feat: Add edge security and CDN patterns to SaaS Builder power #47
Description
Why this update?
Amazon CloudFront SaaS Manager (GA December 2024) is purpose-built for multi-tenant SaaS applications - exactly what this power helps users build. It enables:
- Multi-tenant distributions - Share configuration across tenants while allowing per-tenant customization
- Tiered service models - Basic (shared), Premium (custom domains), Enterprise (dedicated WAF)
- Simplified certificate management - Automated SSL/TLS at scale via ACM integration
- Unified security - AWS WAF protection at both distribution and tenant levels
This aligns the SaaS Builder power with AWS's recommended approach for SaaS edge infrastructure.
References
- Scale your SaaS application at the edge with Amazon CloudFront SaaS Manager - AWS Blog
- Amazon CloudFront SaaS Manager - Feature page
- Using AWS WAF with Amazon CloudFront - Multi-tenant WAF patterns
Changes
- CloudFront SaaS Manager with tiered distribution strategy (Basic/Premium/Enterprise)
- ACM certificate management with DNS/HTTP validation
- Route53 DNS patterns for platform and tenant domains
- AWS WAF configuration with positive security model
- DDoS protection and rate limiting patterns
- Updated repository structure for infrastructure components
Files Modified
saas-builder/POWER.mdsaas-builder/steering/architecture-principles.mdsaas-builder/steering/implementation-patterns.mdsaas-builder/steering/repository-structure.md