Skip to main content

SecureAuth Platform Architecture

Learn about two possible SecureAuth architecture models: Single Region High Availability architecture and Multi-Region Active-Active architecture.

Single-region HA

The single-region high-availability (HA) architecture is an enterprise-level production architecture and the most utilized deployment model.

The single-region high-availability architecture is robust and resilient within the scope of a single region. It is the recommended setup, which assumes that all components are actively available across all three availability zones within a cloud region. Databases are clustered within a single region and a single availability zone failure does not affect the stack functionality

Single region deployment

Warning

The service can be unavailable if all three AWS availability zones are unavailable within the AWS region.

Multi-region Active-active

Multi-region active-active is an enterprise-level architecture that adds exact replicas across various regions to serve a regional traffic with the region-based traffic affinity. It is recommended for global production deployments where the services needs to span multiple AWS regions within a geographical location.

The multi-region active-active architecture involves complex tasks, such as monitoring the real-time replication status, correcting replication issues (and similar) for datastores across regions. This setup warrants a heavy monitoring and a constant operational upkeep of the systems involved.

In this mode, there is no need for a separate failover environment. The infrastructure cost of operations and monitoring is high on this kind of configuration.

Multi region deployment

Note

Multi-region active-active is a technically-advanced multi-fold architecture, which might translate into time required for its maintenance and maintenance-related costs.

Multi-region Active-passive

Like the active-active cluster configuration, an active-passive cluster comprises a minimum of two nodes. When the first node assumes the active role, the second node operates in a passive or standby mode. The passive (failover) server acts as a backup that's ready to take over if the active (primary) server cannot to serve or disconnect. This deployment model ensures fast failover, improving resilience and reliability.

In the AWS cloud provider, you can consider the usage of the Amazon Aurora Global Database. With SecureAuth native support of the Postgres engine, AWS Aurora fulfills all the requirements of a multi-region database, offering seamless adoption for an active-passive deployment and makeing it easy to integrate. AWS Amazon Aurora global databases user guide can be found here

Active-passive deployment
In this section: