Workshop
GuardScript — Serverless Script Protection Platform
Deploying GuardScript on AWS
GuardScript is a script distribution platform with loader-based access control, built on a fully serverless AWS architecture. In this workshop, you will deploy the complete platform — from source code to a live, operational system — using AWS SAM and the AWS CLI.
What you will deploy
- AWS Lambda (Node.js 20.x) — Modular monolith API backend
- Amazon DynamoDB — 14 tables (PAY_PER_REQUEST) for all platform data
- Amazon S3 — Frontend hosting + encrypted script content storage
- Amazon CloudFront — CDN with edge routing and SPA URL rewriting
- API Gateway WebSocket — Real-time event broadcasting to clients
- Amazon CloudWatch — Alarms, operational dashboard, and structured logs
- AWS WAF — Edge request protection (optional)
Architecture
Client (browser / loader)
→ CloudFront Distribution (SSL termination, cache, SPA rewrite)
→ Static assets: S3 Bucket (frontend)
→ /api/*, /files/*: Lambda Function URL (API backend)
→ DynamoDB (14 tables)
→ S3 (script content objects)
→ API Gateway WebSocket API (real-time events)
→ CloudWatch Logs / Alarms / Dashboard
