[fiedzia]

Rust/django user here, but ... its 2016, micoservices has been invented long time ago, so use best tool for the job. As for other things: SSL can be terminated by AWS/nginx/whatever, so no need to worry about that. Every ORM I've worked with, regardless of the language, makes injections thing of the past, for non-db things few type definitions solve the problem too (rust has advantage here due to sane type system). CSRF can be solved by middleware + few hooks in right places, not a big deal. Yes, you will need occasionally dig into golang libs and frameworks to add a feature that existed in rails, so really this comes to balance between long-term performance gains and short-term convenience. With really large space between those two.