Deployment Architecture

Hosting Infrastructure

Platform: Amazon Web Services (AWS) (Dockerised deployment for all environments: Development, Staging, Production).

Environments

· Development: Separate infrastructure with a PostgreSQL database instance.

· Staging: Separate infrastructure with a PostgreSQL database instance.

· Production: Separate infrastructure with a PostgreSQL and secured Virtual Private Cloud (VPC).

System Components

· Frontend: Web app accessed via browsers.

· Backend: APIs for handling business logic.

· Database: PostgreSQL instances for development and staging; Relational Database Service (RDS) for production.

· Sunbird Registry: Managed as a microservice for registry needs.

Security Measures

· HyperText Transfer Protocol Secure (HTTPS) for secure communication.

· VPC for restricting Production access.

· Keycloak for authentication.

· Encryption and role-based access controls to protect data.

· Public Key Infrastructure (PKI) to cryptographically sign issued Verifiable Credentials (VCs).

· An audit trail is provided to show who accessed or updated records, enhancing accountability and reducing fraud.

Storage Solution

· Amazon Simple Storage Service (AWS S3) for file storage.

Deployment Process

Continuous Integration/Continuous Deployment (CI/CD) with GitHub Actions:

· Tag-based deployment for development.

· Commit-based deployment for staging and production.