Victoria - Fotolia
The major public cloud providers offer great infrastructure primitives and -- sometimes -- good higher-level functionality. But often, their individual services are not the best choice, whether it's because of cost, functionality or even integration with that provider's other services.
It's hard enough to navigate the hundreds of services available from the major cloud providers, let alone the ecosystem of ancillary third-party players that crop up. Going category by category can be a time-intensive and potentially fruitless exercise, but the cloud vendors are particularly lacking when it comes to certain types of services. Among them: imaging, search and authentication.
In order to stay up to date on your options, we'll review those three market segments and the services that could be an alternative to native tooling for your cloud environment. We'll also highlight the trade-offs to consider before you bring a third party in to support your application.
Most modern software applications require the ability to store, quickly serve and manipulate images. Public cloud providers have services that make storing and serving fairly simple, with object storage offerings, including Amazon S3, Google Cloud Storage and Microsoft Azure Blob Storage, as well as content delivery network (CDN) services like Amazon CloudFront, Google Cloud CDN and Azure CDN.
However, the cloud providers' native services are insufficient when it comes to handling common image manipulation requirements, such as resizing for thumbnails, watermarking, intelligently cropping or translating image formats. For example, they lack tools for showing a page of a PDF as a PNG or converting a JPG to a PNG and making white transparent. Instead, cloud users generally have to build their own versions of these images with the foundational services.
Fortunately, there are third-party cloud services that will do all of the common imaging tasks -- including common manipulation -- and will deal with the storage, copying and CDN aspects of image processing.
Cloudinary is one of the best-known third-party imaging services. In addition to the tasks mentioned above, Cloudinary also helps moderate images and offers video capabilities. Other services in this category worth checking out include Imagekit.io, which uses AWS for storage and CDN and thus charges less; imgix, which is a true pay-as-you-go model; and Optimole, which is particularly useful for WordPress.
Whether it pertains to products, customers or content, most modern applications need some search functionality. The three major cloud providers have at least one recommended system for search, like Amazon CloudSearch, Amazon Elasticsearch Service or Azure Cognitive Search. Google has tight integrations with Elasticsearch, which is available through the Google Cloud Platform Marketplace.
Organizations pay for the VMs used to run the software. Administrators also take on the operational burden to keep them running, handling upgrades, outages and failures. These services tend to involve complex APIs and indexing systems that require a significant learning curve. Elasticsearch in particular requires extensive type definition and type consistency, or IT teams won't be able to search everything they try to index.
There are a number of third-party offerings that simplify these tasks by offering search as a service. The longest standing one is Algolia, which is capable of sub-10-millisecond search results and includes auto scaling. Algolia also offers robust security rules, which is a nice contrast to the often painful task of building security proxies on top of Elasticsearch. However, Algolia is known for being quite expensive if users run many searches.
You can also consider other third-party search options, such as Klevu for e-commerce businesses, AddSearch for indexing and searching website content, and Swiftype -- a service owned by the creators of Elasticsearch -- for site and app search.
Almost every application needs authentication. They also usually require identity and access management (IAM) to manage permissions. Again, the cloud providers have services here, with Amazon Cognito, Google Firebase Authentication and Azure App Center Auth. But these services can be difficult to use.
Amazon Cognito has an almost useless console in which developers can't edit user details. Cognito doesn't fire events on all user detail changes, so IT teams have to scan all users to pick up changes reliably and copy all of the information they want to search to another place.
Firebase Authentication is just an authentication system; any user information or access permissions require users to find an additional place to store that information. Then they have to write all of the logic to identify and enforce access management. And Azure's App Center Auth is limited to mobile and desktop apps; it doesn't work for web applications.
Auth0 and Okta are two third-party authentication services that are far superior to these cloud-native offerings. Auth0 is a full-featured identity and access management service that has a great console, handles storage and search of user attributes and integrates with most of the authentication protocols. This includes SAML, OAuth 2.0, OpenID Connect and LDAP. Okta, which began as a password management system for single sign-on, has moved into the general IAM service space, and is worth a look as well.
Drawbacks of third-party cloud services
While these third-party cloud services may be easier to use, more full-featured and sometimes cheaper than their public cloud counterparts, there are drawbacks to using them. They are their own point of application failure. As a result, IT teams could suffer an outage both due to the cloud provider as well as their third-party service provider. This is especially a concern for critical services like authentication.
Some IT teams may prefer the benefit of having everything located with one provider. If they use everything from a major cloud provider and pay for top-tier support, it's unlikely that provider will try to blame your issue on another vendor. Still, most of these third-party services have excellent support -- although it may cost more.
Finally, some of these third-party services can get quite expensive. These services tend to charge per-use, which is great to start, but if used heavily, it could cost your team much more than making something in-house with cloud primitives. In that case, you might want to start with third-party services, and later roll out your own software once it makes financial sense to do so.