Interesting read, thanks for posting, but I think you can do better. I've been playing with Fastly and VCL recently and you could write your whole app in VCL and have it served right from the CDN. 25 million requests would cost about $20 for that. If you include the API keys in the log output and batch-process that each day/hour/whatever to keep usage stats, that would remove the need for Dynamo? You'd then keep a table of banned API keys and update that through the Fastly API dynamically.<p>Just a thought. Still, $150 p/m is not bad!
That does seem good, but when you consider that it’s basically just doing a DB query for an IP (and there might be a clever way to store CIDRs where the DB finds it within a range) + authentication, authorization, and accounting ( AAA), it becomes a bit less impressive. I’m guessing again that the AAA stuff is actually more work than the actual lookups. I’ve made some services which use geoip before with in-memory lookups. Since it doesn’t change that frequently, aside from AAA, you don’t really need an external DB at all — just have the actual executable contain the lookup info, now you’re down to just lambda. Actually, don’t even build a service — just distribute a binary with the tables inside, so then customers don’t even need to make a call, wait, and pay for each call. Consider how well <i>that</i> would scale (and indeed this is already the business model for some of the MaxMind products (e.g. <a href="https://www.maxmind.com/en/geoip2-city" rel="nofollow">https://www.maxmind.com/en/geoip2-city</a> ), but it doesn’t make for as interesting of an article.
super cool article!<p>I do wonder if you didnt try Apistar (<a href="https://github.com/encode/apistar" rel="nofollow">https://github.com/encode/apistar</a>) . Its built by the author of django rest framework .and also is much more frequently updated
Out of interest where did you get the regional data for IP addresses from? Did you collect it yourself, if so how? There seem to be very few sources that allow you to resell it.
Why not push to Kinesis directly in a background worker?<p>I understand printing log is simple but you still have to push that log to cloudwatch... it's still being done on the same system. So, you end up paying that cost either way.<p>You can use MongoDB atlas with multi-region replication for low latency queries instead of DynamoDB.