Introducing new AWS Mobile services - Amazon Cognito, Amazon Mobile Analytics, new features in Amazon SNS Mobile Push, the new AWS Mobile SDK, as well as Mobile Optimized Connectors for services such as Kinesis and S3.
4. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time dataTrack Retention
Send push notifications
Manage users and
identity providers
Securely access
cloud resources
Sync user prefs
across devices
Track active users,
engagement
Manage funnels,
Campaign performances
Store user-generated photos
Media and share them
Automatically detect mobile devices
Deliver content quickly globally
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
5. Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Mobile Optimized
Services
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
Mobile Optimized
Connectors
Introducing AWS Mobile Services
AWS Global Infrastructure (10 Regions, Availability Zones, 52 Edge Locations)
Core Building Block
Services Compute Storage Networking Analytics Databases
Your Mobile App, Game or Device App
AWS Mobile SDK, API Endpoints, Management ConsoleIntegrated SDK
6. Cross-platform, Optimized for Mobile
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
User identity &
data synchronization
service
Store any NoSQL
data and also map
mobile OS specific
objects to
DynamoDB tables
Fast cross-platform
Analytics & reporting
Service
Powerful Cross-platform
Push notification service
Recorder that can
handle intermittent
network connection
Easily upload,
download to S3 and
also pause,
resume, and cancel
these operations
Send email
reliably from
device
Access
distributed
buffering and
queuing service
7. Fully Integrated AWS Mobile SDK
• Common authentication mechanism across all
services
• Automatically handle intermittent network
connections
• Cross-platform Support: Android, iOS, Fire OS
• Native SDKs optimized for Mobile OS, for
example, uses the local offline caching
architecture
• Reduced memory footprint; Pick and choose
the service jars you need
8. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time dataTrack Retention
Send push notifications
Manage users and
identity providers
Securely access
cloud resources
Sync user prefs
across devices
Track active users,
engagement
Manage funnels,
Campaign performances
Store user-generated photos
Media and share them
Automatically detect mobile devices
Deliver content quickly globally
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
9. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile
Analytics
Deliver media
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Amazon S3
Transfer Manager
Amazon CloudFront
(Device Detection)
Store shared data
Amazon DynamoDB
(Object Mapper)
Stream real-time data
Amazon Kinesis
(Recorder)
Track Retention
Amazon Mobile
Analytics
Send push notifications
Amazon SNS
Mobile Push
Your
Mobile
App
11. Introducing Amazon Cognito
Cross-device and
Cross-platform Sync
Securely access AWS
services from Mobile
device
Simplifies Identity and
Access Management
Implement security best
practices
“Your App data is secure, available offline, and kept in sync between devices”
Asynchronously sync
user data across
devices and platforms
Manage unique identity
for your user across
identity providers
Guest
12. Identity
Providers
Unique
IdentitiesJoe Anna Bob
Any Device
Any Platform
Any AWS
Service
Helps implement security best
practices
Securely access any AWS Service from mobile
device. It simplifies the interaction with AWS
Identity and Access Management
Support Multiple Login Providers
Easily integrate with major login providers for
authentication.
Unique Users vs. Devices
Manage unique identities. Automatically
recognize unique user across devices and
platforms.
Amazon Cognito Identity
Mobile
Analytics
S3
DynamoDB
Kinesis
13. Amazon Cognito for Unauthenticated Identities
Unique Identifier for Your “Things”
“Headless” connected devices can also
securely access cloud services.
Save Data to the Cloud
Save app and device data to the cloud and
merge them after login
Guest User Access
Securely access AWS resources and leverage
app features without the need to create an
account or logging in
Visitor
Preferences
Cognito
Store
Guest
EC2
S3
DynamoDB
Kinesis
14. Getting Started with Cognito in 3 steps
Sign up for AWS Account and login to AWS Management Console
Download and integrate the Mobile SDK and store and
sync user data in a dataset
Create identitypool for authenticated and
unauthenticated users in the AWS Console
21. Amazon Cognito Security
Set granular access permissions on AWS
resources
Get fine-grained access control to cloud
resources.
Safeguard AWS Credentials
No need to embed credentials in the app
anymore. Get least-privileged temporary
credentials.
Helps implement security best practices
Securely access any AWS Service. It simplifies
the interaction with Security Token Service and
removes the need of Token Vending Machine
EC2
S3
DynamoDB
Kinesis
22. Amazon Cognito Security Architecture
User ID
(Temp
Credentials)
DynamoDB
End Users
Developer
App w/SDK
Access
to AWS
Services
Cognito Identity
Broker
Login OAUTH/OpenID
Access Token
Cognito ID,
Temp
Credentials
S3
Mobile Analytics
Cognito Sync
Store
AWS
Management
Console
Access Token
Pool ID
Role ARNs
24. Amazon Cognito (Identity Broker)
Identitypool
Identity
Providers
Pool of identities that
share the same trust policy
Access
Policy
Access to
AWS
Services
identitypool
Unauthenticated
Identities
authenticated
identities
AWS IAM Roles
AWS
Account
Web Identity
Federation
S3
DynamoDB
Get Delete Put
25. Access Policy for the IAM Role
{!
"Effect":"Allow",!
"Action":["s3:*"],!
"Resource":"*"!
}!
!
{!
"Effect": ”Deny",!
"Action": ["dynamodb:*"],!
"Resource": "*"!
}!
!
{!
"Effect": "Allow",!
"Action": [”cognito-sync:*"],!
"Resource": "*"!
}!
Allow
Actions:
All S3, Sync store
Operations
Resource:
All resources within
these services
Deny
Actions:
All DDB Operations
Resource:
All resources
27. Access Policy Restriction
{!
"Effect":"Allow”,!
"Action” ["s3:PutObject","s3:GetObject","s3:DeleteObj
ect”,”s3:ListMultipartUploadParts","s3:AbortMultipart
Upload"],!
"Resource":"arn:aws:s3:::BUCKET_NAME/Bob/*"!
} !
{!
"Effect":"Allow",!
"Action":"s3:ListBucket",!
"Resource":"arn:aws:s3:::BUCKET_NAME",!
"Condition":{"StringLike":{"s3:prefix":”Bob/"}}!
}!
{!
"Effect":"Allow",!
"Action":["s3:ListBucketMultipartUploads"],!
"Resource":"arn:aws:s3:::BUCKET_NAME"!
}!
Allow
Actions:
Certain operations
Resource:
Within a bucket with
specific prefix (user)
28. Access Policy Restriction (Policy Variables)
Allow
Actions:
All sync operations
Resource:
Only to that identity
{!
"Effect": "Allow”,!
"Action": ["s3:GetObject”,"s3:PutObject”],!
"Resource": ["arn:aws:s3:::!
!myBucket/amazon/snakegame/!
!${cognito-identity.amazonaws.com:sub}"]!
}!
{!
"Effect":"Allow",!
"Action":"cognito-sync:*", !
"Resource":["arn:aws:cognito-sync:us-east-1:
!123456789012:identitypool/!
!${cognito-identity.amazonaws.com:aud}/identity/!
!${cognito-identity.amazonaws.com:sub}/*"] !
}!
Allow
Actions:
S3 Get/Put operations
Resource:
Only to a specific part
of bucket to that identity
30. What have customers told us about “Synchronized
Profile”
People have multiple devices and want to transition between devices.
Implementing a user profile that syncs across devices, OS, apps is hard.
It not only has to work when offline, but easy to integrate with existing apps.
31. Amazon Cognito Sync
User Data
Storage and
Sync
Any Platform
iOS/Android/FireOS
Store App Data, Preferences and State
Save app and device data to the cloud and merge
them after login
Cross-device Cross-OS Sync
Sync user data and preferences across devices
with one line of code
Work Offline
Data always stored in local SQLite DB first.
Works seamlessly when intermittent or no
connectivity
k/v data
Identity pool
32. Amazon Cognito Sync
Offline: The client SDK manages a local SQLite data
store to allow the app to work even when connectivity is
not available.
Fast: The methods to read and write data only interact
with the local SQLite database.
Intelligent Sync: The sync method compares the local
version of the data to the cloud sync store, pushes up
deltas and pulls down new changes.
Flexible Conflict resolution: The sync method first
reads the changes then writes its local changes to the
cloud sync store By default Cognito assumes that the
last write wins. Developers can override and
implement their own conflict resolution programmatically
Local SQLite Cache
33. Amazon Cognito Sync Data Model
AWS
Account
Identitypool
Dataset
Pool of identities that
share the same trust policy
Identity
Identity
Identity
Dataset
Dataset
identitypool
Unique identifier across
devices, get cached on local devices
as well as saved in the cloud
1:n
1:n
1:n
Dataset synchronized across
devices by simply calling dataset.synchronize()
method
DatasetDataset
Key/Value
1:n
Key-value and sync count
34. Amazon Cognito Sync Data Model - Example
AWS
Account
Identitypool
Dataset
Identity
Identity
Identity
Dataset
Dataset
identitypool
1:n
1:n
1:n
User
preferences
Developer has two apps: a game and a productivity app
Game
state
Identitypool1
Productivity
App
Game
App
DatasetDataset
Key/Value
1:n
35. Integrating Cognito Sync functionality is dead simple
Initialize the CredentialsProvider and CognitoClient
Call synchronize on the dataset
Create or open Dataset and Add Key Values
provider = new CognitoCredentialsProvider(context, AWS_ACCOUNT_ID, ! ! !
! ! !COGNITO_POOL_ID, COGNITO_ROLE_UNAUTH, COGNITO_ROLE_AUTH);!
!
cognito = new DefaultCognitoSyncClient(context, COGNITO_POOL_ID, provider);!
dataset.synchronize(new SyncCallback(){..});!
!
cognito.openOrCreateDataset(datasetName);!
dataset.put(key, value);!
36. Integrating Cognito Sync functionality is dead simple
Initialize the AWSCognitoSyncClient
Call synchronize on the dataset
Create or open Dataset and Add Key Values
DataSet *dataset = [syncClient openOrCreateDataSet:@"myDataSet"];
NSString *value = [dataset readStringForKey:@"myKey"];
[dataset putString:@"my value" forKey:@"myKey"];$
AWSCognitoSyncClient *syncClient = [[AWSCognitoSyncClient alloc]
initWithConfiguration: configuration];$
[dataset synchronize];
iOS
37. Analyze User Behavior
Store and share media
Deliver media
Store shared data
Stream real-time dataTrack Retention
Send push notifications
Track active users,
engagement
Manage funnels,
Campaign performances
Store user-generated photos
Media and share them
Automatically detect mobile devices
Deliver content quickly globally
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
Authenticate users
Authorize access
Synchronize data
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
40. What Customers Told Us About “Mobile Analytics”
Developers deeply value user analytics and consider it an integral part
of their app development process. They want to monitor their most
important metrics in a timely manner, and take action quickly. They
would like to own their mobile data, just like they do with any other
AWS service.
41. Amazon Mobile Analytics
Scalable and Generous
Free Tier
Focus on metrics that
matter. Usage reports
available within 60
minutes of receiving data
from an app
Fast
Scale to billions of
events per day from
millions of users.
Own Your Data
“Easily collect, visualize and understand your app usage data at scale”
Data collected are not
shared, aggregated, or
reused
42. Getting Started with Mobile Analytics in 3 steps
Sign up for AWS Account and create or use existing Cognito ID in
the AWS Management Console
View engagement and session activity reports in the
AWS Management console within minutes
Download and integrate the Mobile SDK with one line of
code (Android/FireOS, iOS)
43.
44. Key Business Metrics
(with one line of code)
1. Monthly Active Users
(MAU)
2. Daily Active Users
(DAU)
3. New Users,
4. Daily Sessions,
5. Sticky Factor,
6. 1-Day Retention,
7. Avg. Revenue per DAU,
8. Daily Paying Users,
9. Avg. Paying DAU
45. Track Retention
User retention is a key
indicator to judge the
outcome of a marketing
campaign, new feature
introduction, UX changes,
app updates, etc.
Mobile Analytics provide four
charts to track daily or
weekly rate of returning
users, after first use of the
app
46. Get behavioral insights into app specific
actions that your users take
Reports provide a view of how often custom
events occur. You can add further context
with Attributes and Metrics, to each custom
event
Examples
Track the number of
Likes/Shares, per
article, in a news app
Understand player
abort rates per
level, in a game
Number of songs
played, per user
session, in a music
app
In-app item popularity
in a shopping app
Track Custom Events
47. Integrating Mobile Analytics is super simple
Initialize the AmazonMobileAnalyticsClient. That’s it! Get Session
Activity in the AWS Management Console.
For Custom Events activity reports, add events.
Add OnResume() and OnPause()
analytics = new AmazonMobileAnalytics(provider, context, "SnakeGameAWS”);!
EventClient eventClient = analytics.getEventClient();!
MobileAnalyticsEvent visitEvent = eventClient.createEvent("speedSet");!
eventClient.recordEvent(visitEvent);!
analytics.getSessionClient().resumeSession();!
analytics.getSessionClient().pauseSession();!
Analytics.getEventClient().submitEvents();!
48. Integrating Mobile Analytics is super simple
Initialize the AmazonMobileAnalytics object. That’s it! Get Session
Activity in the AWS Management Console.
Submit the event. If we don't call submitEvents, events
will automatically be submitted at periodic intervals.
Create add Custom Events
[eventClient submitEvents];!
id<AWSMobileAnalyticsEventClient> eventClient =
analytics.eventClient;!
id<AWSMobileAnalyticsEvent> level1Event = [eventClient
createEventWithEventType:@"level1Complete"];!
AWSMobileAnalytics* analytics = [AWSMobileAnalytics !
!defaultAWSMobileAnalyticsWithIdentifier:@"someuniqueid"];!
iOS
49. Store and share media
Deliver media
Store shared data
Stream real-time data
Send push notifications
Store user-generated photos
Media and share them
Automatically detect mobile devices
Deliver content quickly globally
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Synchronize data
Amazon Mobile
Analytics
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Track Retention
Amazon Mobile
Analytics
53. Store shared data
Stream real-time data
Send push notifications
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Synchronize data
Amazon Mobile
Analytics
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Track Retention
Amazon Mobile
Analytics
Store and share media
Deliver media
Amazon S3
Transfer Manager
Amazon CloudFront
(Device Detection)
54. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile
Analytics
Deliver media
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Amazon S3
Transfer Manager
Amazon CloudFront
(Device Detection)
Store shared data
Amazon DynamoDB
(Object Mapper)
Stream real-time data
Amazon Kinesis
(Recorder)
Track Retention
Amazon Mobile
Analytics
Send push notifications
Amazon SNS
Mobile Push
Your
Mobile
App
56. What Customers Told Us About “Push Notifications”
Sending large-scale push notifications, cross-platform is still hard.
Developers want to be able to reach their customers globally and
across all devices.
57. Each platform works differently, and push gets even more
complex as you scale to support millions of devices.
Cloud App
Platform Services Mobile Apps
58. Amazon SNS
Cross-platform
Mobile Push
Internet
Apple APNS
Google GCM
Amazon ADM
Windows WNS and
MPNS
Baidu CP
Industry’s First!
New!
With Amazon SNS, developers can send push notifications on multiple platforms
and reach mobile users around the world
New features:
Message Expiry Time
Message Attributes
Amazon SNS Mobile Push
Android Phones and Tablets
Apple iPhones and iPads
Kindle Fire Devices
Android Phones and Tablets in China
iOS
Windows Desktop and Windows Phone
Devices
59. Developers Love Cross-Platform Features of SNS
Fast reliable
notification for every
Email received is
powered by SNS
Customers love
high scale and
Reliability of SNS
High-profile Startups
trust SNS for their
high-profile launches
Secret.ly
Advanced targeted
notifications
bring players back into
the game
Mature games increase
retention using SNS
Launched its Android
App with SNS, no
provisioning required
Jetpack Joyride
Fruit ninja
60. Store shared data
Stream real-time data
Send push notifications
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
Authenticate users
Authorize access
Analyze User Behavior
Synchronize data
Amazon Mobile
Analytics
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Track Retention
Amazon Mobile
Analytics
Store and share media
Deliver media
Amazon S3
Transfer Manager
Amazon CloudFront
(Device Detection)
61. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile
Analytics
Deliver media
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Amazon S3
Transfer Manager
Amazon CloudFront
(Device Detection)
Store shared data
Amazon DynamoDB
(Object Mapper)
Stream real-time data
Amazon Kinesis
(Recorder)
Track Retention
Amazon Mobile
Analytics
Send push notifications
Amazon SNS
Mobile Push
Your
Mobile
App
65. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time dataTrack Retention
Send push notifications
Manage users and
identity providers
Securely access
cloud resources
Sync user prefs
across devices
Track active users,
engagement
Manage funnels,
Campaign performances
Store user-generated photos
Media and share them
Automatically detect mobile devices
Deliver content quickly globally
Bring users back to your app by sending
messages reliably
Store and query fast NoSQL data
across users and devices
Collect real-time clickstream logs
and take actions quickly
Your
Mobile
App
66. Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
AWS Mobile SDK
Amazon Mobile
Analytics
Deliver media
Amazon Cognito
(Sync)
AWS Identity and
Access Management
Amazon Cognito
(Identity Broker)
Amazon S3
Transfer Manager
Amazon CloudFront
(Device Detection)
Store shared data
Amazon DynamoDB
(Object Mapper)
Stream real-time data
Amazon Kinesis
(Recorder)
Track Retention
Amazon Mobile
Analytics
Send push notifications
Amazon SNS
Mobile Push
Your
Mobile
App
67. Key Takeaways
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS ConnectorSES Connector
AWS Global Infrastructure (10 Regions, Availability Zones, 52 Edge Locations)
Core Building Block
Services
Mobile Optimized
Connectors
Mobile Optimized
Services
Your Mobile App, Game or Device App
AWS Mobile SDK, API Endpoints, Management Console
Compute Storage Networking Analytics Databases
Integrated SDK
68. Key Takeaways
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS ConnectorSES Connector
AWS Global Infrastructure (10 Regions, Availability Zones, 51 Edge
Locations)
Core Building Block
Services
Mobile Optimized
Connectors
Mobile Optimized
Services
Your Mobile App, Game or Device App
AWS Mobile SDK, API Endpoints, Management Console
Compute Storage Networking Analytics Databases
Integrated SDK
Cross Platform
and Optimized
for Mobile
Flexibility
And Freedom
of Choice
Fully integrated
and easy to get
started
69. Amazon Cognito Amazon Mobile
Analytics
Amazon SNS
Mobile Push
Free Tier:
1 Million push messages
every month
Free Tier (for first 12
months):
1 Million syncs/month +
10GB of storage for
Amazon Cognito
Free Tier:
100 Million events every
month
Get Started for Free!