AWS serverless stack in a nutshell

For the past few months I’ve been working on Tutora, a platform to help users discover and manage learning materials from around the web.

When I started working on the project I quickly realized the immense amount of work I had cut out for me, not only building the application, but also deploying, maintaining and scaling the infrastructure. In addition, as I was bootstrapping my startup, I had to consider the cost of running it very carefully. It became clear that, if I were to succeed, I needed to figure out how to maximize my time, my efforts, as well as my dollars.

After doing some research I decided to settle on a serverless architecture supported by Amazon Web Services and never looked back. To give you an idea of what this looks like, let me tell you a little bit about my serverless stack:

AWS Lambda & Amazon API Gateway

AWS Lambda lets you run code without provisioning or managing servers.

This means you don’t need to set up EC2 instances to run your back-end code. You can write your functions directly on AWS Lambda console, or you can write them in your local environment, then zip and upload them using the console or the AWS CLI. AWS Lambda also scales your functions automatically as needed, so you don’t have to worry about that.

Now, to invoke your Lambda code over HTTPS, you need to define a REST API using Amazon API Gateway and map each method (GET, POST, etc.) to a specific Lambda function.

Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.

Once your application data is sent via the API and received by your Lambda function (e.g.: new user info, search query, etc.), you can manipulate it and pass it to other AWS services, such as DynamoDB or CloudSearch. It’s also possible to connect with external services; for example, you could easily invoke your communications platform API every time a new visitor subscribes to your newsletter.

You only pay for the computing time you consume, the API calls you receive, and the amount of data transferred out.

Amazon DynamoDB

Amazon DynamoDB is a fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale. It is a fully managed cloud database and supports both document and key-value store models.

DynamoDB is great for storing your application’s data. It’s a powerful data store, and it fits beautifully in a serverless stack.

Amazon S3 & Amazon CloudFront

You can store your static content (HTML, CSS, JavaScript) in an Amazon S3 bucket and use CloudFront to distribute it.

Using CloudFront can be more cost effective if your users access your objects frequently because, at higher usage, the price for CloudFront data transfer is lower than the price for Amazon S3 data transfer. In addition, downloads are faster with CloudFront than with Amazon S3 alone because your objects are stored closer to your users.

Amazon Cognito & IAM

Amazon Cognito allows you to authenticate users via social identity providers such as Facebook, or by using your own back-end authentication process. It creates unique identities for your users and associates them with AIM roles. It’s a secure, low-cost authentication option and can scale to support hundreds of millions of users.

Amazon CloudSearch

A key feature of Tutora is that it allows people to explore a vast collection of courses and tutorials available on the web. For this, I decided to use Amazon CloudSearch, an AWS Cloud service that provides a robust, cost-effective search solution for web applications.

There’s a lot to like about CloudSearch. It’s reliable, fully managed and supports powerful search features such as faceted search, autocomplete, customizable relevance ranking and query-time rank expressions, field weighting, and more.

The rest of the stack

I also use Amazon CloudWatch to monitor my resources, Amazon Simple Email Service (SES) for transactional emails related to user account updates, and AWS Certificate Manager to provision and manage SSL certificates.