AWS re:Invent 2018: Deconstructing SaaS: Building Multi-Tenant Solutions on AWS (ARC418-R1)
SaaS presents developers with a unique blend of architectural challenges. While the concepts of multi-tenancy are straightforward, the reality of making all the moving part work together can be daunting. For this session, we’ll move beyond the conceptual bits of SaaS and look under the hood of a SaaS application. The goal here is to examine the fundamentals of identity, data partitioning, and tenant isolation through the lens of a working solution and highlight the challenges and strategies associated with building a next-generation SaaS application on AWS. We’ll look at the full lifecycle of registering new tenants, applying security policies to prevent cross-tenant access, and leveraging tenant profiles to effectively distribute and partition tenant data. The goal here is to connect many of the conceptual dots of a SaaS implementation, highlighting the tradeoffs and considerations that will shape your approach to SaaS architecture. Complete Title: AWS re:Invent 2018: [REPEAT 1] Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (ARC418-R1)
Where can we find reference code or instruction to do practical by ourself
Great video, is there any reasons for not using aws-sdk in your app?
This is completely user-specific. How will we able to build a multi-tenant solution for M2M communication models(like aws IoT)? Do we have any document /guideline for that?
In the invoking application slide (https://youtu.be/mwQ5lipGTBI?t=1527) are you sending the access_token or the id_token in the Authorization:Bearer header? the access_token doesn’t have any claims with custom attributes, only the id_token has the claims in the payload. Can you clarify that point? or can you configure Cognito to include custom claims in the access_token?
id_token