Building a social network in under 4 weeks with Serverless and GraphQL

1. Building a social network in under 4 weeks with Serverless and GraphQL

2. @theburningmonk theburningmonk.com

3. @theburningmonk theburningmonk.com bootstrapped startup: severe constraints on time & money

4. speed of development

5. speed of development scale to millions of users

6. speed of development scale to millions of users minimal up-keep

7. speed of development scale to millions of users minimal up-keep cost efficient

8. @theburningmonk theburningmonk.com 1 fulltime FE developer (mobile app) 1 fulltime FE developer (CMS) 1 partime BE developer (me) ~7 weeks ~3 weeks ~4 weeks

9. @theburningmonk theburningmonk.com S3CloudFront

10. @theburningmonk theburningmonk.com Cognito User Pool S3CloudFront

11. @theburningmonk theburningmonk.com Cognito User Pool AppSync S3CloudFront DynamoDB Lambda

12. @theburningmonk theburningmonk.com Cognito User Pool AppSync DynamoDB Lambda S3CloudFront

13. @theburningmonk theburningmonk.com Cognito User Pool AppSync DynamoDB Lambda S3 Algolia CloudFront

14. @theburningmonk theburningmonk.com Cognito User Pool AppSync DynamoDB Lambda S3 AlgoliaCloudFront Lambda Algolia

15. @theburningmonk theburningmonk.com Cognito User Pool AppSync DynamoDB Lambda S3 Firehose Algolia CloudFront S3 Lambda Algolia

16. @theburningmonk theburningmonk.com Cognito User Pool AppSync DynamoDB Lambda S3 Firehose AthenaAlgolia CloudFront S3 Lambda Algolia

18. @theburningmonk theburningmonk.com AWS Organization productionstagingdevshared root OU OU OU OU

19. @theburningmonk theburningmonk.com AWS Organization productionstagingdevshared root OU OU OU OU Users Audit Dev Staging Production

20. @theburningmonk theburningmonk.com AWS Organization productionstagingdevshared root OU OU OU OU Users Audit Dev Staging Production SCPs

22. Yan Cui http://theburningmonk.com @theburningmonk AWS user for 10 years

23. http://bit.ly/yubl-serverless

24. Yan Cui http://theburningmonk.com @theburningmonk Developer Advocate @

25. Yan Cui http://theburningmonk.com @theburningmonk Independent Consultant advisetraining delivery

26. theburningmonk.com/courses

27. theburningmonk.com/workshops in your company ﬂexible datesHelsinki, Aug 20-21 London, Sep 24-25 Berlin, Oct 8-9 4-week virtual workshop, May 4 - May 29 Amsterdam, Jul 7-8

28. @theburningmonk theburningmonk.com What is GraphQL?

29. @theburningmonk theburningmonk.com schema

30. @theburningmonk theburningmonk.com schema server

31. @theburningmonk theburningmonk.com schema server data sources DynamoDB RDS ElasticSearch

32. @theburningmonk theburningmonk.com What is AppSync?

33. @theburningmonk theburningmonk.com schema server data sources DynamoDB RDS ElasticSearch AppSync Lambda

34. @theburningmonk theburningmonk.com AppSync

35. @theburningmonk theburningmonk.com AppSync Proﬁle

36. @theburningmonk theburningmonk.com AppSync Proﬁle

37. @theburningmonk theburningmonk.com AppSync Proﬁle Sport

38. @theburningmonk theburningmonk.com AppSync Proﬁle Sport paginated!

39. @theburningmonk theburningmonk.com AppSync Proﬁle Sport paginated! Activities

42. @theburningmonk theburningmonk.com AppSync Proﬁle Sport paginated! Activities very ﬂexible!

43. @theburningmonk theburningmonk.com AppSync Proﬁle Sport paginated! Activities very ﬂexible! over-fetching can lead to issues with performance and cost

44. @theburningmonk theburningmonk.com AppSync Proﬁle Sport paginated! Activities enable caching on speciﬁc resolvers

45. @theburningmonk theburningmonk.com AppSync Profile Sport paginated! Activities PublicProfile !== Profile

48. @theburningmonk theburningmonk.com AWS AppSync scalable & multi-az out of the box

49. @theburningmonk theburningmonk.com AWS AppSync scalable & multi-az out of the box pay as you use ($4.00 per Million)

50. @theburningmonk theburningmonk.com AWS AppSync scalable & multi-az out of the box pay as you use ($4.00 per Million) built-in caching (extra $)

51. @theburningmonk theburningmonk.com AWS AppSync scalable & multi-az out of the box pay as you use ($4.00 per Million) built-in caching (extra $) built-in metrics through CloudWatch built-in logging through CloudWatch Logs

53. @theburningmonk theburningmonk.com which resolver is the problem?

59. @theburningmonk theburningmonk.com AWS AppSync scalable & multi-az out of the box pay as you use ($4.00 per Million) built-in caching (extra $) built-in metrics through CloudWatch built-in logging through CloudWatch Logs no servers to manage

60. https://theburningmonk.com/2020/04/appsync-how-to-error-on-dynamodb-conditional-check-failures

61. https://theburningmonk.com/2020/04/appsync-skipping-nullable-nested-resolvers

62. @theburningmonk theburningmonk.com Why not single-table?

63. @theburningmonk theburningmonk.com Why not single-table? best performance best cost best scalability

64. @theburningmonk theburningmonk.com Sometimes, good enough is good enough

65. @theburningmonk theburningmonk.com Design your system as if it’ll be run by idiots. Because one day it’ll be.

66. @theburningmonk theburningmonk.com www.youtube.com/watch?v=6yqfmXiZTlM

67. @theburningmonk theburningmonk.com www.dynamodbbook.com

68. @theburningmonk theburningmonk.com Cognito User Pool with identity federation amplify-js

69. @theburningmonk theburningmonk.com Cognito User Pool are conﬁgured using CloudFormation NOT Amplify CLI

70. @theburningmonk theburningmonk.com already have required expertise with AWS and Cognito Why not amplify CLI?

71. @theburningmonk theburningmonk.com uncertainty: Amplify is evolving quickly Why not amplify CLI?

72. @theburningmonk theburningmonk.com great for bootstrapping but question marks about how well it copes with changes Why not amplify CLI?

73. @theburningmonk theburningmonk.com not all the decisions it makes are good decisions, e.g. using DynamoDB scans for list operations Why not amplify CLI?

74. @theburningmonk theburningmonk.com DynamoDB access pattern is a sensitive topic with potentially huge scalability and cost implications. Why not amplify CLI?

75. @theburningmonk theburningmonk.com Cognito User Pool amplify-js

76. @theburningmonk theburningmonk.com creates a university admin user

85. @theburningmonk theburningmonk.com any logged in user can perform this operation

86. @theburningmonk theburningmonk.com Serverless framework

87. @theburningmonk theburningmonk.com Serverless framework mature, strong community support

88. @theburningmonk theburningmonk.com Serverless framework mature, strong community support extensible & customizable through plugins rich ecosystem of community plugins

89. @theburningmonk theburningmonk.com Serverless framework mature, strong community support extensible & customizable through plugins rich ecosystem of community plugins already familiar with it

90. @theburningmonk theburningmonk.com Serverless framework one repo one CloudFormation stack one serverless.yml one command to deploy > sls deploy

100. @theburningmonk theburningmonk.com Serverless framework custom splitting logic FTW!

102. @theburningmonk theburningmonk.com Serverless framework DynamoDB, S3, etc.

104. @theburningmonk theburningmonk.com Serverless framework DynamoDB, S3, etc.

105. @theburningmonk theburningmonk.com Serverless framework AppSync API, resolvers, Lambda functions, etc.

106. @theburningmonk theburningmonk.com Serverless framework !Ref and !GetAtt works as normal

109. @theburningmonk theburningmonk.com Step 1 Step 2 npm ci npm run sls -- deploy

110. @theburningmonk theburningmonk.com Step 1 Step 2 npm ci npm run sls -- deploy needs AWS credentials

111. @theburningmonk theburningmonk.com How to secure CI/CD pipeline?

112. @theburningmonk theburningmonk.com Ops Dev Staging Prod

113. @theburningmonk theburningmonk.com Ops Dev Staging Prod ci_user NO local permissions

114. @theburningmonk theburningmonk.com Ops Dev Staging Prod ci_user deploy_role deploy_role deploy_role sts:assumeRole

115. @theburningmonk theburningmonk.com Ops Dev Staging Prod ci_user deploy_role deploy_role deploy_role Entity Trust Relationship

116. @theburningmonk theburningmonk.com Ops Dev Staging Prod ci_user deploy_role deploy_role deploy_role permissive - e.g. admin - roles that are only assumable by ci_user

118. not much point with local testing as they’re very simple and has no dynamic behaviour, once you ﬁgure out the “pattern” they just works for AppSync resolvers

119. test integration with other services (e.g. DynamoDB, Algolia) by executing function locally, but talk to the real DynamoDB & Algolia for Lambda

120. E2E test - execute user stories against deployed GraphQL endpoints

121. debugging failed E2E tests is a rehearsal for debugging real production issues

122. @theburningmonk theburningmonk.com AWS Organization productionstagingdevshared root OU OU OU OU Users Audit Dev Staging Production

123. @theburningmonk theburningmonk.com org-formation infrastructure-as-code CloudFormation-like YML syntax template landing zones

124. @theburningmonk theburningmonk.com org-formation

129. @theburningmonk theburningmonk.com org-formation > org-formation update

134. @theburningmonk theburningmonk.com org-formation > org-formation perform-tasks

135. @theburningmonk theburningmonk.com org-formation https://github.com/OlafConijn/AwsOrganizationFormation

136. @theburningmonk theburningmonk.com Serverless framework AppSync org-formation

143. @theburningmonk theburningmonk.com total for 5 accounts

145. https://theburningmonk.com/hire-me AdviseTraining Delivery “Fundamentally, Yan has improved our team by increasing our ability to derive value from AWS and Lambda in particular.” Nick Blair Tech Lead

146. @theburningmonk theburningmonk.com Production-Ready Serverless

147. in your company ﬂexible datesHelsinki, Aug 20-21 London, Sep 24-25 Berlin, Oct 8-9Amsterdam, Jul 7-8 4-week virtual workshop, May 4 - May 29 @theburningmonk theburningmonk.com theburningmonk.com/workshops jsvidcon-2020 €100 off all my workshops

148. @theburningmonk theburningmonk.com lambdabestpractice.com bit.ly/complete-guide-to-aws-step-functions 20% off my courses jsvidcon-2020

149. @theburningmonk theburningmonk.com github.com/theburningmonk