I think there are some open questions regarding our direction of microservices, grpc comms, API, etc.
1. What gets broken out into microservices? Auth I think is a good target and is in-progress. What else? Let's define that roadmap
2. gRPC comms between services - authenticated or no? I said no on today's call but I wonder if I'm wrong
3. How are we presenting a REST API to external consumers (incl. frontends)?
4. Is an API gateway necessary here or is it overkill?