Architecture Knowledge HubArchitecture Knowledge Hub

Category Zero Trust

Zero Trust in AWS
Preview Securing 15 Services at Once: The Security Architecture of Composable Commerce

Securing 15 Services at Once: The Security Architecture of Composable Commerce

Apr 1, 2024

Defence-in-depth across six independent layers, WAF rules tuned for composable storefronts, the Payment PBC PCI isolation pattern, IMDSv2 enforcement, and CloudTrail as incident response infrastructure.

#Composable Commerce
#AWS
#Cloud Security
#PCI DSS
#AWS WAF
#MACH Architecture
#Zero Trust
#Defence in Depth
Preview Zero-Trust Between Your Own Services: IAM for Composable Commerce

Zero-Trust Between Your Own Services: IAM for Composable Commerce

Feb 19, 2024

One IAM role per PBC, eliminating credentials from code, cross-PBC SigV4 authorisation patterns, Secrets Manager auto-rotation, and blast radius containment through least-privilege design.

#Composable Commerce
#AWS
#IAM
#Zero Trust
#Cloud Security
#MACH Architecture
#Least Privilege
#Secrets Management
Preview VPC Design Patterns for Composable Commerce: Isolation Without Friction

VPC Design Patterns for Composable Commerce: Isolation Without Friction

Feb 5, 2024

The reference subnet topology for multi-tier composable platforms, Security Groups vs NACLs defence-in-depth, VPC Endpoints for keeping PBC traffic private, and Transit Gateway for multi-team deployments.

#Composable Commerce
#AWS
#Amazon VPC
#Network Security
#MACH Architecture
#PCI Compliance
#Zero Trust
#Microservices Networking