What's the best way to migrate from Firebase to AWS? I want to change the service because Ive read that AWS is way better than Firebase for apps that require a large user base. What would you recommend? I was using almost everything on Firebase (Login, Database, Storage).
As far as my knowledge, there is no straight forward solution to migrate the data from Firebase to AWS.
My suggestion would be export the data from Firebase and write a script in your favourite language and upload it in AWS.
See, Firebase is based on Google Cloud Platform(GCP) and you cannot just directly shift from Firebase to AWS. For this task, you may talk to Google Cloud support and ask them about this. Well, I don't think that this would even work as AWS and Firebase are a lot different and so, people are told to choose their first cloud service wisely.
Related
I have a simple shell script which issues several commands using awscli and displays information to the screen. It depends on having correct settings in ~/.aws/config and ~/.aws/credentials. I want to distribute it to about 10 users who have IAM accounts with limited privileges. However I don't want to use the shell - I want something cross-platform, easy to use for the users and easy for me to update. So I decided that I want to create a simple web application in JS instead, using the AWS SDK.
It seems that this use case is specifically supported by AWS, the first bullet point under "Common Use Cases" in What Is the AWS SDK for JavaScript? is "Build a custom console to AWS services in which you access and combine features across Regions and services to best meet your organizational or project needs" which exactly describes what I want to do.
The problem is that I can't find the relevant documentation on how to perform the user authentication. All the examples that I was able to find talk about some "Amazon Cognito" service and discuss much more complicated use cases, such as authenticating pools of external users through an external authentication provider and mapping them to IAM roles, which sounds too complicated for what I want to do. Is there a way to just authenticate the users that I have with their IAM user/password, and authorize them to access the AWS services based on their existing IAM permissions? Or is using Cognito, creating additional roles, etc. mandatory?
While writing this question I found out another question about AWS Amplify and now I'm even more confused. Is AWS Amplify what I would want to use?
You can write a web app using the AWS SDK for JavaScript that invokes various AWS Services. You do NOT need to use AWS Amplify to create a web app.
A Web application that uses the AWS SDK for JavaScript uses creds like any other AWS app. Here is an AWS tutorial that shows how to use the AWS SDK for JavaScript to write a basic web app that invokes the AWS SQS service. It will hopefully point you in the right direction.
Creating an example messaging application
This topic covers Prerequisites and other information, such as creating the required AWS resources, you need to know to write a web app using the AWS SDK for JavaScript.
Also - the link you referenced was the JavaScript V2 DEV Guide. Its better to use the AWS JavaScript V3 DEV Guide.
Need help I really don't know where to start I created a web app that access data from a Firestore on a GCP Project.
Now I need to use GCP Cloud Functions that connects to Firestore to perform CRUD Functions.
All are on the same GCP Project.
Thanks in advance I really need to know where to start on Cloud Functions how to define and access via code (Nodejs) the Firestore DB.
There is a step by step guide on how to setup Firestore with Cloud Function in this documentation, but summing it up, it's pretty simple. All you need to do is export the firestore sdk, initialize the sdk, and use it in your code.
You can also use the Admin SDK since Cloud Functions is "server side", and this will allow more elevated access to the Firestore from you Cloud Functions.
I am currently looking into AWS Amplify as well as I am reading Serverless Stack. My goal is to create a simple ToDo list app. Both "Getting started" / Documentations seem to have the same goal. However, AWS Amplify guide seems to be way easier from the setup.
And that's where I am confused. As far as I understand AWS Amplify also uses DynamoDB and gets data via GraphQL. But where is the difference between these two documentations?
Serverless Stack is a resource providing guidance on how to create serverless applications with AWS. It was created by a company called Anomaly Innovations.
AWS Amplify is an open source framework maintained by AWS which helps developers integrate their applications with AWS resources.
AWS Amplify is a very confusing service and consists of many components. I would categorize as follow.
AWS Amplify Console
AWS Amplify CLI
AWS SDK&Libraries to integrate to your mobile or web
AWS Appsync Transformer
AWS Amplify Console gives you the ability to easily to setup Continous Deployment for your Amplify project. Amplify Console use together with AWS Amplify CLI for you to manage different environments.
Let's say you want to start the Todo App. You start on your local using Amplify CLI and create API Gateway/Lambda/DynamoDB stacks.
Amplify CLI lets you create the whole stack easily and push it to AWS to deploy the whole stack. Then you can create a different environment based on the same stacks, let's say you want your dev environment, and QA environment and production environment.
Amplify CLI gives you all the commands necessary for you to achieve this, then if you want to auto-deploy the change to AWS when someone push the code to your Git repository, you can use the Amplify Console to set up exactly that.
Amplify Console also integrate with AWS Domain so, you can easily point your own domain to any of the environment.
On top of these, Amplify also provides, GraphQL Transformer, which you can easily define the GraphQL schema in Amplify format and it will transform and deploy to AWS Appsync. And there is a Mobile SDK which you can sync data between AppSync and you're mobile and provides some UIs as well.
We used one of our web projects and we liked it for Continues Deployment aspect of the Amplify, but we didn't like the AppSync(GraphQL) aspect of Amplify just b/c it was not easy to implement layered resolver.
Also, keep in mind that Amplify CLI/SDK/Transformer is under one project and it's still very fragile. You can take a look at the version history from https://www.npmjs.com/package/#aws-amplify/cli and you will see few version bump just in a single month. There were many obvious bugs we encounter, even on the AWS Console.
I haven't use the Serverless yet, but as long as I know, Serverless provides No1 and No2 of Amplify with greater stability.
One thing I dislike about Google Cloud Platform (GCP) is its less baked-in security model around roles/service accounts.
Running locally on my laptop, I need to use the service account's key specified in a JSON file. In AWS, I can just assume a role I have been granted access to assume (without needing to carry around a private key). Is there an analogue to this with GCP?
I am going to try and answer this. I have the AWS Security Specialty (8 AWS certifications) and I know AWS very well. I have been investing a lot of time this year mastering Google Cloud with a focus on authorization and security. I am also an MVP Security for Alibaba Cloud.
AWS has a focus on security and security features that I both admire and appreciate. However, unless you really spend the time to understand all the little details, it is easy to implement poor/broken security in AWS. I can also say the same about Google security. Google has excellent security built into Google Cloud Platform. Google just does it differently and also requires a lot of time to understand all the little features / details.
In AWS, you cannot just assume a role. You need an AWS Access Key first or be authenticated via a service role. Then you can call STS to assume a role. Both AWS and Google make this easy with AWS Access Keys / Google Service Accounts. Whereas AWS uses roles, Google uses roles/scopes. The end result is good in either platform.
Google authentication is based upon OAuth 2.0. AWS authentication is based upon Access Key / Secret Key. Both have their strengths and weaknesses. Both can be either easy to implement (if you understand them well) or a pain to get correct.
The major cloud providers (AWS, Azure, Alibaba, Google, IBM) are moving very fast with a constant stream of new features and services. Each one has strengths and weaknesses. Today, there is no platform that offers all the features of the others. AWS today is ahead both in features and market share. Google has a vast number of services that outnumber AWS and I don't know why this is overlooked. The other platforms are catching up quickly and today, you can implement enterprise class solutions and security with any of the cloud platforms.
Today, we would not choose only Microsoft or only Open Source for our application and server infrastructure. In 2019, we will not be chosing only AWS or only Google, etc. for our cloud infrastructure. We will mix and match the best services from each platform for our needs.
As described in the Getting Started with Authentication [1] page, for service accounts it is needed the key file in order to authenticate.
From [2]: You can authenticate to a Google Cloud Platform (GCP) API using service accounts or user accounts, and for APIs that don't require authentication, you can use API keys.
Service and user accounts needs the key file to authenticate. Taking this information into account, there is no manner to locally authenticate without using a key file.
Links:
[1] https://cloud.google.com/docs/authentication/getting-started
[2] https://cloud.google.com/docs/authentication/
We have decided that AppSync would be an excellent tool for our React Native app development. However, the problem is the scalability in development. Looking through Google entire day to find a way to do AppSync development offline so that anyone can freely create APIs and merge them, I realized that there is no such solution.
So how do large teams develop native apps using AppSync? Do you create AppSync app for every developer you have so that each person can change their own API freely then some how merge that back into production AppSync app?
I really wish there were a way to develop APIs locally and use git to merge them and upload the code directly to AppSync. As far as I know this is not possible but if you do know of a way or a different way, please let me know.
You can source control the entire AWS AppSync configuration including the endpoint, schema, resolvers, data sources, and any other AWS resources with AWS CloudFormation. Adrian's article walks thru the entire process. The ChatQL sample on GitHub contains a CloudFormation document and GraphQL schema that you can also use as a reference.
Once you've modeled AppSync and resources with CloudFormation, you can easily replicate your environment as many times as you want. Hence, you can either set up separate endpoints per developer or use a shared endpoint. I prefer the former since it provides isolation between developers.
You can also use the serverless framework to manage your AppSync endpoints with this plugin: https://github.com/sid88in/serverless-appsync-plugin
It also states, that it supports an offline mode for local development. Although, I didn't test it yet. But this can come in handy, when you want to pre-test your AppSync in a CI/CD environment.