How It Works
Architecture overview — how Chatmancer runs entirely inside your AWS account.
How It Works
Chatmancer is a fully serverless application that lives inside your AWS account. This page explains the architecture, the data flow on every chat message, and exactly what Chatmancer can and cannot see.
Architecture overview
Your visitor's browser
│
▼
Amazon CloudFront ──────────────────────────────────────────┐
(CDN + TLS) │
│ │
├── /dashboard/* ──▶ S3 (React SPA) │
├── /widget.js ──▶ S3 (widget bundle) │
└── /api/* ──▶ API Gateway │
│ │
▼ │
AWS Lambda │
(Hono API server) │
│ │
┌───────────────┼───────────────┐ │
▼ ▼ ▼ │
PostgreSQL Amazon S3 OpenAI API │
(RDS / Aurora) (documents, (external) │
conversations, embeddings) │
chatbot config, │
knowledge base └──▶ chatmancer.com
(license check-in
once per day)All resources inside the box are provisioned inside your AWS account. The only external calls are to the OpenAI API (using your key) and a once-daily license check-in to chatmancer.com.
What happens on every chat message
- The visitor types a message in the widget embedded on your page.
- The widget sends the message to your API Gateway endpoint over HTTPS.
- API Gateway triggers your Lambda function.
- Lambda retrieves the chatbot configuration and conversation history from your RDS database.
- If the chatbot has a knowledge base, Lambda runs a semantic search against your embeddings stored in S3/RDS to find relevant context.
- Lambda calls the OpenAI API with the system prompt, retrieved context, and conversation history, using your API key.
- The response streams back through Lambda → API Gateway → widget → visitor's screen.
- The exchange is saved to your database.
At no point does any message pass through Chatmancer's infrastructure (except the daily license check-in, which contains no conversation data).
What Chatmancer cannot see
| Data | Where it lives | Chatmancer access |
|---|---|---|
| Visitor conversations | Your RDS database | None |
| Knowledge base documents | Your S3 bucket | None |
| Trained embeddings | Your RDS / S3 | None |
| OpenAI API key | AWS Secrets Manager (your account) | None |
| Lead capture data | Your RDS database | None |
| Chatbot system prompts | Your RDS database | None |
The daily license check-in sends only: your license key hash, a timestamp, and the AWS region. No conversation data, no user data.
AWS Free Tier coverage
For most small-to-medium deployments, Chatmancer runs entirely within the AWS Free Tier:
| Service | Free Tier | Typical usage |
|---|---|---|
| AWS Lambda | 1M requests / month | Well within for most sites |
| Amazon S3 | 5 GB storage, 20K GET requests | Sufficient for most knowledge bases |
| Amazon CloudFront | 1 TB data transfer / month | Covers millions of widget loads |
| Amazon CloudWatch | 10 custom metrics, 5 GB logs | Dashboard + alarms included |
RDS (PostgreSQL) is the one service that may incur a small cost beyond free tier for high-traffic deployments. You can monitor your bill at any time via the CloudWatch dashboard that ships with the stack.