Having trouble deciding the optimal architecture

Question

So I am working on a product which is B2B. The landing page of our product is eg. example.com. And once someone purchases the subscription(let's say org1 purchases it) it we ought to provide them a custom web dashboard which can be accessed through the URL (org1.example.com) . Now i have some questions about this-

Can we make this subdomain available only to the org1 members and not make it publicly available? I am a novice but can we use concepts like Route 53 Hosted zone using Client vpn endpoint or something like that?

If it is possible, is it also possible to attach one SSL certificate to this domain?

Anything would be helpful.

Answer

Hi.

It depends on your multi-tenant SaaS design.

How is the org1.example.com environment created and onboarded when someone purchases a subscription?  
Also, how are the infrastructure environments on org1.example.com and org2.example.com separated?

You can learn how to separate and onboard multi-tenant SaaS from various AWS resources.

https://aws.amazon.com/jp/blogs/news/security-practices-in-aws-multi-tenant-saas-environments/

Restricting access to environments can be done at the network level or at the application level using identities.

SSL certificates can also be attached with wildcards in some cases or automated in the onboarding process.

Having trouble deciding the optimal architecture

관련 콘텐츠