Amazon Cognito is a service that provides authentication, authorization, and user management for web and mobile applications. It allows for user sign-up, sign-in, access control, account recovery, and integration with social identity providers. Cognito User Pools provides built-in user directory and authentication services, while Cognito Identity Pools enables the generation of temporary AWS credentials for application access. Sample use cases include business to consumer apps, business to employee apps, and IoT applications.
Amazon Cognito is a user directory service that allows for user registration, authentication, and account management. It provides features like user pools for storing user data, identity federation, and syncing user data across devices. Cognito user pools allow for customizing user attributes and verification methods, managing user access to applications, and configuring triggers for custom authentication workflows. The service aims to reduce development time by handling common user management tasks.
Serverless Patterns: “No server is easier to manage than no server” - AWS Sec...Amazon Web Services
In this talk, we’ll take well known architectural patterns such as 3-tier web application, stream processing, scheduled jobs and show how they can be realized without needing to manage servers.
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...Amazon Web Services
This document provides an overview and summary of Amazon Cognito. It discusses how Cognito can be used to authenticate users, manage user identities, and synchronize user data across devices. It also describes Cognito's features for user sign-up, sign-in, verification, authentication, authorization and managing user profiles. Several sample use cases are presented, such as using Cognito for user management, social login, and employee single sign-on. The document concludes with information on getting started with Cognito.
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014Amazon Web Services
Streamline your mobile app sign-up experience with Amazon Cognito. In this session, we demonstrate how to use Cognito to build secure mobile apps without storing keys in them. Learn how to apply policies to existing Facebook, Google, or Amazon identities to secure access to AWS resources, such as personnel files stored in Amazon S3. Finally, we show how to handle anonymous access to AWS from mobile apps when there is no user logged in.
AWS re:Invent 2016: Serverless Authentication and Authorization: Identity Man...Amazon Web Services
By leveraging "serverless architectures", startups and enterprises are building and running modern applications and services with increased agility and simplified scalability—all without managing a single server. Many applications need to manage user identities and support sign-in/sign-up. In this session, we dive deep on how to support millions of user identities, as well as how to integrate with social identity providers (such as Google and Facebook) and existing corporate directories. You learn the real-world design patterns that AWS customers use to implement authentication and authorization. By combining Amazon Cognito identity pools and user pools with API Gateway, AWS Lambda, and AWS IAM, you can add security without adding servers.
Raleigh DevDay 2017: Driving User Engagement and App Success with AWS Pinpoin...Amazon Web Services
Georgie Mathews from Amazon Pinpoint introduced Amazon Pinpoint, a service that allows users to understand customer behavior across platforms, target specific audiences with customized messages, and measure engagement over multiple channels. Key capabilities include analytics, segmentation, messaging across channels like email, SMS and push notifications, and integration with mobile SDKs and APIs. Pricing is based on usage with generous free tiers to get started.
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWSAWS User Group Kochi
AWS Community Day Kochi 2019 - Technical Session
Enterprise grade security for web and mobile applications on AWS by Robin Varghese , Chief Architect - TCS
This document summarizes a workshop on architecting user authentication and authorization in apps using AWS services. The workshop covers Amazon Cognito for user management, authentication, and data synchronization across devices. It provides an overview of Cognito User Pools and Federated Identities, demonstrates an authentication workflow using the services, and discusses how to get started with a sample Angular app.
Scaling your Mobile App Development in the Cloud - DevNexusTara Walker
The presentation done for DevNexus about Mobile Cloud Services. Presentation explores and demos services that help you scale your Mobile development to new heights by including Cloud as an integrated part of mobile development.
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Web Services
Learning Objectives:
-Understand user identity and federation principles and practices
-Learn how Amazon Cognito supports SAML and 3rd party IdP integration
-Demonstrate how to use Amazon Cognito’s built-in UI for user identity management.
App developers need a system to manage the identities of their users for sign-up, sign-in, and access control. Amazon Cognito now provides a public beta of built-in UI for developers to add user sign-up and sign-in pages to their application and customize the looks and feel of those pages simply through the Amazon Cognito console. Also in the public beta, Amazon Cognito now provides support for SAML based federation of user identities for integration with enterprise based directory systems and simplified support for 3rd party Identity Providers (IdP) such as Facebook and Google. This tech talk will provide a brief overview of Amazon Cognito and then discuss the details of the new features and capabilities of the public beta.
Getting Started with Cognito User Pools - September Webinar SeriesAmazon Web Services
You can now use Amazon Cognito to easily add user sign-up and sign-in to your mobile and web apps instead of worrying about user management, authentication, and sync across platforms and devices. With the User Pools feature, you can create your own user directory that can scale to hundreds of millions of users, and is fully managed so you don’t have to worry about building, securing, and scaling authentication to your apps. In this webinar, we will walk your through adding the process of adding user sign-up and sign-in to your mobile and web apps.
Learning Objectives:
*Learn to add user sign-up and sign-in to your mobile and web apps quickly and easily
*Authenticate users through social identity providers such as Facebook, Twitter, or Amazon and provide secure access to AWS resources
Securing Serverless Workloads with Cognito and API Gateway Part I - AWS Secur...Amazon Web Services
The document discusses securing serverless applications using Amazon API Gateway, AWS Lambda, and Amazon Cognito. It describes how to build a basic 3-tier web app that is fully serverless, add authentication with Amazon Cognito by integrating with Cognito user pools, and implement authorization using AWS Identity and Access Management (IAM) by leveraging Cognito. Key benefits mentioned are that AWS Lambda and API Gateway provide automatic scaling with no infrastructure to manage, while security is improved by making use of IAM through Cognito.
Every business needs a mobile app, and AWS has the tools and services to make it easy to design, build and test apps. We will cover authentication, authorisation and quota management using Cognito User pools and Amazon API Gateway; building apps from scratch that integrate with SaaS products using AWS Mobile Hub; testing physical devices using Amazon Device Farm; and reaching out to your customers using Amazon PinPoint.
Speakers:
Ed Lima, Associate Solutions Architect, Amazon Web Services
Arden Packeer, Enterprise Solutions Architect, Amazon Web Services
Claims Based Authentication A Beginners GuidePhuong Nguyen
This document discusses claims authentication in SharePoint. It defines key terminology like claims, security tokens, and relying parties. It explains how claims work at a high level using an airport analogy. It then discusses how claims are used in SharePoint, including how the security token service handles claims. It also covers configuring forms-based authentication to use claims by setting up an authentication provider and making configuration changes in Central Administration, the security token service, and the web application.
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)Amazon Web Services
In this session, we will discuss how you can leverage the new cross-platform AWS Mobile Services to build a highly scalable and reliable mobile app, powered by the AWS cloud. We will explore core functionality like authentication and authorization of users, data synchronization, and back-end infrastructure without the need to manage servers. We'll also talk about understanding your user behavior, engaging your users, and bringing your users back to your app. No matter if you are building the next great social app, or a front-office enterprise mobile app, this session will discuss best practices for building reliable and scalable mobile apps.
The document provides an overview of claims-based authentication, including:
- Claims-based authentication allows centralized authentication and sharing of identity information across applications through the use of claims in tokens.
- A claim is a name-value pair that describes an aspect of a user's identity, like name, email, groups. Claims are held in tokens that applications can validate.
- The authentication flow involves a user authenticating with an identity provider who issues a token with claims to the relying party application, which validates the token before granting access.
- Common implementations of claims-based authentication include SharePoint, Azure ACS, and ADFS. An identity provider STS authenticates users and issues tokens,
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Amazon Web Services
Learn how to set up an end-user directory, secure sign-up and sign-in, manage user profiles, authenticate and authorize your APIs, federate from enterprise and social identity providers, and use OAuth to integrate with your app—all without any server setup or code. With clear blueprints, we show you how to leverage Amazon Cognito to administer and secure your end users and enable identity for the applied patterns of mobile, web, and enterprise apps.
Claim based authentication provides a solution to common problems with user authentication across multiple websites. It allows an identity provider like Google or Facebook to authenticate a user and issue tokens containing claims like user details. Applications can then request specific claims from an identity provider through a selector. The identity provider signs the token and applications can verify the signature to trust the identity provider. This avoids the need for each application to implement its own authentication and allows users to reuse their login from an identity provider on multiple applications.
The objective of this presentation is to implement an Authentication provider that can be used simply to authenticate users only once. This may be like the one you use for authenticating yourself on Facebook, LinkedIn, or Google.
The authentication should be Web-based and/or API-based and should authenticate against our LDAP Server.
This provider should also remember which third-party systems are authorized to authenticate against this server and what information, if any, shared.
by Fritz Kunstler, Sr. AWS Security Consultant AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
by Quint Van Deman, Sr. Business Development Manager, AWS
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Amazon Cognito scales to millions of users and supports sign-in.
Add User Sign in and Management to your Apps with Amazon CognitoAmazon Web Services
Secure user sign up and sign in is an important starting point for many mobile and web applications. Amazon Cognito enables you to secure your mobile and web applications by providing a comprehensive identity solution for end user management, registration, sign-in, and security. In this product deep dive, we will walk through Cognito’s feature set, which includes serverless flows for user management and sign-in, a fully managed user directory, and control for user permissions. In addition, we will cover key use cases and discuss the associated benefits.
Learning Objectives:
• What is Cognito’s comprehensive feature set
• What are the benefits associated with using Cognito
• How to integrate Cognito into your applications
• Which use cases are best suited for Cognito
Who Should Attend?
• Developers
Amazon Cognito now makes it easy to sign up and sign in users to your mobile and web apps. Previously, with Amazon Cognito you can use social identity providers like Facebook, Google, Twitter, and Amazon for user sign-in and federate these identities to allow secure access to AWS resources. Now with User Identity Pools in Amazon Cognito, you get a secure, low-cost, and fully managed user directory that can scale to 100s of millions of users. Join us for an overview of Amazon Cognito and how to get started with User Identity Pools.
1) The document discusses user identity and authentication using Amazon Cognito. It describes how Cognito can provide user sign-up, sign-in, profile management, authorization, and federation with enterprise or social identities.
2) Amazon Cognito User Pools allow adding user sign-up and sign-in to mobile and web apps without server infrastructure, and provide enhanced security features and a managed user directory.
3) The document outlines Cognito's capabilities for comprehensive user flows, extensive admin controls, and integration with the AWS Mobile SDK for a seamless user experience across platforms.
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...Amazon Web Services
Secure user sign-up and sign-in is critical for many mobile and web applications. Amazon Cognito is the easiest way to secure your mobile and web applications by providing a comprehensive identity solution for end user management, registration, sign-in, and security. In this product deep dive, we will walk through Cognito’s feature set, which includes serverless flows for user management and sign-in, a fully managed user directory, integrations with existing corporate directories, and many other features. In addition, we will cover key use cases and discuss the associated benefits.
This document discusses user identity and authentication options for mobile apps using Amazon Web Services. It describes Amazon Cognito user pools, which allow developers to easily add user sign-up, sign-in, and account management to mobile or web apps without having to build their own user directories. Cognito user pools support features like multi-factor authentication, extensive user profile management and permissions. The document also discusses using Cognito user pools with AWS SDKs for user authentication and accessing backend AWS services through Cognito identity pools.
Authentication & Authorization for Connected Mobile & Web Applications using ...Amazon Web Services
Authentication and Authorization for Connected Mobile & Web Applications using Amazon Cognito and AWS AppSync
One of the key challenges for mobile applications is managing users and their identities in order to support monetization strategies, provide differentiated services, and manage fine grained access and data controls. In this session, you’ll learn how Amazon Cognito provides user sign-up and sign-in as part of your onboarding workflow and advanced capabilities for data access/feature management and security.
Level: Intermediate
Speaker: Brice Pelle - Enterprise Support Lead, AWS
Serverless identity management, authentication, and authorization - SDD405-R ...Amazon Web Services
"In this workshop, you learn how to build a serverless microservices application demonstrating end-to-end authentication and authorization using Amazon Cognito, Amazon API Gateway, AWS Lambda, and all things IAM. You have the opportunity to build an end-to-end functional app with a secure identity provider showcasing user authentication patterns.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
SID201 Overview of AWS Identity, Directory, and Access ServicesAmazon Web Services
Every journey to the AWS Cloud is unique. Some customers are migrating existing applications, while others are building new applications using cloud-native services. Along each of these journeys, identity and access management helps customers protect their applications and resources. In this session, you learn how AWS identity services provide you a secure, flexible, and easy solution for managing identities and access on the AWS Cloud. With AWS identity services, you do not have to adapt to AWS. Instead, you have a choice of services designed to meet you anywhere along your journey to the AWS Cloud.
[REPEAT 1] Managing Identity Management, Authentication, & Authorization for ...Amazon Web Services
Build a serverless microservices application demonstrating end-to-end authentication and authorization through the use of Amazon Cognito, Amazon API Gateway, AWS Lambda, and all-things AWS Identity and Access Management (IAM). You will build an end-to-end functional app with a secure identity provider showcasing user authentication patterns.
This document discusses how Amazon Cognito can be used to manage user identities, synchronize app data across devices, and securely access AWS cloud resources from a mobile app. It describes Amazon Cognito's key capabilities such as authenticating users, authorizing access, synchronizing app state, securely storing user data and media, and sending push notifications. It also provides examples of how to use Amazon Cognito for identity management, data synchronization, and secure AWS access in a mobile app.
AWS makes development of cross-platform mobile applications easy. With highly-scalable cloud services such as Amazon S3, Amazon DynamoDB and Amazon SNS, mobile developers can build powerful cloud-backed mobile apps with just a few lines of code. In this session, you will learn how to connect directly to these services and how to build a powerful back end for your Android and iOS applications. We will also share some best practices from other successful apps such as Flipboard and Supercell so you can focus on differentiating your app functionality whilst leaving the 'table stakes' with no differentiated value to the cloud.
AWS makes development of cross-platform mobile applications easy. With highly-scalable cloud services such as Amazon S3, Amazon DynamoDB and Amazon SNS, mobile developers can build powerful cloud-backed mobile apps with just a few lines of code. In this session, you will learn how to connect directly to these services and how to build a powerful back end for your Android and iOS applications. We will also share some best practices from other successful apps such as Flipboard and Supercell so you can focus on differentiating your app functionality whilst leaving the 'table stakes' with no differentiated value to the cloud.
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...Amazon Web Services
Build powerful mobile applications using AWS Mobile Services. For the first time, we will discuss how mobile developers can leverage the new cross-platform AWS Mobile Services that we announced today. How they can authenticate and authorize their users using Amazon Cognito, user identity and data synchronization service. We will discuss how Amazon Mobile Analytics service collects, visualizes and understand your mobile app usage at scale, All this is available as a single unified and mobile-optimized easy-to-use SDK so developers can access these new services (and other services like S3, DynamoDB) with just a few lines of code on the client and without the need of owning backend servers. - http://aws.amazon.com/mobile
This document discusses building secure and scalable APIs using Amazon API Gateway and AWS Lambda. It introduces Amazon API Gateway for hosting APIs and routing API calls. AWS Lambda is introduced for executing application business logic. Amazon Cognito is discussed for user signup, authentication, and temporary credentials. The document provides an example of integrating these services to build a secure and scalable mobile backend API.
In this talk from the Dublin Websummit 2014 AWS Technical Evangelist Danilo Poccia discusses building mobile apps on AWS.
This talk includes an introduction to the AWS mobile services that were launched earlier in 2014 and how you can use these services to fulfill common application functions such as authenticating users, synchronizing data and analyzing user behavior, as well as providing direct access to other AWS services from with your Android or iOS applicatons.
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...Amazon Web Services
Learn how to build a powerful Android app that leverages a variety of AWS services. In this three-hour, demo-heavy workshop, we show how you can build a modern native client app using the AWS Mobile SDK that uses a number of cross-platform mobile cloud services directly with minimal code on the client. We share best practices for building a highly scalable backend so you can add your own functionality. This is a step-by-step journey where you configure and add components to your architecture, then modify and test your components inside a mobile location-based messaging application. In the end, you will have a mobile application with your own backend consisting of different AWS services including: Amazon Cognito, Amazon Mobile Analytics, Amazon SNS Push Notification, Amazon S3, Amazon CloudFront, Amazon CloudSearch, Amazon DynamoDB, Amazon SQS, and AWS Elastic Beanstalk.
Similar to Deep Dive on Amazon Cognito - DevDay Austin 2017 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
1) The document discusses building a minimum viable product (MVP) using Amazon Web Services (AWS).
2) It provides an example of an MVP for an omni-channel messenger platform that was built from 2017 to connect ecommerce stores to customers via web chat, Facebook Messenger, WhatsApp, and other channels.
3) The founder discusses how they started with an MVP in 2017 with 200 ecommerce stores in Hong Kong and Taiwan, and have since expanded to over 5000 clients across Southeast Asia using AWS for scaling.
This document discusses pitch decks and fundraising materials. It explains that venture capitalists will typically spend only 3 minutes and 44 seconds reviewing a pitch deck. Therefore, the deck needs to tell a compelling story to grab their attention. It also provides tips on tailoring different types of decks for different purposes, such as creating a concise 1-2 page teaser, a presentation deck for pitching in-person, and a more detailed read-only or fundraising deck. The document stresses the importance of including key information like the problem, solution, product, traction, market size, plans, team, and ask.
This document discusses building serverless web applications using AWS services like API Gateway, Lambda, DynamoDB, S3 and Amplify. It provides an overview of each service and how they can work together to create a scalable, secure and cost-effective serverless application stack without having to manage servers or infrastructure. Key services covered include API Gateway for hosting APIs, Lambda for backend logic, DynamoDB for database needs, S3 for static content, and Amplify for frontend hosting and continuous deployment.
This document provides tips for fundraising from startup founders Roland Yau and Sze Lok Chan. It discusses generating competition to create urgency for investors, fundraising in parallel rather than sequentially, having a clear fundraising narrative focused on what you do and why it's compelling, and prioritizing relationships with people over firms. It also notes how the pandemic has changed fundraising, with examples of deals done virtually during this time. The tips emphasize being fully prepared before fundraising and cultivating connections with investors in advance.
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
This document discusses Amazon's machine learning services for building conversational interfaces and extracting insights from unstructured text and audio. It describes Amazon Lex for creating chatbots, Amazon Comprehend for natural language processing tasks like entity extraction and sentiment analysis, and how they can be used together for applications like intelligent call centers and content analysis. Pre-trained APIs simplify adding machine learning to apps without requiring ML expertise.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
4. Topics
§ AWS Mobile Services and Amazon Cognito
§ Introduction to Amazon Cognito Identity
§ Summary of Features
§ Sample Use Cases
§ Getting Started
§ Q & A
§ Demo
5. Authenticate users
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Amazon Cognito
(Sync)
Amazon Cognito
(Identity)
Amazon S3
Amazon CloudFront
Store data
Amazon DynamoDB
Amazon RDS
Run Targeted Campaigns
Send push notifications
Amazon SNS
Mobile Push
Server-side logic
Lambda
Device Farm
Test your app
Build and Scale Your Apps on AWS
Amazon Pinpoint
Amazon Pinpoint
7. Identity is mission critical for applications
Authentication User ManagementAuthorization
§ Manage user lifecycles
§ Store and manage
user profile data
§ Monitor engagement
§ Protect data and
operations
§ Provide fine-grained
access control
§ Sign in users
§ Enable federation with
enterprise identities
§ Enable federation with
social identities
User Identity
8. Your User Pools
Add user sign-up and sign-
in easily to your mobile and
web apps without worrying
about server infrastructure
Serverless Authentication
and User Management
Verify phone numbers and
email addresses and offer
multi-factor authentication
Enhanced Security
Features
Launch a simple, secure,
low-cost, and fully managed
service to create and
maintain a user directory
that scales to 100s of
millions of users
Managed User Directory
1 2 3
9. Comprehensive User Flows
Email or Phone
Number Verification
Forgot Password
User Sign-Up and
Sign-In
Require users to verify their email address or phone number prior to activating
their account with a one-time password challenge
Provide users the ability to change their password when they forget it with a one-
time password challenge
Allow users to sign up and sign in using an email, phone number, or username
(and password) for your application.
User Profile Data Enable users to view and update their profile data – including custom attributes
SMS Multifactor
Authentication
Require users to complete a second factor of authentication by inputting a
security code received via SMS as part of the sign-in flow
Customize these User Flows Using Lambda
Token Based
Authentication
Use JSON Web Tokens (JWTs) based on OpenID Connect (OIDC) and OAuth
2.0 standards for user authentication in your backend
10. Custom User Flows Using Lambda Hooks
10
Category Lambda Hook Example Scenarios
Custom
Authentication
Flow
Define Auth Challenge Determines the next challenge in a custom auth flow
Create Auth Challenge Creates a challenge in a custom auth flow
Verify Auth Challenge Response Determines if a response is correct in a custom auth flow
Authentication
Events
Pre Authentication Custom validation to accept or deny the sign-in request
Post Authentication Event logging for custom analytics
Sign-Up
Pre Sign-up Custom validation to accept or deny the sign-up request
Post Confirmation Custom welcome messages or event logging for custom analytics
Messages Custom Message Advanced customization and localization of messages
11. Extensive Admin Capabilities
Define Custom
Attributes
Set per-App
Permissions
Set up Password
Policies
Create and manage
User Pools
Define custom attributes for your user profiles
Set read and write permissions for each user attribute on a per-app basis
Enforce password policies like minimum length and requirement of certain
types of characters
Create, configure, and delete multiple user pools across AWS regions
Require Submission of
Attribute Data
Select which attributes must be provided by the user prior to completion of
the sign-up process
Search Users
Search users based on a full match or a prefix match of their attributes
through the console or Admin API
Manage Users
Conduct admin actions, such as reset user password, confirm user, enable
MFA, delete user, and global sign-out
12. App Integration and Federation in User Pools
Built-in, Customizable
User Interface for Sign up
/ Sign in
OAuth 2.0 SupportFederation with Facebook,
Login with Amazon,
Google, and SAML
providers
1 2 3
13. Built-in, Customizable User Interface
Upload your own
logo and adjust
CSS properties
to fit your style
and branding
14. Federation with Cognito User Pools
• Built-in integrations with identity
providers
• Social: Facebook, Google, Login
with Amazon
• Corporate via SAML 2.0
• Map user attributes into User Pool
profiles
• Universal directory with common
set of profiles and tokens for all
users
CUP
Token
Cognito User Pool
15. Support for OAuth 2.0 in Cognito User Pools
• OAuth 2.0 flows:
• Authorization code
• Implicit
• Client credentials
• Custom scopes defined for resource
servers
16. Cognito Federated Identities (Identity Pools)
• Exchanges tokens from
authenticated users for AWS
credentials to access
resources such as S3 or
DynamoDB
• You can defined rules for
mapping users to different IAM
roles to manage permissions
• Provides an identity pool id to
uniquely identify users
Cognito
Identity Pool
AWS Credentials
/ / etc
token
Mobile or web app
DynamoDB
S3
API GW
Access backend
resources
- tied to IAM role
1
3
2
17. Two Ways to Federate with Amazon Cognito
Cognito User Pools Cognito Identity Pools
• Handles the IdP interactions
for you
• Provides profiles to manage
users
• Provides OpenID Connect and
OAuth2.0 standard tokens
• Priced per monthly active user
• Provides AWS credentials for
accessing resources on behalf
of users
• Supports rules to map users to
different IAM roles
• Free
19. Amazon Cognito: Identity Management Scenarios
Business to Consumer Business to Business
Business to Employee IoT Scenarios
Enterprise
DirectoryEnterprise
Directory
SAML
Enterprise
Directory
SAML
AWS IoT
20. Amazon Cognito: Authorization Scenarios
Standalone Identity Provider Amazon API Gateway AWS Credentials
Resources
• OIDC and OAuth 2.0 tokens
from User Pools can be used
directly to access backend
resources
CUP
Token
CUP
Token
CUP
Token
CUP
Token
AWS IAM
AWS
Credentials
AWS Services
S3DDBLambda
• User Pool tokens authorize
requests via Amazon API
Gateway
• Token claims can be inspected
• Temporary AWS credentials
provide access to AWS
services
• Users can be mapped to
different roles and policies
API GW
21. Cognito User Pools and Amazon API Gateway
Native Support Custom Authorizer Function
Control access to your APIs using bearer
token authentication strategies, such as
OAuth or SAML – API Gateway’s custom
authorizer feature uses bearer tokens to
determine access privileges
Configure API Gateway to accept ID tokens
to authorize users based on their existence
in a user pool – User Pools works together
with API Gateway to authorize API requests
1 2
22. Getting Started with Your User Pools
See aws.amazon.com/cognito/dev-resources/ for links to
§ Getting Started Guides
§ Documentation, SDKs, and Sample Apps
§ Videos
§ Presentation Slides
§ Blog Posts
§ Developer Forums
24. Q & A
§ Visit aws.amazon.com/cognito/ to learn more
§ Find resources at aws.amazon.com/cognito/dev-resources/
§ Get started with the beta features at
docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-
federation-beta-release-overview.html
§ Ask questions at the AWS Developer Forum or Stack Overflow
(‘amazon-cognito’ tag)
28. Groups
Cognito User Pools
Groups and Multiple Authenticated Roles
Group A
IAM Role A
Group B
IAM Role B
…
Authenticated
User Identity
Get
Credentials
Multiple Roles for Authenticated Identities
Cognito Federated Identities
IAM Role and Policy
IAM Role and Policy
IAM Role and Policy
Backend
Resources
MaptodifferentIAMroles
API Gateway
DynamoDB
S3
ControlAccess
30. Creating Users as an Administrator
§ Developers or administrators can create users in a user pool and
send them an optional, customizable invitation email or SMS message
§ New users sign in with a temporary password and create a new
password
§ User pools can be configured to only allow users created by an
administrator
31. Importing Existing Users
Batch Imports
§ Import users by uploading .csv files
§ Users will create a new password when they first sign-in
§ Each imported user must have an email address or a
phone number
One-at-a-Time Migration
§ Migrate users individually as they sign in
§ App first tries to sign in via Cognito, if user does not
exist, app signs in via prior identity system, captures
username and password, and silently creates user in
Cognito
§ Retains passwords, but requires app coding and
maintenance of prior system for some period
Prior
IdP
32. Understanding User Status
§ New users start with
“Registered” status
§ Users must be
confirmed before
they can sign-in
§ Users must be
disabled before they
can be deleted
Registered
(cannot sign in)
Sign-up
Confirmed
Disabled
Admin
Confirm
Confirm via
email/phone
or
Disable
Delete
(deleted)
Lambda Trigger:
Pre Sign-up Reset Required
User import
Force Change
Password
Admin Create User
Reset password
Enable