Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
When you build your multitenant solution in Azure, there are many elements that you need to consider. Use this checklist as a starting point to help you design and build your multitenant solution. This checklist is a companion resource to the Architect multitenant solutions on Azure series of articles. The checklist is structured around the business and technical considerations and the five pillars of the Microsoft Azure Well-Architected Framework.
Tip
After you go through this checklist, take the SaaS journey review to evaluate your SaaS product by analyzing your understanding of multitenant architecture and its alignment with SaaS operation best practices.
Business considerations
Understand the type of solution you're creating, such as business-to-business (B2B), business-to-consumer, or your enterprise software, and how tenants are different from users.
Define your tenants. Understand how many tenants you support initially and your growth plans.
Define your pricing model and ensure that it aligns with your tenants' consumption of Azure resources.
Understand whether you need to separate your tenants into different tiers. Tiers might have different pricing, features, performance promises, and geographic locations.
Based on your customers' requirements, decide on the tenancy models that are appropriate for various parts of your solution.
When you're ready, sell your B2B multitenant solution by using the Microsoft commercial marketplace.
Reliability considerations
Review the Well-Architected Framework Reliability checklist, which is applicable to all workloads.
Understand the Noisy Neighbor antipattern. Prevent individual tenants from affecting the system's availability for other tenants.
Design your multitenant solution for the level of growth that you expect. But don't overengineer for unrealistic growth.
Define service-level objectives (SLOs) and optionally service-level agreements (SLAs) for your solution. SLAs and SLOs should be based on the requirements of your tenants.
Test the scale of your solution. Ensure that it performs well under all levels of load and that it scales correctly as the number of tenants increases.
Apply chaos engineering principles to test the reliability of your solution.
Security considerations
Apply Zero Trust and least privilege principles in all layers of your solution.
Ensure that you can correctly map user requests to tenants. Consider including the tenant context as part of the identity system or via another method, like application-level tenant authorization.
Design for tenant isolation. Continuously test your isolation model.
Ensure that your application code prevents any cross-tenant access or data leakage.
Perform ongoing penetration testing and security code reviews.
Understand your tenants' compliance requirements, including data residency and any compliance or regulatory standards that they require you to meet.
Correctly manage domain names and avoid vulnerabilities like dangling Domain Name System and subdomain takeover attacks.
Follow service-specific guidance for multitenancy.
Cost Optimization considerations
Review the Well-Architected Framework Cost Optimization checklist, which is applicable to all workloads.
Ensure that you can adequately measure per-tenant consumption and correlate it with your infrastructure costs.
Avoid antipatterns. Antipatterns include failing to track costs, tracking costs with unnecessary precision, real-time measurement, and using monitoring tools for billing.
Operational Excellence considerations
Use automation to manage the tenant life cycle, such as onboarding, deployment, provisioning, and configuration.
Understand the differences between control planes and data planes in your multitenant solution.
Find the right balance for deploying service updates. Consider both your tenants' requirements and your own operational requirements.
Monitor the health of the overall system and each tenant.
Configure and test alerts to notify you when specific tenants experience problems or exceed their consumption limits.
Organize your Azure resources for isolation and scale.
Avoid deployment and configuration antipatterns. Antipatterns include running separate versions of the solution for each tenant, hard-coding tenant-specific configurations or logic, and manual deployments.
Performance Efficiency considerations
Review the Well-Architected Performance Efficiency checklist, which is applicable to all workloads.
If you use shared infrastructure, plan for how to mitigate noisy neighbor concerns. Ensure that one tenant can't reduce the performance of the system for other tenants.
Determine how to scale your compute, storage, networking, and other Azure resources to match the demands of your tenants.
Consider the scale limits for each Azure resource. Organize your resources appropriately to avoid resource organization antipatterns. For example, don't over-architect your solution to work within unrealistic scale requirements.
Contributors
Microsoft maintains this article. The following contributors wrote this article.
Principal authors:
- Arsen Vladimirskiy | Principal Customer Engineer
- Bohdan Cherchyk | Senior Customer Engineer
Other contributor:
- John Downs | Principal Software Engineer
To see nonpublic LinkedIn profiles, sign in to LinkedIn.