Within the previous article, SaaS Preparation and Considerations, I explored key considerations involved in developing a SaaS product architecture. But it is important to remember that for many of the challenges involved in this process, there are already accelerators and out-of-the-box solutions that can be used to address these. Here, with one of the more technical articles within this series, I will comment on some of these solutions.
As discussed previously, let’s start with correct multi-tenant architecture to adopt, which is what tends to be the first discussion. These discussions lay the foundation for supporting the isolation, security, observability and expected service level of the solution. In the previous article, I mentioned the AWS SaaS Enablement Framework, and much more content can be seen in the AWS SaaS Factory program. But there’s also interesting and relevant information from Microsoft, which has produced a Tenancy Models for SaaS Applications guide, which compares the characteristics of three macro strategies and includes the below table.
This table illustrates at first glance the trade-off between having a multi-tenant product natively or building a multi-tenant service from a single tenant product. This will also involve evaluating cost versus isolation, complexity of managing the service as a whole versus managing each tenant, and also, if one of the approaches is adopted, what the strategy will be to minimize the effect of the “bad” part of the trade-off. This becomes more tangible when combined with additional information from Microsoft, which has created the below SaaS architecture model illustrating how a mixture of a single and multi-tenant approach can exist in different layers.
In this architecture, there is a combination of strategies where we think of high resources optimization with Kubernetes clusters and SQL Elastic Pools, for example, but we also discuss the isolation of different tenants with namespaces or databases, individualizing how each one is operating.
Within this architecture, the discussion could address cache and search strategy. But let’s focus on two aspects of this model that are perhaps more interesting to emphasize.
Firstly, there’s the integration with Azure AD. The objective is not to suggest this product, but to emphasize that the main work surface for permissioning, access management, tier creation (in the SaaS business model), data management, and many other layers of the solution will go through identity management and the experience provided to the customer in onboarding and in its lifecycle on the platform. That’s why today almost all SaaS solutions have a flexible identity management solution for integration with multiple identity providers, corporate or social networks, depending on the business vision, and these are very accelerated implementations with Microsoft Azure AD, AWS Cognito or Google Identity Platform.
The second point involves the Application Gateway, which – as well as API Gateways for functions and services exposed by APIs – will ensure easy management, easy implementation, or functionalities already available for access control and integration. But what is interesting to note here is that depending on the nature and business model, the API Management concept will be part of the modeling and can be a very interesting accelerator for tenant monetization, generating transparency, traceability and a layer rich in analytics about the use of these APIs. For additional background here, it is worth learning more about APIGee.
As mentioned at the beginning of the article, the intention here was to provide slightly more technical content that would give a practical view of accelerators that can be adopted in the journey to implementing SaaS solutions.
There’s a great deal of additional content out there for those who want to go deeper, including the AWS SaaS Boost project, which is a very good initiative aimed at accelerating the start of projects and assisting those who are still getting familiar with these challenges. Equally, one of the SaaS Factory program talks at AWS Re:invent 2019 is a valuable resource, exploring the many challenges on this journey.
This article concludes this first trilogy about the SaaS world with CloudMe solutions, but there’s still a great deal left to explore. Until the next!