How does it work?ĪWS' implementations of WAF are attached to data ingress infrastructure to analyze their traffic, like ALB, CloudFront, or AWS API gateway. This article by Paloalto Networks explains it well. WAFs are software that analyze traffic to decide if they should be let through based on certain criterias, usually at the HTTP layer. This fleet will be fronted with an AWS Application Load Balancer.Īt the database layer, we can assume it's a Amazon DynamoDB table. In this article, we can assume that the multi-tenant SaaS is running a traditional 3 tier architecture.Īt the presentation layer: We can assume it is a ReactJS application running in S3 and served with CloudFront.Īt the application layer, we can assume it's an autoscaled fleet of ECS tasks running a NodeJS Express API in Fargate mode. This blog will explore an easier way to deal with this by creating a big red button using AWS WAF (web application firewall). It can be excruciating to try and recover your system while all your other customers cannot access their resources, and you destroy your SLA. A rogue tenant who is sending a significant amount of requests to the system will ruin everyone else's experience in your multi-tenant SaaS.
0 Comments
Leave a Reply. |