This document summarizes how to build an AngularJS application managed by AWS to avoid system administration. It discusses using Cognito for authentication, DynamoDB for data storage, and other AWS services like SQS and S3. Code examples are provided for initializing credentials with Cognito, signing in users with Google, and saving data to DynamoDB. Permission policies are shown to allow access to specific DynamoDB rows based on user ID. Overall it focuses on leveraging AWS services within an AngularJS application to reduce infrastructure management.

1. 
AngularJS
on Cloud
AngularConf 2015

2. Who am I?
Gianluca Arbezzano
@gianarb 

3. I'm here to protect you

4. Software Engineer @CorleyCloud

5. When you think "Infrastructure"

7. Think of word without SysAdmin

8. Great!

10. The mission:
build an application managed by
AWS
to avoid sysadmin

12. 
Security Issues
Without servers
where do you store private credentials?

13. Cognito identity
Helps your client app to manage authentication
and it opens the doors of AWS world

15. in AngularJS
// app/app.js
.config([function() {
var creds = new AWS.CognitoIdentityCredentials({
IdentityPoolId: 'us­east­1:0000000000000008c3c­5397a17ad174'
});
AWS.config.update({
region: 'us­east­1',
credentials: creds
});
}]);

16. in AngularJS
ng-newsletter.com/aws-js-sdk

18. in AngularJS
.directive('googleSignin', function() {
return {
restrict: 'A',
template: '<span id="signinButton"></span>',
replace: true,
scope: {
afterSignin: '&'
},
link: function(scope, ele, attrs) {
// see ng­newsletter.com/posts/aws­js­sdk.html
}
};
})

19. in AngularJS
// app/view/view.tpl.html
<p>This is the partial for view 1.</p>
<h2>Signin to ngroad</h2>
<div google­signin
client­id='3818201'
after­signin="signedIn(oauth)" data­user="user"></div>
<pre>{{ user | json }}</pre>

20. in AngularJS
$scope.signedIn = function(oauth) {
var creds = {
params: {}
};
$scope.user = oauth;
creds = AWS.config.credentials;
creds.params.Logins = {};
creds.params.Logins['accounts.google.com'] = oauth.id_token;
AWS.config.update({
credentials: creds
});
AWS.config.credentials.refresh(function(err){
if (err) {
console.log(err);
}
});
};

21. Chamber of Secrets was open

23. in AngularJS

24. DynamoDB
is a fully managed NoSQL database service that erovides
fast
and predictable performance
with seamless scalability

25. in AngularJS

26. in AngularJS

28. in AngularJS
<p>This is the partial for view 1.</p>
<h2>Signin to ngroad</h2>
<div google­signin
client­id='38182010900­e5l22mddk7oliohktn747trqgsfau1rd'
after­signin="signedIn(oauth)" data­user="user"></div>
<pre>{{ user | json }}</pre>
<form ng­submit="send(item)">
<input ng­model="item.title">
<button type="submit">Save</button>
</form>

29. in AngularJS
$scope.send = function(item) {
AWS.config.getCredentials(function(){
var dynamodb = new AWS.DynamoDB({apiVersion: '2012­08­10'});
dynamodb.putItem({
Item: {
"title": {"S": item.title}
},
TableName: "angular­conf"
}, function(err, data) {
if(err) { throw err; }
});
});
};

30. DynamoDB

31. DynamoDB

32. working on your data
Allow permission for single
lines
Allow permission for single
columns

33. working on your data
{
"Version": "2012­10­17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem"
],
"Resource": ["arn:aws:dynamodb:us­west­2::table/GameScores"],
"Condition": {
"ForAllValues:StringEquals": {
"dynamodb:LeadingKeys": ["${www.amazon.com:user_id}"]}
}
}
]
}

34. Other AWS services
SQS
S3
Cognito Sync

docs.aws.amazon.com/AWSJavaScriptSDK

35. Thanks
github.com/gianarb