Event-Driven Architectures
ACAMP 2021, Burren fireside, 11:50 am Eastern
Can event-driven messaging be made compatible with IAM infrastructure?
Proposer: Keith Hazelton, TAP
Many challenges have been raised to the viability of asynchronous and concurrent messaging architectures as a basis for identity and access management processes
-
At any step in the prescribed flow from causes to effects in IAM processing, errors may occur
-
Those errors may lead to unintended or unanticipated failures.
-
Failures tend to be detected only when someone notices a mismatch between what was supposed to happen and what actually happened.
-
Challengers to this approach say that a difference between intended and actual results cannot be reliably traced back to its root cause because everything is in motion and states are constantly in flux.
Responding to the challenges
In the current state of the art, settable configurations of messaging infrastructures can guarantee certain properties that may be useful in preventing or compensating for potential error conditions. These include:
` 'Exactly once' guarantees on delivery
` 'Idempotent functions'
` 'Conflict-free replicated data types' (CRDT)
` 'Commutative replicated data types' (CmRDT)
` 'Convergent replicated data types' (CvRDT)
` 'Read-only, time-stamped, persistent, immutable, event logs'
` 'Event sourcing'
` 'Preserved order of messages'
` 'Saga pattern via orchestration or choreography'
` 'Countermeasures to SAGA lack of Isolation'; ACD instead of ACID
` 'API gateway'
` 'Back pressure'
` 'Auto scaling, auto recovery from service failures' all the usual robustness measures
…
…