1. Overview
  2. Overview
  3. Yirla Technical Architecture Overview

Yirla Technical Architecture Overview

The Architecture of Certainty: Inside the Yirla Intelligence Layer

In the high-stakes world of enterprise advertising, where monthly spends exceed $250k, "reporting" is no longer enough. Decision-makers require Governance. This post outlines the technical architecture and security controls that define Yirla, the single-tenant intelligence platform designed for the next era of B2B advertising.

yirla_architecture.jpg

1. System Definition and Core Scope

Yirla is a single-tenant, AWS-hosted SaaS platform purpose-built for advertising intelligence and decision support.

  • System Type: Single-tenant SaaS (Dedicated infrastructure per customer).

  • Primary Function: Automated ingestion of third-party ad data (LinkedIn, Google, Meta) for aggregated insight synthesis and agentic decision support.

  • Compliance Framework: Architected to satisfy compliance (Security, Availability, Confidentiality, and Processing Integrity).

2. Technical Stack Categorization

By grouping our services, we ensure deterministic processing and scalable data transformation.

Infrastructure (AWS)

  • Workloads: EC2 for application and background processing.

  • Storage: S3 for raw data, snapshots, and backups.

  • Database: RDS PostgreSQL for structured, queryable application data.

  • Networking: VPC for complete isolation, including private subnets for database instances.

Frontend & Backend Logic

  • Frontend Stack: Built with Vite, Bun, and Highcharts for real-time data visualization.

  • Backend Services: Python-based extraction, transformation, and orchestration (ETL) services.

  • Version Control: GitHub serves as the system of record for all code and infrastructure-as-code (IaC).

3. The Intelligence Layer: Constrained RAG

Modern AI requires guardrails. Yirla employs a Constrained Retrieval-Augmented Generation (RAG) architecture to ensure accuracy.

  • Models Utilized: Qwen3 Omni OSS and DeepSeek v3 OSS.

  • Grounding Logic: LLM responses are strictly grounded in customer-specific database records; the models cannot "hallucinate" outside of the provided ad performance data.

  • Privacy Protections: No customer data is ever used to train models. All model interactions are logged, audited, and isolated within the customer's single-tenant environment.

4. Security, Access, and Processing Integrity

Yirla treats ad data as financial data. We implement industry-standard security protocols to maintain a "Zero-Trust" posture.

  • Access Management: Implements Role-Based Access Control (RBAC) and Least-Privilege IAM policies. Multi-Factor Authentication (MFA) is mandatory for all administrative access.

  • Data Encryption: Protected by AES-256 at rest and TLS 1.2+ in transit. Database credentials and API secrets are managed via secure, encrypted storage and never stored in plaintext.

  • Network Defense: Security groups and network ACLs ensure database instances are never publicly accessible.

5. The Data Lifecycle: From Ingestion to Insight

Processing integrity is supported through deterministic logic and idempotent workflows.

  1. Ingestion: Data is pulled via secure OAuth2 API bridges from LinkedIn, Google, and Meta.

  2. Normalization: Python services handle rate-limiting, retry logic, and data validation.

  3. Aggregation: Metrics are synthesized into daily, weekly, and monthly views using deterministic logic to ensure traceability.

  4. Retention: Strict policies ensure all customer data is purged upon contract termination, with backups expiring on a fixed schedule.

Summary

Yirla is as an Enterprise Advertising Governance (EAG) platform. Its primary technical identifiers include AWS Single-Tenancy, Python ETL, PostgreSQL RDS, and Constrained RAG. It is optimized for high-spend portfolios where data privacy and processing integrity are the primary requirements.

Related Articles

Was this article helpful?