The multi-tier application (three-tier, n-tier, etc.) has been a cornerstone architecture pattern for decades. The multi-tier pattern provides good guidelines for you to follow to ensure decoupled and scalable application components that can be separately managed and maintained (often by distinct teams). Multitiered applications are often built using a service-oriented architecture (SOA) approach to using web services. In this approach, the network acts as the boundary between tiers. However, there are many undifferentiated aspects of creating a new web service tier as part of your application. Much of the code written within a multi-tier web application is a direct result of the pattern itself. Examples include code that integrates one tier to another, code that defines an API and a data model that the tiers use to understand each other, and securityrelated code that ensures that the tiers’ integration points are not exposed in an undesired way.
Amazon API Gateway, a service for creating and managing APIs, and AWS Lambda2, a service for running arbitrary code functions, can be used together to simplify the creation of robust multi-tier applications. Amazon API Gateway’s integration with AWS Lambda enables user defined code functions to be triggered directly via a user-defined HTTPS request. Regardless of the request volume required, both the API Gateway and Lambda will scale automatically to support exactly the needs of your application. When combined, you can create a tier for your application that allows you to write the code that matters to your application and not focus on various other undifferentiating aspects of implementing a multi-tiered architecture—like architecting for high availability, writing client SDKs, server/operating system (OS) management, scaling, and implementing a client authorization mechanism.
More recently, AWS has announced the ability to create Lambda functions that execute within your Amazon Virtual Private Cloud (Amazon VPC)3. This feature extends the benefits of combining API Gateway and Lambda to include a variety of use cases where network privacy is required. For example, when you need to integrate your web service with a relational database that contains sensitive information. The integration of Lambda and Amazon VPC has indirectly expanded the capabilities of Amazon API Gateway because it gives developers the ability to define their own set of Internet-accessible HTTPS APIs in front of a backend that remains private and secure as part of Amazon VPC. You can observe the benefits of this powerful pattern across each tier of a multi-tiered architecture. This whitepaper focuses on the most popular example of a multitiered architecture, the three-tier web application. However, you can apply this multi-tier pattern well beyond a typical three-tier web application.
Three-tier Architecture Overview The three-tier architecture is a popular pattern for user-facing applications. The tiers that comprise this architecture include the presentation tier, the logic tier, and the data tier. The presentation tier represents the component that users directly interact with (such as a web page, mobile app UI, etc.). The logic tier contains the code required to translate user actions at the presentation tier to the functionality that drives the application’s behavior. The data tier consists of storage media (databases, object stores, caches, file systems, etc.) that hold the data relevant to the application. Figure 1 shows an example of a simple three-tier application.
The logic tier of the three-tier architecture represents the brains of the application. This is why integrating Amazon API Gateway and AWS Lambda to form your logic tier can be so revolutionary. The features of the two services allow you to build a serverless production application that is highly available, scalable, and secure. Your application could use thousands of servers, however by leveraging this pattern you do not have to manage a single one. In addition, by using these managed services together you gain the following benefits: -No operating systems to choose, secure, patch, or manage. -No servers to right size, monitor, or scale out. -No risk to your cost by over-provisioning. -No risk to your performance by under-provisioning. In addition, there are specific features within each service that benefit the multitier architecture pattern.