Lexio runs in the us-east-1 region


  • All parts of the application run in a VPC subnet if possible
  • For each group, we provision 4 subnets to cover 4 availability zones in the region. Services run in all available zones for high-availability.
  • The application load balancer (Layer 7) is deployed in the public subnet group and accepts traffic from the internet
  • Application services run in the private subnet group and only accept traffic from the public load balancer or each other
  • Databases and caches run in the secure subnet group

Application services assume IAM roles with the minimum required permissions to access customer data