I would like to explore what approaches AWS provide to implement a reverse proxy pattern using native AWS services. I can think of the following services that may or may not be appropriate depending on exactly what functionality is required: Application Load Balancer, API Gateway, CloudFront and AWS Amplify. Can anyone point me to any documentation that would help me understand the suitability of these services or indeed know of any other AWS services that I have not considered? Does anyone have any knowledge or recommendation that they are willing to share?
Thanks in advance
Related
I'm developing an Android app that needs to work with an existing Amazon Web Service RDS database as well as an S3 bucket server also on AWS. My issue is that I'm struggling to find much in the way on guidance on the best approach to do so.
Currently the best thing I've found is Amazon's Amplify, the alternatives so far being SQLiteOpenHelper (seemingly unideal given that it looks to work almost exclusively with local databases, but an interesting caching option) and using Apache, which seems bad as it is extremely manual and largely deprecated.
Am I correct in then concluding Amplify is the best direction to take, or am I missing something big (it feels this way), in which case advice on how better to research this task would be immensely appreciated.
Amplify allows you to connect your app with any kind of datasource using AppSync, which is a GraphQL service managed, via resolvers that connects to anything that you want.
AppSync provides a GraphQL API including features like request and response mapping, authentication, cache and other useful things. Here you can have an overview about how it works https://aws.amazon.com/blogs/mobile/appsync-microservices/.
About how to use S3, Amplify can help with it, using amplify/cli is easy to add that resource, just running amplify add storage, as explained here https://docs.amplify.aws/lib/storage/getting-started/q/platform/android/.
I am trying to setup a microservice architecture on AWS, each microservice is a REST API.
Some of the services are running on ECS using Fargate and some of the services are running as a set of lambdas.
I am trying to have each api route resolve to the correct service, whether it is a ECS or Lambda based service.
I can see how it would be possible using only ECS services (with Application Load Balancer and listeners) or using only Lambdas (with an API Gateway). But I just cant seem to figure out how to mix the two together.
I have been searching relentlessly all week and I cannot find any decent documentation or an example of how to implement something similar to this.
There appears to be a limit to the number of routes for ALB or API Gateway. If I have several lambda based services there will need to be a declared path for each Lambda function and they will use up the path limit very quickly.
Should there be an intermediary step between each service and the API Gateway? For instance, each Lambda service has its own API Gateway which 'groups' those functions together. Which would mean there will be a nested set of API Gateways that the parent API Gateway routes to. This doesn't feel correct though.
Any help in the right direction would be appreciated.
Thanks
Your AWS account's API Gateway REST and Websocket routes/resources limit can be increased with a request to AWS support.
I have been thinking about building a backend with graphQL.
The aim is to make the life of the backend team easier and iterate quicker rather then have to build REST endpoints or wss actions for each dataset retreivale.
GraphQL seems to be one of solution. We are very familliar with the Lambda environement and therefore in our research we found AppSync. I looks like a perfect solution, however I have some concerened around being locked in AWS and by designing the whole architecture around AppSync.
The beauty of serverless is that with the Serverless Framework, we could redeploy all functions to another cloud provider (Azure Functions) or even dockerize the functions for a deployment onprem.
I am concerned that with AppSync there is really no alternative in either other cloud providers or to easly do this onprem. Does anybody have any experience with this? Would it be more worth it to do the work to deploy an appolo server in lambda and build the connectors/listeners to the data sources our selfs with something like this: https://github.com/michalkvasnicak/aws-lambda-graphql/tree/aws-lambda-graphql%400.13.0#design-michalkvasnicak ?
IMHO, it comes down to how exactly the client of the GraphQL endpoint will secure data. One strategy is to secure an app with Amazon identity services like IAM and Cognito. Amplify's strength is secure integration with IAM, Cognito, API Gateway, DynamoDB, S3, and AppSync. A secure GraphQL endpoint on AppSync, for example. The data hosted in each AWS cloud service can be secured with Amplify and there are many other strategies too.
The serverless framework is a break through for serverless developer operations. The framework is beautiful. I don't disagree with your concern that Amplify generated cloudformation is not portable. Cloudformation is different DevSecOps culture than the Serverless framework. Amplify's generated DevSecOps code simply lands in Cloudformation culture.
I'm awfully new to GraphQL on the cloud, FWIW. I don't have experience with Apollo on Lambda. I cried, it looked difficult to automate the security though a seasoned pro may know. I certainly hope you get to a point where you never have to throw a single line of code away. I'm not even close, yet.
An easy entry point to the AWS eco system is to use AWS Amplify.
It has documentation guidance on security, GraphQL API, etc.
I am currently working on a web portal for a foundation. Applicants for a grant will receive access data in advance independently of this portal. New applications will then be created and processed in the portal itself. Once an application is complete, it is sent off. Later the application will be approved or rejected.
There are a number of technical specifications on which I have no influence. The frontend should be implemented using Html+Javascript. The backend should use the Amazon Web Services (AWS). If there is a need to program something for the backend - then C# should be used.
I know how to implement the classic client-server solution. At the moment, however, AWS offers me an unmanageable set of services. And here I'm hoping for suggestions as to which of the services I should take a closer look at. Ideally, no complete 'server solution' should run on a virtual server. Instead, Lambda functions are mentioned again and again. So would Amazon RDS and AWS Lambda be a sensible and sufficient combination? Did I miss something?
Thank you very much for your suggestions.
One solution would be to use AWS S3 to server HTML, CSS, JS, Images and other static content. You could use AWS Lambda via AWS API Gateway to serve as a backend. AWS Lambda would then connect to AWS RDS or AWS DynamoDB if you would prefer a NoSQL solution.
Image taken from AWS Github repo
You can get a more detailed description of how to set this up at
https://github.com/aws-samples/aws-serverless-workshops/tree/master/WebApplication/
I'm building an app and the idea is to go serverless.
I'm looking mainly at AWS and GCP (Google Cloud Platform), and as AWS costs are a bit obscure (at least for me), and there is no way to ensure not being billed, I'm going with GCP.
For the "server" part of the app, I would like to build an API on GCP as I could do with AWS API Gateway, but I couldn't find any matching product for that.
The closer one was Google Cloud Endpoint, but it seems to have a very different concept from AWS API Gateway. I've watched some videos about it (for example https://www.youtube.com/watch?v=bR9hEyZ9774), but still can't get the idea behind it or if it fits my needs.
Could someone please help clarify which GCP product would be suitable for creating an API and how it compares to AWS API Gateway?
Some link with info/example on how to do it would be really appreciated.
Google Product Manager here.
We don't have an exact analog for AWS API Gateway.
You're right about Cloud Endpoints. It's a bit of a different architecture than AWS uses -- it's a sidecar proxy that gets deployed with the backend. That's different than API Gateway, which is a fully managed proxy deployed in front of your backends.
If you are deploying in App Engine Flexible environments: good news! The Endpoints Proxy can be deployed as part of your deployment. It can do things similar to AWS API Gateway (API key validation, JWT validation, rate limiting).
We are working on some plans to allow for the proxy to be used in other places (Cloud Functions and the newer App Engine Standard runtimes).
And, finally: on our older App Engine Java and Python runtimes, we have API Frameworks that provide the same functionality. Those frameworks do the same thing as the proxy, but get expressed as code annotations and built into your app. We're moving away from the framework model in favor of the proxy model.
An example of springboot project with google cloud app engine can be found here-https://github.com/ashishkeshu/googlecloud-springboot