I'm building my first app which uses an external database for storing data..
And I'm struggling with the following question: How to connect with my database: use the Amazon DynamoDB sdk for Android or create a restful api based on NodeJS on my own server, which passes the data to DynamoDB?
I'm very new to this and when I look over the internet I see amazon suggesting to use the SDK.
The only problem is, if I want to change the data structure in the feature, what kind of problems will my users experience with the current versions of the app? And is it safe to save my Amazon keys inside the app (cause people may be able to decompile the app)?
On the other hand, I do have to pay for the extra server which handles the connections between my app and DynamoDB. So... is it worth it?
So I'm quite struggling with this.... What do you guys think?
Overall, RESTful APIs enhance web apps and mobile apps that are distributed over the Internet. The mobile apps become more scalable and it's easier to modify it as well.
The API integrates directly with the DynamoDB API and supports PutItem and Query actions. The REST API uses an IAM role to provide full access to the specific DynamoDB table and index created by the CloudFormation template.
Some of the key reasons to use DynamoDB for your mobile application are: Scalability: DynamoDB has no performance degradation as you scale to terabytes of data and beyond. A simple, REST-based API: DynamoDB is accessible over HTTP(S) and uses AWS Identity and Access Management (IAM) for authentication.
DynamoDB is a NoSQL database provided by Amazon, it works as a key-value store or document database with really fast response times. It's fully managed, taking this burden from you and it has many features built in.
I would go for direct access from your mobile application to DynamoDB. This would allow you to scale your application much easier : you do not need to maintain, operate, secure a middle layer, AWS does that for you. You will also save on the cost of running your couple of NodeJS servers, load balancers etc ...
You should not store access keys / secret keys in your application but rather use AWS Cognito Identity service to dynamically receive access keys and secret keys for your user session. These keys will be limited in scope to whatever permission you define for your Cognito users and limited in time (default is 15 min)
Cognito works with backend identity providers to authenticate your users (Facebook, Google, Amazon, openID connect or your own backend) and can also work with unauthenticated users.
More about Cognito : http://aws.amazon.com/cognito/ More about Cognito ID for Android Mobile Applications :http://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With