System Architecture
Serverless, audit-first design on AWS — DynamoDB is the system of record.
Request path
Next.js
App Router / RSC
API Routes
Route Handlers
DynamoDB
EvidenceOps
Audit event pipeline (roadmap)
Audit Events
DynamoDB (live)
EventBridge
planned
Lambda
planned
S3
planned
Today, every reviewer decision is written append-only to DynamoDB with a versioned provenance chain (live). The fan-out path — DynamoDB Streams → EventBridge → a Lambda that assembles immutable audit packs into S3 — is the planned next step; audit-pack metadata and lifecycle status are already modeled in the table.
DynamoDB single-table access patterns
EvidenceOps · us-east-1| Entity | Operation | Key condition |
|---|---|---|
| Project | GetItem | PK=PROJECT#<id>, SK=META |
| Cohort | Query | PK=PROJECT#<id>, begins_with(SK, COHORT#) |
| Sample | Query | PK=COHORT#<id>, begins_with(SK, SAMPLE#) |
| Sample (by decision) | Query GSI1 | GSI1PK=COHORT#<id>, GSI1SK=DECISION#<state> |
| PGx Run | GetItem | PK=SAMPLE#<id>, SK=RUN#latest |
| Audit Event | Query | PK=AUDIT#<entityId>, begins_with(SK, EVENT#) |
| Audit Pack | GetItem | PK=PACK#<id>, SK=META |
Version manifest
PGx Engine
v1.3.2
Evidence Base
2026.06
Region
us-east-1