In a microservices system using Role-Based Access Control (RBAC), which statement best describes the role hierarchy concept?
Think about how managers have more access than employees in a company.
In RBAC, higher roles inherit permissions from lower roles, so users with higher roles automatically get all permissions of the roles below them.
Which architecture best supports centralized role management and decentralized permission enforcement in a microservices environment?
Think about separating management and enforcement responsibilities.
Centralizing role management simplifies updates and consistency, while local enforcement in microservices reduces latency and dependency.
When scaling RBAC for millions of users across many microservices, which approach best reduces latency and load on the central authorization service?
Think about caching permissions securely to avoid repeated calls.
Embedding roles in short-lived tokens allows microservices to verify permissions quickly without frequent central queries, improving performance and scalability.
What is a key tradeoff when choosing very fine-grained permissions in an RBAC system for microservices?
Consider how many permissions you must track and update.
More detailed permissions improve control but require more effort to maintain and can slow down authorization checks.
You design a central RBAC authorization service for a system with 10 million users and 100 microservices. Each user makes on average 5 requests per second requiring authorization. Estimate the number of authorization checks per second the service must handle if all microservices query it directly.
Multiply users, requests per second, and microservices.
Each user makes 5 requests/sec, 10 million users total = 50 million requests/sec. If each request queries the central service, it must handle 50 million checks/sec.