📝 Architectural Decision: Login DB and Audit DB on Same Server (MVP/Portfolio Stage)

 Absolutely! Here’s how you’d document and talk through this architectural decision in a professional “Decision Record” or system README—including business context, tradeoffs, risks, and migration path.

You’ll see this kind of reasoning at Stripe, AWS, or in real SaaS “portfolio” projects.

📝 Architectural Decision: Login DB and Audit DB on Same Server (MVP/Portfolio Stage)

Context & Business Rationale

  • Goal:
    Rapidly deliver a working proof-of-concept (POC) and MVP for Echo’s authentication and audit logging, to support demos, portfolio, and low-volume production use.

  • Customer:
    Early-stage SaaS founders, technical stakeholders, engineering teams evaluating or demoing the platform.

  • Drivers:

    • Minimize infrastructure and hosting costs while features and product-market fit are still being validated.

    • Keep operational complexity low for fast iterations.

    • Portfolio/demo-level traffic only—no expectation of high scale or production regulatory audits yet.

Decision

  • Both the login (identity) database and the audit/message-queue database are hosted on the same MySQL server instance.

  • Queue-based audit logging is still used—all audit events pass through a durable queue before landing in the audit table, to support decoupling, retries, and migration later.

Tradeoffs

Pros

  • Simplicity:

    • Fewer moving parts for a single developer or small team to maintain.

    • One backup, one monitoring setup, one set of credentials.

  • Speed:

    • Fast iteration and deploys—MVP delivered in days, not weeks.

  • Cost:

    • Lowest possible infra bill—suitable for portfolio, demo, or pre-revenue startup.

Cons / Risks

  • Single Point of Failure:

    • If the DB fails, both authentication and audit logs are lost.

  • Lower Durability:

    • Compromise, deletion, or corruption impacts both systems at once.

  • Limited Compliance:

    • Not suitable for SOX/SOC2 in production: auditors want physically/virtually separated audit logs.

    • Tamper-evidence is weaker—insiders with DB access can potentially alter both login and audit history.

  • Scalability:

    • Harder to scale, shard, or migrate one part of the system independently.

  • Migration Needed for Growth:

    • As customers, traffic, or regulatory needs grow, you’ll need a migration plan to split the DBs.

Mitigations & Best Practices (Even in MVP)

  • Use a queue for all audit events—don’t tie logging directly to transactional logic.

  • Automate regular, offsite backups (even S3/GDrive).

  • Limit DB user privileges (separate MySQL users for app and for DB admin).

  • Log every admin access to the server.

  • Document risks and migration plans from day one (so you’re not surprised later).

Migration Path (When to Uplevel)

  • When moving to production, or taking on real customer data/compliance:

    • Split audit logging to a dedicated DB/cluster/service, on a separate server/cloud.

    • Use the same message-queue and consumer, just point to new infra.

    • Optionally add tamper-evident/immutable storage for audit logs (e.g., append-only S3, write-once volumes).

    • Rotate credentials, update incident and backup plans.

Why This Is Acceptable for Portfolio/MVP

  • Performance:

    • Easily supports hundreds to low-thousands of requests/sec with modern MySQL on a small server.

  • Latency:

    • Local network = fast, suitable for demos and POC.

  • Audit Coverage:

    • All user and system actions are still logged, searchable, and available for review and improvement.

  • Customer Understanding:

    • Early customers/CTOs know the value is in fast iteration—not infra perfection at the demo stage.

Summary Table

Aspect Decision/Status
Infra Cost Minimal (one DB server)
Security Good for demo; limited isolation
Compliance OK for portfolio; not SOX/SOC2
Performance Excellent at low/medium scale
Migration Path Well-defined; easy with queue

This decision allows us to ship fast, learn fast, and prove value—while keeping a clear path to full compliance and scale as the product matures.

Want an example Decision Record for your repo, or a Markdown template for these decisions? Let me know!

Comments

Post a Comment

Popular posts from this blog

Feature: Audit log for one login, and identity service

Image
Customer (Product) Page High-Level System Design Diagram (PlantUML) Sequence Diagram: Audit Event Ingestion Sequence Diagram: Orchestration Event For a High-Level System (Component) Diagram The queue is implemented as message_queue (generic), and the audit log service consumes from it, writing to a dedicated audit_log table. The logging service also consumes from the same message_queue and writes to log_store. Orchestration/other services use the same queue. Summary Table: What Writes Where Event Type Goes Into Consumed By Final Storage audit message_queue Audit Log Service audit_log table log message_queue Logging Service log_store table doc_uploaded message_queue Orchestration Worker (business DB, or triggers next event) ocr_ready message_queue Notification Worker, etc. (notification log, etc.)  Core Tables message_queue – universal event bus (temp buffer) audit_log – immutable audit/compliance events log_store – application logs (op...
Read more

Getting started - Build your data science lab environment

This guide explains how to set up a complete data science environment for the udemy program. A proper setup ensures compatibility and avoids recurring environment issues.  1. Overview Goal : Create a full-featured environment with sufficient resources for all course exercises. Recommendation : Use Anaconda for the most reliable setup. Alternative : Use a Python virtual environment with pip if Anaconda isn’t working. 2. Setup Options Primary (Recommended) Create a dedicated Anaconda environment (isolated, compatible). Alternative Use a standard Python virtualenv + pip (faster but less reliable). 3. Windows Setup Steps Clone Course Repository git clone https://github.com/ed-donner/llm_engineering/ Follow the repository’s README.md instructions for additional setup details. Create Anaconda Environment Inside the llm_engineering folder: conda env create -f environment.yml ⏳ This may take several minutes. Activate the environment: conda activate llms Deactivat...
Read more

QA - Run #1 - Results

Image
# QA Report for Tag QA_July2025_A - **Tag/Commit:** QA_July2025_A (`f32abc1`) - **Date:** 2025-08-01 - **QA Outcomes:** All tests passed except for file upload (see below)... - **Environment:** Windows 10, Python 3.12, requirements.txt as of tag - **Notes:** See log for detailed results. ## Issue Found - **Step:** - **Bug:** - **Log excerpt:** - **Screenshot:** For this QA run, we begin with pristine state by: Stop all services Delete logs.db, and jobs.db Delete all files in doc_store folder Start all services Test, you should see no data on index page, and query should result in no data found error Next, go ahead and upload new1.txt, and after that new2.txt Issue the query: "can you summarize all of the todo items you can find, seperating each one on a single line, with due date first, then title, and description with any details you can augment" Expected Answer: - August 1, 2025: Respond to Amira and discuss weekend plans - August 3, 2025: Go to Somesh class and finish ta...
Read more