I am evaluating SST vs Serverless Framework. I have used SF successfully on a few projects in the past. I think I prefer SST especially with its live coding experience and CDK support… however I’m weighing it against the maturity and community side of SF. Does anyone have strong thoughts one way or another that would help me make this decision in a more informed way. Right now I’m focused on POC with SST to be sure it is meeting our need. Any thoughts would be helpful. Also might be good to have a dedicated channel or page on this as I’m sure it’s a common concern. Thanks!

I’ve decided to move my SLS stack to SST because in the end, it’s using CDK, which is amazing in my opinion, I love the concept/idea.

We have some SF projects which we're migrating over to SST. My experience of SF was okay, it worked but the local development options required serverless-offline (or localstack but that was very flaky) In terms of getting help with stuff, the main forum is dead, there's a bit of activity in the Slack workspace. SST, just makes intuitively much more sense to me. Even though we were using TypeScript to define the stack (I hate yaml) I still found it fiddly and unintuitive. There weren't types for anything non-serverless related so that was painful. I've found the community here, while obviously smaller right now than for SF, much more helpful, engaging and the owners are incredibly fast to help or even make changes to the platform to accommodate user requests. With the recent recruitment of Jeremy Daly and the recently announced Serverless Cloud, things might improve and change for SF but I actually just strongly prefer SST (and CDK)'s way of doing things.

Yeah but you can use ORM with data-api?

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html "You can also use Data API to integrate Aurora Serverless with other AWS applications such as AWS Lambda, AWS AppSync, and AWS Cloud9. The API provides a more secure way to use AWS Lambda. It enables you to access your DB cluster without your needing to configure a Lambda function to access resources in a virtual private cloud (VPC)."

I dig it, great to see all the good activity on the thread!

@Kevin Baker it works with VPN like I said.

Hey guys, here’s the link to setting up VPN doc @Adrián Mouly mentioned https://docs.serverless-stack.com/live-lambda-development#connecting-to-a-vpc

@Frank this is the client app right? still need to create VPN in AWS?

For rds I'd recommend just running a local postgres or MySQL for local development

What’s the reason behind it?

Just that VPN setup can be tricky and more to manage for local development

Oh yeah, from setup side, it’s tricky.

This may be more than you want to tackle at once but as others have mentioned I'd suggest using a true serverless database. You can do fine with RDS but it's really fighting against the serverless paradigm, I did a whole prototype with serverless PG and ultimately switched over to dynamo

I’ve setup a jump box with ash tunnel off local machine before. Secure Pipes app makes it simple. Jump box isn’t exactly serverless though… this is just an alternative to VPN. https://www.opoet.com/pyro/

But well, that also allows us to have other capabilities, sometimes we want to debug something on the DB and can not connect without a jump box.

Why doesn't it work for sst local?

Well, not sure how to make jump box to work with sst local.

From my understanding you'd be forwarding your local port 5432 (if postgres) so your function would just have to connect to localhost:5432

I haven’t setup yet but no reason it shouldn’t work… it’s just networking. Makes the local function think it is connecting to local host database, or whatever service. It just forward the networ mm traffic remote

Ok, makes sense.

Another word of warning with using VPCs - your lambdas will need to use a managed nat which is billed 24/7 and not in a serverless way. Means at minimum you're paying $60 a month

Would be interesting to test that model, I wanted to do VPN just because it’s recommended in the doc.

Yeah, I’ll prob try both

Looking forward many teams are avoiding VPCs entirely. Creates some operational overhead and doesn't truly offer any added security boundary over using entirely managed services gated by iam auth

Get a free tier EC2 for jump box and only use for this. Can lock down networking via AWS pretty easy too, if you want to testify jump box access although SSH keys are pretty secure

upstash planetscale fauna dynamo are good options engineered for use with serverless specifically

Yeah I would think Dynamo would maybe need different solution. I’ve only used for mongo, Postgres and MySQL and only for local Docker stuff

With dynamo I just use dynamo up in aws (although aws provides local dynamo as a docker file)

Does dynamo have geospatial queries ? Maybe I’ll have another look.

Dynamo has almost nothing. Requires changing how you think about a database but I love it

Looks like it actually does https://aws.amazon.com/blogs/mobile/geo-library-for-amazon-dynamodb-part-1-table-structure/

The database itself is minimal (but powerful) and you can implement things in the application layer - as this library does

@Kevin Baker I haven't used it myself but there is this for geospatial DDB https://www.npmjs.com/package/dynamodb-geo