Build Mobile Apps on AWS with Cognito, Analytics, SNS
•
4 likes•2,010 views
AWS makes development of cross-platform mobile applications easy. With highly-scalable cloud services such as Amazon S3, Amazon DynamoDB and Amazon SNS, mobile developers can build powerful cloud-backed mobile apps with just a few lines of code. In this session, you will learn how to connect directly to these services and how to build a powerful back end for your Android and iOS applications. We will also share some best practices from other successful apps such as Flipboard and Supercell so you can focus on differentiating your app functionality whilst leaving the 'table stakes' with no differentiated value to the cloud.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Build Mobile Apps on AWS with Cognito, Analytics, SNS
Similar to Build Mobile Apps on AWS with Cognito, Analytics, SNS (20)
More from Amazon Web Services
More from Amazon Web Services (20)
Recently uploaded
Recently uploaded (20)
Build Mobile Apps on AWS with Cognito, Analytics, SNS
- 1. AWS Summit 2014 Building Mobile Apps on AWS Danilo Poccia Technical Evangelist @danilop #AWSsummit
- 2. How to build a mobile app today?
- 3. Authenticate users Manage users and identity providers Authorize access Securely access cloud resources Sync user prefs across devices Analyze User Behavior Store and share media Synchronize data Deliver media Send push notifications Store shared data Track active users, engagement Track Retention Stream real-time data Manage funnels, Campaign performances Store user-generated photos Media and share them Automatically detect mobile devices Deliver content quickly globally Bring users back to your app by sending messages reliably Store and query fast NoSQL data across users and devices Collect real-time clickstream logs and take actions quickly Your Mobile App
- 4. AWS Mobile Services Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge Locations) Mobile Optimized Services Mobile Optimized Connectors Core Building Block Services Your Mobile App, Game or Device App AWS Mobile SDK, API Endpoints, Management Console Compute Storage Networking Analytics Databases Integrated SDK
- 5. Cross-platform, Optimized for Mobile User identity & data synchronization service Fast cross-platform Analytics & reporting Service Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector Store any NoSQL data and also map mobile OS specific objects to DynamoDB tables Powerful Cross-platform Push notification service Recorder that can handle intermittent network connection Easily upload, download to S3 and also pause, resume, and cancel these operations Send email reliably from device Access distributed buffering and queuing service
- 6. Fully Integrated AWS Mobile SDK • Common authentication mechanism across all services • Automatically handle intermittent network connections • Cross-platform Support: Android, iOS, Fire OS • Native SDKs optimized for Mobile OS, for example, uses the local offline caching architecture • Reduced memory footprint; Pick and choose the service jars you need
- 7. Authenticate users: Amazon Cognito
- 8. Unique Joe Anna Bob Identities Identity Providers Any Device Any Platform Any AWS Service Amazon Cognito Identity Support Multiple Login Providers Easily integrate with major login providers for authentication. Unique Users vs. Devices Manage unique identities. Automatically recognize unique user across devices and platforms. Helps implement security best practices Securely access any AWS Service from mobile device. It simplifies the interaction with AWS Identity and Access Management Mobile Analytics S3 DynamoDB Kinesis
- 9. Amazon Cognito for Unauthenticated Identities Guest User Access Securely access AWS resources and leverage app features without the need to create an account or logging in Save Data to the Cloud Save app and device data to the cloud and merge them after login Unique Identifier for Your “Things” “Headless” connected devices can also securely access cloud services. Visitor Preferences Guest Cognito Store EC2 S3 DynamoDB Kinesis
- 10. Getting Started with Cognito in 3 steps Sign up for AWS Account and login to AWS Management Console Create identitypool for authenticated and unauthenticated users in the AWS Console Download and integrate the Mobile SDK and store and sync user data in a dataset
- 16. Amazon Cognito Security Architecture User ID (Temp Credentials) DynamoDB End Users Developer App w/SDK Access to AWS Services Cognito Identity Broker Login OAUTH/OpenID Access Token Cognito ID, Temp Credentials S3 Mobile Analytics Cognito Sync Store AWS Management Console Access Token Pool ID Role ARNs
- 17. Amazon Cognito (Identity Broker) Identitypool Identity Providers Pool of identities that share the same trust policy Access Policy Access to AWS Services identitypool Authenticated identities Unauthenticated Identities AWS IAM Roles AWS Account Web Identity Federation S3 DynamoDB Get Delete Put
- 18. Access Policy Restriction (Policy Variables) Allow Actions: All sync operations Resource: Only to that identity { "Effect":"Allow", "Action":"cognito-sync:*", "Resource":["arn:aws:cognito-sync:us-east-1: { "Effect": "Allow”, "Action": ["s3:GetObject”,"s3:PutObject”], "Resource": ["arn:aws:s3::: myBucket/amazon/snakegame/ ${cognito-identity.amazonaws.com:sub}"] } 123456789012:identitypool/ ${cognito-identity.amazonaws.com:aud}/identity/ ${cognito-identity.amazonaws.com:sub}/*"] } Allow Actions: S3 Get/Put operations Resource: Only to a specific part of bucket to that identity
- 19. Synchronize data across devices : Amazon Cognito (Sync)
- 20. What have customers told us about “Synchronized Profile” People have multiple devices and want to transition between devices. Implementing a user profile that syncs across devices, OS, apps is hard. It not only has to work when offline, but easy to integrate with existing apps.
- 21. Amazon Cognito Sync User Data Storage and Sync Any Platform Identity pool iOS/Android/FireOS Store App Data, Preferences and State Save app and device data to the cloud and merge them after login Cross-device Cross-OS Sync Sync user data and preferences across devices with one line of code Work Offline Data always stored in local SQLite DB first. Works seamlessly when intermittent or no connectivity k/v data
- 22. Amazon Cognito Sync Data Model AWS Account Identitypool identitypool Dataset Pool of identities that share the same trust policy Identity Identity Identity Dataset Dataset Unique identifier across devices, get cached on local devices as well as saved in the cloud 1:n 1:n 1:n Dataset synchronized across devices by simply calling dataset.synchronize() method 1:n Dataset Dataset Key/Value Key-value and sync count
- 23. Amazon Cognito Sync Data Model - Example AWS Account 1:n Identitypool identitypool 1:n Identity Identity Identity 1:n Dataset Dataset Dataset Developer has two apps: a game and a productivity app User preferences Game state Identitypool1 Productivity App Game App 1:n Dataset Dataset Key/Value
- 24. Integrating Cognito Sync functionality is very simple Initialize the CredentialsProvider and CognitoClient provider = new CognitoCredentialsProvider(context, AWS_ACCOUNT_ID, COGNITO_POOL_ID, COGNTIO_ROLE_UNAUTH, COGNITO_ROLE_AUTH); cognito = new DefaultCognitoSyncClient(context, COGNITO_POOL_ID, provider); Create or open Dataset and Add Key Values cognito.openOrCreateDataset(datasetName); dataset.put(key, value); Call synchronize on the dataset dataset.synchronize(new SyncCallback(){..});
- 25. Integrating Cognito Sync functionality is very simple Initialize the AWSCognitoSyncClient AWSCognitoSyncClient *syncClient = [[AWSCognitoSyncClient alloc] initWithConfiguration: configuration]; Create or open Dataset and Add Key Values DataSet *dataset = [syncClient openOrCreateDataSet:@"myDataSet"]; NSString *value = [dataset readStringForKey:@"myKey"]; [dataset putString:@"my value" forKey:@"myKey"]; Call synchronize on the dataset [dataset synchronize]; iOS
- 26. Analyze User Behavior: Amazon Mobile Analytics
- 27. AWS Summit 2014 Improve Monitoring and Monetization of Your Mobile Apps Danilo Poccia Technical Evangelist @danilop
- 28. Store and share media: Amazon S3
- 29. Amazon S3 Connector: Transfer Manager S3 Connector Multipart upload media (photos, videos, audio) Fault tolerant download (e.g. assets) No backend required Automatic retries Pause, resume, cancel functions Optimized for native OS
- 30. Amazon S3 Connector: Transfer Manager // Creating the transfer manager self.transferManager = [S3TransferManager new]; self.transferManager.s3 = s3client; // Upload image [self.transferManager uploadFile:fileName bucket:bucketName key:objectName]; // Download image [self.transferManager downloadFile:fileName bucket:bucketName key:objectName]; // Pause, Resume, Cancel [self.transferManager pauseAllTransfers]; [self.transferManager resumeAllTransfers]; [self.transferManager cancelAllTransfers];
- 31. Send Push Notifications: Amazon SNS Mobile Push
- 32. What Customers Told Us About “Push Notifications” Sending large-scale push notifications, cross-platform is still hard. Developers want to be able to reach their customers globally and across all devices.
- 33. Each platform works differently, and push gets even more complex as you scale to support millions of devices. Cloud App Platform Services Mobile Apps
- 34. Amazon SNS Cross-platform Mobile Push Internet Apple APNS Google GCM Baidu CP Amazon ADM Windows WNS and MPNS iOS Apple iPhones and iPads Android Phones and Tablets in China With Amazon SNS, developers can send push notifications on multiple platforms and reach mobile users around the world New features: Message Expiry Time Message Attributes Amazon SNS Mobile Push Android Phones and Tablets Kindle Fire Devices Windows Desktop and Windows Phone Devices
- 35. Developers Love Cross-Platform Features of SNS Customers love high scale and Reliability of SNS Fast reliable notification for every Email received is powered by SNS High-profile Startups trust SNS for their high-profile launches Secret.ly Mature games increase retention using SNS Advanced targeted notifications bring players back into the game Launched its Android App with SNS, no provisioning required Jetpack Joyride Fruit ninja
- 36. Summary
- 37. Key Takeaways Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push Kinesis Connector DynamoDB Connector S3 Connector SQS ConnectorSES Connector AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge Locations) Mobile Optimized Services Mobile Optimized Connectors Core Building Block Services Your Mobile App, Game or Device App AWS Mobile SDK, API Endpoints, Management Console Compute Storage Networking Analytics Databases Integrated SDK
- 38. Key Takeaways Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push Kinesis Connector DynamoDB Connector S3 Connector SQS ConnectorSES Connector AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge Locations) Mobile Optimized Services Mobile Optimized Connectors Core Building Block Services Your Mobile App, Game or Device App AWS Mobile SDK, API Endpoints, Management Console Compute Storage Networking Analytics Databases Integrated SDK Cross Platform and Optimized for Mobile Flexibility And Freedom of Choice Fully integrated and easy to get started
- 39. Get Started for Free! Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push Free Tier: 1 Million push messages every month Free Tier (for first 12 months): 1 Million syncs/month + 10GB of storage for Amazon Cognito Free Tier: 100 Million events every month
- 40. Simple and predictable pay as you go pricing Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push Free Tier: 1 Million push messages every month Thereafter: $0.50 for Million notifications delivered $0.50 for Million requests Free Tier (for first 12 months): 1 Million syncs/month + 10GB of storage for Amazon Cognito Thereafter: $0.15 for 10K Syncs $0.15 per GB for storage Free Tier: 100 Million events every month Thereafter: $1.00 per Million events
- 41. Authenticate users Manage users and identity providers Authorize access Securely access cloud resources Sync user prefs across devices Analyze User Behavior Store and share media Synchronize data Deliver media Send push notifications Store shared data Track active users, engagement Track Retention Stream real-time data Manage funnels, Campaign performances Store user-generated photos Media and share them Automatically detect mobile devices Deliver content quickly globally Bring users back to your app by sending messages reliably Store and query fast NoSQL data across users and devices Collect real-time clickstream logs and take actions quickly Your Mobile App
- 42. Authenticate users Amazon Cognito (Identity Broker) Authorize access AWS Identity and Access Management Analyze User Behavior Store and share media Synchronize data AWS Mobile SDK Amazon Mobile Analytics Deliver media Amazon Cognito (Sync) Amazon S3 Transfer Manager Amazon CloudFront (Device Detection) Store shared data Amazon DynamoDB (Object Mapper) Stream real-time data Amazon Kinesis (Object Mapper) Track Retention Amazon Mobile Analytics Send push notifications Amazon SNS Mobile Push Your Mobile App
- 43. Revolutionize the way people experience Public Transit Yovav (Jay) Meydad VP, Product
- 44. 7 Billion People. 900 Million Cars.
- 45. Transit is a big portion of our lives… How do I get to…? When will my bus arrive? Am I going to be late (ETA)? Will it be overcrowded?
- 46. … and feels like this
- 47. Schedule / Alerts / POI GPS / Updates / Alerts Crowdsourced Data Trip plan Real- Time Data Alerts Mobile payment Moovit’s unique approach
- 48. Big data, real-time architecture Crowd active reports User GPS data Bus/train GPS feeds Statistic – user passive data Static – schedules & GEO
- 49. Real-time info, routes and navigation
- 50. Quick facts The World’s #1 Transit App 23 - Languages 40 - Countries 400 - Cities 2,600 - Transit operators 2,200,000 - Bus/train stops 50,000,000 - Daily passenger reports 100,000+ reviews 10,000+ reviews 300+ reviews
- 51. 9m 250K Jan ‘13 1m 436 days 105 99 70 51 42 3 Dec‘13 4 Transit is a big portion of our lives… 3 J0ul /Aug
- 52. 1.9M Daily sessions 5M Daily real-time requests Engagement & usage 50M Daily reports 650K+ DAU 2.7M+ MAU
- 53. Rio de Janeiro - Transit Radar by Moovit
- 54. Amazon RDS I/O Requests Jun-12 Jul-12 Aug-12 Sep-12 Oct-12 Nov-12 Dec-12 Jan-13 Feb-13 Mar-13 Apr-13 May-13 Jun-13 Jul-13 Aug-13 Sep-13 Oct-13 Nov-13 Dec-13 Jan-14 Feb-14 Mar-14 Apr-14 May-14 Jun-14 Jul-14 Aug-14
- 55. Amazon EC2 Instance Hours Jun-12 Jul-12 Aug-12 Sep-12 Oct-12 Nov-12 Dec-12 Jan-13 Feb-13 Mar-13 Apr-13 May-13 Jun-13 Jul-13 Aug-13 Sep-13 Oct-13 Nov-13 Dec-13 Jan-14 Feb-14 Mar-14 Apr-14 May-14 Jun-14 Jul-14 Aug-14
- 56. CloudFront GB Sep-13 Oct-13 Nov-13 Dec-13 Jan-14 Feb-14 Mar-14 Apr-14 May-14 Jun-14 Jul-14 Aug-14
- 57. Minimize latency when serving map tiles Amazon CloudFront Enhance security Some of our challenges Reduce server load and latency Amazon ElastiCache Better handle dynamic load while reducing cost Amazon VPC Amazon Autoscaling Create a modular architecture using SQS as buffers Amazon SQS
- 58. Compute Amazon EC2 DNS Service Route 53 Disk Amazon EBS Queue Load Balancing Storage Amazon S3 NoSQL SQL DB Content Delivery CloudFront Amazon DynamoDB Amazon RDS Monitoring CloudWatch ELB AWS Services in use Caching ElastiCache Security VPC Scaling AutoScale Amazon SQS
- 60. Thank You! AWS EXPERT? GET CERTIFIED! Danilo Poccia aws.amazon.com/certification Technical Evangelist @danilop #AWSsummit
Editor's Notes
- How to build an app 1. Authentication 2. Authorization 3. Data Storage and Delivery (Upload and Download) 4. Data Analytics 5. Data Synchronization 6. Push Notifications 7. Shared Data 8. Stream real-time data 9.
- Such services are fully integrated with the rest of AWS offering, are optimized for mobile use cases, are accessible via a single Mobile SDK and share the same scalable, on-demand, global infrastructure of all our other AWS services.
- These services are optimized for mobile OS and make it dead easy to get started when using the SDK. They add a lot of functionality for example Kinesis and Analytics automatically buffer records and events to handle intermittent connection. Kinesis support in the SDK, you can directly ingest large amounts of streaming data from around the world to Kinesis Stream which automatically handles shard. SDK is a great wrapper to handle distributed systems issues, such as automatic retries and so on. Our Mobile SDK adds even more functionality above the normal SDK such as resume, cancel in case of S3 etc.
- Amazon Cognito is a simple user identity and data synchronization service that makes it easy for developers to securely manage application data for your users across their mobile devices. Developers can create unique identities for your users with information from a number of public login providers Developers can save application data locally on the device and then securely sync and save this data to the cloud so your application can work online and offline. Developers can save any kind of data in Key/Value pairs such as application preferences or game state in the AWS Cloud, without having to write any backend code or manage any infrastructure. This means you can focus on creating great application experiences instead of having to worry about building and managing a backend solution to handle identity, network state, storage, and sync.
- One of the key benefits of Amazon Cognito is its Identity broker component. It creates a unique identifer and matches it when user’s login with any of the login providers. Developers have the flexibility to choose any login provider, in v1, we support G+, Amazon and Facebook and you can easily integrate using the SDK. We focus on users and not login providers and manage the user preferences for that users. Implementing AWS security best practices for accessing cloud resources with Amazon Cognito is easy. Amazon Cognito gives each app a set of temporary, limited privilege AWS credentials for each app user to access all AWS services.
- We have seen that 90% users simply consumers of data and only 10% are actually content creators. Unauthenticated guest users are users just like logged in users. We should focus more on them, build services for them, and treat them like users, not second class citizens. Amazon Cognito simplifies the way your application can access AWS resources in a secure manner, following AWS security best practices, even when your application users are not authenticated. Amazon Cognito creates a random, unique identifier for each unauthenticated guest so you can start saving application data for those users and also leverage the temporary, limited privilege credentials Amazon Cognito provides to access other AWS resources, such as Amazon S3 and Amazon DynamoDB. When your users decide to authenticate using one of the supported public login providers, Amazon Cognito ensures the data you saved against the unauthenticated profile is now associated with the new authenticated profile removing the complexity of managing user conversion. By registering an unauthenticated user or by sending a login provider token to Amazon Cognito, your application receives a set of temporary, limited privilege credentials from Amazon Cognito to access your AWS resources. Amazon Cognito takes care of all the steps necessary to create a unique identifier for your app’s users and retrieve the AWS credentials. Incorporating AWS security best practices now takes just a few lines of code.
- Architecturally, Amazon Cognito has two parts: Cognito identity Broker and Cognito Sync Store. Users first login with login provider of their choice and App with SDK does the rest. In the past, to access cloud services, developers embed aws credentials which is access key id and secret key within the application, this is highly unsecure because it is easy to unip the apk file and get access to keys. Now we make it extremely secure by not only create temprory creds that are valid only for one hour but also limiting the access to other data. The users only have access to store and sync in their own dataset. Once you get the temp cred, you can access other AWS services like S3 to store video, for example, DynamoDB to store shared data like leaderboards, kinesis to store streaming data logs and so on.
- We can add a restriction by username/id but our policy is for everyone who assumes the role
- As we all know the number of devices per user is going down any time soon. Customers have told us users with multiple devices want to be able to transition between devices seamlessly. They want a roaming synchronized app profile so they can pick up their tablet and continue playing a game at the same level they achieved on their phone. Turns out sync at scale is an hard problem to solve. Additionally, they want to be able to access their profile even when their device is offline. To date, developers wanting to implement roaming profile functionality in their apps have had to roll their own solution or use a system tied only to a particular login provider. This either requires the developer to do more work or to limit their cross platform story.
- With Amazon Cognito developers can synchronize application data across an end user’s devices with a single line of code. With Amazon Cognito, developers can securely store application data, such as preferences and game state in the AWS cloud. With synchronized application data, developers can give your users a consistent, unified experience on their app across all of their mobile devices. Developers can use Amazon Cognito directly from their mobile app without building or maintaining any backend infrastructure. Amazon Cognito handles secure application data storage and sync, enabling them to focus on their application experiences, instead of the heavy lifting of creating and managing a user application data sync solution. It manages the complexity of conflict resolution and intermittent network connectivity by managing offline cache ensuring your application can always deliver a great user experience. Each data set in the Amazon Cognito sync store can be synchronized on all devices associated with an identity simply by calling the synchronize () method.
- Today push notifications is the way to get to the app when the user is not using. It is extremely important functionality to drive engagement, retention and overal user experience. Customers tell us that working with diferent push notifications services is painful. They have to maintain serverside database of tokens issued by apple and android, and maintain the infastructure and different APIs. Moreover, sending push notifications to different parts of the world for example china, where there are more than 200 android appstores is extremely hard.
- Amazon SNS Mobile Push is a managed, scalable, cross-platform push intermediary service. It abstracts the complexity of different push notification services and allows developers to send push notifications across different mobile endpoints. You can subscribe to topics and and send messages which is then relayed to apple and google notifications services
- Customers love high scale and Reliability of SNS Fast reliable notification for every Email received is powered by SNS High-profile Startups trust SNS for their high-profile launches Launched its Android App with SNS, no provisioning required Mature games increase retention using SNS Advanced targeted notifications bring players back into the game
- Such services are fully integrated with the rest of AWS offering, are optimized for mobile use cases, are accessible via a single Mobile SDK and share the same scalable, on-demand, global infrastructure of all our other AWS services.
- Such services are fully integrated with the rest of AWS offering, are optimized for mobile use cases, are accessible via a single Mobile SDK and share the same scalable, on-demand, global infrastructure of all our other AWS services.
- Amazon Cognito has a simple pay as you go pricing plan, with no upfront costs. You pay only for what you use. Authenticating users and generating unique identifiers is free with Amazon Cognito. Upon sign-up, new AWS customers receive 10 GB of cloud sync store and 1,000,000 sync operations per month. Charges are based on the total amount of data saved in the Amazon Cognito cloud sync store and the number of sync operations performed. Amazon Analytics is almost free with 100 million events/month and just a 50 cents for millionevents there after.
- How to build an app 1. Authentication 2. Authorization 3. Data Storage and Delivery (Upload and Download) 4. Data Analytics 5. Data Synchronization 6. Push Notifications 7. Shared Data 8. Stream real-time data 9.
- How to build an app 1. Authentication 2. Authorization 3. Data Storage and Delivery (Upload and Download) 4. Data Analytics 5. Data Synchronization 6. Push Notifications 7. Shared Data 8. Stream real-time data 9.
- How to build an app 1. Authentication 2. Authorization 3. Data Storage and Delivery (Upload and Download) 4. Data Analytics 5. Data Synchronization 6. Push Notifications 7. Shared Data 8. Stream real-time data 9.