What does the autoposting system do?

It runs a Facebook page on autopilot. A scheduled posting robot picks the next queued post, runs it through five topic and brand guardrails, and publishes to the page via the Graph API. A reply robot answers inbound messages and comments using only content from a Google Drive folder the client edits — citing a knowledge-base entry on every reply or refusing to answer.

How much does it cost?

About $2-$5 per Facebook page per month at steady volume. Always-free at this scale: Lambda, EventBridge Scheduler, DynamoDB, SQS, SNS, Lambda Function URLs. Small fixed cost is dominated by Secrets Manager (~$1.20) plus pennies for S3 storage and the S3 Vectors index. Variable cost is Bedrock tokens — Titan embeddings and Claude Haiku replies — which run pennies per 1,000 replies. An AWS Budget alarm at $10/month catches anything weird.

Which platform does it post to?

Facebook Pages — outbound posts via the Graph API at /{page-id}/feed, inbound messages and comments via Meta webhook events behind a Lambda Function URL with HMAC SHA256 verification. Page access tokens last roughly 60 days and are rotated automatically by a weekly fn-token-refresh Lambda before expiry.

How does it stay on-topic?

Five-stage guardrails between scheduler and Facebook: schema check (required fields, length), keyword check (per-page allowlist plus denylist), semantic similarity check against the page's niche centroid via Titan Text Embeddings v2, an LLM judge (Claude Haiku 4.5) that fires only on borderline cases (~5% of posts), and a verdict router that routes PASS to publish, REVIEW to email-for-approval, BLOCK to the audit table only. Cheap gates run first; expensive gates only when needed.

How does it answer messages without making things up?

RAG with a citation guardrail. The reply Lambda embeds the user's question, searches the S3 Vectors index for the top relevant chunks, and only proceeds if the top-match score clears a confidence threshold. Claude Haiku 4.5 is instructed to answer using ONLY retrieved chunks and to return the chunk IDs it actually used. The runtime blocks any reply that didn't cite a chunk — the structural guarantee against hallucinated prices, promos, or promises.

Where does the content come from?

A Google Drive folder per page, with four documents in a fixed shape: FAQs, pricing, promos, and a don't-say list. The client edits Google Docs they already know — they never log into AWS. A Drive files.watch notification triggers a Sync Lambda that validates the doc; if valid, the doc is written to a versioned S3 bucket and chunked-and-embedded into the per-page vectors index. If invalid, the Sync Lambda comments back into the Drive doc and the old version stays live.

Which AWS services does it use?

Lambda (with Function URLs for webhooks), EventBridge Scheduler, DynamoDB on-demand, S3 (versioned), S3 Vectors (GA December 2025), SQS, SNS, Secrets Manager, CloudWatch Logs (7-day retention), AWS Budgets, and Bedrock (Claude Haiku 4.5 via Global cross-Region inference, plus Titan Text Embeddings v2). No API Gateway, no NAT Gateway, no always-on compute. Region: ap-southeast-1 (Singapore).

Series · 7 parts Published April 25, 2026

AWS autoposting

A scheduled Facebook poster that stays on‑topic, answers questions correctly from a Google Drive knowledge base, and doesn’t surprise you with a huge cloud bill. Seven posts on the same system — one diagram at a time — with an engineering reference at the end.

01

A Facebook autoposting system on AWS for $2–$5 a month

The whole system on one page — scheduled posting, topic guardrails, a Drive-based knowledge base, real-time replies.
02

How code becomes a working system

Push to GitHub, walk away. The cloud handles the rest — and never holds a long-lived password.
03

How a post actually goes out

Five quick checks between “it’s time” and “post is live.” Cheap gates first, expensive gates only when needed.
04

How the Drive folder powers everything

The client edits a Google Doc. The system updates itself — with a safety layer that keeps the old version live if anything looks broken.
05

How replies work without making things up

The bot answers from the client’s docs only — or escalates to a human. Citation required, no exceptions.
06

What this all costs

A coffee a month, not a Netflix subscription. Line by line, where the dollars actually go.
07

Engineering reference: the full architecture

Same system, drawn purely for engineers. Service names, resource identifiers, region, and the actual flow operations.

What does the autoposting system do?: It runs a Facebook page on autopilot. A scheduled posting robot picks the next queued post, runs it through five topic and brand guardrails, and publishes to the page via the Graph API. A reply robot answers inbound messages and comments using only content from a Google Drive folder the client edits — citing a knowledge-base entry on every reply or refusing to answer.
How much does it cost?: About $2–$5 per Facebook page per month at steady volume. Always-free at this scale: Lambda, EventBridge Scheduler, DynamoDB, SQS, SNS, Lambda Function URLs. Small fixed cost is dominated by Secrets Manager (~$1.20) plus pennies for S3 storage and the S3 Vectors index. Variable cost is Bedrock tokens — Titan embeddings and Claude Haiku replies — which run pennies per 1,000 replies. An AWS Budget alarm at $10/month catches anything weird.
Which platform does it post to?: Facebook Pages — outbound posts via the Graph API at /{page-id}/feed, inbound messages and comments via Meta webhook events behind a Lambda Function URL with HMAC SHA256 verification. Page access tokens last roughly 60 days and are rotated automatically by a weekly fn-token-refresh Lambda before expiry.
How does it stay on-topic?: Five-stage guardrails between scheduler and Facebook: schema check (required fields, length), keyword check (per-page allowlist plus denylist), semantic similarity check against the page’s niche centroid via Titan Text Embeddings v2, an LLM judge (Claude Haiku 4.5) that fires only on borderline cases (~5% of posts), and a verdict router that routes PASS to publish, REVIEW to email-for-approval, BLOCK to the audit table only. Cheap gates run first; expensive gates only when needed.
How does it answer messages without making things up?: RAG with a citation guardrail. The reply Lambda embeds the user’s question, searches the S3 Vectors index for the top relevant chunks, and only proceeds if the top-match score clears a confidence threshold. Claude Haiku 4.5 is instructed to answer using ONLY retrieved chunks and to return the chunk IDs it actually used. The runtime blocks any reply that didn’t cite a chunk — the structural guarantee against hallucinated prices, promos, or promises.
Where does the content come from?: A Google Drive folder per page, with four documents in a fixed shape: FAQs, pricing, promos, and a don’t-say list. The client edits Google Docs they already know — they never log into AWS. A Drive files.watch notification triggers a Sync Lambda that validates the doc; if valid, the doc is written to a versioned S3 bucket and chunked-and-embedded into the per-page vectors index. If invalid, the Sync Lambda comments back into the Drive doc and the old version stays live.
Which AWS services does it use?: Lambda (with Function URLs for webhooks), EventBridge Scheduler, DynamoDB on-demand, S3 (versioned), S3 Vectors (GA December 2025), SQS, SNS, Secrets Manager, CloudWatch Logs with seven-day retention, AWS Budgets, and Bedrock (Claude Haiku 4.5 via Global cross-Region inference, plus Titan Text Embeddings v2). No API Gateway, no NAT Gateway, no always-on compute. Region: ap-southeast-1 (Singapore).

All posts

Frequently asked questions

Other series