← → arrows · space · home/end
Slide 01 · Title image
Warm bookstore interior; open book on table glowing softly with vermilion-orange light; tall bookshelves recede; orange threads curl outward to frame edges.

A catalog at the heart of Fully Booked's systems

Proposal for the AWS catalog build · [Date] · [Presenter]

Approve to start Phase 1

  • AWS catalog build
  • ~$27/mo recurring
  • [total weeks] timeline
  • Target start [target start date]
Approve Phase 1 — AWS catalog build ~$27/mo recurring · target start [target start date]
Slide 02 · The ask
Closed hardback book with vermilion-orange wax seal on the cover; calendar page floating beside it (date area blank).
Slide 03 · Today
Overhead cluttered desk; hands typing at a keyboard; four screens showing same books in different layouts (grid, list, cards, table); sticky notes and printouts piling around.

Where catalog data lives today

  • Manual entry, record by record
  • The same titles in different shapes across every system
  • Repeated work, repeated drift
Slide 04 · What we're building
Tall central bookshelf; conveyor belt of books arriving from left (publisher boxes); same books leaving right as sealed envelopes tied with orange string.

One pipeline in. One catalog of record. Exports out.

Ingest

DataSync from your FTP server

Catalog

Cloud-managed PostgreSQL — the system of record

Exports

One folder per consumer, scheduled daily

Six publishers in. Every system out.

In · publishers
Ingram
Penguin Random House
HarperCollins
Hachette
Simon & Schuster
Macmillan
Slide 05 · Connectivity hub
Central library shelf in three-quarter perspective. Left: six small arched doorways with orange flags; books delivered through each onto conveyors. Right: four open archways leading to mini-rooms — laptop, barcode scanner, register screen, and an empty pedestal (future). Slim charcoal connector lines.
Out · systems
fullybookedonline.com .sql
Inventory management .csv
Point of sale .json
ERP / analytics / mobile / partners .parquet
Downstream systems read files from the export area — they never connect to the database.
Slide 06 · How it works
Cross-section of a book-shaped two-storey building. Left: one tall arched entry door, orange banner above. Inside, four rooms left to right — archive (books stacking), parser (silhouetted figure at table), catalog (tall central ledger with orange spine), exports (envelopes ready to leave). Right: one tall arched exit door, orange banner above.

One door in. One door out.

  1. Publishers push to your FTP server (you already have this).
  2. AWS pulls hourly into a secure archive.
  3. Parser and merger keep the catalog current.
  4. Daily exports land in each system's preferred format.

Built for SAP — when you're ready

When SAP arrives, it joins as a new export consumer. The catalog hub doesn't change. No re-architecture. No website re-deploy.

  • Estimated effort to wire SAP in later: ~1–2 weeks of exporter work plus SAP-side load configuration.
  • The same property protects every future consumer — analytics warehouse, mobile, partner feeds.
Slide 07 · SAP-readiness
Same hub as slide 5, zoomed toward rightmost archway. That archway is warmly spotlit in vermilion-orange light, an empty crate on a pedestal inside, three blank orange ribbon banners hanging above. Other archways recede dimly at the frame edge.

What it costs

  • Build: [Build cost]
  • Recurring AWS: ~$27/mo (RDS PostgreSQL + S3 + Lambdas + DataSync)
  • Adding SAP or another consumer later: hours of exporter work, not a rebuild

A future VPC upgrade for a fully private database adds ~$15/mo and can be done at any later date.

Slide 08 · Cost
Top-down view of a single open accounting ledger on a wooden desk; three neat rows in vermilion-orange handwritten ink (intentionally illegible); a fountain pen resting beside.

What goes live when

Slide 09 · Timeline
Long horizontal wooden bookshelf, three equal segments divided by vertical posts. Left segment: a few books; middle: half-full mixed orientations; right: fully stocked. Each topped with a blank vermilion-orange flag.

Phase 1

Weeks 1 – [X-week]

Pipeline and catalog online. IAM-auth wiring complete. First publisher feed flowing end-to-end.

Phase 2

Weeks [X-week] – [Y-week]

All six publishers ingesting. Inventory management pulling daily from the export area.

Phase 3

Weeks [Y-week] – [Z-week]

Website cut over to the new exports. All current consumers stable. Old catalog retired.

Slide 10 · Cutover & risk
Two parallel wooden bookshelves — older weathered one on left, fresh on right. Row of books levitates between, mid-transfer. Below them, hammock-style safety net of woven vermilion-orange cord stretches between the shelves.

Safe to go live

  • Staged cutover — one consumer at a time, never big-bang
  • Full replay — the raw archive lets us re-process any file at any time
  • Existing systems keep running until each is independently moved

What we'll need from you

  • An AWS account — we configure; you own the billing identity
  • IT contacts: FTP server admin and network
  • Read-only access to the FTP folders for the DataSync agent
  • Sign-off on the website cutover window
Slide 11 · Partnership
Two long ribbon bookmarks — one charcoal, one vermilion orange — tied together in a single neat knot at the centre; free ends trail off to opposite sides with small tassels.
Slide 12 · The decision
Same bookstore interior as slide 1, dusk light, single brass lamp glowing over the table. The book is now closed with a vermilion-orange wax seal on its cover. Orange threads still trail softly outward to the frame edges.

Ready to start

Approve Phase 1 · Target start [target start date] We turn the ask into a signed scope of work and begin AWS account setup.
Appendix · A1

Catalog schema

EntityHoldsAudit
productsISBN-13, title, format, dates, source priorityingest_audit (per file) and export_audit (per snapshot) record every operation.
contributorsauthors, illustrators, translators
pricesper-region prices and currencies
subjectsBIC / BISAC / Thema codes
mediacover and content asset references
Appendix · A2

Security posture

Database access

  • TLS-required endpoint (non-TLS rejected at the parameter group)
  • Merger and exporter Lambdas authenticate with AWS IAM database authentication — no stored passwords
  • Single human-operator credential in Secrets Manager, rotated quarterly
  • Encrypted at rest, daily automated backups, point-in-time recovery

Consumer access

  • Per-consumer IAM identity scoped to its own S3 prefix
  • On-prem consumers use long-lived access keys, rotated quarterly
  • AWS-hosted consumers use IAM roles — no static credentials
  • Endpoint hostname randomised by RDS; not enumerable
Appendix · A3

Per-consumer export formats

ConsumerFormatWhy
fullybookedonline.com .sql.gz Direct restore into the website's local catalog; fastest path to "live."
Inventory management .csv Universal — every ERP / inventory tool accepts CSV. Headers in first row, quoted fields, UTF-8.
Point of sale .json Modern POS importers are JSON-friendly. A manifest file lets the POS detect stale exports and skip no-ops.
ERP / analytics / mobile / partners .parquet Columnar, compressed, schema-evolution-friendly — the lingua franca of every modern analytics tool.
Appendix · A4

SAP integration sketch

On our side (~1–2 weeks)

  • Add an sap consumer to the exporter
  • Write a SAP-shaped SELECT against the catalog (or reuse the existing one)
  • Pick the format SAP wants (typically .csv or .idoc-friendly flat files)
  • Create an IAM identity scoped to s3://onix-exports/sap/
  • Document the daily schedule and the manifest file

On SAP's side

  • Schedule a daily pull from the export bucket using the assigned credential
  • Configure SAP's load step (BAPI / OData / file-import) to consume the snapshot
  • No changes to the catalog database
  • No changes to the website, inventory, or POS
Appendix · A5

Network posture options

Default (this proposal)

Public TLS-required database endpoint. Merger and exporter Lambdas authenticate with short-lived IAM tokens. No VPC, no NAT gateway.

Cost: included in the ~$27/mo recurring.

VPC upgrade (later, any time)

Switch the database to publicly_accessible = false. Add two VPC interface endpoints. Database is reachable only from inside the VPC; security model relies on network-layer isolation in addition to IAM auth.

Cost: ~$15/mo extra. One-Terraform-module change.

Appendix · A6

Backup and restore

  • Raw archive — every original ONIX file kept in S3, versioned, lifecycle-tiered to cold storage at 30 days, expired at 1 year. Source of truth for replay.
  • Catalog database — daily automated backups + point-in-time recovery for the configured retention window (default 7 days).
  • Replay — any file from the raw archive can be re-processed without touching the publishers; the parser, merger, and exporter all support replay.
  • Export bucket — 30-day retention by default; consumers always also have the previous snapshot if they want to compare.
Appendix · A7

Phase-by-phase delivery

Phase 1

  • AWS account configured
  • S3 buckets (raw, processed, exports)
  • RDS PostgreSQL with TLS-required parameter group
  • IAM-auth wiring for merger and exporter
  • First publisher end-to-end

Phase 2

  • All six publishers ingesting
  • Source-priority merge live
  • Inventory consumer pulling daily
  • Monitoring and alarms enabled

Phase 3

  • fullybookedonline.com cut over to .sql exports
  • POS consumer wired in
  • Old catalog retired
  • Runbooks delivered (credential rotation, replay, backfill)