- Design the full end-to-end IoT platform architecture: device connectivity layer → MQTT/protocol ingestion → stream processing → time-series storage → REST/GraphQL API layer → real-time WebSocket delivery
- Define the multi-tenant data model: strict data isolation between customers, tenant-scoped API tokens, row-level security
- Design the device lifecycle system: provisioning, X.509/JWT authentication, device registry, status tracking, decommissioning
- Architect the protocol abstraction layer so MQTT, Modbus, OPC-UA, CoAP, and HTTP devices all normalise to the same internal data model
- Design a configurable rule engine: event-condition-action rules for alerts, automations, and integrations — no code required from customers
- Plan OTA firmware update management: secure delivery, versioning, rollback, fleet orchestration
- Write Architecture Decision Records (ADRs) for every major technical choice — nothing undocumented
- Design the scaling path from 100 devices (pilot) to 500,000+ (production) without structural rework
- Build core platform services from scratch: device management, telemetry ingestion, rule engine, notification/alerting, OTA update, multi-tenant API gateway
- Develop REST and GraphQL APIs with full OpenAPI specification — version-controlled from Day 1
- Implement WebSocket and SSE endpoints for real-time telemetry delivery to web and mobile clients
- Build device command-and-control with acknowledgement, retry logic, and timeout handling
- Implement device shadow service: last-known state of every device accessible even when offline
- Write unit, integration, and load tests — no service reaches staging without test coverage
- Own service reliability: SLO definitions, alerting runbooks, on-call incident response
- Provision and manage all AWS environments (dev, staging, production) using Terraform — no click-ops
- Configure AWS IoT Core: MQTT endpoint, topic namespace, rules engine, certificate management
- Set up CI/CD pipelines via GitHub Actions for all backend services
- Configure CloudWatch monitoring, log aggregation, and automated health alerts
- Manage IAM for all team members — least-privilege access, no shared credentials
- Hand off infrastructure fully documented when a DevOps engineer joins in Phase 2
DockerGraphQLNode.js+12 more