Designing a Cloud DAM
What does a digital asset management system do?
store, manage, organize and share digital files and assets across a team
A DAM system can have lots of features, image and video transforms, some store product information and additional metadata, link to ecommerce platforms like shopify. We’ll focus on a sub set of these features.
Objectives
We want to be offer a digital asset management solution in the cloud, hosted on AWS.
Technical constraints:
- must be easily scalable
- must be highly available
- multi-tenant
Our audience for this design will be the CTO.
We are going to use Amazon web services as our cloud provider, avoiding amplify and lighthouse, giving us potentially more work but more control over the solution.
Key Scenarios
We are not going to cover every aspect of a DAM, we will cover these core key scenarios:
- user login
- uploading assets
- searching assets
- creating image transforms
- using assets
Here is a simplified case diagram that shows our key scenarios:
Overview
- Application will be a single page web application
- Utilize serverless as it is scalable and cost effective
- Use cognito for user login
- RDS for the database and searching
- S3 to store assets
- Cloudfront as a CDN
- AWS Serverless image handler for transforming images
Candidate Solution
Web application UI
We will use a single page application, hosted in an S3 bucket, served via cloudfront CDN.
Authentication
We will use AWS Cognito for user authentication, specifically user pools feature, this allows us to manage users and groups. It will integrate with our lambda services allowing us to authenticate users and check tenant permissions. We can utilize the custom attributes feature to store tenant information.
Asset storage
We will use S3 to store assets, this will allow us to store large files and have a bucket per tenant.
Backend services
The backend will be an HTTP Api serverless application, using API Gateway and Lambda functions.
Database
We will use dynamodb as the database rather than RDS, as it is serverless and works well with lambda. We can also restrict access to tenants data using resource policies.
Multi tenant considerations
Each tennant would have its own bucket
