0

I've been experimenting a bit with the AWS App Mesh product, and while a lot of the benefits of observability/traffic shifting seem awesome, I can't figure out how user authentication/authorization is typically solved in this pattern. All of the examples I've seen just use a load balancer as an ingress to the App Mesh, and there doesn't seem to be a supported "Authorizer" pattern in that product (at least not in the way that it exists in say, an API Gateway).

Short of having every microservice inside of the app mesh manage its own authentication/authorization, which feels like a huge amount of redundancy.

How does one typically address this concern?

Shmiel
  • 1,201
  • 10
  • 25
Bryce
  • 2,802
  • 1
  • 21
  • 46
  • Presume you have read [Service-to-Service Authentication](https://aws.amazon.com/app-mesh/faqs/#Service-to-Service_Authentication). – jarmod Nov 10 '21 at 21:37
  • @jarmod - my understanding is that "authentication" in that context is more just about traffic encryption than authentication in the sense of "does the person making this request of my service have a valid account with our business" (the latter being the focus of my question) – Bryce Nov 10 '21 at 21:40

0 Answers0