Amazon Cognito Deep DiveAmazon Web Service Japan Solutions ArchitectAkihiro Tsukada(@akitsukada)2016.03.12 JAWS DAYS 2016 #jawsdays #jawsug
AWS
SIWebStartup(CTO)AWSRuby, iOSOOP, SOLID, KISS
@akitsukada
User identity and sync withAmazon Cognito
AWS
ServerlessBackend
API Gateway
Lambda
ContentDelivery
S3
CloudFront
AppTesting
Device Farm
UserSign-In
Cognito
PushNotifications
SNS
AppAnalytics
Mobile Analytics
RedShift
User DataStorage
S3
Cognito
SDKs
Mobile SDKsiOS
Android
Big Data &Machine Learning
Kinesis
Machine Learning
DynamoDB
Mobile Hub
AWS Global Infrastructure APN Partner Solutions
2-Tier
APIAPI
Amazon Cognito/
Amazon DynamoDB
Web DB
Amazon SNS Mpbile Push
AWS Lambda
LB
AWS Lambda
Amazon RDSDB
2-Tier Architecture
Focus yourBusiness
on AWS !
Amazon Cognito
Your app data is secure, available offline, and kept in sync between devices
AWS
ID
Amazon Cognito
Your app data is secure, available offline, and kept in sync between devices
AWS
ID
ID
ID
Joe Anna Bob
AWS
ID ID Amazon, Facebook, Twitter, Google, OpenID Connect
ID
Amazon Cognito Identity
Mobile Analytics
S3 DynamoDB Kinesis
AWSIAM
Amazon Cognito
Amazon Cognito ID(Temp Credentials)
Amazon DynamoDB
End Users
Developer
App with AWS Mobile
SDK
Accessto AWS Services
Amazon Cognito Identity Broker
User Name Password
Amazon Cognito ID, Temp Credentials
Amazon S3
Amazon Mobile Analytics
Amazon Cognito Sync Store
AWS Management Console
TokenPool ID
Role ARNs
User Authentication System
(Running on AWS or not)
Token
Developer Authenticated Identity
UsernameAnd Password
IDCognitoIDID
GetOpenIdTokenForDeveloperIdentity()
IDUsernamePassword
Amazon CognitoDeveloper Authenticated Identities
Amazon Cognito ID(Temp Credentials)
Amazon DynamoDB
End Users
Developer
App with AWS Mobile
SDK
Accessto AWS Services
Amazon Cognito Identity Broker
Get OpenID Token
User Name Password
Amazon Cognito ID, Temp Credentials
Amazon S3
Amazon Mobile Analytics
Amazon Cognito Sync Store
AWS Management Console
OIDC TokenPool ID
Role ARNs
AWSOK
OIDC Token
OIDC Token
Unauthenticated Identities ID
ID ID
AWS IAM Role
ID
VisitorPreferences
Cognito Store
Guest
EC2 S3 DynamoDB Kinesis
1. BLEBluetooth Low EnergyBeacon2. 3. BeaconKinesisPUT
KinesisPUT4. Kinesis
Amazon Kinesis
Cognito Identity Broker
Identity PoolRole ARN
Cognito IDTemporaly Credential
PUT
STS(Security Token Service)
Sync Identity
AWS IAMAmazonSNSAmazon Kinesis
AWSLambda
http://docs.aws.amazon.com/ja_jp/cognito/latest/developerguide/authentication-flow.html
http://docs.aws.amazon.com/ja_jp/cognito/latest/developerguide/authentication-flow.html
API API Amazon Cognito
ID ID
AssumeRoleSTS ) S3
DELETE
http://docs.aws.amazon.com/ja_jp/cognito/latest/developerguide/authentication-flow.html
Amazon Cognito
Your app data is secure, available offline, and kept in sync between devices
AWS
ID
SDK
AWS
AWS
AWS
/
Amazon Cognito
IAM AWS
AWS Credentials
AWS
EC2 S3 DynamoDB Kinesis
S3
DynamoDB
Get Delete Put
Amazon Cognito
Your app data is secure, available offline, and kept in sync between devices
AWS
ID
Amazon Cognito Sync
User Data Storage andSync
Any Platform
iOS/Android/FireOS
k/v data
Identity pool
SDK
Amazon Cognito Sync
Cognito Sync
Identity Pool: Pool
Identity: ID
Dataset:
Record: Key/Value
AWS Account
Dataset
IdentityIdentityIdentity
DatasetDataset
Identity Pool
1:60
1:n
1:20
DatasetDatasetRecord
1:1024
You
Your App
Your App Users
User Data Container
User Data
Cognito Sync
UserDataset
2
GameDataset
Identitypool1
App
GameApp
AWS Account
Dataset
IdentityIdentityIdentity
DatasetDataset
Identity Pool
1:60
1:n
1:20
DatasetDatasetRecord
1:1024
You
Your App
Your App Users
User Data Container
User Data
Dataset
Identity20Dataset
Dataset1MBKey/Value Key/Value 1024 base64
HTTPS
2Syncronize
synchronize
pull
push
synchronizeOnConnectivity synchronize
()
Mobile SDK
Amazon CognitoSync Store
1.
()
Mobile SDK
Amazon SNSMobile Push
2.
3.
Amazon SNS Mobile Push Amazon Cognito Amazon SNS Mobile Push
Amazon Cognito Push Sync
Amazon Kinesis Amazon Cognito Amazon Kinesis
Mobile SDK
Amazon CognitoSync Store
1. Amazon Kinesis
2. StreamContent
3.
Amazon Redshift
{"identityPoolId" : "Pool Id"identityId" : "Identity Id "dataSetName" : "Dataset Name"operation" : "(replace|remove)"kinesisSyncRecords" : [
{"key" : "Key","value" : "Value","syncCount" : 1,"lastModifiedDate" : 1424801824343,"deviceLastModifiedDate" : 1424801824343,"op": "(replace|remove)" }, ...
],"lastModifiedDate": 1424801824343,"kinesisSyncRecordsURL": "S3Url","payloadType" : "(S3Url|Inline)","syncCount" : 1 }
Amazon Cognito Stream
Mobile SDK Amazon CognitoSync Store
1. AWS Lambda
2. Sync Trigger
Amazon Lambda
3.
Amazon Cognito Events
Key Value 1
Key Value 1
Lambda Function(Node.js)
Use cases
WebMobile
RSS
DynamoDB
App with AWS Mobile
SDK
JavaScriptSDK
S3
1. HTTPS
2. HTMLJS
Cognito Identity
3. FBGoogleID
Cognito Sync
4. MobileSDK
5. Push/Pull
100 10GB 12
10000$0.15 10GB1GB$0.15
Identity Pool 60Identity PoolIdentity
Identity Pool 128bytes 2048bytesList/Lookup 60
Cognito Identity
Cognito SyncIdentityDataset 20DataSet 10241DataSet 1MBDataSet 128bytesBulk Publish 24
Twitter: @awsformobile
http://mobile.awsblog.com/
Amazon Cognito: https://aws.amazon.com/documentation/cognito/
Amazon Mobile Analytics: https://aws.amazon.com/documentation/mobileanalytics/
AWS http://aws.amazon.com/jp/aws-jp-introduction/
Focus yourBusiness
on AWS !
Top Related