Caleb,
I'm working on a project with a similar architecture (on-prem services). I'm curious what your auth-pattern looks like as it's something we've struggled with. Mostly the balance between being convenient and being secure. It seems like each site needs an api key to access your cloud. Do you have an auth-pattern that would prevent the key from being readily available to an attacker who got access to the machine? Or do you kinda just say if they get access to the machine, then it's game over? Also with shoddy networks it is difficult to be confident that key-rotation will happen successfully. Happy to get your thoughts. Cheers.
Just curious (since I work in edge computing products) the deploy here seems rather complicated... What are your feelings on the matter and is there a market for simpler deployments?
