SlideShare a Scribd company logo

SaaS Reference Architectures: Review of Real-World Patterns & Strategies (GPSTEC302) - AWS re:Invent 2018

Amazon Web Services
Amazon Web Services

There is no single approach to building SaaS applications on AWS. Domain, compliance, performance, legacy considerations, and business forces all play a big role in shaping the architecture of your solutions. While there are many strategies for implementing SaaS on AWS, there are some common architectural patterns that are used to address the varying needs of SaaS providers. In this session, we review in detail a collection of SaaS reference architectures that represent a spectrum of approaches to addressing identity, onboarding, storage partitioning, tenant isolation, billing, deployment, regional distribution, and operational models. Our goal is to provide a menu of concrete solutions that can provide insights into how AWS constructs are leveraged to realize SaaS best practices on AWS.

1 of 41
Download to read offline
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Reference Architectures: A Review of Real World Patterns and Strategies Tod Golding Partner Solutions Architect Amazon Web Services G P S T E C 3 0 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS: One goal, many flavors App tier Tenant 2 Web tier App tier Tenant 1 Web tier Web tier App: Tenant 1 App: Tenant 2 Web tier App tier
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The key challenges of SaaS architecture
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-tenancy can vary at every layer Web tier App tier – T1 App tier – T2 Tenant 1 1992093 Tenant 2 9828519 Tenant 1 4940492
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The common thread: Agility
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS architecture pattern landscape Onboarding Application access Metering,metrics,&analytics Billing&tiering Management&monitoring API accessDeployment&agility ServiceService Service Tenant isolation Tenant isolation Tenant isolation
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS architecture pattern landscape Onboarding Application access Metering,metrics,&analytics Billing&tiering Management&monitoring API accessDeployment&agility ServiceService Service Tenant isolation Tenant isolation Tenant isolation
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The SaaS monolith Availability Zone Availability Zone
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Microservices SaaS with containers NAT gateway NAT gateway Availability Zone Availability Zone Microservice Microservice
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless SaaS Amazon API Gateway AWS Lambda functions Storage services Custom authorizer
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Comparing models Monolith Container microservices Serverless Zero downtime deployment Low High Very high Scaling with tenant activity Low Medium Very high Scaling granularity Low High Very high Development ease High High Medium Fault tolerance support Low High Very high Cost optimization Low Medium High
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-tenant aware application services Application service Tenant data partitioning mapping Logging& metering
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Extracting and applying tenant context Application service GET /products Authorization: Bearer <Token> { ” tenantId” : ”8391” “role” : “Admin” } JWT Token 1 Data access layer GetProducts()2 Token Manager 3 Partition Manager 4 5
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Storage partitioning patterns Silo relational Silo NoSQL Pool relational & NoSQL TenantID ProductID Tenant-2 929443903 Tenant-1 384914810 Object storage Tenant 1 Tenant 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Avoiding tenant bottlenecks TenantID ProductID Tenant-2 929443903 Tenant-1 294020999 Tenant-1 384914810 TenantID ProductID Tenant-1 929443903 Tenant-1 294020999 Tenant-1 384914810 Tenant-1 202030340 Tenant-2 534538388
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Scaling tenant partitioned data TenantID ShardID Tenant-2 Shard-1 Tenant-1 Shard-2 Proxy fleet Amazon Aurora instances Storage Storage
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Role and policy-based isolation Tenant 1 Tenant 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Siloed compute isolation Tenant 1 Tenant 2 Tenant 1 Tenant 2 Tenant 1 Tenant 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Pooled compute isolation Identity Policies Pooled computeTenant scoped creds Tenant
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tenant data isolation TenantID ProductID Tenant-2 929443903 Tenant-1 294020999 Tenant-1 384914810 Tenant-2 948393991 Tenant-2 429919495
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using policies to isolation shared resources { "Sid": "TenantReadOnlyOrderTable", "Effect": "Allow", "Action": [ "dynamodb:GetItem", "dynamodb:BatchGetItem", "dynamodb:Query", "dynamodb:DescribeTable" ], "Resource": [ "arn:aws:dynamodb:us-east-1:000000000000:table/Order" ], "Condition": { "ForAllValues:StringEquals": { "dynamodb:LeadingKeys": [ "5bd24c40d66c4755819d28ceab9f0826" ] } } } Tenant Identity Policy
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Full stack isolation Tenant 1 Tenant 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Onboarding, access, and operations patterns Onboarding Application access Metering,metrics,&analytics Billing&tiering Management&monitoring API accessDeployment&agility Application services ServiceService Service Storage partitioning Tenant isolation Tenant isolation Tenant isolation
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Onboarding patterns: The building blocks
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Zero touch, volume onboarding (pool) Tenant Registration Service /reg Tenant IAM Identity Provider (OIDC) Tenant Management Service POST User  UserPool User Management Service New account queue Billing Account Manager Billing system Provision account Retry
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Enterprise, low volume onboarding (silo) Tenant Engineer DevOps provisioning
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Authentication with delayed tenant resolution Tenant Web application Identity provider User/tenant mapping UserId TenantId RBAC policies Application service Dataaccess
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Authentication with SaaS identity token Tenant Web application Identity provider (OIDC) Application service Dataaccess ID Token Access Token Tenant IAM policy Amazon Cognito STS Token
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Authentication via external provider Authentication Manager User: Password:: Identity provider config Amazon Cognito External identity provider Tenant Manager User  Tenant App Service
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional authentication considerations jane@example.com Tenant 1 Tenant 2 Mapping a single user to multiple tenants Enabling tenant management of policies • MFA policies • Password expiration • Password format • Validation
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-region authentication and access Identity repository Shared Onboarding Region A Region B Identity repository Identity repository Tenant 1 Tenant 2 Region selection& routing
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Metering and analytics patterns Metering framework API Gateway Product manager Ops engineer Architect Tenant context in every event
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Billing and account lifecycle
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Takeaways • No single pattern fits all SaaS businesses • SaaS architecture must embrace variable consumption • Metrics and analytics are foundational to SaaS architecture • Getting isolation right can be challenging • Automation and agility are essential to all patterns
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional SaaS breakouts Monday, 11/26 ARC324 - Architecting Next Generation Serverless SaaS Solutions on AWS 6:15 PM | Venetian, Level 2, Venetian Theater Tuesday, 11/27 ARC324 - Architecting Next Generation Serverless SaaS Solutions on AWS (Repeat) 4:00 PM | Venetian, Level 2, Titian 2204 Wednesday, 11/28 ARC418 Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS 12:15 PM | Mirage, Mirage Event Center B Thursday, 11/29 ARC418 Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (Repeat) 4:00 PM | Aria, Aria West, Level 3, Ironwood 5
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Chalk Talks Monday, 11/26 ARC216 - SaaS Operations: The Foundation of SaaS Agility 11:30 – 12:30 | Venetian, Level 2, Veronese 2406 Tuesday, 11/27 ARC210 - SaaS Jumpstart: A Primer for Launching Your SaaS Journey 9:15 – 10:15 | Venetian, Level 4, Lando 4304 Wednesday, 11/28 ARC419 – Optimizing Your SaaS Solutions on AWS 1:00 – 2:00 | Venetian, Level 3, Murano 3202 ARC326 - Migrating Single-Tenant Applications to Multi-Tenant SaaS 4:00 – 5:00 | Aria West, Level 3, Starvine 7 ARC210 - SaaS Jumpstart: A Primer for Launching Your SaaS Journey 1:45 – 2:45 | Aria West, Level 3, Ironwood 8
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Chalk Talks Thursday, 11/29 ARC210 - SaaS Jumpstart: A Primer for Launching Your SaaS Journey 1:45 – 2:45 | MGM, Level 1, South Concourse 105 Friday, 11/30 ARC326 – Migrating Single-Tenant Applications to Multi-Tenant SaaS 10:00 – 11:00 | MGM, Level 1, South Concourse 105 ARC419 – Optimizing Your SaaS Architecture on AWS 1:00 – 2:00 | Venetian, Level 3, Murano 3202
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Workshops Monday, 11/26 Hands-on SaaS: Constructing Multi-Tenant Solutions on AWS 4:00 – 6:15 PM | Mirage, Mirage Event Center C3 Wednesday, 11/30 Hands-on SaaS: Constructing Multi-Tenant Solutions on AWS 9:15 AM – 11:30 AM | Mirage, Mirage Event Center C2
Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tod Golding todg@amazon.com
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Recommended

(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code
Amazon Web Services
 
Introduction to Amazon EKS
Introduction to Amazon EKSIntroduction to Amazon EKS
Introduction to Amazon EKS
Amazon Web Services
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit Gateway
Amazon Web Services
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
Amazon Web Services
 
CI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day IsraelCI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day Israel
Amazon Web Services
 
Cloud Migration Workshop
Cloud Migration WorkshopCloud Migration Workshop
Cloud Migration Workshop
Amazon Web Services
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS Organizations
Amazon Web Services
 
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdfAWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
Amazon Web Services
 

Recommended

(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code
Amazon Web Services
 
Introduction to Amazon EKS
Introduction to Amazon EKSIntroduction to Amazon EKS
Introduction to Amazon EKS
Amazon Web Services
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit Gateway
Amazon Web Services
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
Amazon Web Services
 
CI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day IsraelCI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day Israel
Amazon Web Services
 
Cloud Migration Workshop
Cloud Migration WorkshopCloud Migration Workshop
Cloud Migration Workshop
Amazon Web Services
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS Organizations
Amazon Web Services
 
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdfAWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
Amazon Web Services
 
Getting Started with AWS Lambda and Serverless
Getting Started with AWS Lambda and ServerlessGetting Started with AWS Lambda and Serverless
Getting Started with AWS Lambda and Serverless
Amazon Web Services
 
Container Patterns
Container PatternsContainer Patterns
Container Patterns
Matthias Luebken
 
How to Execute a Successful API Strategy
How to Execute a Successful API StrategyHow to Execute a Successful API Strategy
How to Execute a Successful API Strategy
Matt McLarty
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
 
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
Amazon Web Services
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAP
Amazon Web Services
 
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
Amazon Web Services Korea
 
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
Amazon Web Services Korea
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Amazon Web Services
 
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
Amazon Web Services
 
Intro to Amazon ECS
Intro to Amazon ECSIntro to Amazon ECS
Intro to Amazon ECS
Amazon Web Services
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
Amazon Web Services
 
AWS Containers Day.pdf
AWS Containers Day.pdfAWS Containers Day.pdf
AWS Containers Day.pdf
Amazon Web Services
 
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
Amazon Web Services
 
Introducing AWS Fargate - AWS Online Tech Talks
Introducing AWS Fargate - AWS Online Tech TalksIntroducing AWS Fargate - AWS Online Tech Talks
Introducing AWS Fargate - AWS Online Tech Talks
Amazon Web Services
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Amazon Web Services
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best Practices
Amazon Web Services
 
Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라
Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라
Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라
MinKyu Kim
 
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Amazon Web Services
 
Getting Started on Amazon EKS
Getting Started on Amazon EKSGetting Started on Amazon EKS
Getting Started on Amazon EKS
Matthew Barlocker
 
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Amazon Web Services
 
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Amazon Web Services
 

More Related Content

What's hot

Getting Started with AWS Lambda and Serverless
Getting Started with AWS Lambda and ServerlessGetting Started with AWS Lambda and Serverless
Getting Started with AWS Lambda and Serverless
Amazon Web Services
 
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
Amazon Web Services
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAP
Amazon Web Services
 
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
Amazon Web Services Korea
 
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
Amazon Web Services Korea
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Amazon Web Services
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
Amazon Web Services
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Amazon Web Services
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best Practices
Amazon Web Services
 

What's hot (20)

Getting Started with AWS Lambda and Serverless
Getting Started with AWS Lambda and ServerlessGetting Started with AWS Lambda and Serverless
Getting Started with AWS Lambda and Serverless
 
Container Patterns
Container PatternsContainer Patterns
Container Patterns
 
How to Execute a Successful API Strategy
How to Execute a Successful API StrategyHow to Execute a Successful API Strategy
How to Execute a Successful API Strategy
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
 
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAP
 
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018 AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
AWS를 활용한 리테일,이커머스 워크로드와 온라인 서비스 이관 사례::이동열, 임혁용:: AWS Summit Seoul 2018
 
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
AWS DMS를 통한 오라클 DB 마이그레이션 방법 - AWS Summit Seoul 2017
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
 
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
 
Intro to Amazon ECS
Intro to Amazon ECSIntro to Amazon ECS
Intro to Amazon ECS
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
 
AWS Containers Day.pdf
AWS Containers Day.pdfAWS Containers Day.pdf
AWS Containers Day.pdf
 
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
 
Introducing AWS Fargate - AWS Online Tech Talks
Introducing AWS Fargate - AWS Online Tech TalksIntroducing AWS Fargate - AWS Online Tech Talks
Introducing AWS Fargate - AWS Online Tech Talks
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best Practices
 
Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라
Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라
Packer, Terraform, Vault를 이용해 만드는 
재현 가능한 게임 인프라
 
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
 
Getting Started on Amazon EKS
Getting Started on Amazon EKSGetting Started on Amazon EKS
Getting Started on Amazon EKS
 

Similar to SaaS Reference Architectures: Review of Real-World Patterns & Strategies (GPSTEC302) - AWS re:Invent 2018

Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Amazon Web Services
 
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Amazon Web Services
 
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Amazon Web Services
 
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
Amazon Web Services
 
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Amazon Web Services
 
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...
Amazon Web Services
 
From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018
From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018
From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018
Amazon Web Services
 
Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...
Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...
Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...
Amazon Web Services
 
Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018
Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018
Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018
Amazon Web Services
 
Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...
Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...
Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...
Amazon Web Services
 
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Amazon Web Services
 
Implementing Microservices by DDD
Implementing Microservices by DDDImplementing Microservices by DDD
Implementing Microservices by DDD
Amazon Web Services
 
Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...
Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...
Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...
Amazon Web Services
 

Similar to SaaS Reference Architectures: Review of Real-World Patterns & Strategies (GPSTEC302) - AWS re:Invent 2018 (20)

Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
Architecting Next Generation Serverless SaaS Solutions on AWS (ARC324-R1) - A...
 
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...
 
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
 
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
 
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
 
From Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best PracticesFrom Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best Practices
 
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...
 
From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018
From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018
From Monolith to Modern Apps: Best Practices (SRV322-R2) - AWS re:Invent 2018
 
Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...
Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...
Build High-Throughput, Bursty Data Apps with Amazon SQS, SNS, & Lambda (API30...
 
[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...
[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...
[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...
 
Building Microservices with Containers (CON308-R1) - AWS re:Invent 2018
Building Microservices with Containers (CON308-R1) - AWS re:Invent 2018Building Microservices with Containers (CON308-R1) - AWS re:Invent 2018
Building Microservices with Containers (CON308-R1) - AWS re:Invent 2018
 
Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018
Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018
Deploying Microservices using AWS Fargate (CON315-R1) - AWS re:Invent 2018
 
Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...
Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...
Build Modern Applications that Align with Twelve-Factor Methods (API303) - AW...
 
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
 
Microservices: Data & Design - Miguel Cervantes
Microservices: Data & Design - Miguel CervantesMicroservices: Data & Design - Miguel Cervantes
Microservices: Data & Design - Miguel Cervantes
 
2019 03-13-implementing microservices by ddd
2019 03-13-implementing microservices by ddd2019 03-13-implementing microservices by ddd
2019 03-13-implementing microservices by ddd
 
Implementing Microservices by DDD
Implementing Microservices by DDDImplementing Microservices by DDD
Implementing Microservices by DDD
 
Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...
Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...
Analyze Amazon CloudFront and Lambda@Edge Logs to Improve Customer Experience...
 
Introduction to Serverless computing and AWS Lambda - Floor28
Introduction to Serverless computing and AWS Lambda - Floor28Introduction to Serverless computing and AWS Lambda - Floor28
Introduction to Serverless computing and AWS Lambda - Floor28
 
Introduction to Serverless computing and AWS Lambda | AWS Floor28
Introduction to Serverless computing and AWS Lambda | AWS Floor28Introduction to Serverless computing and AWS Lambda | AWS Floor28
Introduction to Serverless computing and AWS Lambda | AWS Floor28
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

SaaS Reference Architectures: Review of Real-World Patterns & Strategies (GPSTEC302) - AWS re:Invent 2018

  • 1.
  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Reference Architectures: A Review of Real World Patterns and Strategies Tod Golding Partner Solutions Architect Amazon Web Services G P S T E C 3 0 2
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS: One goal, many flavors App tier Tenant 2 Web tier App tier Tenant 1 Web tier Web tier App: Tenant 1 App: Tenant 2 Web tier App tier
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The key challenges of SaaS architecture
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-tenancy can vary at every layer Web tier App tier – T1 App tier – T2 Tenant 1 1992093 Tenant 2 9828519 Tenant 1 4940492
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The common thread: Agility
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS architecture pattern landscape Onboarding Application access Metering,metrics,&analytics Billing&tiering Management&monitoring API accessDeployment&agility ServiceService Service Tenant isolation Tenant isolation Tenant isolation
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS architecture pattern landscape Onboarding Application access Metering,metrics,&analytics Billing&tiering Management&monitoring API accessDeployment&agility ServiceService Service Tenant isolation Tenant isolation Tenant isolation
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The SaaS monolith Availability Zone Availability Zone
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Microservices SaaS with containers NAT gateway NAT gateway Availability Zone Availability Zone Microservice Microservice
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless SaaS Amazon API Gateway AWS Lambda functions Storage services Custom authorizer
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Comparing models Monolith Container microservices Serverless Zero downtime deployment Low High Very high Scaling with tenant activity Low Medium Very high Scaling granularity Low High Very high Development ease High High Medium Fault tolerance support Low High Very high Cost optimization Low Medium High
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-tenant aware application services Application service Tenant data partitioning mapping Logging& metering
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Extracting and applying tenant context Application service GET /products Authorization: Bearer <Token> { ” tenantId” : ”8391” “role” : “Admin” } JWT Token 1 Data access layer GetProducts()2 Token Manager 3 Partition Manager 4 5
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Storage partitioning patterns Silo relational Silo NoSQL Pool relational & NoSQL TenantID ProductID Tenant-2 929443903 Tenant-1 384914810 Object storage Tenant 1 Tenant 2
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Avoiding tenant bottlenecks TenantID ProductID Tenant-2 929443903 Tenant-1 294020999 Tenant-1 384914810 TenantID ProductID Tenant-1 929443903 Tenant-1 294020999 Tenant-1 384914810 Tenant-1 202030340 Tenant-2 534538388
  • 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Scaling tenant partitioned data TenantID ShardID Tenant-2 Shard-1 Tenant-1 Shard-2 Proxy fleet Amazon Aurora instances Storage Storage
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Role and policy-based isolation Tenant 1 Tenant 2
  • 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Siloed compute isolation Tenant 1 Tenant 2 Tenant 1 Tenant 2 Tenant 1 Tenant 2
  • 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Pooled compute isolation Identity Policies Pooled computeTenant scoped creds Tenant
  • 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tenant data isolation TenantID ProductID Tenant-2 929443903 Tenant-1 294020999 Tenant-1 384914810 Tenant-2 948393991 Tenant-2 429919495
  • 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using policies to isolation shared resources { "Sid": "TenantReadOnlyOrderTable", "Effect": "Allow", "Action": [ "dynamodb:GetItem", "dynamodb:BatchGetItem", "dynamodb:Query", "dynamodb:DescribeTable" ], "Resource": [ "arn:aws:dynamodb:us-east-1:000000000000:table/Order" ], "Condition": { "ForAllValues:StringEquals": { "dynamodb:LeadingKeys": [ "5bd24c40d66c4755819d28ceab9f0826" ] } } } Tenant Identity Policy
  • 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Full stack isolation Tenant 1 Tenant 2
  • 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Onboarding, access, and operations patterns Onboarding Application access Metering,metrics,&analytics Billing&tiering Management&monitoring API accessDeployment&agility Application services ServiceService Service Storage partitioning Tenant isolation Tenant isolation Tenant isolation
  • 25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Onboarding patterns: The building blocks
  • 26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Zero touch, volume onboarding (pool) Tenant Registration Service /reg Tenant IAM Identity Provider (OIDC) Tenant Management Service POST User  UserPool User Management Service New account queue Billing Account Manager Billing system Provision account Retry
  • 27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Enterprise, low volume onboarding (silo) Tenant Engineer DevOps provisioning
  • 28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Authentication with delayed tenant resolution Tenant Web application Identity provider User/tenant mapping UserId TenantId RBAC policies Application service Dataaccess
  • 29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Authentication with SaaS identity token Tenant Web application Identity provider (OIDC) Application service Dataaccess ID Token Access Token Tenant IAM policy Amazon Cognito STS Token
  • 30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Authentication via external provider Authentication Manager User: Password:: Identity provider config Amazon Cognito External identity provider Tenant Manager User  Tenant App Service
  • 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional authentication considerations jane@example.com Tenant 1 Tenant 2 Mapping a single user to multiple tenants Enabling tenant management of policies • MFA policies • Password expiration • Password format • Validation
  • 32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-region authentication and access Identity repository Shared Onboarding Region A Region B Identity repository Identity repository Tenant 1 Tenant 2 Region selection& routing
  • 33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Metering and analytics patterns Metering framework API Gateway Product manager Ops engineer Architect Tenant context in every event
  • 34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Billing and account lifecycle
  • 35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Takeaways • No single pattern fits all SaaS businesses • SaaS architecture must embrace variable consumption • Metrics and analytics are foundational to SaaS architecture • Getting isolation right can be challenging • Automation and agility are essential to all patterns
  • 36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional SaaS breakouts Monday, 11/26 ARC324 - Architecting Next Generation Serverless SaaS Solutions on AWS 6:15 PM | Venetian, Level 2, Venetian Theater Tuesday, 11/27 ARC324 - Architecting Next Generation Serverless SaaS Solutions on AWS (Repeat) 4:00 PM | Venetian, Level 2, Titian 2204 Wednesday, 11/28 ARC418 Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS 12:15 PM | Mirage, Mirage Event Center B Thursday, 11/29 ARC418 Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (Repeat) 4:00 PM | Aria, Aria West, Level 3, Ironwood 5
  • 37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Chalk Talks Monday, 11/26 ARC216 - SaaS Operations: The Foundation of SaaS Agility 11:30 – 12:30 | Venetian, Level 2, Veronese 2406 Tuesday, 11/27 ARC210 - SaaS Jumpstart: A Primer for Launching Your SaaS Journey 9:15 – 10:15 | Venetian, Level 4, Lando 4304 Wednesday, 11/28 ARC419 – Optimizing Your SaaS Solutions on AWS 1:00 – 2:00 | Venetian, Level 3, Murano 3202 ARC326 - Migrating Single-Tenant Applications to Multi-Tenant SaaS 4:00 – 5:00 | Aria West, Level 3, Starvine 7 ARC210 - SaaS Jumpstart: A Primer for Launching Your SaaS Journey 1:45 – 2:45 | Aria West, Level 3, Ironwood 8
  • 38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Chalk Talks Thursday, 11/29 ARC210 - SaaS Jumpstart: A Primer for Launching Your SaaS Journey 1:45 – 2:45 | MGM, Level 1, South Concourse 105 Friday, 11/30 ARC326 – Migrating Single-Tenant Applications to Multi-Tenant SaaS 10:00 – 11:00 | MGM, Level 1, South Concourse 105 ARC419 – Optimizing Your SaaS Architecture on AWS 1:00 – 2:00 | Venetian, Level 3, Murano 3202
  • 39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS Workshops Monday, 11/26 Hands-on SaaS: Constructing Multi-Tenant Solutions on AWS 4:00 – 6:15 PM | Mirage, Mirage Event Center C3 Wednesday, 11/30 Hands-on SaaS: Constructing Multi-Tenant Solutions on AWS 9:15 AM – 11:30 AM | Mirage, Mirage Event Center C2
  • 40. Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tod Golding todg@amazon.com
  • 41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.