Amazon Services Tech Stack
A comprehensive breakdown of all Amazon services used in the HearMe system, their purpose, usage, and the UI capabilities they support.
One-Page Summary
Storage
S3DynamoDB
AI/ML
TranscribeComprehendBedrock
Orchestration
EventBridgeStep Functions
Security
IAMKMSVPCCloudTrail
Analytics
AthenaQuickSight
Monitoring
CloudWatchMacie
Detailed Service Breakdown
Amazon S3
Primary data storage layer
Usage in System:
- Stores raw audio files (ingestion zone)
- Stores processed & anonymised transcripts
- Region-specific buckets for GDPR data residency
- Lifecycle rules for auto-deletion
Why Amazon S3?
Highly durable & scalable, native integration with Transcribe & Athena, supports SSE-KMS encryption
UI Features Supported:
Audio uploadTranscript viewingDownload anonymised dataRetention & deletion workflows
AWS KMS
Encryption & key management
Usage in System:
- Encrypts S3 audio & transcripts
- Encrypts DynamoDB data
- Encrypts logs & backups
Why AWS KMS?
Mandatory for HIPAA / GDPR, customer-managed encryption keys
UI Features Supported:
Compliance indicatorsEncryption status display (read-only)
Amazon EventBridge
Event-driven orchestration
Usage in System:
- Triggers workflows when audio is uploaded
- Triggers when processing completes
- Triggers when compliance alerts fire
Why Amazon EventBridge?
Decouples services, reliable serverless event routing
UI Features Supported:
Job status updatesReal-time pipeline progress
AWS Step Functions
Pipeline orchestration
Usage in System:
- Controls sequence: Transcription → PII detection → Anonymisation → Emotion analysis → Response generation
Why AWS Step Functions?
Visual state tracking, built-in retries & failure handling
UI Features Supported:
Processing timeline viewFailure state explanations
AWS Lambda
Serverless business logic
Usage in System:
- Triggered by S3 uploads
- Custom anonymisation logic
- Right-to-erasure workflows
- Alert triggers
Why AWS Lambda?
No server management, fine-grained execution control
UI Features Supported:
Retry actionsDeletion confirmationsAlerts & notifications
Amazon Transcribe
Speech-to-text conversion
Usage in System:
- Converts audio → text
- Speaker diarisation
- Medical Transcribe (HIPAA use cases)
Why Amazon Transcribe?
High accuracy, HIPAA-eligible service, audio metadata extraction
UI Features Supported:
Transcript viewerSpeaker labelsTime-stamped playback
Amazon Comprehend
NLP analysis & PII detection
Usage in System:
- Detects names, phone numbers, IDs
- Sentiment analysis
- Custom emotion classification
Why Amazon Comprehend?
Native PII detection, managed ML (no training needed)
UI Features Supported:
Emotion dashboardAnonymisation summaryExplainability panels
Amazon Bedrock
LLM-powered response generation
Usage in System:
- Generates empathy-aware responses
- Emotion-conditioned prompts
- Guardrail-enforced outputs
Why Amazon Bedrock?
Secure, private LLM access, guardrails for safety & compliance
UI Features Supported:
Generated response pageGuardrail indicatorsHuman-in-the-loop edits
Amazon DynamoDB
Low-latency metadata storage
Usage in System:
- Stores emotion scores
- Stores sentiment results
- Stores processing metadata
Why Amazon DynamoDB?
Serverless, real-time reads for dashboards
UI Features Supported:
Dashboard KPIsLive emotion indicators
Amazon Athena
Analytics & compliance querying
Usage in System:
- Query anonymised transcripts
- Audit & compliance reporting
- Trend analysis
Why Amazon Athena?
SQL over S3, no ETL required
UI Features Supported:
Analytics dashboardsExportable reports
Amazon QuickSight
BI & visualization
Usage in System:
- Emotion trends
- Department-wise heatmaps
- Management dashboards
Why Amazon QuickSight?
Native Athena integration, secure sharing
UI Features Supported:
Insights & analytics pages
AWS IAM
Security & access control
Usage in System:
- Role-based access (Admin, Analyst, Operator)
- Service-to-service permissions
Why AWS IAM?
Least privilege, compliance requirement
UI Features Supported:
Role-based UI visibilityAccess audit logs
AWS CloudTrail
Audit logging
Usage in System:
- Logs all access to transcripts
- Logs deletion actions
- Logs config changes
Why AWS CloudTrail?
Regulatory audit requirement
UI Features Supported:
Audit logs pageCompliance verification
AWS CloudWatch
Monitoring & alerting
Usage in System:
- Lambda errors
- Processing latency
- Alert thresholds
Why AWS CloudWatch?
Comprehensive monitoring, alerting capabilities
UI Features Supported:
System health widgetsAlert center
Amazon VPC + PrivateLink
Network isolation
Usage in System:
- Private communication between services
- No public internet exposure
Why Amazon VPC + PrivateLink?
Required for regulated data
UI Features Supported:
Indirect (security posture)
Amazon Macie
Continuous PII discovery
Usage in System:
- Detects accidental PII leaks in S3
Why Amazon Macie?
Automated compliance monitoring
UI Features Supported:
Compliance alertsRisk indicators