building mobile apps on aws (featuring amazon cognito, amazon mobile analytics, amazon sns mobile...
DESCRIPTION
Build powerful mobile applications using AWS Mobile Services. For the first time, we will discuss how mobile developers can leverage the new cross-platform AWS Mobile Services that we announced today. How they can authenticate and authorize their users using Amazon Cognito, user identity and data synchronization service. We will discuss how Amazon Mobile Analytics service collects, visualizes and understand your mobile app usage at scale, All this is available as a single unified and mobile-optimized easy-to-use SDK so developers can access these new services (and other services like S3, DynamoDB) with just a few lines of code on the client and without the need of owning backend servers. - http://aws.amazon.com/mobileTRANSCRIPT
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Building Cloud-powered Mobile Apps Now Featuring Amazon Cognito, Amazon Mobile Analytics and more…
Jinesh Varia 7/10/2014
How to build a mobile app today?
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Manage users and identity providers
Securely access cloud resources
Sync user prefs across devices
Track active users, engagement
Manage funnels, Campaign performances
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Introducing AWS Mobile Services
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge Locations)
Core Building Block Services
Mobile Optimized Connectors
Mobile Optimized Services
Your Mobile App, Game or Device App AWS Mobile SDK, API Endpoints, Management Console
Compute Storage Networking Analytics Databases
Integrated SDK
Cross-platform, Optimized for Mobile
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
User identity & data synchronization service
Store any NoSQL data and also map mobile OS specific objects to DynamoDB tables
Fast cross-platform Analytics & reporting Service
Powerful Cross-platform Push notification service
Recorder that can handle intermittent network connection
Easily upload, download to S3 and also pause, resume, and cancel these operations
Send email reliably from device
Access distributed buffering and queuing service
Fully Integrated AWS Mobile SDK • Common authentication mechanism across
all services • Automatically handle intermittent network
connections • Cross-platform Support: Android, iOS, Fire
OS (Unity, PhoneGap, Cordova coming soon) • Native SDKs optimized for Mobile OS, for
example, uses the local offline caching architecture
• Reduced memory footprint; Pick and choose the service jars you need
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Manage users and identity providers
Securely access cloud resources
Sync user prefs across devices
Track active users, engagement
Manage funnels, Campaign performances
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile Analytics
Deliver media
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Store shared data Amazon DynamoDB (Object Mapper)
Stream real-time data Amazon Kinesis (Recorder)
Track Retention Amazon Mobile Analytics
Send push notifications Amazon SNS Mobile Push
Your Mobile
App
Authenticate users: Amazon Cognito
Introducing Amazon Cognito
Cross-device and Cross-platform Sync
Securely access AWS services from Mobile
device
Simplifies Identity and Access Management
Implement security best practices
“Your App data is secure, available offline, and kept in sync between devices”
Asynchronously sync user data across
devices and platforms
Manage unique identity for your user across
identity providers
Guest
Identity Providers
Unique Identities Joe Anna Bob
Any Device Any Platform
Any AWS Service
Helps implement security best practices Securely access any AWS Service from mobile device. It simplifies the interaction with AWS Identity and Access Management
Support Multiple Login Providers Easily integrate with major login providers for authentication.
Unique Users vs. Devices Manage unique identities. Automatically recognize unique user across devices and platforms.
Amazon Cognito Identity
Mobile Analytics
S3 DynamoDB Kinesis
Amazon Cognito for Unauthenticated Identities
Unique Identifier for Your “Things” “Headless” connected devices can also securely access cloud services.
Save Data to the Cloud Save app and device data to the cloud and merge them after login
Guest User Access Securely access AWS resources and leverage app features without the need to create an account or logging in
Visitor Preferences
Cognito Store
Guest
EC2 S3 DynamoDB Kinesis
Private Beta Customer: Location-aware Music App
Use Case: Soundtracker is the first geosocial music network allowing people to listen and share their own music stations. By geolocalizing these stations and synching data across device and across OSs, users will have enhanced user experience that listen to what is being streamed around them, and pick up from where they left off.
User Preferences Stations
Music Albums
Authenticated User
Guest
Getting Started with Cognito in 3 steps
Sign up for AWS Account and login to AWS Management Console
Download and integrate the Mobile SDK and store and sync user data in a dataset
Create identitypool for authenticated and unauthenticated users in the AWS Console
Demo: Amazon Cognito Console
Amazon Cognito Security
Set granular access permissions on AWS resources Get fine-grained access control to cloud resources.
Safeguard AWS Credentials No need to embed credentials in the app anymore. Get least-privileged temporary credentials.
Helps implement security best practices Securely access any AWS Service. It simplifies the interaction with Security Token Service and removes the need of Token Vending Machine
EC2 S3 DynamoDB Kinesis
Amazon Cognito Security Architecture
User ID (Temp
Credentials)
DynamoDB
End Users
Developer
App w/SDK Access to AWS
Services
Cognito Identity Broker
Login OAUTH/OpenID Access Token
Cognito ID, Temp
Credentials
S3
Mobile Analytics
Cognito Sync Store
AWS Management
Console
Access Token Pool ID
Role ARNs
Authorize access: Amazon Cognito + AWS IAM + Fine-grained access control
Amazon Cognito (Identity Broker)
Identitypool
Identity Providers
Pool of identities that share the same trust policy
Access Policy
Access to AWS
Services identitypool Unauthenticated
Identities
authenticated identities
AWS IAM Roles
AWS Account
Web Identity Federation
S3
DynamoDB
Get Delete Put
Access Policy for the IAM Role {! "Effect":"Allow",! "Action":["s3:*"],! "Resource":"*"!}! !{! "Effect": ”Deny",! "Action": ["dynamodb:*"],! "Resource": "*"!}!!{! "Effect": "Allow",! "Action": [”cognito-sync:*"],! "Resource": "*"!}!
Allow Actions:
All S3, Sync store Operations
Resource: All resources within these services
Deny Actions:
All DDB Operations Resource:
All resources
Access Policy Restriction {! "Effect":"Allow",! "Action":["s3:PutObject","s3:GetObject","s3:DeleteObject",!
!"s3:ListMultipartUploadParts","s3:AbortMultipartUpload"],! "Resource":"arn:aws:s3:::BUCKET_NAME/*"!} !{! "Effect":"Allow",! "Action":["s3:ListBucket","s3:ListBucketMultipartUploads"],! "Resource":"arn:aws:s3:::BUCKET_NAME"!}!{! "Effect": "Allow",! "Action": ["dynamodb:GetItem", "dynamodb:Query", "dynamodb:PutItem"],! "Resource" : [ "arn:aws:dynamodb:REGION:123456789:table/TABLE_NAME", !
! "arn:aws:dynamodb:REGION:123456789:table/TABLE_NAME/! !index/INDEX_NAME" ]!
}!
!
Allow Actions:
Certain operations Resource:
One bucket, table ..
Access Policy Restriction {! "Effect":"Allow”,!"Action” ["s3:PutObject","s3:GetObject","s3:DeleteObject”,”s3:ListMultipartUploadParts","s3:AbortMultipartUpload"],! "Resource":"arn:aws:s3:::BUCKET_NAME/Bob/*"!} !{! "Effect":"Allow",! "Action":"s3:ListBucket",! "Resource":"arn:aws:s3:::BUCKET_NAME",! "Condition":{"StringLike":{"s3:prefix":”Bob/"}}!}!{! "Effect":"Allow",! "Action":["s3:ListBucketMultipartUploads"],! "Resource":"arn:aws:s3:::BUCKET_NAME"!}!
Allow Actions:
Certain operations Resource:
Within a bucket with specific prefix (user)
Access Policy Restriction (Policy Variables)
Allow Actions:
All sync operations Resource:
Only to that identity
{!"Effect": "Allow”,!"Action": ["s3:GetObject”,"s3:PutObject”],!"Resource": ["arn:aws:s3:::!
!myBucket/amazon/snakegame/!!${cognito-identity.amazonaws.com:sub}"]!
}!
{!"Effect":"Allow",!"Action":"cognito-sync:*", !"Resource":["arn:aws:cognito-sync:us-east-1:
!123456789012:identitypool/!!${cognito-identity.amazonaws.com:aud}/identity/!!${cognito-identity.amazonaws.com:sub}/*"] !
}!
Allow Actions:
S3 Get/Put operations Resource:
Only to a specific part of bucket to that identity
Synchronize data across devices : Amazon Cognito (Sync)
What have customers told us about “Synchronized Profile” People have multiple devices and want to transition between devices. Implementing a user profile that syncs across devices, OS, apps is hard. It not only has to work when offline, but easy to integrate with existing apps.
Amazon Cognito Sync
User Data Storage and Sync
Any Platform
iOS/Android/FireOS
Store App Data, Preferences and State Save app and device data to the cloud and merge them after login
Cross-device Cross-OS Sync Sync user data and preferences across devices with one line of code
Work Offline Data always stored in local SQLite DB first. Works seamlessly when intermittent or no connectivity
k/v data
Identity pool
Amazon Cognito Sync Offline: The client SDK manages a local SQLite data store to allow the app to work even when connectivity is not available. Fast: The methods to read and write data only interact with the local SQLite database. Intelligent Sync: The sync method compares the local version of the data to the cloud sync store, pushes up deltas and pulls down new changes. Flexible Conflict resolution: The sync method first reads the changes then writes its local changes to the cloud sync store By default Cognito assumes that the last write wins. Developers can override and implement their own conflict resolution programmatically
Local SQLite Cache
Amazon Cognito Sync Data Model AWS
Account
Identitypool
Dataset
Pool of identities that share the same trust policy
Identity Identity Identity
Dataset Dataset
identitypool
Unique identifier across devices, get cached on local devices as well as saved in the cloud
1:n
1:n
1:n
Dataset synchronized across devices by simply calling dataset.synchronize() method
Dataset Dataset Key/Value
1:n
Key-value and sync count
Amazon Cognito Sync Data Model - Example AWS
Account
Identitypool
Dataset
Identity Identity Identity
Dataset Dataset
identitypool
1:n
1:n
1:n
User preferences
Developer has two apps: a game and a productivity app
Game state
Identitypool1
Productivity App
Game App
Dataset Dataset Key/Value
1:n
Integrating Cognito Sync functionality is dead simple
Initialize the CredentialsProvider and CognitoClient
Call synchronize on the dataset
Create or open Dataset and Add Key Values
provider = new CognitoCredentialsProvider(context, AWS_ACCOUNT_ID, ! ! !! ! !COGNITO_POOL_ID, COGNTIO_ROLE_UNAUTH, COGNITO_ROLE_AUTH);!
!cognito = new DefaultCognitoSyncClient(context, COGNITO_POOL_ID, provider);!
dataset.synchronize(new SyncCallback(){..});!!
cognito.openOrCreateDataset(datasetName);!dataset.put(key, value);!
Integrating Cognito Sync functionality is dead simple
Initialize the AWSCognitoSyncClient
Call synchronize on the dataset
Create or open Dataset and Add Key Values
DataSet *dataset = [syncClient openOrCreateDataSet:@"myDataSet"]; NSString *value = [dataset readStringForKey:@"myKey"]; [dataset putString:@"my value" forKey:@"myKey"];
AWSCognitoSyncClient *syncClient = [[AWSCognitoSyncClient alloc] initWithConfiguration: configuration];
[dataset synchronize];
iOS
Demo: Sync user’s game state across devices
Analyze User Behavior
Store and share media
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Track active users, engagement
Manage funnels, Campaign performances
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Authenticate users
Authorize access
Synchronize data Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Analyze User Behavior: Amazon Mobile Analytics
User Analytics Is the Most Adopted Mobile Developer Tool
What Customers Told Us About “Mobile Analytics”
Developers deeply value user analytics and consider it an integral part of their app development process. They want to monitor their most important metrics in a timely manner, and take action quickly. They would like to own their mobile data, just like they do with any other AWS service.
Amazon Mobile Analytics
Scalable and Generous Free Tier
Focus on metrics that matter. Usage reports
available within 60 minutes of receiving data
from an app
Fast
Scale to billions of events per day from
millions of users.
Own Your Data
“Easily collect, visualize and understand your app usage data at scale”
Data collected are not shared, aggregated, or
reused
Getting Started with Mobile Analytics in 3 steps
Sign up for AWS Account and create or use existing Cognito ID in the AWS Management Console
View engagement and session activity reports in the AWS Management console within minutes
Download and integrate the Mobile SDK with one line of code (Android/FireOS, iOS)
Key Business Metrics (with one line of code) 1. Monthly Active Users
(MAU) 2. Daily Active Users
(DAU) 3. New Users, 4. Daily Sessions, 5. Sticky Factor, 6. 1-Day Retention, 7. Avg. Revenue per DAU, 8. Daily Paying Users, 9. Avg. Paying DAU
Track Retention User retention is a key indicator to judge the outcome of a marketing campaign, new feature introduction, UX changes, app updates, etc. Mobile Analytics provide four charts to track daily or weekly rate of returning users, after first use of the app
Get behavioral insights into app specific actions that your users take
Reports provide a view of how often custom events occur. You can add further context with Attributes and Metrics, to each custom event Examples
Track the number of Likes/Shares, per article, in a news app
Understand player abort rates per level, in a game
Number of songs played, per user session, in a music app
In-app item popularity in a shopping app
Track Custom Events
Integrating Mobile Analytics is super simple
Initialize the AmazonMobileAnalyticsClient. That’s it! Get Session Activity in the AWS Management Console.
For Custom Events activity reports, add events.
Add OnResume() and OnPause()
analytics = new AmazonMobileAnalytics(provider, context, "SnakeGameAWS”);!
EventClient eventClient = analytics.getEventClient();!MobileAnalyticsEvent visitEvent = eventClient.createEvent("speedSet");!eventClient.recordEvent(visitEvent);!
analytics.getSessionClient().resumeSession();!analytics.getSessionClient().pauseSession();!Analytics.getEventClient().submitEvents();!
Integrating Mobile Analytics is super simple
Initialize the AmazonMobileAnalytics object. That’s it! Get Session Activity in the AWS Management Console.
Submit the event. If we don't call submitEvents, events will automatically be submitted at periodic intervals.
Create add Custom Events
[eventClient submitEvents];!
id<AWSMobileAnalyticsEventClient> eventClient = analytics.eventClient;!id<AWSMobileAnalyticsEvent> level1Event = [eventClient createEventWithEventType:@"level1Complete"];!
AWSMobileAnalytics* analytics = [AWSMobileAnalytics !!defaultAWSMobileAnalyticsWithIdentifier:@"someuniqueid"];!
iOS
Demo: How is my game performing across platforms
Store and share media
Deliver media
Store shared data
Stream real-time data
Send push notifications
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Synchronize data
Amazon Mobile Analytics
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Track Retention Amazon Mobile Analytics
Store and share media: Amazon S3
Amazon S3 Connector: Transfer Manager
S3 Connector
Multipart upload media (photos, videos, audio) Fault tolerant download (e.g. assets) No backend required Automatic retries Pause, resume, cancel functions Optimized for native OS
// Creating the transfer manager !self.transferManager = [S3TransferManager new]; !self.transferManager.s3 = s3client; !!// Upload image ![self.transferManager uploadFile:fileName bucket:bucketName key:objectName]; !!// Download image ![self.transferManager downloadFile:fileName bucket:bucketName key:objectName]; !!// Pause, Resume, Cancel ![self.transferManager pauseAllTransfers]; ![self.transferManager resumeAllTransfers]; ![self.transferManager cancelAllTransfers]; !
Amazon S3 Connector: Transfer Manager
Demo : Download Game Assets
Store shared data
Stream real-time data
Send push notifications Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Synchronize data
Amazon Mobile Analytics
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Track Retention Amazon Mobile Analytics
Store and share media
Deliver media
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile Analytics
Deliver media
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Store shared data Amazon DynamoDB (Object Mapper)
Stream real-time data Amazon Kinesis (Recorder)
Track Retention Amazon Mobile Analytics
Send push notifications Amazon SNS Mobile Push
Your Mobile
App
Send Push Notifications: Amazon SNS Mobile Push
What Customers Told Us About “Push Notifications”
Sending large-scale push notifications, cross-platform is still hard. Developers want to be able to reach their customers globally and across all devices.
Each platform works differently, and push gets even more complex as you scale to support millions of devices.
Cloud App
Platform Services Mobile Apps
Amazon SNS Cross-platform
Mobile Push
Internet
Apple APNS
Google GCM
Amazon ADM
Windows WNS and MPNS
Baidu CP
Industry’s First!
New!
With Amazon SNS, developers can send push notifications on multiple platforms and reach mobile users around the world
New features:
Message Expiry Time
Message Attributes
Amazon SNS Mobile Push
Android Phones and Tablets
Apple iPhones and iPads
Kindle Fire Devices
Android Phones and Tablets in China
iOS
Windows Desktop and Windows Phone Devices
Developers Love Cross-Platform Features of SNS
Fast reliable notification for every Email received is powered by SNS
Customers love high scale and Reliability of SNS
High-profile Startups trust SNS for their high-profile launches
Secret.ly
Advanced targeted notifications bring players back into the game
Mature games increase retention using SNS
Launched its Android App with SNS, no provisioning required
Jetpack Joyride
Fruit ninja
Store shared data
Stream real-time data
Send push notifications Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Synchronize data
Amazon Mobile Analytics
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Track Retention Amazon Mobile Analytics
Store and share media
Deliver media
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile Analytics
Deliver media
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Store shared data Amazon DynamoDB (Object Mapper)
Stream real-time data Amazon Kinesis (Recorder)
Track Retention Amazon Mobile Analytics
Send push notifications Amazon SNS Mobile Push
Your Mobile
App
Collect real-time click-stream data: Amazon Kinesis Mobile Connector
Amazon Kinesis
Redshift S3 Kinesis enabled Apps on EC2
AWS Mobile SDK
Amazon Kinesis Connector for Mobile Apps
For sophisticated User Behavior
Analysis
Integrated AWS Mobile SDK
Generic batching system that handles intermittent network connection and also optimize
battery utilization
Summary
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Manage users and identity providers
Securely access cloud resources
Sync user prefs across devices
Track active users, engagement
Manage funnels, Campaign performances
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile Analytics
Deliver media
Amazon Cognito (Sync)
AWS Identity and Access Management
Amazon Cognito (Identity Broker)
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Store shared data Amazon DynamoDB (Object Mapper)
Stream real-time data Amazon Kinesis (Object Mapper)
Track Retention Amazon Mobile Analytics
Send push notifications Amazon SNS Mobile Push
Your Mobile
App
Key Takeaways
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge Locations)
Core Building Block Services
Mobile Optimized Connectors
Mobile Optimized Services
Your Mobile App, Game or Device App AWS Mobile SDK, API Endpoints, Management Console
Compute Storage Networking Analytics Databases
Integrated SDK
Key Takeaways
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge Locations)
Core Building Block Services
Mobile Optimized Connectors
Mobile Optimized Services
Your Mobile App, Game or Device App AWS Mobile SDK, API Endpoints, Management Console
Compute Storage Networking Analytics Databases
Integrated SDK
Cross Platform and Optimized
for Mobile
Flexibility And Freedom
of Choice
Fully integrated and easy to get
started
Amazon Cognito Amazon Mobile Analytics
Amazon SNS Mobile Push
Free Tier: 1 Million push messages every month
Free Tier (for first 12 months): 1 Million syncs/month + 10GB of storage for Amazon Cognito
Free Tier: 100 Million events every month
Get Started for Free!
Appendix..
Simple and predictable pay as you go pricing
Amazon Cognito Amazon Mobile Analytics
Amazon SNS Mobile Push
Free Tier: 1 Million push messages every month Thereafter: $0.50 for Million notifications delivered $0.50 for Million requests
Free Tier (for first 12 months): 1 Million syncs/month + 10GB of storage for Amazon Cognito Thereafter: $0.15 for 10K Syncs $0.15 per GB for storage
Free Tier: 100 Million events every month Thereafter: $1.00 per Million events