This setup uses separate Microgateways for each protected service and for Airlock IAM. As a consequence, the different Microgateway deployments are independent. If service 1 must be reconfigured, Microgateways for other services are unaffected. SSO state is synchronized using a common Redis database.
Characteristics of setup
- Similar to Separate Microgateway for each service, which means, that the same arguments apply here.
- Separate Microgateway for Airlock IAM and each service.
- Roles are set using the Airlock Control API. On the Microgateway protecting Airlock IAM, roles must be whitelisted using the expert settings "RolesWhitelist.*"
- Each Microgateway is connected to the same Redis service for SSO state synchronization, as described in section Session handling.