Not having a server at all is the easiest. I run my front ends on S3 / CloudFront. Backend is run on Lambdas, with state stored in DynamoDB/SimpleDB (can't wait for serverless Aurora though!).
create-react-app and aws-amplify gets you really far in a hurry.
I then normally use react-redux, @redux-offline/redux-offline, react-router-dom, and flow-bin.
as a frontend dev new to this stuff - how do you keep your lambdas secure? literally anyone can see your secrets?
I'm gonna go through your code, thanks for sharing, just wanted to ask in case you have a big picture insight about how serverless auth/security is best done. this stuff freaks me out because i know nothing about it.
I'm afraid I don't follow. What secrets are you referring to? Secrets in the code running on the lambda can't be seen by anyone. If you mean secrets to invoke the lambda I usually have lambdas be completely open (no auth required) or have users log in with cognito and use aws-sdk invoke the lambda, which takes care of auth for me.
I'm gonna go through your code, thanks for sharing, just wanted to ask in case you have a big picture insight about how serverless auth/security is best done. this stuff freaks me out because i know nothing about it.