I would want to know, how do I manage user credentials in AWS lambda. Lambdas are stateless, there is no session, so how do I keep track of which user is executing the current lambda?
How do you do it with a load balanced stateless web server? People have been doing this 10 years, most language should have some frameworks or plugins around it....
Common is to give the client a cookie with a session id (KJASDJKASDASDS) in a cookie. Then in a RDBMS you store this (session KJASDJKASDASDS = User 1234)... and the first part of each web (or lambda call), you go look up the user by session and know who it is.
(You can also store the user ID directly in an encrypted cookie, but that has a few other problems)
Just curious, what would be the major drawbacks of not using relational here? My understanding is that AWS is pushing Dynamo quite a bit and it seems cheaper, so if they're only needing to query off of session id and maybe user id, shouldn't that be sufficient?
Relational is super handy. Very easy to report on and do various things down the road.
If all he needed was session id, sure, NoSQL is more or less the same. But what about when he adds other fields that are related? Say customer address or reports or .... His life may very well be easier with relational.
You should generally start relational. Then branch out if you are hitting the brick walls of relational. People using NoSQL for a 100MB database are making their life SERIOUSLY more difficult than it needs to be. (I have done it before, not fun).
1) A NoSQL DB for the main data providing replication and scalability(e.g. Cassandra or DynamoDB).
2) Another DB for quick access and transient Data where replication is not so important, e.g. storing the session cookie. Relational vs Non-relational would not be an issue since I'm only storing very little data here and want fast access and minimize costs(in DynamoDB you still have to pay per operation). Therefore I'm looking for some simple solution like ElastiCache.
Common is to give the client a cookie with a session id (KJASDJKASDASDS) in a cookie. Then in a RDBMS you store this (session KJASDJKASDASDS = User 1234)... and the first part of each web (or lambda call), you go look up the user by session and know who it is.
(You can also store the user ID directly in an encrypted cookie, but that has a few other problems)