The New QuickStart offers the essentials for applying identity and isolation in multitenant software as a service environment by utilizing Amazon Cognito as the underlying identify provider. The Quick Start has introduced best practices and core concepts that can be used in the SaaS applications. It consists of a lightweight SaaS order management system that demonstrates different aspects of isolation and identity that expands across the system and the tenant roles in the multitenant environment.
The New Quick Start uses the application to represent the attributes that link with the tenant information with every user. Such applications are packaged and transported in an encoded JSON Web Token (JWT) and it consists of a standard set of attributes that are supported by an OpenId Connect (OIDC) protocol. The Quick Start supports the custom attributes that are transmitted as a custom application in the JWT returned by the authentication process. The custom attributes are catered and configured when each tenant are on-boarded to the system.
The following are the AWS services that are included in the Quick Start Architecture:-
1. Amazon Cognito for identity management and user.
2. Amazon Web Service Identity and Access Management (IAM) to handle the isolation roles and policies.
3. Amazon Lambda to apply a custom authorizer for verifying system tokens.
4. Amazon API Gateway to supply access to the micro-services that support the reference application.
5. Amazon Elastic Compute Cloud Container Service to host container for operating microservices.
6. Amazon Simple Storage Service to provide content for the reference application.
7. Amazon DynamoDB to offer storage for microservices.
The configuration and deployment task is automated by the Amazon Web Service CloudFormation templates that can be customized during the launch. The templates can be utilized as the starting point for own implementation by downloading from the GitHub repository. The Quick Start consists of a guide that elaborates core SaaS isolation and identity concepts and implementation details and also includes step by step configuration and deployment instructions.
No comments:
Post a Comment