Successfully reported this slideshow.
Your SlideShare is downloading. ×

Why your next serverless project should use AWS AppSync

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 178 Ad
Advertisement

More Related Content

Slideshows for you (20)

Similar to Why your next serverless project should use AWS AppSync (20)

Advertisement

More from Yan Cui (20)

Recently uploaded (20)

Advertisement

Why your next serverless project should use AWS AppSync

  1. 1. Why your next serverless project should use AWS AppSync
  2. 2. Yan Cui http://theburningmonk.com @theburningmonk Developer Advocate @ Independent Consultant AWS user since 2009 since 2018 yan@lumigo.io
  3. 3. Guy Moses @guymoses3 Software Engineer @ guy@lumigo.io
  4. 4. http://bit.ly/social-network-in-4-weeks
  5. 5. Learn GraphQL and AppSync by building a Twitter clone with these technologies appsyncmasterclass.com
  6. 6. What is GraphQL?
  7. 7. A Query Language for your APIs and a runtime for fulfiling those queries with your existing data
  8. 8. schema
  9. 9. schema server AppSync
  10. 10. Client Server
  11. 11. schema server AppSync
  12. 12. schema server data sources DynamoDB RDS ElasticSearch AppSync
  13. 13. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … }
  14. 14. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … } GraphQL API POST https://myapp.com/graphql { getProfile (id: “1234”) { firstName lastName } } { “firstName”: “Yan”, “lastName”: “Cui” }
  15. 15. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … } GraphQL API POST https://myapp.com/graphql { getProfile (id: “1234”) { friends { firstName lastName } } } { “friends”: [{ “firstName”: “Gerard”, “lastName”: “Sans” }, { “firstName”: “Ant”, “lastName”: “Stanley” }] }
  16. 16. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … }
  17. 17. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … } Returns data we don’t need
  18. 18. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … } Returns data we don’t need Overfetching
  19. 19. GET https://myapp.com/user/1234 REST API { “id”: “1234”, “firstName”: “Yan”, “lastName”: “Cui”, “dob”: “…”, … } Doesn’t have everything we need
  20. 20. GET https://myapp.com/user/1234 REST API GET https://myapp.com/sports/football GET https://myapp.com/sports/squash … GET https://myapp.com/user/1234/activities
  21. 21. GET https://myapp.com/user/1234 REST API GET https://myapp.com/sports/football GET https://myapp.com/sports/squash … GET https://myapp.com/user/1234/activities
  22. 22. GET https://myapp.com/user/1234 REST API GET https://myapp.com/sports/football GET https://myapp.com/sports/squash … GET https://myapp.com/user/1234/activities Underfetching n+1 requests
  23. 23. BFFs (Backends for Frontends)
  24. 24. BFF
  25. 25. BFF Need lots of BFFs
  26. 26. BFF Need lots of BFFs Duplicating work
  27. 27. GraphQL = no more bespoke BFFs
  28. 28. AppSync
  29. 29. AppSync Profile
  30. 30. AppSync Profile
  31. 31. Profile
  32. 32. Profile Sport
  33. 33. Profile Sport
  34. 34. AppSync Profile Sport
  35. 35. AppSync Profile Sport
  36. 36. Activity
  37. 37. AppSync Profile Sport Activity
  38. 38. AppSync Profile Sport Activity
  39. 39. AppSync Profile Sport Activity
  40. 40. AppSync Profile Sport Activity very flexible!
  41. 41. Solves problems of overfetching and underfetching
  42. 42. Strongly typed contract between client and server
  43. 43. Implement “joins” with DynamoDB effortlessly
  44. 44. Enables rapid product iterations on the frontend
  45. 45. What is AppSync?
  46. 46. Fully managed GraphQL service
  47. 47. query server data sources DynamoDB RDS ElasticSearch AppSync Lambda HTTP
  48. 48. AppSync supports 5 data sources
  49. 49. AppSync supports 5 data sources HTTP Put GraphQL in front of existing REST APIs
  50. 50. REST API 1 REST API 2 REST API 3 REST API 4 existing UI page BFF
  51. 51. REST API 1 REST API 2 REST API 3 REST API 4 existing UI page new UI page AppSync BFF
  52. 52. REST API 1 REST API 2 REST API 3 REST API 4 existing UI page new UI page AppSync BFF
  53. 53. REST API 1 REST API 2 REST API 3 REST API 4 existing UI page new UI page AppSync
  54. 54. REST API 1 REST API 2 REST API 3 REST API 4 existing UI page new UI page AppSync DynamoDB
  55. 55. REST API 1 REST API 2 REST API 3 existing UI page new UI page AppSync DynamoDB
  56. 56. AppSync supports 5 data sources DynamoDB NoSQL High performance Infinite scale Semi-schema’d Simple queries
  57. 57. AppSync supports 5 data sources DynamoDB RDS (Aurora Serverless) NoSQL High performance Infinite scale Semi-schema’d Simple queries Relational Database Complex queries
  58. 58. AppSync supports 5 data sources DynamoDB RDS (Aurora Serverless) ElasticSearch NoSQL High performance Infinite scale Semi-schema’d Simple queries Relational Database Complex queries Search engine Full-text search
  59. 59. AppSync supports 5 data sources DynamoDB RDS (Aurora Serverless) ElasticSearch NoSQL High performance Infinite scale Semi-schema’d Simple queries Relational Database Complex queries Search engine Full-text search Lambda Function as a Service Integrate with any other services
  60. 60. scalable & multi-az out of the box
  61. 61. pay as you use ($4.00 per million Query/Mutation operations)
  62. 62. AppSync Profile Sport Activity
  63. 63. built-in caching support
  64. 64. aws.amazon.com/appsync/pricing
  65. 65. AppSync full request caching
  66. 66. AppSync per-resolver caching
  67. 67. built-in monitoring
  68. 68. which resolver is the problem?
  69. 69. NO SERVERS to manage!
  70. 70. AppSync vs API Gateway
  71. 71. Fully managed GraphQL service Caching Monitoring/Logging Websockets WAF
  72. 72. Fully managed GraphQL service Caching Monitoring/Logging Websockets WAF Direct integration with Lambda/DynamoDB/RDS/ElasticSearch
  73. 73. Fully managed GraphQL service Caching Monitoring/Logging Websockets WAF Direct integration with Lambda/DynamoDB/RDS/ElasticSearch auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT
  74. 74. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF API Gateway
  75. 75. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services API Gateway
  76. 76. bit.ly/2H51WXC
  77. 77. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA API Gateway
  78. 78. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA Custom domain names API Gateway
  79. 79. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA Custom domain names Private endpoints API Gateway
  80. 80. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA Custom domain names Private endpoints Resource policies API Gateway
  81. 81. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA Custom domain names Private endpoints Resource policies API Gateway
  82. 82. Fully managed service for REST and Websocket APIs Caching Monitoring/Logging Websockets WAF Direct integration with most AWS services auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA Custom domain names Private endpoints Resource policies API Gateway
  83. 83. Group-based authentication
  84. 84. API Gateway has no built-in group-based authentication
  85. 85. 1. Assign IAM role to each group to control which endpoints a user can access How to implement group-based authentication in API Gateway
  86. 86. 1. Assign IAM role to each group to control which endpoints a user can access 2. Assign precedence to each group How to implement group-based authentication in API Gateway
  87. 87. 1. Assign IAM role to each group to control which endpoints a user can access 2. Assign precedence to each group 3. Use a Lambda authorizer to: How to implement group-based authentication in API Gateway
  88. 88. 1. Assign IAM role to each group to control which endpoints a user can access 2. Assign precedence to each group 3. Use a Lambda authorizer to: 1. Verify user belongs to the Cognito user pool and fetch user’s details How to implement group-based authentication in API Gateway
  89. 89. 1. Assign IAM role to each group to control which endpoints a user can access 2. Assign precedence to each group 3. Use a Lambda authorizer to: 1. Verify user belongs to the Cognito user pool and fetch user’s details 2. Pick a group based on precedence How to implement group-based authentication in API Gateway
  90. 90. 1. Assign IAM role to each group to control which endpoints a user can access 2. Assign precedence to each group 3. Use a Lambda authorizer to: 1. Verify user belongs to the Cognito user pool and fetch user’s details 2. Pick a group based on precedence 3. Generate policy for user How to implement group-based authentication in API Gateway
  91. 91. 1. Assign IAM role to each group to control which endpoints a user can access 2. Assign precedence to each group 3. Use a Lambda authorizer to: 1. Verify user belongs to the Cognito user pool and fetch user’s details 2. Pick a group based on precedence 3. Generate policy for user How to implement group-based authentication in API Gateway
  92. 92. How to implement group-based authentication in AppSync
  93. 93. API Gateway has request validation but no response validation
  94. 94. Response validation helps prevent data leaks
  95. 95. Security is as much about what your application SHOULD do as what it SHOULDN’T do
  96. 96. Request and Response validation is built into GraphQL
  97. 97. Websockets
  98. 98. API Gateway Lambda OnConnect
  99. 99. API Gateway Lambda OnConnect DynamoDB
  100. 100. API Gateway Lambda OnConnect DynamoDB Lambda OnDisconnect
  101. 101. API Gateway DynamoDB Lambda
  102. 102. API Gateway DynamoDB Lambda
  103. 103. low-level construct where YOU have to manage connection mapping
  104. 104. no support for broadcasts (e.g. broadcasting to a million connected users equates to fetching 1M items from DynamoDB and then make 1M API calls to API Gateway…)
  105. 105. fine for simple use cases
  106. 106. type Mutation { addPost(id: ID! author: String! title: String content: String url: String): Post! }
  107. 107. type Mutation { addPost(id: ID! author: String! title: String content: String url: String): Post! } type Subscription { addedPost: Post @aws_subscribe(mutations: [“addPost"]) }
  108. 108. type Mutation { addPost(id: ID! author: String! title: String content: String url: String): Post! } type Subscription { addedPost: Post @aws_subscribe(mutations: [“addPost"]) }
  109. 109. type Mutation { addPost(id: ID! author: String! title: String content: String url: String): Post! } type Subscription { addedPost: Post @aws_subscribe(mutations: [“addPost"]) } subscriber publisher subscriber subscriber
  110. 110. type Mutation { addPost(id: ID! author: String! title: String content: String url: String): Post! } type Subscription { addedPost: Post @aws_subscribe(mutations: [“addPost"]) } publisher subscriber subscriber subscriber
  111. 111. type Mutation { addPost(id: ID! author: String! title: String content: String url: String): Post! } type Subscription { addedPost: Post @aws_subscribe(mutations: [“addPost"]) } publisher subscriber subscriber subscriber
  112. 112. much easier to use, and can cater for more complex use cases
  113. 113. aws.amazon.com/blogs/mobile/appsync-realtime
  114. 114. You can also use API Gateway with AppSync
  115. 115. AppSync vs GraphQL in Lambda
  116. 116. API Gateway Lambda
  117. 117. API Gateway Lambda DynamoDB RDS
  118. 118. Why?
  119. 119. What you need
  120. 120. What you need What AppSync offers
  121. 121. What you need What AppSync offers
  122. 122. What you need What AppSync offers What’s missing in AppSync
  123. 123. No custom scalar types
  124. 124. GraphQL scalar types ID String Int Float Boolean
  125. 125. GraphQL scalar types AppSync scalar types ID String Int Float Boolean AWSDate AWSTime AWSDateTime AWSTimestamp AWSEmail AWSJSON AWSURL AWSPhone AWSIPAddress
  126. 126. No custom scalar types
  127. 127. No schema stitching
  128. 128. Service A Resolver A Resolver B Resolver C graphql
  129. 129. Gateway Service A Service B Service C graphql graphql graphql graphql
  130. 130. Gateway Service A Service B Service C graphql graphql graphql graphql Resolver A Resolver B Resolver C Resolver D Resolver E
  131. 131. Client App AppSync AppSync AppSync graphql graphql graphql
  132. 132. What you need What AppSync offers AppSync features you need to replicate
  133. 133. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB
  134. 134. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB Direct integration with ElasticSearch
  135. 135. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB Direct integration with ElasticSearch Direct integration with RDS
  136. 136. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB Direct integration with ElasticSearch Direct integration with RDS Direct integration with HTTP
  137. 137. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB Direct integration with ElasticSearch Direct integration with RDS Direct integration with HTTP Caching
  138. 138. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB Direct integration with ElasticSearch Direct integration with RDS Direct integration with HTTP Resolver logging Caching
  139. 139. What you need What AppSync offers AppSync features you need to replicate Direct integration with DynamoDB Direct integration with ElasticSearch Direct integration with RDS Direct integration with HTTP Caching Resolver logging Group-based auth with Cognito
  140. 140. More control
  141. 141. Per-resolver metrics
  142. 142. Can add custom middlewares
  143. 143. API Gateway Lambda
  144. 144. API Gateway Lambda Usage plans
  145. 145. API Gateway Lambda Usage plans Lambda authorizer
  146. 146. API Gateway AppSync Usage plans Lambda authorizer
  147. 147. API Gateway Lambda Cold starts
  148. 148. AppSync DynamoDB No Lambda. No cold starts.
  149. 149. AppSync Fewer dependencies. Cold starts faster. Lambda
  150. 150. What’s missing in AppSync
  151. 151. AppSync features you need to replicate What’s missing in AppSync
  152. 152. Use AppSync if you can, until you can’t

×