Back to projects
2nd place CityServe track, 4th overall at the AWS x GCU Cloudathon

CityServe

Serverless AWS platform that walks CityServe staff through the correct NIST SP 800-88 device-sanitization procedure and automatically produces tamper-evident compliance certificates for every drive wiped. Built in 24 hours for the AWS x GCU Cloudathon.

React AWS Amplify Cognito API Gateway Lambda Step Functions DynamoDB S3 SNS CloudWatch CloudTrail KMS
Demo

The Problem

CityServe receives large volumes of donated electronics that need to be sanitized before they can be reissued or recycled. Their existing process ran on a paper checklist. Staff turnover is high, steps get skipped, and there was no automated way to prove that a device was wiped to NIST SP 800-88 standards.

For an organization handling donor and beneficiary data, a missed step is not a paperwork problem. It is a compliance and privacy incident waiting to happen.

What We Built

CityServe is a fully serverless AWS platform that replaces the paper checklist with a guided, enforced workflow. Workers scan an asset tag, the system assigns the correct NIST procedure (Clear, Purge, or Destroy) based on storage type, and AWS Step Functions prevents workers from skipping steps. The physical erasure happens on a KillDisk Industrial station that produces a signed XML certificate per drive. An S3 upload event then fans out to Lambda to log the step, build a compliance PDF, and update supervisor dashboards.

Every drive ends up with a Certificate of Data Sanitization backed by two independent audit trails: CloudTrail at the infrastructure layer, and a DynamoDB step history at the application layer.

Device Lifecycle

Failure path: a KillDisk error or exceeded SMART threshold triggers Step Functions auto-retry (3 attempts). Exhausted retries mark the device failed, fire an SNS alert, and route it to physical destruction, which requires supervisor email approval before it proceeds.

  1. Device arrives. Technician logs the asset tag, Step Functions initiates, a Lambda assigns the NIST procedure, and DynamoDB creates the record.
  2. Drive is connected to the KillDisk hot-swap bay. SMART check runs.
  3. Parallel erasure executes (DoD 5220.22-M or NIST 800-88). A verification pass confirms sectors were overwritten.
  4. KillDisk generates a signed XML cert and PDF label. Both upload to S3 (KMS encrypted).
  5. The S3 upload fires an event that triggers the step-logger Lambda. DynamoDB is updated with the sanitization timestamp.
  6. Step Functions kicks the report-generator Lambda. It reads the KillDisk XML and builds the compliance PDF back into S3.
  7. SNS notifies supervisors (batch complete or flagged device). CloudWatch metrics update.
  8. KillDisk prints a barcode or QR label. The technician removes the drive, labels it, and marks the workflow complete.

Architecture

Fully serverless. No EC2, no containers, no idle compute. The stack is 12 AWS services wired together around a Step Functions state machine.

LayerServicePurpose
FrontendAmplifyReact worker UI and supervisor dashboard
AuthCognitoLogin, JWTs, role-based access (worker or admin)
APIAPI GatewayAuthenticates and routes requests to Lambda
OrchestrationStep FunctionsDevice lifecycle state machine. Enforces step order and handles retries
ComputeLambda3 functions: intake, step logger, report generator
DatabaseDynamoDBDevice records, workflow steps, audit logs (KMS encrypted)
Object storageS3Compliance PDFs and KillDisk XML certs (KMS encrypted)
AlertsSNSSupervisor notifications for flagged devices and destruction approvals
MonitoringCloudWatchMetrics, logs, dashboards, alarms
AuditCloudTrailPassive API-level audit trail for NIST AU controls
PhysicalKillDisk IndustrialDoD 5220.22-M and NIST 800-88 erasure, signed XML certs

Security Design

  • Cognito and API Gateway: no unauthenticated request reaches a backend service. JWTs carry role claims that each Lambda validates.
  • KMS: DynamoDB and S3 are encrypted at rest. HTTPS everywhere in transit.
  • IAM least privilege: each service only touches what it needs. Same principle that drives VLAN segmentation on the network side.
  • Step Functions enforces the workflow itself. A worker literally cannot skip a step because the state machine will not transition.
  • Workers see only their assigned devices. Supervisors see full compliance.

Key Decisions

  • Fully serverless. Costs scale with actual usage (around $52 per month ongoing), which is appropriate for a nonprofit budget.
  • Step Functions for orchestration. Turning the NIST checklist into a state machine is what makes "workers cannot skip steps" a structural property instead of a training problem.
  • KillDisk XML into S3. The physical erasure tool produces tamper-evident certs, and the S3 upload creates an immutable audit record.
  • React on Amplify instead of my usual Django and Next.js stack. Amplify handles hosting, CI/CD, and the CDN so the team could focus on the workflow logic inside a 24-hour window.
  • Dual audit layers. CloudTrail for infrastructure plus DynamoDB step history for application, both needed to satisfy NIST AU controls end to end.

Result

Finished 2nd in the CityServe track and 4th overall at the AWS x GCU Cloudathon. Technical score was 15 out of 15, tied with 1st place. The 1.17-point margin was presentation, not implementation. Delivered as a working end-to-end prototype deployed on real AWS infrastructure within the competition timeframe.