delivering mobile apps using aws mobile services

148

Upload: amazon-web-services

Post on 15-Jul-2015

738 views

Category:

Technology


4 download

TRANSCRIPT

Page 1: Delivering Mobile Apps Using AWS Mobile Services
Page 2: Delivering Mobile Apps Using AWS Mobile Services
Page 3: Delivering Mobile Apps Using AWS Mobile Services

Delivering Media Mobile Apps using the AWS Mobile & Javascript SDKs Adam Larter, Solutions Architect, Amazon Web Services [email protected]

Page 4: Delivering Mobile Apps Using AWS Mobile Services

•  Presentation ~55 minutes

•  Q & A using the questions panel during the presentation

•  Reminder – please fill in the survey!

Housekeeping

Page 5: Delivering Mobile Apps Using AWS Mobile Services

•  Learn how you can deliver websites and applications that share state across platforms and devices, using Amazon Cognito

•  Learn how to leverage the content repurposing, storage and delivery capabilities of Amazon Elastic Transcoder and Amazon S3

•  Learn how to create highly scalable systems by decoupling application tiers using Amazon SQS and Amazon Elastic Beanstalk

Today’s Agenda

Page 6: Delivering Mobile Apps Using AWS Mobile Services

•  Learn how to send push notifications to mobile devices using Amazon SNS

•  Learn how to use the AWS Mobile and Javascript SDKs to create applications that manage media

•  Learn how to use DynamoDB to create a shared inventory for media assets

Today’s Agenda (continued)

Page 7: Delivering Mobile Apps Using AWS Mobile Services

In this session, we’ll be creating 5 Android apps to demonstrate various features of AWS

Page 8: Delivering Mobile Apps Using AWS Mobile Services

How do we build mobile apps today?

Page 9: Delivering Mobile Apps Using AWS Mobile Services

Authenticate  users

Authorize access

Analyze User Behavior

Store and share media

Synchronize data

Deliver media

Store shared data

Stream real-time data Track Retention

Send push notifications

Manage users and identity providers

Securely access cloud resources

Sync user prefs across devices

Track active users, engagement

Manage funnels, Campaign performances

Store user-generated photos Media and share them

Automatically detect mobile devices Deliver content quickly globally

Bring users back to your app by sending messages reliably

Store and query fast NoSQL data across users and devices

Collect real-time clickstream logs and take actions quickly

Your Mobile

App

Your mobile application

Page 10: Delivering Mobile Apps Using AWS Mobile Services

Introducing AWS Mobile Services

Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push

Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector

AWS Global Infrastructure (11 Regions, 28 Availability Zones, 53 Edge Locations)

Core Building Block Services

Mobile Optimized Connectors

Mobile Optimized Services

Your Mobile App, Game or Device App

AWS Mobile SDK, API Endpoints, Management Console

Compute Storage Networking Analytics Databases

Integrated SDK

Page 11: Delivering Mobile Apps Using AWS Mobile Services

Amazon Cognito

Amazon SNS Mobile Push

DynamoDB Connector

S3 Connector

SQS Connector

User identity & data synchronization service

Store any NoSQL data and also map mobile OS specific objects to DynamoDB tables

Powerful Cross-platform Push notification service

Easily upload, download to S3 and also pause, resume, and cancel these operations

Access distributed buffering and queuing service

AWS Mobile Services we’ll focus on today

Page 12: Delivering Mobile Apps Using AWS Mobile Services

Fully integrated AWS mobile SDK

Cross-platform,

optimized for mobile

Automatically handles intermittent and latent

network

AWS Mobile SDK

Reduced memory footprint Common authentication method across all services  

Page 13: Delivering Mobile Apps Using AWS Mobile Services

Authenticate  users

Authorize access

Analyze User Behavior

Store and share media

Synchronize data

Deliver media

Store shared data

Stream real-time data Track Retention

Send push notifications

Manage users and identity providers

Securely access cloud resources

Sync user prefs across devices

Track active users, engagement

Manage funnels, Campaign performances

Store user-generated photos Media and share them

Automatically detect mobile devices Deliver content quickly globally

Bring users back to your app by sending messages reliably

Store and query fast NoSQL data across users and devices

Collect real-time clickstream logs and take actions quickly

Your Mobile

App

Your mobile application

Page 14: Delivering Mobile Apps Using AWS Mobile Services

Authenticate  users

Authorize access

Analyze User Behavior

Store and share media

Synchronize data

Deliver media

Store shared data

Stream real-time data Track Retention

Send push notifications

Amazon Cognito (Identity broker)

AWS Identity and Access Management

Amazon Cognito (Sync)

Amazon Mobile Analytics

Amazon Mobile Analytics

Amazon S3 Transfer Manager

Amazon CloudFront (Device Detection)

Amazon SNS Mobile Push

Amazon DynamoDB (Object Mapper)

Amazon Kinesis (Recorder)

Your mobile application

with the AWS Mobile SDK

Page 15: Delivering Mobile Apps Using AWS Mobile Services

Let’s build a Media App!

What should it do?

Page 16: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 17: Delivering Mobile Apps Using AWS Mobile Services

•  Goals: •  User is anonymous – we don’t care who they are, treat them as ‘Public’ or ‘Guest’

•  Directly access AWS Simple Storage Service (S3) from the mobile application

•  We do not want to upload to a server and then have the server push the file to S3…

•  Requirements: •  We need to authenticate the application on the mobile device

•  We do not want to bake the AWS credentials in our mobile app!

•  Even though users are anonymous, we still want to control access to AWS

First App: Basic Download/Upload App

Page 18: Delivering Mobile Apps Using AWS Mobile Services

Mobile App

S3 Bucket with test media

Cognito Identity

First App: Basic Download/Upload App

Page 19: Delivering Mobile Apps Using AWS Mobile Services

Amazon Cognito

Granting ‘guest’ access to our ‘Public’ users for controlled access to AWS resources

Page 20: Delivering Mobile Apps Using AWS Mobile Services

User ID (Temp

Credentials)

DynamoDB

End Users

Developer

App w/SDK Access

to AWS Services

Cognito Identity Broker

Login OAUTH/OpenID Access Token

Cognito ID, Temp

Credentials

S3

Mobile Analytics

Cognito Sync Store

AWS Management

Console

Access Token Pool ID

Role ARNs

Amazon Cognito Security Architecture

Page 21: Delivering Mobile Apps Using AWS Mobile Services

Cognito Identity Example Cognito Identity for Guests Cognito assigns a unique identifier for each device when a user is not logged on

Cognito Identity for Authenticated Users Cognito assigns a unique identifier for each user when they are authenticated. This will be the same identifier for this user regardless of which device they use

Page 22: Delivering Mobile Apps Using AWS Mobile Services

Cognito setup

Page 23: Delivering Mobile Apps Using AWS Mobile Services

Create a new Cognito Identity Pool

Page 24: Delivering Mobile Apps Using AWS Mobile Services

Create a new Cognito Identity Pool

Supplying public identity providers is optional For this demo, we will not be supporting public identity providers, so we leave them empty

Page 25: Delivering Mobile Apps Using AWS Mobile Services

Create a new Cognito Identity Pool

Enable guest access For this demo, we will allow ‘anonymous access’ so that unauthenticated users can upload and download from our S3 bucket

Page 26: Delivering Mobile Apps Using AWS Mobile Services

Create a new Cognito Identity Pool

Create IAM Roles Create IAM roles for this Cognito Identity Pool. We will assign tight security controls to these roles later

Page 27: Delivering Mobile Apps Using AWS Mobile Services

Create a new Cognito Identity Pool

And assign a role for unauthenticated access

Page 28: Delivering Mobile Apps Using AWS Mobile Services

Create a new Cognito Identity Pool

Starter code samples Cognito conveniently provides starter code for you for Android, iOS and .Net! This is an example of how you can easily connect your app to Cognito

Page 29: Delivering Mobile Apps Using AWS Mobile Services

Setup the required permissions in IAM

Page 30: Delivering Mobile Apps Using AWS Mobile Services

Setup the required permissions in IAM

Note the default policy

Page 31: Delivering Mobile Apps Using AWS Mobile Services

Setup the required permissions in IAM

Default policy created by Cognito By default, access to Cognito Sync and Mobile Analytics is permitted. This policy has been generated by the Cognito Create Identity Pool wizard

Page 32: Delivering Mobile Apps Using AWS Mobile Services

Media in our S3 bucket S3 Bucket contents Test file that we will be downloading via the TransferManager S3 connector

Page 33: Delivering Mobile Apps Using AWS Mobile Services

S3 Bucket ACLs Note that the ACLs on the bucket do not permit ‘Public’ so the asset is not world-accessible

Media in our S3 bucket

Page 34: Delivering Mobile Apps Using AWS Mobile Services

Let’s give the anonymous ‘guest’ access to our S3 bucket for read and write

Page 35: Delivering Mobile Apps Using AWS Mobile Services

Setup the required permissions in IAM

Use the Policy Generator We’ll create our specific S3-related policy using the Policy Generator

Page 36: Delivering Mobile Apps Using AWS Mobile Services

Setup the required permissions in IAM

Specify our bucket Our policy will specify access for our specific bucket. We’ll allow GetObject and PutObject

Page 37: Delivering Mobile Apps Using AWS Mobile Services

Setup the required permissions in IAM

Resulting Policy Document Here’s what the resulting policy looks like for allowing READ access to any object in the specific bucket, and the ability to WRITE any object

Page 38: Delivering Mobile Apps Using AWS Mobile Services

We’re now set up – let’s start coding!

Page 39: Delivering Mobile Apps Using AWS Mobile Services

Instantiate Cognito Credentials Provider

Give Cognito your details •  Account Id

•  Identity Pool ARN

•  UnAuthenticated access Role ARN

•  Authenticated access Role ARN

•  The Region you are running Cognito in

Page 40: Delivering Mobile Apps Using AWS Mobile Services

Implementation Note! This ‘Cognito’ class is just my convenience wrapper! I have chosen to implement this as a Singleton at App-scope

Your implementation may be different The only important thing is that you instantiate a CognitoCachingCredentialsProvider

Page 41: Delivering Mobile Apps Using AWS Mobile Services

S3 Connector

•  Multipart upload media (photos, videos, audio)

•  Fault tolerant download (e.g. assets)

•  No backend required

•  Automatic retries

•  Pause, resume, cancel functions

•  Optimized for native OS

Amazon S3 Connector: Transfer Manager

Page 42: Delivering Mobile Apps Using AWS Mobile Services

Pass Cognito Credentials to the AWS S3 Transfer Manager constructor

Pass the Cognito Provider to the TransferManager S3 connector to construct based on the Cognito-acquired AWS credentials

Page 43: Delivering Mobile Apps Using AWS Mobile Services

Set up the download request and go!

Initiate the download

Page 44: Delivering Mobile Apps Using AWS Mobile Services

Demo App

First, the Application instantiates a CognitoCachingCredentialsProvider()

Then initiates a download, followed by an upload

Page 45: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 46: Delivering Mobile Apps Using AWS Mobile Services

Amazon Cognito

Now let’s authenticate our users via public identity providers

Page 47: Delivering Mobile Apps Using AWS Mobile Services

•  Goals: •  User can be anonymous or they can choose to sign-in via Facebook

•  If they are anonymous, we let them see a ‘Public’ view of the media library

•  If they choose to sign-in, we let them see their own ‘Private’ view of the library

•  Requirements: •  We will use Cognito to help with the Public and Private authentication

•  Again, no AWS credentials in our mobile app!

•  We want to enforce Fine-Grained Access Control on the database views

Next app: Implement Public & Private views

Page 48: Delivering Mobile Apps Using AWS Mobile Services

For this demo, we’ll use Facebook as our Public Identity Provider

Page 49: Delivering Mobile Apps Using AWS Mobile Services

Mobile App

DynamoDB

Next app: Implement Public & Private views

OAUTH/OpenID Access Token

Cognito Identity Broker

Cognito ID, Temp

Credentials

Query for results filtered by OwnerId

Page 50: Delivering Mobile Apps Using AWS Mobile Services

•  Great how-to https://developers.facebook.com/docs/android/getting-started

Using Facebook in your App

Page 51: Delivering Mobile Apps Using AWS Mobile Services

Create an App on Facebook

Page 52: Delivering Mobile Apps Using AWS Mobile Services

Create an App on Facebook

Page 53: Delivering Mobile Apps Using AWS Mobile Services

Create an App on Facebook

Cognito needs the App ID The App ID from Facebook is what binds the Identity Pool to the Facebook application

Page 54: Delivering Mobile Apps Using AWS Mobile Services

Configure Cognito to use Facebook

Page 55: Delivering Mobile Apps Using AWS Mobile Services

Add an Android application to FB

Page 56: Delivering Mobile Apps Using AWS Mobile Services

Add an Android application to FB

Page 57: Delivering Mobile Apps Using AWS Mobile Services

Add an Android application to FB

Generate your signing hash from your development environment – check the documentation…

Page 58: Delivering Mobile Apps Using AWS Mobile Services

We’re now set up – let’s start coding!

Page 59: Delivering Mobile Apps Using AWS Mobile Services

Secure access to DynamoDB

Simply instantiate the AmazonDynamoDBClient and specify your Cognito provider as the credential provider in the constructor

Page 60: Delivering Mobile Apps Using AWS Mobile Services

Use the DynamoDB Mapper

Use the DynamoDB Mapper annotations to decorate your value object Specify the HashKey, RangeKey and the individual Attributes in your value object that should map to columns in the DynamoDB table

Page 61: Delivering Mobile Apps Using AWS Mobile Services

Raw DynamoDB records example

Inventory is partitioned based on the OwnerId ‘public’ is accessible to the ‘guest’ Cognito Identity Anything else must match the identity of the user accessing the application

Assigned by Cognito automatically

Page 62: Delivering Mobile Apps Using AWS Mobile Services

Raw DynamoDB records example

Range Key Each OwnerId has multiple Filenames

Hash Key Each OwnerId identifies a user by their Cognito identity, or ‘public’ if they didn’t log on to Facebook

Page 63: Delivering Mobile Apps Using AWS Mobile Services

Querying the DynamoDB table from code

Querying the DynamoDB table is simple! The DynamoDB Mapper will map the columns in the table to the fields in your value object and return a typed list of records ready to iterate

Page 64: Delivering Mobile Apps Using AWS Mobile Services

Demo App

Guest access

•  Connects to Cognito as anonymous user

•  Gets AWS token and uses that to instantiate a DynamoDB client

•  Queries DynamoDB using the key ‘public’

Authenticated access

•  Gets token from Facebook

•  Passes token to Cognito

•  Impersonates authenticated user

•  Queries DynamoDB using the key that matches the Cognito Identity of this user

Page 65: Delivering Mobile Apps Using AWS Mobile Services

Raw DynamoDB records example

Inventory is partitioned based on the OwnerId ‘public’ is accessible to the ‘guest’ Cognito Identity Anything else must match the identity of the user accessing the application

Page 66: Delivering Mobile Apps Using AWS Mobile Services

FGAC on DynamoDB using IAM Fine-Grained Access Control (FGAC)

•  Restrict which Actions can be called by the user

•  Restrict which DynamoDB Tables can be accessed by the user

•  Restrict which rows in the table are accessible by the user

•  Control which fields are accessible in the query results

Page 67: Delivering Mobile Apps Using AWS Mobile Services

FGAC on DynamoDB using IAM

Control the actions the user can invoke

The “Unauthenticated” Role Policy

Page 68: Delivering Mobile Apps Using AWS Mobile Services

FGAC on DynamoDB using IAM

Control the DynamoDB Table the user can access

The “Unauthenticated” Role Policy

Page 69: Delivering Mobile Apps Using AWS Mobile Services

FGAC on DynamoDB using IAM

Restrict the Rows in the DynamoDB table the user can access

The “Unauthenticated” Role Policy

Page 70: Delivering Mobile Apps Using AWS Mobile Services

FGAC on DynamoDB using IAM

Use the Cognito Id for this user to restrict the rows that will be accessible to the user

The “Authenticated” Role Policy

Page 71: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 72: Delivering Mobile Apps Using AWS Mobile Services

Amazon SNS

Push Notifications

Page 73: Delivering Mobile Apps Using AWS Mobile Services

Each platform works differently, and push gets even more complex as you scale to support millions of devices.

Cloud App

Platform Services Mobile Apps

SNS application targets

Page 74: Delivering Mobile Apps Using AWS Mobile Services

Amazon SNS Cross-platform

Mobile Push

Apple APNS

Google GCM

Amazon ADM

Windows WNS and MPNS

Baidu CP

With Amazon SNS, developers can send push notifications on multiple platforms and reach mobile users around the world

Android Phones and Tablets

Apple iPhones and iPads

Kindle Fire Devices

Android Phones and Tablets in China

Windows Desktop and Phones

SNS application targets

Your applicationback-end

Page 75: Delivering Mobile Apps Using AWS Mobile Services

•  Goals: •  Application automatically registers with Google Cloud Messaging (GCM)

•  The device registration Id is then sent to SNS to register as a device endpoint

•  The application then subscribes that device endpoint to a well-known SNS topic

This topic is shared by all other devices using the application

•  The application then confirms SNS Push Notifications are working by sending

a message to itself via SNS. The user sees a pop-up message.

•  Later, whenever a message is sent to the shared SNS Topic,

all devices subscribed receive a pop-up notification

Next App: SNS Push Notification App

Page 76: Delivering Mobile Apps Using AWS Mobile Services

Mobile App

Next App: SNS Push Notification App

SNS Topic

SNS Application

ENDPOINT APP

TOPIC

Cognito

Create Platform Endpoint

Subscribe to topic

Publish test message to our

Endpoint

Push notification from GCM

SNS

Page 77: Delivering Mobile Apps Using AWS Mobile Services

Setup Amazon SNS

Page 78: Delivering Mobile Apps Using AWS Mobile Services

On the SNS Dashboard, create a new Topic

Page 79: Delivering Mobile Apps Using AWS Mobile Services

On the SNS Dashboard, create a new Topic

Page 80: Delivering Mobile Apps Using AWS Mobile Services

Note the Topic’s ARN We will need this in our code to subscribe the device to the topic so we can receive notifications

On the SNS Dashboard, create a new Topic

Page 81: Delivering Mobile Apps Using AWS Mobile Services

Create a Google API Project and obtain the Google Project ID  

Page 82: Delivering Mobile Apps Using AWS Mobile Services

Enable GCM for Android

Page 83: Delivering Mobile Apps Using AWS Mobile Services

Create the Server API Key

Page 84: Delivering Mobile Apps Using AWS Mobile Services

Obtain the Server API Key from Google

Page 85: Delivering Mobile Apps Using AWS Mobile Services

On the SNS Dashboard, create a new App

Page 86: Delivering Mobile Apps Using AWS Mobile Services

Specify the API Key you got from Google

Page 87: Delivering Mobile Apps Using AWS Mobile Services

Note the ARN for this SNS Application

Page 88: Delivering Mobile Apps Using AWS Mobile Services

We’re now set up – let’s start coding!

Page 89: Delivering Mobile Apps Using AWS Mobile Services

Instantiate Cognito Credentials Provider

Give Cognito your details •  Account Id

•  Identity Pool ARN

•  UnAuthenticated access Role ARN

•  Authenticated access Role ARN

•  The Region you are running Cognito in

Page 90: Delivering Mobile Apps Using AWS Mobile Services

Again, this ‘Cognito’ class is just my convenience wrapper implemented as a Singleton

Instantiate SNS using Credentials from Cognito

Page 91: Delivering Mobile Apps Using AWS Mobile Services

Get the device registration ID from GCM

We’re requesting the device identifier/token for this unique device, against the Google Project Id we created earlier

Page 92: Delivering Mobile Apps Using AWS Mobile Services

And register this device with the SNS App

The ‘deviceIdentifier’ is the device token returned from GCM for this unique device

Page 93: Delivering Mobile Apps Using AWS Mobile Services

Finally, subscribe the endpoint to the Topic

The endpoint is the ARN you got back from the previous call to getEndpointArn()

Page 94: Delivering Mobile Apps Using AWS Mobile Services

Demo App

At startup, we register this device with the SNS Application

Then we subscribe this device Endpoint to the global SNS Topic

We then send a test message from the device to ourselves to confirm the round trip is working

If we subsequently publish to the global SNS Topic, all devices subscribed will be notified

Page 95: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 96: Delivering Mobile Apps Using AWS Mobile Services

How did we initiate the sending of the Push Notification to the

global SNS Topic?

But wait!

Page 97: Delivering Mobile Apps Using AWS Mobile Services

Demo web page to send Push Notifications

Plain old Javascript and HTML! The website is a standard HTML site with Javascript. It is being served from S3, so no back-end servers The magic comes from the AWS Javascript SDK

Page 98: Delivering Mobile Apps Using AWS Mobile Services

Demo web page to send Push Notifications

Topic ARN This is the topic we subscribed our application to when it started up

Cognito Role This is the IAM role we want to use – we’re using the unauthenticated ‘guest’ role in this demo

Cognito Identity Pool ID This is the specific Cognito pool we want to use for authentication

Page 99: Delivering Mobile Apps Using AWS Mobile Services

Demo web page to send Push Notifications

Page 100: Delivering Mobile Apps Using AWS Mobile Services

Demo web page to send Push Notifications

Page 101: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 102: Delivering Mobile Apps Using AWS Mobile Services

Amazon Cognito

Sharing data between devices

Page 103: Delivering Mobile Apps Using AWS Mobile Services

•  Goals:

•  User is authenticated with Facebook

•  Each time they modify gadgets in the app, the state of the gadgets is synchronized with all other devices using the application (for that user account)

•  Verify these shared data changes in a companion web page, where the user is also authenticated with Facebook, and is the same user principal

Next App: Shared application data

Page 104: Delivering Mobile Apps Using AWS Mobile Services

Add a Web application to FB

Page 105: Delivering Mobile Apps Using AWS Mobile Services

Add a Web application to FB

S3 bucket name We’re using S3 to serve the web site in this example, but you can use CloudFront, or EC2, or use a CNAME

Page 106: Delivering Mobile Apps Using AWS Mobile Services

Javascript code to read Cognito Sync Data

Instantiate the CognitoSync object It will inherit the Cognito credentials from those we obtained earlier from our call to CognitoIdentityCredentials()

Page 107: Delivering Mobile Apps Using AWS Mobile Services

Javascript code to read Cognito Sync Data

Specify our parameters We need to specify the DatasetName that we want to connect to, and the Cognito Identity information as shown

Page 108: Delivering Mobile Apps Using AWS Mobile Services

Javascript code to read Cognito Sync Data

Call CognitoSync::listRecords() …and provide our params and a callback

Page 109: Delivering Mobile Apps Using AWS Mobile Services

Javascript code to read Cognito Sync Data

OnSuccess() …iterate the results and do something interesting with the data records

Page 110: Delivering Mobile Apps Using AWS Mobile Services

Demo App Web Page The web page has access to the shared data when authenticated as the Facebook User

Mobile application

…and the mobile application has access to

the same shared data if the user is logged on to Facebook as the same

user

Page 111: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 112: Delivering Mobile Apps Using AWS Mobile Services

Media Repurposing with the Elastic Transcoder

Page 113: Delivering Mobile Apps Using AWS Mobile Services

•  Goals: •  User can be an anonymous Guest user and share inventory with all other guest users

•  User can authenticate with Facebook and see their own inventory

•  User can capture video and upload it to their private inventory, or the public inventory

•  Media uploaded is converted into adaptive bitrate formats and thumbnails for preview

•  Video can be replayed via CloudFront by touching on the item

•  Items can be deleted from the inventory by touching them

Our Final App: Media Manager app

Page 114: Delivering Mobile Apps Using AWS Mobile Services

Mobile App

DynamoDB

S3 Upload Bucket

App Architecture - Upload

Cognito Identity

Elastic Beanstalk – Worker Tier

SQS Queue

Elastic Transcoder

Auto-scaling

Worker Instances

S3 Output Bucket

Page 115: Delivering Mobile Apps Using AWS Mobile Services

Mobile App

DynamoDB

App Architecture - Delivery

Elastic Beanstalk – Worker Tier SQS Queue

Elastic Transcoder

Auto-scaling

Worker Instances

S3 Output Bucket CloudFront Distribution

Adaptive bitrate video stream

Page 116: Delivering Mobile Apps Using AWS Mobile Services

Cognito Identity

Mobile App

DynamoDB

App Architecture – On Delete

Elastic Beanstalk – Worker Tier

SQS Queue

Media Deletion Long-running task

performed asynchronously from the

user’s perspective

Auto-scaling

Worker Instances

S3 Media Storage Bucket

Page 117: Delivering Mobile Apps Using AWS Mobile Services

Set up transcode pipeline

On Completion Event Elastic Transcoder notifies this SNS topic when the transcode is complete. We then forward the notification to our Worker Tier queue.

Page 118: Delivering Mobile Apps Using AWS Mobile Services

Create transcode jobs via Java SDK Specify the outputs We are using various presets to create our transcode outputs, including thumbnails

Create an HLS playlist HLS is the streaming format we will use in this demonstration app

Create the job Call the ETS API to create the job

Page 119: Delivering Mobile Apps Using AWS Mobile Services

How do we deploy our Worker Tier?

Page 120: Delivering Mobile Apps Using AWS Mobile Services

We’ll use Elastic Beanstalk

Page 121: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Provide your credentials Use the Access Key and Secret Key obtained from the IAM Console

Page 122: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Choose your region We’ll use us-east-1

Page 123: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Specify names Provide a name for your application and a name for the environment (eg: Production)

Page 124: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Specify the Tier We’ll be using a Worker Tier that manages reading from the SQS queue for us

Page 125: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Choose the stack For this demo, we will be using Java 7 in a Tomcat container

Page 126: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Select environment type We’ll use a Load Balanced configuration

Page 127: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Create an RDS DB? We don’t need an RDS database so we skip this

Page 128: Delivering Mobile Apps Using AWS Mobile Services

Create Elastic Beanstalk Application using the eb tool from the commandline

Finally, choose a Role Select an IAM Role for instances in this Worker Tier to run in

Page 129: Delivering Mobile Apps Using AWS Mobile Services

Now we have our Elastic Beanstalk Application set up, let’s deploy into it

Page 130: Delivering Mobile Apps Using AWS Mobile Services

Build and deploy to Elastic Beanstalk using the AWS CLI tool from the commandline

Build WAR We’re using Maven to build our WAR

Page 131: Delivering Mobile Apps Using AWS Mobile Services

Build and deploy to Elastic Beanstalk using the AWS CLI tool from the commandline

Push WAR to S3 We push the resulting WAR file to our deployment bucket

Page 132: Delivering Mobile Apps Using AWS Mobile Services

Build and deploy to Elastic Beanstalk using the AWS CLI tool from the commandline

Create Application Version Create a new version for our Elastic Beanstalk application

Page 133: Delivering Mobile Apps Using AWS Mobile Services

Build and deploy to Elastic Beanstalk using the AWS CLI tool from the commandline

Update Environment Version Update the running version on our application’s environment

Page 134: Delivering Mobile Apps Using AWS Mobile Services

Final App

Page 135: Delivering Mobile Apps Using AWS Mobile Services

Our Media App’s wish-list of features q  Upload & Download media files to/from S3 buckets

q  Grant anonymous but secure access to AWS resources in our account

q  Grant authenticated access for users that log in via Public Identity Providers

q  Send push notifications to mobile devices

q  Store the media library inventory in the cloud so it can be queried by many users

q  Provide partitioned access to the media library based on Public and Private views

q  Synchronise user data across devices

q  Make all this available across devices (iOS, Android, Kindle) and web

q  Convert uploaded video files to various mobile/web formats

Page 136: Delivering Mobile Apps Using AWS Mobile Services

New Service Announcement: Amazon Lambda

Page 137: Delivering Mobile Apps Using AWS Mobile Services

q AWS Lambda is a compute service that runs your code in response to events

and automatically manages the compute resources for you

q AWS Lambda starts running your code within milliseconds of an event such as

a media file uploaded to S3

q With AWS Lambda you pay only for the requests served and the compute time

required to run your code

q Lambda runs your code on high-availability compute infrastructure

q All you need to do is to provide the code to execute in response to an event

Introducing: Amazon Lambda

Page 138: Delivering Mobile Apps Using AWS Mobile Services

Mobile App

DynamoDB

S3 Upload Bucket

Using Lambda - Upload

Cognito Identity Elastic Transcoder

S3 Output Bucket

Lambda  func&on  to  submit  transcode  job  to  Elas&c  

Transcoder  

Page 139: Delivering Mobile Apps Using AWS Mobile Services

With Lambda, there is no need to run your own fleet of compute instances to implement

our media application!

Page 140: Delivering Mobile Apps Using AWS Mobile Services

q With Lambda you do not have to provision your own instances

q At launch AWS Lambda supports code written in Node.js

(Other language options will come)

q Available now in Preview to all customers

Amazon Lambda

Page 141: Delivering Mobile Apps Using AWS Mobile Services

We covered a lot of ground in this deep-dive session!

Page 142: Delivering Mobile Apps Using AWS Mobile Services

Amazon Cognito

Amazon SNS Mobile Push

DynamoDB Connector

S3 Connector

SQS Connector

User identity & data synchronization service

Store any NoSQL data and also map mobile OS specific objects to DynamoDB tables

Powerful Cross-platform Push notification service

Easily upload, download to S3 and also pause, resume, and cancel these operations

Access distributed buffering and queuing service

AWS Mobile Services

Page 143: Delivering Mobile Apps Using AWS Mobile Services

Amazon S3

Amazon Elastic Transcode Service

Amazon CloudFront

Amazon Elastic Beanstalk

Amazon Identity and Access Management

Online file storage web service

Content Delivery Network (CDN)

Highly scalable, media transcoding in the cloud

Platform as a Service (PaaS)

Securely control access to AWS services and resources for your users

AWS Services & Features

Page 144: Delivering Mobile Apps Using AWS Mobile Services

Fully integrated AWS mobile SDK

Cross-platform,

optimized for mobile

Automatically handles intermittent and latent

network

AWS Mobile SDK

Reduced memory footprint Common authentication method across all services  

Page 145: Delivering Mobile Apps Using AWS Mobile Services

Online  Labs  |  Training  

Gain  confidence  and  hands-­‐on  experience  with  AWS.  Watch  free  

Instruc&onal  Videos  and  explore  Self-­‐Paced  Labs  

Instructor  Led  Classes    

Learn  how  to  design,  deploy  and  operate  highly  available,  cost-­‐effec&ve  and  

secure  applica&ons  on  AWS  in  courses  led  by  qualified  AWS  instructors  

Validate  your  technical  exper&se  with  AWS  and  use  prac&ce  exams  

to  help  you  prepare  for  AWS  Cer&fica&on  

AWS  Cer:fica:on    

h=p://aws.amazon.com/training    

Page 146: Delivering Mobile Apps Using AWS Mobile Services
Page 147: Delivering Mobile Apps Using AWS Mobile Services
Page 148: Delivering Mobile Apps Using AWS Mobile Services

Thank  You