Enterprise-Grade Full-Stack System Design
This principal-level architectural design prompt provides comprehensive guidance for building an enterprise-grade women's eCommerce platform. It covers full-stack system design following modern best practices in scalability, security, observability, and cloud deployment.
The prompt emphasizes production-ready architecture with React frontend, Spring Boot backend, MySQL and Redis data layer, Apache Solr search, complete observability stack, AWS cloud deployment, and Terraform infrastructure as code. Includes detailed requirements for authentication, product management, shopping cart, checkout, payments, and admin operations.
Full product catalog, shopping cart, checkout, payments, order management, reviews, wishlist, and promotions engine
Apache Solr integration with faceted navigation, autocomplete, filters by category, price, size, color, and brand
JWT authentication, Google OAuth2, RBAC, CSRF/XSS prevention, GDPR compliance, PII encryption, and rate limiting
High-availability design with ALB, ECS Fargate, RDS Multi-AZ, ElastiCache, S3, CloudFront, and complete Terraform IaC
## 📌 Prompt: Enterprise-Grade Women's eCommerce Platform – Full-Stack System Design & Requirements **Role & Perspective** You are a **Principal Software Architect and Product Engineer** designing an **enterprise-grade Women's eCommerce platform**. Your task is to produce **production-ready architecture, system design, and implementation guidance** following modern best practices in scalability, security, observability, and cloud deployment. --- ### 1️⃣ Platform Overview & Architecture Design a **full-stack eCommerce platform** with a strict separation of concerns: * **Frontend** * React 18+ with TypeScript * Modern tooling (Vite or CRA) * Component-driven architecture * Responsive UI using Material-UI or Ant Design + Tailwind CSS * **Backend** * Spring Boot 3.x (Java 17+) * RESTful APIs * Clean layered architecture (controller, service, repository) * Production-grade security, caching, observability * **Infrastructure** * Docker & Docker Compose for local environments * Terraform for cloud infrastructure automation * Multi-environment support (dev, staging, prod) --- ### 2️⃣ Frontend Requirements Define a scalable React application that includes: * Folder structure (components, pages, hooks, services, store, utils, assets) * State management using Redux Toolkit + React Query * Authentication flows: * Username/password * Google OAuth * Secure token handling (JWT via localStorage or httpOnly cookies) * Axios interceptors for auth and error handling * Protected routes and role-based UI access * Product browsing: * Grid & list views * Filters (category, price, size, color, brand) * Search with autocomplete * Cart, checkout, wishlist, reviews, order history * Admin dashboard UI for products, orders, users, discounts, analytics * Performance optimizations (code splitting, lazy loading, image optimization) * Unit, integration, and E2E testing strategy --- ### 3️⃣ Backend Requirements Design a Spring Boot backend that includes: * Spring Web, JPA, Security, Validation, Actuator * MySQL with Hibernate ORM * Redis caching (Spring Data Redis, Lettuce) * Apache Solr for advanced product search * JWT authentication + Google OAuth2 * Role-based access control (USER, ADMIN) * API documentation using SpringDoc OpenAPI (Swagger) * Observability: * Structured logging (Logback + SLF4J) * Distributed tracing (OpenTelemetry) * Metrics (Micrometer + Prometheus) --- ### 4️⃣ Database Design Define a **normalized MySQL schema** supporting: * Users & OAuth identities * Addresses (multi-address per user) * Categories (hierarchical) * Products, variants (size/color), images * Cart & cart items * Orders & order items * Payments * Reviews & ratings * Wishlist * Promotions & coupons Include: * Indexing strategy * Foreign key constraints * Audit fields * Migration strategy using Flyway or Liquibase --- ### 5️⃣ Core Business Modules Design detailed workflows for: * Authentication & authorization * Product management & inventory * Shopping cart (guest + authenticated users) * Checkout (multi-step) * Orders lifecycle & payment handling * Reviews & ratings * Search & faceted navigation * Recommendation engine * Promotions & discount engine * Admin operations & reporting --- ### 6️⃣ Caching Strategy Define Redis caching for: * Product catalog * Categories * Search results * User sessions * Rate limiting * Guest carts Include: * TTL strategy * Cache invalidation rules * Cache-aside pattern * Serialization choices --- ### 7️⃣ Observability & Monitoring Design a **full observability stack**: * Centralized logging (Logback → Filebeat → Elasticsearch → Kibana) * Distributed tracing (OpenTelemetry → Tempo → Grafana) * Metrics (Micrometer → Prometheus → Grafana) * Correlation IDs * Alerts & dashboards for: * Errors * Latency * Orders & revenue * Infrastructure health --- ### 8️⃣ Docker & Local Development Define Docker & Docker Compose setup for: * Frontend * Backend * MySQL * Redis * Solr * Elasticsearch * Kibana * Filebeat * Prometheus * Grafana * Tempo * SonarQube Include: * Volumes * Health checks * Resource limits * Environment variables --- ### 9️⃣ AWS Cloud Architecture Design a **high-availability AWS architecture** including: * VPC with public/private subnets across AZs * ALB + ECS Fargate * RDS MySQL (Multi-AZ) * ElastiCache Redis * S3 for assets & images * CloudFront CDN * Route 53 DNS * CloudWatch monitoring * SNS & SES * Secrets Manager --- ### 🔟 Terraform Infrastructure as Code Define Terraform modules for: * VPC & networking * ECS & ECR * ALB * RDS * Redis * S3 & CloudFront * IAM roles & policies * CloudWatch & alarms * Secrets Manager * Auto scaling * State management (S3 + DynamoDB locking) --- ### 1️⃣1️⃣ CI/CD & Quality Gates Define CI/CD pipelines using GitHub Actions that include: * Build & test (frontend & backend) * Code quality (SonarQube) * Docker image build & push * Database migrations * ECS deployment * Blue-green deployments * Rollback strategies --- ### 1️⃣2️⃣ Security, Compliance & Performance Cover: * JWT security & OAuth * Rate limiting * CSRF/XSS/SQL injection prevention * Password policies * GDPR compliance * PII encryption * Performance optimizations (DB, Redis, async processing) * Frontend performance (Lighthouse 90+) --- ### 1️⃣3️⃣ Documentation & Testing Provide guidance for: * Technical documentation * API docs * Database ER diagrams * Runbooks * Unit, integration, and E2E testing * Load testing * Accessibility compliance --- ### 📌 Output Expectations * Do **not** write application code unless explicitly requested * Provide: * Architecture diagrams (described textually) * Design decisions * Checklists * Best practices * Production-ready guidance * Assume **enterprise scale, security, and observability requirements**
React 18+ with TypeScript, Redux Toolkit + React Query for state management, Material-UI/Ant Design + Tailwind CSS, protected routes, role-based UI access, and performance optimizations
Spring Boot 3.x with clean layered architecture, RESTful APIs, MySQL with Hibernate ORM, Redis caching, JWT authentication + Google OAuth2, SpringDoc OpenAPI documentation
Normalized MySQL schema with users, OAuth identities, multi-address support, hierarchical categories, product variants, cart, orders, payments, reviews, wishlist, and promotions
Centralized logging with ELK stack, distributed tracing with OpenTelemetry and Tempo, metrics with Micrometer and Prometheus, correlation IDs, and Grafana dashboards
Complete Docker Compose setup for frontend, backend, MySQL, Redis, Solr, ELK, Prometheus, Grafana, Tempo, and SonarQube with volumes, health checks, and resource limits
GitHub Actions pipelines with build, test, code quality checks via SonarQube, Docker image creation, database migrations, ECS deployment, blue-green deployments, and rollback strategies
Architecture First: This is a design-focused prompt. Focus on system architecture, data models, API contracts, and infrastructure design rather than implementation code.
Scalability Planning: Design for growth from day one. Consider caching strategies, database indexing, async processing, and horizontal scaling capabilities.
Security by Design: Implement security at every layer - authentication, authorization, data encryption, input validation, rate limiting, and GDPR compliance.
Observability First: Build comprehensive logging, tracing, and metrics collection from the start. Use correlation IDs to track requests across distributed systems.
Infrastructure as Code: Use Terraform to define all AWS resources, enabling version control, code review, and reproducible deployments across environments.