Ascendro’s team designed and implemented an infrastructure model that supports DoorJam’s unique decentralized architecture while enabling the operational reliability needed for commercial release.

Multi-Environment SDLC Pipeline

We provisioned four isolated AWS environments; Development, QA, Staging (Beta), and Production; each with independent infrastructure, secrets, and deployment pipelines. Environments map to dedicated Git branches, with deployments triggered automatically on push.

Infrastructure as Code with CloudFormation

All AWS resources (API Gateway, Lambda functions, DynamoDB tables, S3 buckets, Cognito user pools, CloudFront distributions, and ACM certificates) are defined and deployed through CloudFormation stacks managed via GitHub Actions workflows.

The Portal infrastructure and Space infrastructure are maintained as separate CloudFormation stacks, with a smart update mechanism that detects changed Lambda functions or resource templates and deploys only what changed, avoiding unnecessary full rebuilds.

Decentralized space provisioning

When an artist creates a new Space on DoorJam, the system automatically provisions an entire AWS infrastructure stack in a dedicated hosting account. This includes Lambda functions, DynamoDB tables, API Gateway configuration, S3 buckets, CloudFront distributions, and IAM roles, all via automated CloudFormation deployment.

The system uses an intelligent resource limits check to determine whether to deploy the new space into an existing hosting account or automatically provision a new AWS account within the organization. This ensures the platform can scale horizontally without hitting per-account AWS service limits.

Smart Account Scaling

A custom resource limits check process monitors DynamoDB table counts, Lambda quotas, and other per-account limits across all hosting accounts and AWS regions. When limits approach, the system automatically generates a new AWS organization account, configures roles and permissions, and begins routing new spaces there, completely transparent to the artist.

Lambda performance optimization

Lambda cold starts and oversized deployment packages were identified as a key contributor to poor user experience. Ascendro implemented a systematic performance engineering playbook across all Lambda functions in both the Portal and Space environments.

Optimization techniques applied

• Marked AWS SDK v3 as external in Rollup bundler configuration, since AWS Lambda Node.js 18+ runtimes include the SDK pre-installed, eliminating it from deployment packages reduced bundle sizes by 35–60%
• Switched from wildcard imports to named imports for all AWS SDK commands (e.g., GetCommand from @aws-sdk/lib-dynamodb instead of the full library)
• Implemented DynamoDB client singleton pattern across Lambda handlers to reuse connections between warm invocations
• Replaced expensive DynamoDB FilterExpression patterns with properly indexed Global Secondary Index (GSI) queries
• Parallelized independent async operations using Promise.all() to eliminate sequential await chains
• Moved non-sensitive configuration from AWS Systems Manager Parameter Store (SSM) to Lambda environment variables, removing slow SSM reads on each invocation
• Added rollup-plugin-visualizer to the build pipeline for ongoing bundle size analysis
• Upgraded all Lambda runtimes from Node.js v18 to v20 across DEV, QA, and Beta environments

CI/CD Pipeline Implementation

Ascendro designed and implemented a comprehensive CI/CD framework covering Lambda function deployment, frontend builds, CloudFormation infrastructure updates, and cross-environment promotion workflows.

Pipeline Architecture

• Lambda CI/CD: Detects changed Lambda functions per push, builds only modified functions, creates versioned ZIP artifacts, uploads to environment-specific S3 buckets, and deploys via AWS Lambda update-function-code
• Frontend CI/CD: Environment-specific build scripts (build-dev, build-qa, build-beta) compile the React/Vite applications, upload artifacts to the correct S3 website bucket, and invalidate CloudFront distributions
• Infrastructure CI/CD: CloudFormation stack creation and update workflows handle both initial environment provisioning and incremental stack updates, with graceful skip logic when no changes are detected
• Space Update Flow: A selective deployment mechanism reads space configuration from stack-spaces-config.json, assumes the correct cross-account IAM role per space, and updates only the affected Lambda functions, API Gateway stages, or CloudFormation resources for that specific space

Version management across spaces

Because each Space runs an independently deployed stack, Ascendro implemented a versioning strategy that allows some artists to remain on stable versions while others adopt new features. This includes Lambda aliases (e.g., beta_v1, beta_v2), API Gateway stage versioning (/v1/, /v2/), versioned React app deployments in S3, and version metadata stored in DynamoDB for each space.

Each Space exposes a /metadata endpoint returning its current CloudFormation stack version, API version, and compatible Portal API versions, enabling the central portal to interact correctly with spaces regardless of their individual update state.

Payment system implementation

Ascendro designed and built a full-featured payment system supporting the three distinct monetization models on DoorJam: fan memberships, one-time purchases, and artist hosting fees.

Core components

• Stripe and PayPal SDK integration supporting recurring subscription billing, one-time purchases, and pay-as-you-go hosting plans
• Modular Artist Wallet system for income tracking, withdrawal management, and financial reporting
• Automated payout system connecting artist wallets to external payment providers for fund disbursement
• Smart charge logic for calculating hosting fees based on actual resource consumption
• Transaction logging, error handling, and retry mechanisms for payment reliability
• Admin financial dashboard for revenue tracking, subscription management, and dispute resolution
• PCI DSS and GDPR-compliant data handling throughout the payment pipeline