AnsweredAssumed Answered

AWS Elastic Load Balancer Token Security

Question asked by philojuan on Jan 21, 2016

I have a pretty unique situation I think, we are trying to implement something that may not be possible. What we are trying to do is take advantage of the token security in an AWS ELB with Auto Scaling Scenario.

 

If we have an application that has its own custom authentication tier and user management ( NodeJS ), and as part of that authentication the client will receive a token that is generated by the user authentication system from the token service that is exposed through the ELB. The instances behind the load balancer are independent and not part of a "site". From what I understand CloudBuilder can create a site with autoscaling but its not possible when you are using your own custom AMI and auto scaling policies.

 

In the case of a "site" if you generate a token through the site's token service the token will work regardless of which instance its accessing but how do I make the same situation work when in the case of a custom built deployment where the instances are separated because the token maybe generated on one instance but the call with the token may go to another instance. We have a siloed architecture as opposed to a a "site" architecture to prevent dependendy on the sitehost in case of any issues.

 

Any suggestions?

Outcomes