AWS Amazon Chime Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Business applications

1. Introduction

Amazon Chime is AWS’s communications service for online meetings, video conferencing, chat, and business calling. It also includes developer-focused capabilities through the Amazon Chime SDK, which provides APIs to embed real-time audio, video, screen sharing, chat, and telephony into your own applications.

In simple terms: Amazon Chime helps people communicate (meetings, chat, and calls) and helps developers build communications features into apps without running their own real-time media infrastructure.

Technically, Amazon Chime combines AWS-managed signaling/control-plane APIs (for creating meetings, attendees, chat channels, voice configurations, etc.) with a globally distributed media plane that carries real-time audio/video (typically over WebRTC for meetings) and SIP-based telephony connectivity for voice use cases (for example through Voice Connector/SIP features). As an AWS Business applications service, it’s often used to modernize collaboration, integrate communications into business workflows, or add communications to customer-facing products.

The problem it solves: real-time communications are hard to build and operate—especially at scale. You must handle NAT traversal, jitter, packet loss, device compatibility, encryption, identity, abuse prevention, and cost control. Amazon Chime (and Amazon Chime SDK) offloads much of that heavy lifting so teams can focus on user experience and business logic.

Service status note: “Amazon Chime” is the current service name used by AWS, and “Amazon Chime SDK” is the associated set of developer APIs under the same product family. AWS product lifecycles and packaging can change; verify the latest status, editions, and availability in official AWS documentation and announcements.

2. What is Amazon Chime?

Official purpose

Amazon Chime is an AWS service for secure, real-time communications—meetings, chat, and calling—used either as an end-user application (the Amazon Chime client) and/or as a set of APIs/SDKs (Amazon Chime SDK) that developers can embed into custom applications.

Core capabilities (high level)

Online meetings and video conferencing (including audio/video, screen share, meeting controls)
Chat and messaging (1:1 and group communication patterns via SDK features)
Voice / telephony integration (SIP connectivity, PSTN calling patterns via Chime voice capabilities)
Developer APIs to create/join meetings, manage attendees, implement messaging, and integrate voice workflows
Media pipelines (SDK) for capture/processing/streaming of meeting media in certain architectures (verify exact pipeline types in docs)

Major components (how AWS presents it)

Amazon Chime commonly shows up as: – Amazon Chime (end-user experience): the desktop/mobile client and web experience for meetings, chat, and calls, plus the Amazon Chime administration console for managing users and settings (for organizations using the app). – Amazon Chime SDK: developer APIs and client libraries for: – Meetings: create meetings and attendees, join from web/mobile apps. – Messaging: create app instances, users, channels, messages (for in-app chat). – Voice: SIP-based integrations and programmable call control patterns (depending on specific Chime SDK Voice features). – Media pipelines: capture/transform/route media for recording, live streaming, or analytics patterns (verify in official docs).

Service type

Managed service (AWS hosts and operates the signaling/control plane and media infrastructure).
Hybrid in usage:
SaaS-style for the Amazon Chime app.
API-based platform for the Amazon Chime SDK.

Scope and geography (practical view)

Amazon Chime usage can involve multiple scopes: – AWS account-scoped for API usage (Amazon Chime SDK and related APIs are called with AWS credentials and are governed by IAM). – Organization/account within the Chime administration console when using the Amazon Chime client for end users. – Regional/media-region considerations: – For Chime SDK meetings, you typically select a media region for where meeting media is processed. – Not every AWS region may be supported for every Chime feature; always verify current region support in official docs.

How it fits into the AWS ecosystem

Amazon Chime integrates naturally with: – IAM for API permissions (SDK use cases). – Amazon CloudWatch and AWS CloudTrail for monitoring and audit of API calls (and some service metrics/telemetry patterns depending on feature). – Amazon S3 for storing captured media/recordings (when using SDK media capture/pipeline patterns). – AWS Lambda and API Gateway for building serverless meeting “token vending” / meeting orchestration backends. – Amazon Cognito (common pattern) to authenticate end users and issue scoped AWS credentials (or you can build your own auth and keep AWS credentials fully server-side). – AWS KMS in architectures where you encrypt stored artifacts (for example in S3).

3. Why use Amazon Chime?

Business reasons

Faster time to market: add meetings/chat/voice features without building a full real-time communications stack.
Reduced operational burden: AWS manages the scaling and many of the reliability concerns of real-time media.
Consistent collaboration experience: for organizations that adopt the Amazon Chime app for meetings and chat.

Technical reasons

SDK-based embedding: build meetings directly into internal tools (support portals, telehealth apps, learning platforms).
Media-region selection: design for latency and data residency constraints (subject to supported regions).
Programmable workflows: meeting creation, attendee management, messaging channel creation—integrated with your business logic.

Operational reasons

IAM-governed access: control which systems can create meetings, which environments can call APIs, and how credentials are issued.
Auditability: CloudTrail can log Chime SDK API calls (verify coverage per API in docs).
Serverless-friendly: common architectures rely on Lambda/API Gateway for meeting orchestration.

Security/compliance reasons

AWS security controls: integrate with IAM, CloudTrail, KMS, and standard AWS security posture.
Encryption in transit: real-time media is typically protected in transit; verify specific protocols and crypto in AWS docs for your feature set.
Data governance patterns: store only what you must; keep recordings/transcripts in your controlled S3 buckets with retention policies.

Scalability/performance reasons

Managed media plane: you avoid operating TURN servers/SFU/MCU infrastructure yourself.
Elastic usage: for SDK scenarios, costs often scale with usage (for example, attendee-minutes).

When teams should choose it

Choose Amazon Chime when: – You need AWS-native real-time communications and want to manage access via IAM. – You want to embed meetings into a web/mobile app. – You need SIP/telephony integration patterns aligned with AWS. – You want a managed approach and prefer consumption-based pricing for communications.

When teams should not choose it

Consider alternatives when: – You require a specific third-party ecosystem (for example, deep integrations with certain office suites or specialized conferencing hardware) that Amazon Chime doesn’t meet. – You need advanced features that may be outside your Chime plan/edition or require additional engineering (for example, complex webinar tooling, large broadcast events, advanced moderation). Verify capabilities in official docs. – You need on-prem-only communications or cannot use AWS-managed media processing due to strict constraints.

4. Where is Amazon Chime used?

Industries

Healthcare / telehealth (virtual appointments, care team collaboration)
Education (virtual classrooms, tutoring platforms)
Financial services (remote advisory, internal collaboration—subject to compliance review)
Retail/e-commerce (video-assisted shopping, customer support escalation)
Media and entertainment (remote production coordination, internal meetings)
Technology/SaaS (in-app collaboration features)

Team types

Product engineering teams embedding communications via the Amazon Chime SDK
IT and workplace collaboration teams adopting the Amazon Chime app
Security teams implementing audit, retention, and access governance
Contact-center and voice teams integrating SIP/telephony workflows (verify fit vs Amazon Connect)

Workloads and architectures

Serverless meeting orchestration: API Gateway + Lambda issues meeting/attendee details to clients.
Web/mobile apps: React/Android/iOS apps using Chime SDK client libraries.
Hybrid voice: integrate SIP trunks to PBXs/SBCs using Chime voice features (commonly Voice Connector patterns).

Real-world deployment contexts

Internal enterprise apps: embedded “click-to-meet” from a ticketing system.
Customer-facing apps: telehealth video session with scheduled appointments.
Partner collaboration: controlled guest access using meeting join flows.

Production vs dev/test usage

Dev/test: validate device compatibility, network performance, and meeting flows; implement least-privilege IAM; measure costs.
Production: add authentication, abuse prevention, observability, cost controls, retention policies, and documented operational runbooks.

5. Top Use Cases and Scenarios

Below are realistic scenarios aligned to Amazon Chime and the Amazon Chime SDK. (Some use cases rely on the SDK rather than the end-user Amazon Chime app.)

1) Embed video appointments in a telehealth portal

Problem: patients and clinicians need secure, low-latency video sessions without juggling external meeting links.
Why Amazon Chime fits: Chime SDK meetings can be created on demand; meeting join happens inside the portal.
Example: a clinic app creates a meeting per appointment; the patient joins from a browser, clinician joins from a tablet.

2) In-app support escalation (chat → voice/video)

Problem: chat support is insufficient for complex issues; need instant escalation.
Why it fits: Chime SDK messaging + meetings can keep context in the same app.
Example: a SaaS admin console offers “Start a live session” from a support chat channel.

3) Secure internal daily standups for distributed engineering

Problem: remote teams need reliable meetings with predictable access control.
Why it fits: Amazon Chime app provides meetings/chat, with centralized administration for organizations using the app.
Example: engineering teams use Chime meetings with company-managed accounts and policies.

4) Virtual classroom platform

Problem: need live audio/video with teacher controls and attendance tracking.
Why it fits: Chime SDK provides meeting + attendee identity mapping; your app controls who can join.
Example: a learning platform auto-creates a session meeting and tracks attendees in a database.

5) Embedded “war room” for incident response

Problem: on-call teams need instant conferencing from incident tools.
Why it fits: Chime SDK meeting creation can be triggered by incident creation events.
Example: Pager/incident tool triggers a Lambda that creates a meeting and posts join links into chat/ops channels.

6) SIP trunking modernization for a PBX

Problem: legacy PBX needs scalable SIP connectivity without managing carrier relationships directly (varies by scenario).
Why it fits: Amazon Chime voice capabilities (commonly Voice Connector patterns) can integrate SIP trunks and routing.
Example: an organization connects an SBC to a Voice Connector and manages call routing policies.

7) Call analytics / transcription pipeline (voice or meeting media)

Problem: business wants searchable transcripts and compliance review workflows.
Why it fits: Chime SDK media pipelines can integrate with AWS AI services in some patterns (verify supported integrations).
Example: customer advisory calls are captured to S3; transcription jobs run asynchronously.

8) Multi-tenant SaaS with customer-specific meeting isolation

Problem: must avoid cross-tenant access and enforce per-tenant controls.
Why it fits: you can isolate meeting creation and tokens per tenant in your backend using IAM boundaries and app-level auth.
Example: each tenant has a tenant ID; meeting creation requires tenant-scoped authorization checks.

9) Remote inspections / field service with mobile video

Problem: technicians need hands-free video guidance with experts.
Why it fits: Chime SDK supports mobile integration; your app can embed a “call an expert” workflow.
Example: field technician starts a session; expert joins from the web to annotate and guide.

10) Regulated enterprise collaboration with centralized governance

Problem: need consistent identity management, controlled access, and auditability.
Why it fits: Chime app administration and AWS audit tooling for SDK API calls support governance patterns.
Example: enterprise configures org policies; security monitors CloudTrail for meeting-related API usage.

11) Partner/vendor collaboration rooms in an extranet

Problem: external partners need time-bound access with minimal friction.
Why it fits: your app can create meetings with short TTLs and enforce identity at join time.
Example: vendors access a portal; meeting join requires portal authentication.

12) “Video inside workflow” for approvals and reviews

Problem: approvals (claims review, loan underwriting) require quick discussion with artifacts.
Why it fits: embed a meeting alongside documents and workflow state.
Example: a claim adjuster opens a claim; click “Start review meeting” with participants pre-invited.

6. Core Features

Amazon Chime is a family of capabilities. Some items below apply to the Amazon Chime client/app, others to the Amazon Chime SDK. Where a feature is edition-dependent or SDK-dependent, that’s called out.

Feature 1: Meetings (audio/video/screen share)

What it does: enables real-time meetings with audio and video; participants join via the Chime app or your custom app (SDK).
Why it matters: meetings are the core collaboration primitive for distributed teams and customer interactions.
Practical benefit: avoid operating your own SFU/MCU infrastructure; improve time-to-deliver.
Limitations/caveats: attendee limits, supported regions, and feature availability (recording, moderation tools, etc.) can vary—verify in official docs.

Feature 2: Amazon Chime administration (for the app)

What it does: lets organizations manage users, plans/entitlements, and organizational settings for Amazon Chime app usage.
Why it matters: central control is critical for enterprise adoption.
Practical benefit: consistent onboarding/offboarding; policy enforcement for collaboration.
Limitations/caveats: admin features vary by plan and may not apply to pure SDK-based custom apps.

Feature 3: Amazon Chime SDK – Meetings APIs

What it does: APIs to create meetings and attendees; clients join with returned meeting/attendee info.
Why it matters: enables “meetings inside your product.”
Practical benefit: app-driven meeting lifecycle; tie attendees to your own user IDs; integrate with your auth.
Limitations/caveats: you must design a secure backend that issues meeting joins; do not expose AWS credentials to untrusted clients.

Feature 4: Amazon Chime SDK – Messaging APIs

What it does: APIs for building chat features (app instances, users, channels, messages).
Why it matters: many collaboration workflows rely on persistent chat.
Practical benefit: embed chat in a workflow app (support, learning, operations dashboards).
Limitations/caveats: message retention, moderation, and compliance tooling are your responsibility; verify quotas and throughput limits.

Feature 5: Amazon Chime SDK – Identity model (for messaging)

What it does: constructs such as AppInstance and AppInstanceUser (naming may vary) to represent your application tenant and users.
Why it matters: lets you map your product’s users to Chime SDK messaging identities.
Practical benefit: structured, multi-tenant friendly messaging design.
Limitations/caveats: identity lifecycle (delete/anonymize) must align with privacy policies.

Feature 6: Amazon Chime voice capabilities (telephony/SIP)

What it does: supports SIP-based calling integrations and PSTN connectivity patterns (often via Voice Connector and related features).
Why it matters: many businesses still rely on PSTN calling, PBXs, SIP trunks, and call routing.
Practical benefit: integrate enterprise voice with AWS-managed services; build programmable voice workflows.
Limitations/caveats: telephony is highly region- and carrier-dependent; number availability, routing, emergency calling, and regulatory requirements must be verified.

Feature 7: SIP-based programmability (for voice apps)

What it does: programmable call control patterns (for example, SIP media applications that interact with Lambda—verify current naming and scope).
Why it matters: allows IVR-like flows, call screening, and integration with backends.
Practical benefit: build custom call flows without dedicated telephony servers.
Limitations/caveats: real-time voice apps require careful latency and failure-path design.

Feature 8: Media capture / media pipelines (SDK)

What it does: capture meeting media and route it to storage or downstream processing (for example, recording to S3, live connectors, concatenation—verify exact supported pipeline types).
Why it matters: enterprises frequently need recording, compliance archives, analytics, or training review.
Practical benefit: consistent pipeline patterns integrated into AWS storage and processing services.
Limitations/caveats: captured media increases storage and data transfer costs; privacy/consent requirements apply.

Feature 9: Security, audit, and governance integration

What it does: integrates with IAM permissions and CloudTrail logs for API actions.
Why it matters: regulated environments need traceability for administrative and API operations.
Practical benefit: implement least privilege and monitor for misuse.
Limitations/caveats: not every runtime event is a CloudTrail event; CloudTrail logs API calls, not necessarily every media-plane event.

Feature 10: SDK client libraries

What it does: client-side libraries (for example, JavaScript) to implement meeting UI and device selection.
Why it matters: WebRTC UX is complex (device switching, permissions, network adaptation).
Practical benefit: accelerate development with AWS-supported client components.
Limitations/caveats: your UI/UX still needs engineering and testing across browsers/devices.

7. Architecture and How It Works

High-level architecture

Amazon Chime typically separates: – Control plane: APIs and admin operations (create meeting, create attendee, create channel, etc.). – Media plane: real-time audio/video transport and mixing/routing infrastructure.

In SDK architectures, your backend calls the control plane using IAM-authenticated requests. Your client apps then connect to the media plane using the meeting and attendee data.

Request/data/control flow (Chime SDK meetings example)

User authenticates to your application (not directly to AWS Chime APIs).
Your backend authorizes the action (e.g., user is allowed to join a specific appointment).
Backend calls Amazon Chime SDK Meetings API to create a meeting (or re-use an existing one) and creates an attendee.
Backend returns meeting + attendee info to the client.
Client uses Amazon Chime SDK client library to join the meeting and exchange media.

Integrations with related AWS services

Common integrations include: – Amazon API Gateway + AWS Lambda: meeting/attendee creation endpoints. – Amazon Cognito: user auth and sometimes temporary AWS credentials (or keep AWS calls server-side). – Amazon DynamoDB: store meeting mappings (appointment → meeting ID), attendance, chat metadata. – Amazon S3: store meeting recordings or exported artifacts (when using media pipelines). – Amazon CloudWatch: metrics/logs for your backend; some Chime-related metrics may exist depending on features—verify. – AWS CloudTrail: audit API calls to Chime SDK.

Dependency services

Amazon Chime is managed by AWS; you do not provision servers for its core media functionality. Your dependencies are typically: – IAM roles/policies – Your application backend – Optional storage/analytics pipeline components

Security/authentication model

Chime SDK APIs: IAM authenticated (SigV4) calls from trusted environments (Lambda, ECS, EC2) or via temporary credentials.
Client access: should be authorized by your app. A standard pattern is: clients never get broad AWS credentials; they receive meeting join data from your backend.

Networking model

SDK meetings: clients use the public internet to connect to AWS-managed media endpoints (WebRTC). Ensure corporate firewall/proxy policies allow required traffic (verify ports and domains from official docs).
Voice/SIP: SIP trunking requires network connectivity between your SBC/PBX and AWS endpoints; often involves TLS/SRTP considerations.

Monitoring/logging/governance considerations

Log every meeting creation/join attempt in your backend with correlation IDs.
Use CloudTrail to monitor Chime SDK API usage (create/delete operations).
Track cost dimensions (attendee minutes, PSTN minutes, media capture storage).
Implement tagging where supported (often supported for some persistent resources; meetings can be ephemeral—verify which resources support tags).

Simple architecture diagram (SDK meetings)

flowchart LR
  U[End User (Browser/Mobile)] -->|HTTPS| APP[Your App Backend]
  APP -->|IAM-authenticated API calls| CHIME[(Amazon Chime SDK\nControl Plane)]
  U -->|WebRTC Media| MEDIA[(Amazon Chime\nMedia Plane)]
  CHIME --> MEDIA

Production-style architecture diagram (secure, observable, multi-tenant)

flowchart TB
  subgraph Client
    W[Web App / Mobile App]
  end

  subgraph Edge
    CF[CloudFront]
    WAF[AWS WAF]
  end

  subgraph Auth
    IDP[OIDC/SAML IdP]
    COG[Cognito (optional)]
  end

  subgraph App
    APIGW[API Gateway]
    L1[Lambda: Meeting Orchestrator]
    DDB[(DynamoDB: Meeting Mapping\nTenant + Appointment -> MeetingId)]
    CW[CloudWatch Logs/Metrics]
  end

  subgraph Chime
    CHIMECP[(Chime SDK Control Plane)]
    CHIMEMP[(Chime Media Plane)]
  end

  subgraph Data
    S3[(S3: Recordings/Artifacts\n(if used))]
    KMS[KMS Keys (S3 Encryption)]
    CT[CloudTrail]
  end

  W --> CF --> WAF --> APIGW --> L1
  W -->|Login| IDP
  IDP --> COG
  L1 --> DDB
  L1 -->|CreateMeeting/CreateAttendee| CHIMECP
  W -->|WebRTC| CHIMEMP
  CHIMECP --> CHIMEMP

  L1 --> CW
  CHIMECP --> CT
  S3 --> KMS

8. Prerequisites

Account requirements

An AWS account in good standing with billing enabled.
If using the Amazon Chime app, you may also need to set up an Amazon Chime organization/account through the Chime administration experience (process and requirements can vary; verify in official docs).

Permissions / IAM roles

For the hands-on lab (Chime SDK meetings via CLI), you need IAM permissions to call Chime SDK meetings APIs. Recommended: – A dedicated IAM user (for local CLI) or an IAM role (for CloudShell/Lambda) with least privilege. – Permissions such as: – chime-sdk-meetings:CreateMeeting – chime-sdk-meetings:CreateAttendee – chime-sdk-meetings:GetMeeting – chime-sdk-meetings:GetAttendee – chime-sdk-meetings:DeleteMeeting (if you use it)

Always verify the exact action names in the AWS IAM documentation for Amazon Chime SDK because service prefixes and API sets evolve.

Billing requirements

Chime SDK usage is typically usage-based (for example, attendee-minutes).
Some features (telephony, phone numbers, media capture/storage) can add additional costs.

CLI/SDK/tools needed

AWS CLI v2 installed and configured, or AWS CloudShell.
Optional for deeper development:
Node.js / Python / Java SDKs
A browser-based app environment if building a demo UI with Chime SDK

Region availability

Chime SDK APIs are available in a set of regions; meetings also have a media region concept.
Verify supported regions in official documentation before choosing a region.

Quotas/limits

Expect quotas around:
attendees per meeting
API request rates
messaging throughput/channel limits
voice resources and phone numbers
Quotas can change; verify in AWS Service Quotas / Amazon Chime documentation.

Prerequisite services

For the basic lab: – IAM – AWS CLI (or CloudShell)

For production architectures: – API Gateway, Lambda, DynamoDB, Cognito (optional), CloudWatch, CloudTrail, S3 (optional)

9. Pricing / Cost

Amazon Chime pricing is not a single flat model; it depends on whether you use: – The Amazon Chime app (user subscription/plan model, historically with tiers), and/or – The Amazon Chime SDK (usage-based pricing such as attendee minutes, messaging events, voice minutes, phone numbers, and media pipelines).

Because pricing can change by SKU, region, and capability, do not rely on blog posts or cached numbers. Use official sources:

Amazon Chime pricing: https://aws.amazon.com/chime/pricing/
Amazon Chime SDK pricing (if separate on AWS): verify from AWS pricing pages linked from the above
AWS Pricing Calculator: https://calculator.aws/#/

Pricing dimensions (common)

Depending on what you use, costs may be driven by: – Meetings – Attendee-minute usage (for SDK meeting participation) – Optional features (media capture/processing) may add per-minute and storage/transfer costs – Messaging – API requests, message volume, data retained (varies by product design—verify the exact pricing dimensions) – Voice / telephony – PSTN minutes (inbound/outbound) – Phone numbers (monthly/daily depending on country and type) – SIP connectivity and call processing features – Media pipelines – Per-minute capture/processing – Storage in S3 and downstream analytics costs

Free tier

AWS may offer free usage tiers for some parts of Amazon Chime (for example app tiering or limited free usage). Verify current free tier details on the official pricing page.

Cost drivers (direct)

Number of meeting participants and their duration (attendee-minutes)
Use of PSTN calling and phone numbers
Recording/capture pipelines and resulting S3 storage
Cross-region data transfer patterns (if you store artifacts in a different region than capture)

Hidden or indirect costs

CloudWatch logs from your meeting orchestration backend
API Gateway/Lambda request/compute charges for your application layer
S3 storage + requests for recordings and transcripts
Data egress if users download recordings or if you deliver media artifacts out to the internet
Support and compliance tooling you build around communications (retention, DLP, moderation)

Network/data transfer implications

Real-time meeting media uses internet connectivity; AWS doesn’t typically bill you for “ingress,” but your application’s artifacts (recordings, transcripts) can incur S3 and data transfer charges.
If you stream or distribute recordings to end users, data egress from S3/CloudFront can be a meaningful cost.

How to optimize cost

Prefer in-app meetings only when needed; avoid always-on rooms if not required.
Use short-lived meetings and expire/janitor unused meetings.
For recordings:
Record only when necessary (and when users consent).
Use S3 lifecycle policies (IA/Glacier) to reduce long-term storage cost.
Implement cost visibility:
Track per-tenant usage (attendee minutes, recordings) to prevent runaway spend.
Use AWS Budgets and cost allocation tags where supported.

Example low-cost starter estimate (no fabricated numbers)

A low-cost proof-of-concept typically includes: – A small number of short meetings (minutes per day) – A minimal serverless backend (API Gateway + Lambda) – No recording, no PSTN calling

To estimate: 1. Determine expected monthly attendee minutes (participants × minutes). 2. Add your serverless backend request/compute (usually low at small scale). 3. Use AWS Pricing Calculator and the official Amazon Chime pricing pages.

Example production cost considerations (what to model)

For production, model: – Peak concurrent meetings and average attendees – Total monthly attendee minutes – Geographic distribution (media region selection vs user location) – Recording policy (percentage of meetings recorded, retention duration) – Compliance workflows (transcription/analytics pipelines) – Voice calling volume and phone numbers (if applicable) – CDN distribution of recorded artifacts (CloudFront egress)

10. Step-by-Step Hands-On Tutorial

This lab focuses on the Amazon Chime SDK Meetings APIs because it’s the most repeatable “hands-on” workflow you can execute directly with AWS tooling. You will create a meeting and an attendee using the AWS CLI, verify the resources, and then clean up.

This lab does not require you to install the Amazon Chime desktop app. It uses AWS APIs.

Objective

Create an Amazon Chime SDK meeting and attendee using AWS CLI, validate the meeting exists, and clean up resources safely.

Lab Overview

You will: 1. Create a least-privilege IAM policy for Chime SDK meetings. 2. Configure AWS CLI credentials (or use CloudShell). 3. Create a meeting in a chosen media region. 4. Create one or more attendees. 5. Validate by retrieving meeting and attendee details. 6. Delete the meeting (if supported/needed) and remove IAM artifacts.

Step 1: Choose your environment (CloudShell or local CLI)

Option A: AWS CloudShell (recommended for beginners) – Open the AWS console. – Launch CloudShell. – CloudShell already has AWS CLI configured with your console identity.

Expected outcome – You can run aws --version and see AWS CLI output.

Option B: Local AWS CLI Install AWS CLI v2 and configure:

aws configure

Expected outcome – aws sts get-caller-identity returns your AWS account and principal.

Verification:

aws sts get-caller-identity

Step 2: Create a least-privilege IAM policy (for local CLI users)

If you are using CloudShell as an admin role you may skip this, but for best practice create a dedicated policy and principal.

Create a policy document chime-sdk-meetings-lab-policy.json:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "ChimeSdkMeetingsLab",
      "Effect": "Allow",
      "Action": [
        "chime-sdk-meetings:CreateMeeting",
        "chime-sdk-meetings:CreateAttendee",
        "chime-sdk-meetings:GetMeeting",
        "chime-sdk-meetings:GetAttendee",
        "chime-sdk-meetings:DeleteMeeting"
      ],
      "Resource": "*"
    }
  ]
}

Create the policy:

aws iam create-policy \
  --policy-name ChimeSdkMeetingsLabPolicy \
  --policy-document file://chime-sdk-meetings-lab-policy.json

Attach the policy to an IAM user or role you use for the lab. (Exact steps depend on your org’s IAM standards.)

Expected outcome – A new IAM policy exists, and your lab identity can call Chime SDK meetings APIs.

Note Some organizations enforce permission boundaries or SCPs. If API calls fail, check org governance.

Step 3: Pick a meeting media region and create a meeting

Chime SDK meetings require a media region. Choose one close to your users (for latency) and compliant with your residency needs. Supported regions can change; verify in official docs.

Set variables (example uses us-east-1 for media region):

MEDIA_REGION="us-east-1"
CLIENT_TOKEN="$(date +%s)-lab"

Create a meeting:

aws chime-sdk-meetings create-meeting \
  --media-region "$MEDIA_REGION" \
  --client-request-token "$CLIENT_TOKEN"

Expected outcome – You receive a JSON response containing a Meeting object. – Capture the MeetingId from the output.

Tip (store MeetingId in a variable):

MEETING_ID="PASTE_MEETING_ID_HERE"

Verification Retrieve the meeting:

aws chime-sdk-meetings get-meeting --meeting-id "$MEETING_ID"

If get-meeting is not available in your CLI version or the API set differs, run:

aws chime-sdk-meetings help

…and verify the correct “get” or “describe” command in the current AWS CLI documentation.

Step 4: Create an attendee

Create one attendee with an external user ID that maps to your application identity (email, UUID, etc.).

EXTERNAL_USER_ID="user-001"

aws chime-sdk-meetings create-attendee \
  --meeting-id "$MEETING_ID" \
  --external-user-id "$EXTERNAL_USER_ID"

Expected outcome – You receive an Attendee object (including an AttendeeId and join token fields used by clients).

Store the attendee ID:

ATTENDEE_ID="PASTE_ATTENDEE_ID_HERE"

Verification

aws chime-sdk-meetings get-attendee \
  --meeting-id "$MEETING_ID" \
  --attendee-id "$ATTENDEE_ID"

Step 5 (Optional): Create a second attendee (simulate a real meeting)

aws chime-sdk-meetings create-attendee \
  --meeting-id "$MEETING_ID" \
  --external-user-id "user-002"

Expected outcome – A second attendee exists and could join from another device/app.

Validation

You have successfully validated the core control-plane operations if: – create-meeting returns a meeting with an ID. – get-meeting returns that meeting. – create-attendee returns an attendee. – get-attendee returns that attendee.

At this point, you have the core artifacts your application would hand to a web/mobile client using the Amazon Chime SDK client libraries.

Troubleshooting

Issue: AccessDeniedException – Cause: IAM policy/SCP/permission boundary blocks Chime SDK meetings actions. – Fix: – Confirm your principal (aws sts get-caller-identity). – Confirm the policy includes correct action names. – Check AWS Organizations SCPs and permission boundaries.

Issue: Unknown options or command not found – Cause: AWS CLI version doesn’t include that command group, or naming differs. – Fix: – Update AWS CLI v2. – Run aws chime-sdk-meetings help and confirm available commands. – Verify with official AWS CLI reference for Amazon Chime SDK.

Issue: Media region errors – Cause: Unsupported --media-region for Chime SDK meetings in your account/region set. – Fix: – Verify supported media regions in official documentation. – Try another supported media region.

Issue: You can create resources but clients cannot join – Cause: This lab does not include a full client join UI; joining requires using the Amazon Chime SDK client library and correct token handling. – Fix: – Use an official AWS sample for Chime SDK meetings client integration (see resources section). – Confirm you are passing meeting and attendee tokens correctly. – Confirm browser/device permissions and firewall rules.

Cleanup

Delete the meeting (if supported/appropriate):

aws chime-sdk-meetings delete-meeting --meeting-id "$MEETING_ID"

Then remove IAM policy if you created it: 1. Detach it from the IAM user/role. 2. Delete the policy:

aws iam delete-policy --policy-arn "PASTE_POLICY_ARN_HERE"

Also remove any locally stored credentials if you created a dedicated lab user.

11. Best Practices

Architecture best practices

Keep AWS calls server-side: Clients should not have permissions to create meetings directly unless you have a well-designed temporary credential model with strict scopes.
Use a meeting orchestration layer:
Map business objects (appointment, ticket, classroom session) to a meeting ID.
Store mappings in DynamoDB with TTL where appropriate.
Design for idempotency:
Use client request tokens and stable meeting creation logic to avoid duplicate meetings.
Plan for multi-tenancy:
Always enforce tenant isolation checks before issuing meeting join info.
Maintain per-tenant quotas and throttling in your backend.

IAM/security best practices

Least privilege:
Grant only the Chime SDK API actions needed.
Separate dev/test/prod roles.
No long-lived credentials on clients:
Prefer backend-issued meeting credentials (meeting/attendee data) rather than exposing AWS keys.
Use CloudTrail:
Alert on unusual spikes in meeting creation or attendee creation.

Cost best practices

Track attendee-minutes per tenant/project and set budgets.
Avoid unnecessary recording; apply lifecycle policies to S3 artifacts.
Load test for usage patterns to avoid surprises when you scale.

Performance best practices

Choose the closest supported media region for your users.
Test on real networks:
corporate VPNs
mobile networks
high-latency regions
Implement adaptive UX:
disable video when bandwidth is low
provide device selection UI

Reliability best practices

Use retries with exponential backoff for control-plane API calls.
Make meeting join idempotent for users (rejoin flows).
Build fallback communications paths for critical workflows (for example, “dial-in” or phone escalation—if your design supports it).

Operations best practices

Centralize logs with correlation IDs: request ID, meeting ID, user ID, tenant ID.
Create runbooks:
meeting join failures
elevated latency reports
suspected abuse (spam meeting creation)
Monitor dependencies (your auth provider, API Gateway/Lambda, database).

Governance/tagging/naming best practices

Where tags are supported (commonly for persistent resources), standardize:
Environment
Application
Tenant
Owner
CostCenter
For ephemeral meeting IDs, store metadata in your database so you can audit and correlate without relying on tags.

12. Security Considerations

Identity and access model

Chime SDK APIs use IAM. Your backend service role is your security boundary.
For end-user apps:
Prefer your own authentication (OIDC/SAML) and issue only the minimum meeting join data.
If you use Cognito, ensure identity pools/roles are scoped and cannot be abused to create unlimited meetings.

Encryption

In transit: meeting media and API traffic are encrypted in transit. Verify exact protocols and encryption guarantees per feature in official docs.
At rest: if you store recordings/transcripts in S3, enforce:
SSE-KMS (or your standard)
bucket policies
lifecycle policies
access logging (as required)

Network exposure

Client devices must reach AWS-managed media endpoints. In locked-down networks:
work with security/network teams to allow required domains/ports from official documentation
test from corporate networks early

Secrets handling

Store secrets (if any) in AWS Secrets Manager or SSM Parameter Store.
Never embed AWS access keys in web/mobile clients.
Rotate credentials and prefer roles (STS) over static keys.

Audit/logging

Enable CloudTrail organization-wide.
Log your application-level decisions:
who requested meeting creation
who was authorized to join
when join tokens were issued

Compliance considerations

Real-time communications may involve regulated data (PHI, PCI, PII).
You must define:
retention policies
consent/recording notices
data residency approach (media region and storage region)
Verify whether the specific Amazon Chime features you use are in scope for your compliance frameworks by checking AWS compliance documentation and service-specific guidance.

Common security mistakes

Allowing clients to call Chime SDK APIs with broad IAM permissions.
Not rate-limiting meeting creation endpoints (abuse can generate costs).
Recording meetings by default without explicit policy, consent, or retention controls.
Storing meeting join artifacts in logs unintentionally.

Secure deployment recommendations

Put meeting orchestration behind API Gateway with:
WAF
throttling and quotas
authentication (JWT authorizers)
Use separate AWS accounts for dev/test/prod.
Enforce encryption and least privilege for all stored artifacts.

13. Limitations and Gotchas

Because Amazon Chime is a broad family (app + SDK + voice), always validate specifics for your selected features. Common gotchas include:

Region and media-region mismatch: SDK meeting media regions are not necessarily the same as your API region strategy. Verify supported media regions.
Corporate network restrictions: WebRTC media can be blocked by strict firewalls/proxies; plan a network readiness test.
Quotas: attendee limits per meeting and API throttles can apply. Confirm in AWS docs.
Recording/capture complexity: media capture pipelines can introduce additional privacy, storage, and cost requirements.
Telephony compliance: phone numbers, emergency calling, call recording, and lawful intercept requirements vary by country.
Ephemeral resource lifecycle: meetings may be short-lived; do not treat meeting IDs like long-term durable resources unless the docs guarantee it.
Observability gaps: CloudTrail audits API calls, but user-perceived quality issues require client-side telemetry and network diagnostics.
Cost surprises: “small” usage can become large with:
many participants
long meetings
default recording retention
PSTN minutes
SDK integration effort: the SDK helps, but you still own:
UI/UX
device permission handling
error handling and reconnection logic
abuse prevention (spam joins, bot participants)

14. Comparison with Alternatives

Amazon Chime spans both an end-user meeting app and a developer SDK. Alternatives vary depending on whether you want a packaged collaboration product or embeddable communications APIs.

Comparison table

Option	Best For	Strengths	Weaknesses	When to Choose
Amazon Chime (App)	Internal collaboration	AWS-hosted meetings/chat/calls; centralized admin	May not match every enterprise feature set; user adoption considerations	You want an AWS-managed collaboration app and it meets feature requirements
Amazon Chime SDK	Embedding RTC into apps	AWS-native IAM governance; managed media plane; integrates with serverless	You must build UI and orchestration; requires engineering investment	You need in-app meetings/chat/voice and want AWS-managed infrastructure
Amazon Connect (AWS)	Contact centers	Purpose-built for queues/agents/telephony workflows	Not a general meeting SDK; different problem space	You need a full contact center, not general meetings
AWS Wickr	Secure messaging	Strong secure messaging focus (verify current positioning)	Not primarily a meetings SDK	You need secure messaging with specific security controls
Microsoft Teams	Enterprise collaboration	Deep M365 integration; broad enterprise features	Not AWS-native; embedding is limited to their platform patterns	Your organization is standardized on Microsoft 365
Zoom	Meetings/webinars	Mature meeting UX; webinars/events ecosystem	Embedding and governance differ; vendor/platform considerations	You prioritize conferencing UX and ecosystem over AWS-native integration
Google Meet	Meetings for Google Workspace	Strong Workspace integration	Less suited for deep custom embedding	You are standardized on Google Workspace
Twilio (Video/Voice)	Developer communications	Strong CPaaS; global reach; APIs	Different pricing and governance model	You want CPaaS and are vendor-agnostic about AWS-native governance
Vonage APIs	Developer communications	CPaaS messaging/voice/video	Vendor/platform tradeoffs	You want CPaaS features that match their offerings
Self-managed WebRTC (Jitsi/Janus/Kurento)	Maximum control	Full control, can run on-prem	High ops burden; scaling and quality challenges	You require on-prem or custom media control and accept ops complexity

15. Real-World Example

Enterprise example: regulated financial advisory video sessions

Problem: a financial services firm wants secure, auditable advisor-client video calls embedded in a portal, with strict access control and retention policies for recorded sessions.
Proposed architecture
Customer portal (web app) authenticates users via enterprise IdP.
API Gateway + Lambda authorizes appointment join and creates Chime SDK meeting/attendee.
Meeting metadata stored in DynamoDB (appointment → meeting ID, allowed participants).
Optional media capture pipeline stores recordings in S3 with SSE-KMS and lifecycle/retention policies.
CloudTrail logs API calls; CloudWatch logs backend authorization decisions; Security team monitors anomalies.
Why Amazon Chime was chosen
AWS-native IAM controls and serverless integration.
Managed real-time media plane avoids operating WebRTC infrastructure.
Ability to tie meeting creation to business workflow authorization.
Expected outcomes
Faster delivery of embedded video sessions.
Better governance and auditing versus ad-hoc meeting links.
Predictable cost model tied to actual usage (attendee minutes + recording/storage if enabled).

Startup/small-team example: in-app tutoring platform MVP

Problem: a startup needs to ship live tutoring sessions in 6 weeks, with minimal ops overhead and the ability to scale if demand spikes.
Proposed architecture
Single-page web app for students/tutors.
Simple backend (Lambda) creates meetings and attendees, returns join info.
DynamoDB stores session schedule and meeting mapping.
No recording initially to reduce complexity and cost.
Why Amazon Chime was chosen
Managed meeting infrastructure.
Pay-for-usage model aligned with early-stage uncertainty.
Quick integration path with AWS serverless.
Expected outcomes
MVP with live sessions delivered quickly.
Ability to iterate UI/UX while relying on AWS for media scaling.
Clear upgrade path to add recording, chat, analytics later.

16. FAQ

1) Is Amazon Chime the same as Amazon Chime SDK?
No. Amazon Chime can refer to the end-user collaboration app and admin experience, while Amazon Chime SDK refers to developer APIs and libraries to embed communications into your own applications.

2) Do I need the Amazon Chime desktop app to use Chime SDK?
No. Chime SDK is designed for custom apps (web/mobile). The desktop app is a separate end-user experience.

3) How do Chime SDK meetings authenticate users?
The Chime SDK API calls are IAM-authenticated from your backend. Your application authenticates users (OIDC/SAML/Cognito, etc.) and only then issues meeting join information.

4) Can I create meetings directly from a browser using AWS credentials?
It’s possible but usually not recommended. Best practice is to keep meeting creation server-side to prevent credential leakage and abuse.

5) What is a “media region” in Chime SDK meetings?
It’s the region where meeting media is processed. Choose based on latency and compliance needs. Verify supported media regions in official docs.

6) Does CloudTrail log Amazon Chime SDK actions?
CloudTrail generally logs AWS API calls, including many service actions. Verify which Chime SDK actions are logged in the CloudTrail event reference.

7) How do I estimate Chime SDK costs?
Estimate attendee-minutes (participants × duration), then add extras like recording/capture and storage. Use the official pricing page and AWS Pricing Calculator.

8) Can I record Chime SDK meetings?
There are Chime SDK media pipeline capabilities used for capture/recording patterns. Availability and configuration vary—verify the current media pipeline features in official docs.

9) Can I integrate Amazon Chime with SIP trunks or a PBX?
Amazon Chime includes voice/SIP capabilities (commonly via Voice Connector patterns). Telephony designs are nuanced; verify region support, number availability, and compliance requirements.

10) How do I secure meeting join links?
Do not use “public” join links without authentication for sensitive use cases. Issue join data only after your app authorizes the user for a specific meeting.

11) What happens if my backend goes down—do meetings keep running?
Once clients are connected, the media plane is AWS-managed, but join/rejoin and new attendee creation depend on your backend. Design your backend for high availability.

12) Can I use Amazon Chime for webinars with thousands of viewers?
Chime SDK meetings are optimized for interactive meetings and have quotas/limits. For large broadcast scenarios, evaluate AWS media services or specialized webinar products. Verify attendee limits in docs.

13) Is Amazon Chime HIPAA eligible / compliant for my use case?
Compliance eligibility depends on the service and feature set and your configuration. Check AWS compliance documentation and your legal/compliance team.

14) How do I prevent abuse (bots creating meetings)?
Use authentication, rate limiting (API Gateway throttling/WAF), anomaly detection, and strict IAM. Log and alert on abnormal meeting creation volume.

15) What’s the operational “unit” to monitor?
Monitor: – meeting creation rate – attendee creation rate – join failures in your app logs – client-side QoS telemetry (packet loss, jitter) if you collect it – cost usage (attendee-minutes, PSTN minutes, recordings)

16) Do meetings persist forever?
Meeting lifecycle behavior can vary. Treat meeting objects as potentially ephemeral unless the docs guarantee persistence; store your own mapping metadata.

17) Can I build multi-tenant chat with Chime SDK Messaging?
Yes, messaging APIs are designed for application integration, but you must enforce tenant boundaries and retention policies in your design.

17. Top Online Resources to Learn Amazon Chime

Resource Type	Name	Why It Is Useful
Official documentation	Amazon Chime documentation (start here): https://docs.aws.amazon.com/	Primary source for current features, APIs, and constraints (search for “Amazon Chime” and “Amazon Chime SDK”)
Official Chime SDK developer guide	Amazon Chime SDK Developer Guide: https://docs.aws.amazon.com/chime-sdk/latest/dg/	Explains Meetings/Messaging/Voice concepts, API flows, and security model
Official admin guide (app)	Amazon Chime Administration Guide: https://docs.aws.amazon.com/chime/latest/ag/	For organizations using the Amazon Chime app and admin console
Official pricing page	Amazon Chime pricing: https://aws.amazon.com/chime/pricing/	Current pricing dimensions and SKUs—do not rely on third-party pricing posts
Pricing tool	AWS Pricing Calculator: https://calculator.aws/#/	Model attendee-minutes, storage, and supporting AWS service costs
AWS CLI reference	AWS CLI Command Reference: https://docs.aws.amazon.com/cli/	Verify current `chime-sdk-*` command names and parameters
Official SDK/library source	Amazon Chime SDK (AWS GitHub org): https://github.com/aws	Find official/maintained SDKs and examples; verify repo names and READMEs
Samples (often AWS Samples org)	AWS Samples GitHub: https://github.com/aws-samples	Look for Amazon Chime SDK sample apps and deployment templates
Security logging	AWS CloudTrail docs: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/	Understand what gets logged and how to audit Chime SDK API usage
Architecture guidance	AWS Architecture Center: https://aws.amazon.com/architecture/	Patterns for serverless, identity, and multi-tenant design used alongside Chime SDK

18. Training and Certification Providers

Institute	Suitable Audience	Likely Learning Focus	Mode	Website URL
DevOpsSchool.com	DevOps engineers, cloud engineers, architects	AWS fundamentals, DevOps practices, cloud operations (check course catalog for Amazon Chime coverage)	check website	https://www.devopsschool.com/
ScmGalaxy.com	Developers, DevOps beginners	SCM, CI/CD, DevOps foundations (check website for AWS collaboration services content)	check website	https://www.scmgalaxy.com/
CLoudOpsNow.in	Cloud operations teams, SREs	CloudOps, monitoring, operational readiness	check website	https://www.cloudopsnow.in/
SreSchool.com	SREs, platform engineers	Reliability engineering, SLOs, incident response, operational patterns	check website	https://www.sreschool.com/
AiOpsSchool.com	Ops teams, architects	AIOps concepts, monitoring automation, event correlation	check website	https://www.aiopsschool.com/

19. Top Trainers

Platform/Site	Likely Specialization	Suitable Audience	Website URL
RajeshKumar.xyz	DevOps/cloud training content (verify current offerings)	Beginners to intermediate engineers	https://rajeshkumar.xyz/
devopstrainer.in	DevOps training and mentoring (verify course scope)	DevOps engineers, sysadmins transitioning to cloud	https://www.devopstrainer.in/
devopsfreelancer.com	Freelance/contract DevOps enablement (verify services)	Teams needing short-term coaching or implementation support	https://www.devopsfreelancer.com/
devopssupport.in	DevOps support/training resources (verify focus)	Ops/DevOps teams needing guided support	https://www.devopssupport.in/

20. Top Consulting Companies

Company	Likely Service Area	Where They May Help	Consulting Use Case Examples	Website URL
cotocus.com	Cloud/DevOps consulting (verify specialties)	Architecture, implementations, operations	Serverless meeting orchestration backend; IAM hardening; cost monitoring	https://cotocus.com/
DevOpsSchool.com	DevOps/cloud consulting (check services)	Cloud adoption, DevOps processes, training + delivery	Build/operate Chime SDK-backed collaboration features; observability setup	https://www.devopsschool.com/
DEVOPSCONSULTING.IN	DevOps consulting (verify offerings)	CI/CD, infrastructure automation, operations	Secure multi-account setup for Chime SDK workloads; operational readiness	https://www.devopsconsulting.in/

21. Career and Learning Roadmap

What to learn before Amazon Chime

AWS basics: IAM, regions, networking fundamentals
API design: REST concepts, authentication/authorization
Serverless fundamentals (optional but common): Lambda, API Gateway
WebRTC basics (helpful): latency, packet loss, NAT traversal, device permissions

What to learn after Amazon Chime

Advanced multi-tenant SaaS patterns (tenant isolation, quotas, metering)
Observability engineering (client + server telemetry, SLOs)
Media pipelines and compliance tooling:
S3 lifecycle and encryption
transcription/analytics pipelines (service-dependent; verify)
Voice/telephony design (SIP, SBCs, number management) if using voice features

Job roles that use it

Cloud Solutions Architect
Full-stack developer (communications features)
DevOps/SRE (operating the orchestration platform)
Security engineer (IAM, audit, compliance)
UC/voice engineer (SIP integration, voice routing)

Certification path (if available)

Amazon Chime itself is not typically a standalone certification topic, but it fits well under: – AWS Certified Solutions Architect (Associate/Professional) – AWS Certified Developer (Associate) – AWS Certified Security (Specialty)

Project ideas for practice

Build a serverless “appointment meeting” service: – create meeting per appointment – join authorization checks – DynamoDB mapping with TTL
Add chat to an internal tool using Chime SDK messaging primitives.
Implement cost metering per tenant (attendee-minutes approximation via your own logs + billing data).
Add recording with S3 lifecycle and an approval workflow (only if your compliance policy permits).

22. Glossary

Amazon Chime: AWS service family for meetings, chat, and calling (app + SDK capabilities).
Amazon Chime SDK: Developer APIs and libraries to embed communications in custom applications.
Control plane: APIs that create/manage meetings, attendees, channels, and configurations.
Media plane: The real-time transport path for audio/video/screen share.
Meeting: A session container created via API; participants join as attendees.
Attendee: A participant identity within a meeting, created via API.
External user ID: Your application’s identifier mapped to an attendee (used for correlation).
Media region: Region where meeting media is processed (latency/compliance consideration).
IAM (Identity and Access Management): AWS service controlling permissions for API actions.
SigV4: AWS request signing process for authenticating API calls.
CloudTrail: AWS audit log of API calls.
CloudWatch: AWS monitoring and logging service (commonly used for your orchestration backend).
WebRTC: Real-time communications standard used by browsers for audio/video.
SIP: Session Initiation Protocol used for voice calling and PBX interconnects.
SBC: Session Border Controller; protects and mediates SIP traffic for enterprise voice.

23. Summary

Amazon Chime is an AWS Business applications service family for real-time communications—meetings, chat, and calling—delivered both as an end-user collaboration app and as developer APIs through the Amazon Chime SDK. It matters because building and operating real-time media systems is complex; Amazon Chime offloads much of the infrastructure burden while integrating with AWS-native identity (IAM), audit (CloudTrail), and serverless architectures.

Cost is typically driven by usage (such as attendee-minutes) and optional capabilities like PSTN calling, phone numbers, and media capture/storage. Security hinges on keeping AWS API permissions server-side, enforcing strong application authorization for meeting joins, and applying encryption and retention controls to stored artifacts.

Use Amazon Chime when you need AWS-native communications or you want to embed meetings/chat/voice into your applications with managed infrastructure. Next step: review the official Amazon Chime SDK Developer Guide and build a small meeting orchestration service using API Gateway + Lambda, then add authentication, monitoring, and cost controls before moving to production.

Category