[asteadman]

Re: users auth. Isn't that what Cognito is supposed to be? I mean, I don't fully understand it, but I think so.

As for the cold boot issue, I thought the standing solution was to have a "fast-exit" ping-like code-path within the lambda. Query it on a regular basis (you can even do it with a lambda scheduled-event). That way your lambda should be kept warm.

[brilliantcode]

TIL Cognito!

That completely flew under my radar, not sure why I didn't see it before (oh that's right I was heads down in Azure).

With Athena the circle is complete for me.

That fast exit ping thing is pretty cool, any more information regarding that?

Your comment is probably the most valuable one I came across to date since signing up, I wish there was a way to award a gold star like on reddit :D

There's very little objection at this point in moving to a Serverless architecture = Athena (SQL) + Lambda (CPU) + Cognito (User).

[asteadman]

What's your usecase for Athena (Really curious how this changes anything)?

You can hook your lambda up to a cloudwatch scheduled event (http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/Sc...). If you don't do much when this happens (like, you exit immediately), then you won't be charged much compute time. Can't find the reference to how often you should ping it to keep it warm, probably varies, IIRC hourly would be plenty.

[brilliantcode]

building user management, security has always been a "build your own wheel". While I think a properly secured SQL table with encrypted keywords is certainly possible the risk remains. We see even for prolific and large websites their entire user tables are dumped online on a regular basis.

Off-loading this burden on a cloud vendor whose sales are directly tied to the security, gives me peace of mind. Ashley Madison had no financial incentive to keep their user base as secure as possible or actively defend against it using R&D. Yahoo Mail as well. But AWS and Active Directory are products that sell this security and for them to fuck up on an epic scale would mean their end.

so the tldr is piggybacking on the tremendous resources from a cloud giant which frees up resources to focus on the core product.

This is not to say that it's impossible to roll out your own wheel, I'm just saying it makes more sense to align the financial incentives of vendors maintaining the user base security. This may or may not mean I'm open to focusing on companies solely focused on user auth/management products, it's tough to beat the branding and trust built into AWS & Azure that developers are voting everyday with their money & data.

[xmly]

My solution currently is : Aws API gateway + Cognito + lambda + DynamoDB for webservice. S3 for html/css/js. CodeDeploy + Cloudformation for deployment.

Athena does not gurantee for timing, use it for async call and offline processing

[brilliantcode]

super cool! would love to find out more about your workflow using those AWS components.

what did you mean by your last sentence?

[gbrits]

Not OP, but athena returns results for most queries in a couple of seconds (quote is somewhere in the blogpost) this would likely not be enough for your typical request/response flows.