Core Infrastructure Specs
1. Architecture Overview
High-level system topology. Global Load Balancing, Cloud CDN edge caching, and the dedicated tier-split between the primary API and the SSE Streaming service.
2. Compute & Scaling
Details on the .NET Native AOT compilation, Cloud Run auto-scaling mathematics, and the specific Max-Concurrency=1000 tuning for Server-Sent Events.
3. Edge Security
Cloud Armor WAF definitions, Adaptive Protection setup, rate limiting boundaries, and default timeout mitigation strategies.
4. Storage & Media
Direct-to-GCS upload flows via Presigned URLs. Explicit error handling mechanisms for checksum mismatches and object corruption.
5. Terraform Configuration
Infrastructure as Code dependency graphs. Highlights the URL Maps separating the Primary API default backend from the 3600s timeout SSE backend.
6. Spanner & Redis Schema
Complete data model. Showcases PostgreSQL dialect schemas, UUIDv4 enforcement, `INTERLEAVE IN PARENT` hierarchies, Sharded Counters, and Stateless Redis Auth.
Live Topology Map
graph TD
classDef default fill:#1a1a1c,stroke:#2a2a2c,stroke-width:1px,color:#fff,rx:8px,ry:8px;
classDef gcp fill:#1a1025,stroke:#8b5cf6,stroke-width:2px,color:#fff,rx:8px,ry:8px;
classDef db fill:#0f172a,stroke:#3b82f6,stroke-width:2px,color:#fff,rx:8px,ry:8px;
Client[Mobile App Client]
subgraph "Google Cloud Edge"
CA[Cloud Armor WAF & Rate Limiting]:::gcp
ExtLB[External HTTPS Load Balancer]:::gcp
CDN[Cloud CDN]:::gcp
end
subgraph "Serverless Compute Tier"
CR[Cloud Run: Primary API]:::gcp
CR_SSE[Cloud Run: Dedicated SSE Streamer
Timeout: 3600s]:::gcp
end
subgraph "State & Storage Tier"
Spanner[(Cloud Spanner
Interleaved Data & Sharded Counters)]:::db
Redis[(Memorystore Redis
Auth & Fast Aggregates)]:::db
end
GCS[(Cloud Storage Bucket
Assets & Media)]:::db
%% Flows
Client -->|API Requests| CA
Client -->|Binary Uploads PUT| GCS
CA --> ExtLB
ExtLB --> CDN
CDN --> CR
ExtLB -->|URL Map: /notifications/stream| CR_SSE
CR -->|Read/Write Data| Spanner
CR -->|Sessions/Cache| Redis
CR -->|Generate Signed URLs| GCS
CR_SSE -->|Read Stream| Spanner
Terraform Dependency Graph
graph TD
classDef default fill:#1a1a1c,stroke:#2a2a2c,stroke-width:1px,color:#fff,rx:8px,ry:8px;
Network[VPC Networks] --> Redis[Memorystore Redis]
Network --> Spanner[Cloud Spanner Instance]
Secret[Secret Manager] --> ServiceAccount[Cloud Run Service Account]
ServiceAccount --> Bucket[GCS Asset Bucket]
ServiceAccount --> Spanner
Docker[Artifact Registry] --> CR[Cloud Run Service - Primary]
Docker --> CR_SSE[Cloud Run Service - SSE]
NEG[Serverless NEG - Primary] --> LBBackend[Backend Service - Default]
NEG_SSE[Serverless NEG - SSE] --> LBBackend_SSE[Backend Service - 3600s Timeout]
CR --> NEG
CR_SSE --> NEG_SSE
LBBackend --> CDN[Cloud CDN]
URLMap[URL Map] -->|Path: /*| LBBackend
URLMap -->|Path: /api/v1/notifications/stream| LBBackend_SSE
URLMap --> LB[External HTTP/S Load Balancer]
ArmorPolicy[Cloud Armor Policy] --> ArmorRules[Cloud Armor Rules]
ArmorRules --> LB
API Endpoints & Data Dependencies
All endpoints are mapped directly to their backing Spanner tables and Redis caching mechanisms. Click any route to view its full technical payload and side-effects.