feat: Add edge security and CDN patterns to SaaS Builder power

[etiennemunnich]

Why this update?

Amazon CloudFront SaaS Manager (GA December 2024) is purpose-built for multi-tenant SaaS applications - exactly what this power helps users build. It enables:

• Multi-tenant distributions - Share configuration across tenants while allowing per-tenant customization
• Tiered service models - Basic (shared), Premium (custom domains), Enterprise (dedicated WAF)
• Simplified certificate management - Automated SSL/TLS at scale via ACM integration
• Unified security - AWS WAF protection at both distribution and tenant levels

This aligns the SaaS Builder power with AWS's recommended approach for SaaS edge infrastructure.

References

• Scale your SaaS application at the edge with Amazon CloudFront SaaS Manager - AWS Blog
• Amazon CloudFront SaaS Manager - Feature page
• Using AWS WAF with Amazon CloudFront - Multi-tenant WAF patterns

Changes

• CloudFront SaaS Manager with tiered distribution strategy (Basic/Premium/Enterprise)
• ACM certificate management with DNS/HTTP validation
• Route53 DNS patterns for platform and tenant domains
• AWS WAF configuration with positive security model
• DDoS protection and rate limiting patterns
• Updated repository structure for infrastructure components

Files Modified

• saas-builder/POWER.md
• saas-builder/steering/architecture-principles.md
• saas-builder/steering/implementation-patterns.md
• saas-builder/steering/repository-structure.md