I'm designing a multi-tenant SaaS app to help businesses manage inventory. The backend is all Serverless using AWS Lambda for business logic, Cognito for user management and role access, DynamoDB for data storage, CloudFormation for configuring and updating the stack, as well as provisioning new tenants.
Each code push triggers a Lambda function that builds the project, runs tests, and if successful pushes any new lambdas and replaces the static web assets.
Every user account is assigned a
tenant-id that matches them to the company they work for. Using IAM I can create Groups for each user to manage their roles.
Driver might be good examples, each with specific role access on the backend that defines which resources they can interact with, and are also exposed to the front end so I can customize the interface to reflect the actions they can take.
Someone who has read-only access to the inventory won't be able to select items, because they can't do anything with them if they could.
HR group has read and write permissions for users. When there's a new hire, it's up them to create a new user account and assign it the relevant role.
I don't want to let HR have access to the user's password, so either the user changes their assigned password later or I open account creation to the public and then it becomes HR's job to assign roles to the account after the user creates it. I like that better, but I'm unsure how well that will work with many accounts to create and roll out. They might prefer to batch out a whole fleet of accounts and let the users handle their own authentication afterward.