Build a social network in 4 weeks with Serverless and GraphQL

Building a social network
in under 4 weeks with
Serverless and
GraphQL

@theburningmonk theburningmonk.com

bootstrapped startup: severe constraints on time & money

speed of development
scale to millions of users

minimal up-keep

minimal up-keep
cost efficient

1 fulltime FE developer (mobile app)
1 fulltime FE developer (CMS)
1 partime BE developer (me)
~7 weeks
~3 weeks
~4 weeks

S3CloudFront

Cognito User Pool
S3CloudFront

Cognito User Pool AppSync
S3CloudFront DynamoDB
Lambda

DynamoDB
Lambda
S3CloudFront

DynamoDB
Lambda
S3
Algolia
CloudFront

DynamoDB
Lambda
S3 AlgoliaCloudFront Lambda
Algolia

DynamoDB
Lambda
S3
Firehose
Algolia
CloudFront
S3
Lambda Algolia

DynamoDB
Lambda
S3
Firehose
AthenaAlgolia
CloudFront
S3
Lambda Algolia

AWS Organization
productionstagingdevshared
root
OU OU OU OU

AWS Organization
root
OU OU OU OU
Users
Audit
Dev Staging Production

AWS Organization
root
OU OU OU OU
Users
Audit
Dev Staging Production
SCPs

Yan Cui
http://theburningmonk.com
@theburningmonk
AWS user for 10 years

Yan Cui
@theburningmonk
Developer Advocate @

Yan Cui
@theburningmonk
Independent Consultant
advisetraining delivery

theburningmonk.com/workshops
in your
company
ﬂexible datesHelsinki, Aug 20-21 London, Sep 24-25 Berlin, Oct 8-9
4-week virtual workshop, May 4 - May 29
Amsterdam, Jul 7-8

What is GraphQL?

schema

schema server

schema server data sources
DynamoDB
RDS
ElasticSearch

What is AppSync?

schema server data sources
DynamoDB
RDS
ElasticSearch
AppSync
Lambda

AppSync

AppSync
Proﬁle

AppSync
Proﬁle
Sport

AppSync
Proﬁle
Sport
paginated!

AppSync
Proﬁle
Sport
paginated! Activities

AppSync
Proﬁle
Sport
very ﬂexible!

AppSync
Proﬁle
Sport
very ﬂexible!
over-fetching can lead to issues
with performance and cost

AppSync
Proﬁle
Sport
enable caching on
speciﬁc resolvers

AppSync
Profile
Sport
PublicProfile !== Profile

AWS AppSync
scalable & multi-az out of the box

AWS AppSync
pay as you use ($4.00 per Million)

AWS AppSync
built-in caching (extra $)

AWS AppSync
built-in metrics through CloudWatch
built-in logging through CloudWatch Logs

which resolver is
the problem?

AWS AppSync
built-in metrics through CloudWatch
built-in logging through CloudWatch Logs
no servers to manage

https://theburningmonk.com/2020/04/appsync-how-to-error-on-dynamodb-conditional-check-failures

https://theburningmonk.com/2020/04/appsync-skipping-nullable-nested-resolvers

Why not single-table?

Why not single-table?
best performance
best cost
best scalability

Sometimes, good enough is good enough

Design your system as if it’ll be run by idiots.
Because one day it’ll be.

www.youtube.com/watch?v=6yqfmXiZTlM

www.dynamodbbook.com

Cognito User Pool
with identity federation
amplify-js

Cognito User Pool are conﬁgured using CloudFormation
NOT Amplify CLI

already have required expertise with AWS and Cognito
Why not amplify CLI?

uncertainty: Amplify is evolving quickly

great for bootstrapping but question marks
about how well it copes with changes

not all the decisions it makes are good decisions,
e.g. using DynamoDB scans for list operations

DynamoDB access pattern is a sensitive topic with
potentially huge scalability and cost implications.

Serverless
framework

Serverless
framework
mature, strong community support

Serverless
framework
extensible & customizable through plugins
rich ecosystem of community plugins

Serverless
framework
extensible & customizable through plugins
rich ecosystem of community plugins
already familiar with it

Serverless
framework
one repo
one CloudFormation stack
one serverless.yml
one command to deploy
> sls deploy

Serverless
framework
custom splitting logic FTW!

Serverless
framework
DynamoDB, S3, etc.

Serverless
framework
AppSync API, resolvers,
Lambda functions, etc.

Serverless
framework
!Ref and !GetAtt works as normal

Step 1
Step 2
npm ci
npm run sls -- deploy

Step 1
Step 2
npm ci
npm run sls -- deploy
needs AWS credentials

How to secure CI/CD pipeline?

Ops Dev Staging Prod

ci_user
NO local
permissions

ci_user deploy_role deploy_role deploy_role
sts:assumeRole

Entity Trust Relationship

permissive - e.g. admin -
roles that are only
assumable by ci_user

not much point with local testing as they’re very
simple and has no dynamic behaviour, once you
ﬁgure out the “pattern” they just works
for AppSync resolvers

test integration with other services (e.g. DynamoDB,
Algolia) by executing function locally, but talk to the
real DynamoDB & Algolia
for Lambda

E2E test - execute user stories against
deployed GraphQL endpoints

debugging failed E2E tests is a rehearsal for
debugging real production issues

org-formation
infrastructure-as-code
CloudFormation-like YML syntax
template landing zones

Serverless
framework
AppSync org-formation

https://theburningmonk.com/hire-me
AdviseTraining Delivery
“Fundamentally, Yan has improved our team by increasing our
ability to derive value from AWS and Lambda in particular.”
Nick Blair
Tech Lead

Production-Ready Serverless

in your
company
ﬂexible datesHelsinki, Aug 20-21 London, Sep 24-25 Berlin, Oct 8-9Amsterdam, Jul 7-8
4-week virtual workshop, May 4 - May 29
theburningmonk.com/workshops
slsdays-belgium-may2020
€100 off all my workshops

lambdabestpractice.com bit.ly/complete-guide-to-aws-step-functions
20% off my courses
slsdays-belgium-may2020

@theburningmonk
theburningmonk.com
github.com/theburningmonk

Build a social network in 4 weeks with Serverless and GraphQL

Build a social network in 4 weeks with Serverless and GraphQL

Recommended

More Related Content

What's hot

What's hot(20)

Similar to Build a social network in 4 weeks with Serverless and GraphQL

Similar to Build a social network in 4 weeks with Serverless and GraphQL(20)

More from Yan Cui

More from Yan Cui(20)

Recently uploaded

Recently uploaded(20)

Build a social network in 4 weeks with Serverless and GraphQL