1 Answer
- Newest
- Most votes
- Most comments
1
Multiple authorization checks to Verified Permissions is a useful pattern. In this example, the first check on listing orders for a user might prevent an extra database call just to get Order O-12345. It also creates separate policies which can be easier to reason about and audit later, without looking at the APP1 code.
Some questions you (and future readers) can ask themselves.
- Does the BatchIsAuthorized API help here? Are both checks always made?
- Is there a concern about latency where a local cache could help? Would Amazon Verified Permissions (avp) Local Agent fit in your architecture?
I might challenge the "microservices agnostic to auth mechanisms" assumption depending on other parts of APP1 architecture. In a "zero trust" model, these microservices won't just trust an API call over the local network, and have some sort of auth. But, if you are using mTLS or minting your own tokens your microservices can trust, this may be mitigated.
answered 2 months ago
Relevant content
- Accepted Answerasked 3 months ago
- asked 5 months ago
- Accepted Answerasked a year ago
- asked 9 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a month ago
Thank for the answer.
Both requests are always sent when the APP1 needs to check the ownership on a resource or a set of resources. Then, I believe that cache mechansims can be used to reduce the number of interactions with AVP as mentioned on the re:Invent video https://www.youtube.com/watch?v=ptzb-oBwjxM. Latency is very important but since the app will be a SAAS, data security has an higher priority. AVP is not the cheapest service among AWS services but with the right optimisations and a proper useage, it can solve very complex problem.
I will have a look to AVP local agent. Thanks for the suggestion.