Best Practices for production scale deployment of keycloak

Can someone please help me with best practices for deployment of keycloak ? We are planning to deploy Keycloak on AWS using EC2 instances and planning to use auto-scaling functionality on the same.

We anticipate having about 15-20 million end users who would use the platform for authentication. Hence, we are looking for best practices for
a. Scaling considerations and High availability.
b. Performance Tuning
c. Security Hardening

Any guidance would be very helpful.

Thanks and Regards,