Building Scalable and Secure Enterprise Apps on the Cloud with AWS Mobile Hub

June 28, 2018

Enterprise applications are also known as business applications, and they play an important role in the corporate environment (primarily, for the employees) by satisfying a number of requirements needed for the successful completion of projects. Hence, enterprise apps are complex, component based, mission critical, scalable and distributed. Being highly complex systems, they meet strict requirements with regard to security, maintenance and administration. Though complex, they are quite user-friendly and data-centric and helps in solving problems.

Here are the main features of enterprise apps:

- Enterprise apps are agile, and can be deployed quickly.

- They can be scaled as per demand.

- The apps are easy to build, test, deploy & manage.

- It is possible to integrate the apps and data sources.

- Integrated with security features so information will not reach unauthorized people.

- Identity management makes it easier for the user to access the app with a single click.

- It is easy to measure user engagement, analytics and insights on user activity while they access the app.

Amazon's AWS Mobile Hub lets you build enterprise applications, test, deploy and monitor them by making use of several AWS services. The mobile hub acts as a single platform to configure these services.

AWS Mobile Hub

AWS services is not a new word for enterprises because of its usability and popularity in several industries, namely, media and entertainment, business applications, analytics, healthcare, gaming and a whole lot more. AWS Mobile Hub is an integrated, point and click console that would help with the complete mobile app development process. The console helps you choose the features you want incorporated in the app. Some of those features include user authentication, data storage, backend logic, push notifications, content delivery and analytics.

Through the Mobile Hub, you can provision and configure the required AWS services and create a working sample with the same. As it follows the microservices and serverless architecture, the developers are given the freedom to focus on their core work, while the underlying AWS services manage the rest of the tasks.

Once you choose the features that you want added in the apps, the Hub will provision and configure the AWS services on your behalf at each stage of development. The console will be feature oriented and with the combination of services, SDKs and client code, you can easily start work in minutes. For example, the service for User Sign-In is powered by Amazon Cognito and the Amazon Simple Notification Service powers Push Notifications.

Another advantage about Mobile Hub is that there is no limit to the number of projects you can do with it. The pricing is also as per the pay-as-you-go scenario.

Some of the global companies that use Mobile Hub include, Bustle, Netflix, Yelp, HP, Etsy, Earth Networks, HTC and Ticketmaster.

How AWS Mobile Hub Works

First step is creating an app

To start using AWS Mobile, you can go ahead with your own app or browser through Amazon AWS starter kits and select a fully functional app with pre-configured backend and frontend.

Next, set up your backend

AWS Mobile Hub acts as the reliable platform where you configure AWS services. Information about all these services will be saved in a cloud configuration file in the backend.

Time to connect to your backend

AWS Mobile SDK lets you access all the AWS services you need. Configure the SDK in your app with the help of the information in the cloud configuration file.

You can start a new project in AWS Mobile Hub and select the features provided within the integrated console. This could be user- sign in, push notifications, etc.

Then you can choose the destination platform, iOS or Android, and add additional information like device tokens, registration IDs, create API (Application Programming Interface) keys to understand and recognize the user or application, other secret tokens for notifications, etc.

If needed, you can add the cloud logic. This would help when you need to call the cloud functions from the mobile app directly. Cloud functions can be also be created to connect the app to several other software resources. By configuring Amazon API gateway and AWS Lambda, it is possible to execute cloud functions correctly.

Select and configure all the features you need to build the app, and then start with the project. Once you activate the Mobile Hub, it generates a source package that can be downloaded and used.

The app that's built with the Mobile Hub can be used as a starter app, and more updates and modifications can be made from there. Or if an app is already built, you can add pieces of this code into it for added functionalities.

AWS Mobile Hub help developers easily build B2C, B2E and B2B mobile apps. Some of the features required for enterprise apps in particular include agility, security, scalability, ease in developing and deploying, identity management, federation, user engagement, analytics and insights.

These features can be incorporated into the app by browsing the console. For the remainder of the article, we'll consider some of the AWS services that can be enabled using AWS Mobile Hub for an enterprise app.

Amazon Cognito

Amazon Cognito is a user identity and data synchronization service that aids in the secure management and synchronization of apps. Thus, it is a comprehensive identity management solution that would help enterprises to authenticate and authorize apps.

Here's what it can do:

It supports user pools wherein your users will have their own identity where information about them (usernames, passwords, etc.) will be stored.

It provides federated identity service where you can authenticate users from a variety of identity providers like Facebook, Google, Twitter, Amazon, etc. The application helps avoid the overhead of signup, even though you don't have too much info about your user.

Cognito provides sync services wherein you can sync data across devices with a federated account.

The user pool itself has a number of features that helps you list and manage users, analyze them according to their attributes (how they have logged into your app), security, MFA (Multi Factor Authentication), verifications and plenty more.

Cognito lets you enable SAML or Security Assertion Markup Language for user accounts to enable access to multiple apps.

As soon as the user signs in, Cognito responds back with user IDs and return tokens. He/she will then be able to access the app for the rest of the session without a hitch.

AWS Lambda

AWS Lambda is a serverless compute service that works in tandem with code and responds with corresponding events. It works without the need for provisioning or managing servers.

It allows for automatic scaling of the apps by running the code, and manages the infrastructure as and when needed. Scalability is provided through the multi-tenant pool shared by several users. Technological sandboxing ensures no cross-talk between users.

Lambda can easily handle large workloads covering huge expanse of data sets, and will not be constrained by provisioning of infrastructure. You can configure the event sources to trigger Lambda functions, and these will be triggered automatically at the onset of events.

AWS Lambda comes to the rescue when you want to regularly scale your product without worrying about the backend. It can process a few requests to thousands of requests per second.

The service will charge only for the compute time you use, and only when your code is running. It works with various programming languages like Java, C#, Python, Node.js etc.

Due to its serverless architecture, you can easily build and deploy anytime.

Amazon S3

Amazon S3 is another cloud computing service in the list of services offered by Amazon Web Services. It functions as an IaaS solution and has the capability to retrieve data from anywhere.

The service allows for unlimited data and object storage, where the data can range anywhere from 1TB to 5TB. The data is stored in regionally segregated buckets, with reduced latency through strong authentication through regionally stored data.

S3 can work with any type of web development toolkit, thanks to the simple Object Access Protocol (SOAP) and Representational State Transfer (REST) web service interfaces.

The user can access the data stored within the buckets, based on their role within their organization. The data is stored with an ID number and metadata. A developer can access an object through a rest API.

The three tiers in S3 storage include S3 Standard, S3 Infrequently Accessed and Reduced Redundancy Storage.

Amazon SNS

Amazon Simple Notification Service (SNS) is a service for sending push notifications, texts and alerts to users. Continuous user interaction is the success of any app, and the aim of the enterprise is to send messages as and when required and ensure the subscribers pick them without fail.

These messages must be pushed to the subscribers without queuing. Being a fully managed pub/sub messaging service, all the challenges that enterprises face while releasing an app are mitigated here. For example, notifications for different platforms like Kindle, iOS, Windows, etc. must reach seamlessly, and without a hitch.

They have different APIs and different ways to send push notifications. If you have to send out a company notification, and you need to send the same message to 500 employees across the country, you can easily make use of this service, irrespective of whether they are carrying distributed systems or mobile devices.

With three basic steps, the mobile app will be ready to receive messages:

- The app has to register with the push service.

- The push service returns a registration token, registration ID, URI, user and channel ID.

- Registration token is registered as an endpoint once it is sent to an Amazon SNS mobile push app.

SNS mobile push notifications can identify your application and define the platform as well. The notifications can be sent to various platforms, and in such cases, there will be one mobile push app for each platform.

Amazon SES

Amazon Simple Email Service is an incredible pay-per-use cloud-based service that lets you send marketing messages, transactional emails and other relevant, high quality content to your employees and stakeholders. Simple APIs or SMTP help deliver emails easily and immediately to the recipients.

The service comes with a mailbox simulator that lets you test your application against different messages and email sending situations. As it can send emails in a large bulk, it's perfect for corporate communication.

Mails in this manner can be tracked and monitored when they are sent, received, clicked and read. Rejected mails, bounce-back mails, complaints are also monitored.

Content personalization feature ensures that the mails are sent individually or to a group of employees. Content filtering technologies ensure that the mails are scanned and the content itself meets ISP standards.

The high deliverability feature ensures that the mail reaches the concerned people, and also lets you know messages with viruses and malware. It would also let you know when messages are marked as spam. These guide your sending strategy.

You can monitor your Amazon SES sender reputation by analyzing several metrics that would tell you if your reputation as sender is marred in any way. If this is not checked, you will never know if the email delivery rates decline.

The service comes with a sending authorization policy that ensures your mail is sent through your domain, and a receipt is returned. Forwarded mails are valued for their authenticity, and sender address and owner address are verified.

Dedicated IP addresses are available at extra cost and you can create user groups, lists of IP addresses or whitelists you want added, list of addresses to be blocked and so on.

AWS Device Farm

The Device Farm is an app testing service that lets you test the specific flows and business logic, and interact with your app. You can upload your own tests or try the built-in, script-free compatibility tests. The apps can be tested against any platform or device of your choice. Tests can be done in parallel and within minutes.

Devices are organized into device pools based on their category, for example, devices that run only on Android, or those run only on iOS. Curated device pools are also provided for top devices, and you can also create your own device and add it.

A noted advantage of Device Farm is the capability for accurate testing for errors, irrespective of the test conditions and differing OS versions, firmware modifications or mobile device settings.

There is a screenshot section that displays the logs of activity performed, and you can view videos, logs and performance data of the testing activities.

Device Farm provides two primary testing methods:

Automated testing - Once the developers upload their devices, they can choose the device they want it tested on, and the service will automatically perform the tests and cover all the screens and buttons. The app can run against multiple devices in the AWS Cloud.

Remote access - You can perform manual tests from a remote device to check how the app will perform in real devices in real time. A number of manual tasks like reproducing customer issues, debugging new functionalities, etc. can also be done.

Conclusion

Mobile app development for enterprises can be a complex thing, but this can be simplified with the help of AWS Mobile Hub. The entire process of building, testing and monitoring applications can be smoothed out with the combination of Cognito, Device Farm, Lambda and other services.

Now the entire enterprise workforce and stakeholders can complete their tasks through their mobile devices and avoid all the complex steps they had to endure earlier, and this includes reduced coding. While the developers focus on perfecting their work, the cloud providers handle all the rest of the tasks, including security and scalability.

Thus, AWS Mobile Hub provides both serverless computing and microservices, making it easier for developers to make the enterprise app perform better and faster and by avoiding code complexities, and problems in memory allocation, they can easily create a product that works like a charm.

Looking to build a cloud-based enterprise app? We're happy to help!

Contact Us Today!

Free Whitepaper: Must Read Guide to Secure Enterprise Mobility