-
The solution is designed to scale for any organization size while ensuring that it works without being throttled against the default AWS IAM Identity Center Admin API quota
-
The solution has been tested with the following load parameters:
- For an AWS organizational unit with 60 accounts, 5 account assignments at the OU scope were created and deleted concurrently (within one minute).
- This resulted in 1200 account assignment operations (600 create, 600 delete) being posted to the AWS IAM Identity Center instance.
- The solution processed all the 1200 account assignment operations in 61 minutes with 100% success rate.
- The solution has a configurable visibility timeout parameter for the messages in the account assignment queue. This is defined in hours as part of your environment configuration file.
- The solution sets this to a default value of 2 hours.
- This timeout has been tested to work up to 1200 concurrent account assignment operations with the worst case scenario of a 100% redrive in the message queue.
- If your target concurrent account assignment operations is higher than 1200, the timeout value should be linearly scaled. For ex, if you are targeting 3600 concurrent assignment operations , then the timeout value should be set to 6 hours to cater for the worst case scenario of 100% redrive in the message queue.