| ▲ | jayd16 3 days ago |
| IAM roles. Said less snarky, it should be trivial to define and restrict the dependencies of services (Although there are many ways to do that). If its not trivial, that's a different problem. |
|
| ▲ | rco8786 3 days ago | parent | next [-] |
| I don't mean that. I mean that eventually the business is going to need some feature that requires breaking the acyclic rule. |
| |
| ▲ | jayd16 3 days ago | parent [-] | | Ah, you don't mean enforce a novice making a mistake, you mean ensure from a design purity perspective? I don't think its true that you need requests to flow both ways. For example, if a downstream API needs more context from an upstream one, one solution is to pass that data down as a parameter. You don't need to allow the downstream services to independently loop back to gather more info. | | |
| ▲ | rco8786 2 days ago | parent [-] | | Again, it depends on the business case. Software is simply too fluid to be able to architect any sort of complex system that guarantees an acyclic data flow forever. |
|
|
|
| ▲ | otterley 3 days ago | parent | prev [-] |
| Since you called the problem “trivial,” we can now all depend on you to resolve these problems for us at little cost, correct? |
| |
| ▲ | jayd16 3 days ago | parent | next [-] | | Restricting arbitrary east-west traffic should be table stakes... It should be the default and you opt into services being able to reach each other. So in that sense its already done. | |
| ▲ | nineteen999 3 days ago | parent | prev [-] | | The solution requires AWS since the gp thinks that's the only access control mechanism that matters. So I doubt there is going to be little cost about it. |
|
