AWS just released AWS Virtual Waiting Room, an open source solution that integrates with current online and mobile applications. Furthermore, by buffering user requests during rapid traffic spurts, the method saves systems from resource fatigue.
Users are queued in a waiting area till their turn comes up in the open source solution. Furthermore, it protects the backend environment from traffic and eliminates the requirement for the backend to scale to accommodate all users at once. According to a recent AWS Compute blog article, the integration of AWS Virtual Waiting Room with a web or mobile application is dependent on four scenarios:
– Upstream traffic redirection from the primary target site to AWS Virtual Waiting Room – an option that sends all user traffic through the waiting room with the initial capacity of users allowed to the protected system.
– Downstream redirection from the target site to the virtual waiting room – an option that sends all traffic to the target site.
– Direct target site API integration, which allows consumers to be buffered from an existing website without being redirected — this option integrates the virtual waiting room at the API level.
– The OpenID Connect (OIDC) adapter is a no-code native connectivity option for the waiting room with OpenID Connect-enabled system components like the AWS Application Load Balancer (ALB).
The implementation of the AWS Virtual Waiting Room solution consists of three primary components:
– The basic techniques for tracking clients entering the waiting room are provided by core APIs. Two Amazon API Gateway installations, a VPC, multiple AWS Lambda functions, an Amazon DynamoDB database, and an Amazon ElastiCache cluster are among the code APIs’ key resources.
– Users who are waiting for their turn are displayed a waiting room front-end website, which is a static webpage. On a customizable interval, this site dynamically refreshes the position being served and their position in line.
– A lambda authorizer for the protected target system that encapsulates and protects the downstream APIs of the protected target system, guaranteeing that every user invocations have a valid time-limited token issued by the waiting room core API.