Mobile-Based Architecture on Existing LAMP Stack Environment of AWS

The existing architecture is a web-based LAMP stack, and the proposed solution and architecture for mobile-based architecture (mobile front-end development and hosting with Android and iOS is a separate task) represents a RESTful mobile backend infrastructure that uses AWS-managed services to address common requirements for backend resources. The architecture provides the capability to identify and authenticate users and perform complex queries to return user-relevant data. The following diagram outlines the architectural flow of RESTful mobile backend resources for a mobile app and includes functional components to address these common requirements.

When a user signs in to the mobile app, the user’s credentials are sent to the Amazon Cognito user pool for authentication. After successful authentication, Amazon Cognito returns an ID token to the app.

The mobile app sends HTTPS requests to the Amazon API Gateway RESTful interface with the Amazon Cognito ID token in the authorization header.

An Amazon Cognito user pool authorizer associated with the Amazon API Gateway RESTful API validates that the token in the authorization header is an authenticated user.

Amazon API Gateway invokes the AWS Lambda microservice function associated with the requested API resource.

AWS Lambda identified appropriate IAM role to execute a defined task, such as accessing user-specific data in MySQL DB and performing CRUD actions according to mobile front end request of action and also pushing objects to S3 (if its required). All requests that Lambda handles are recorded and stored through Amazon CloudWatch Logs. In this part, code can

AWS Lambda returns the results in an HTTP-formatted response to the RESTful API in Amazon API Gateway. Amazon API Gateway returns the results to the mobile app.

Image title

Existing Web-Based Architecture with proposed mobile based solution. A startup company can use both models for all users if they want.

Presentation and Web Tier

The Presentation Tier of the solution consists of a native Android and iOS application that encapsulates the user interface and presentation logic of the application. For Mobile Web application, the Presentation Tier also includes a Web Tier statically hosted on Amazon S3 and distributed via Cloudfront CDN. The mobile web application is implemented as a Single Page Application using a client-side Javascript MVC framework (like Angular, Knockout) using static HTML, CSS, and JS files.

All presentation tier applications (Android, iOS and Mobile Web) interact with the Logic Tier via API Gateway endpoints. The applications use API Gateway Client SDK generated for Android, iOS, and JS to consume API Gateway endpoints. All communication between mobile applications and Logic Tier is secured using AWS Cognito.

Business Logic Tier

The Logic Tier of the solution encapsulates the business logic and intelligence of the solution inside stateless AWS Lambda functions. Lambda functions internally communicate with the Data Tier and other dependencies to execute the desired business logic. The functionality of the Logic Tier is exposed to the presentation tier via custom RESTful APIs powered by Amazon API Gateway. These APIs act as a front-door for presentation tier to access data, business logic and functionality exposed by the back-end services.

The Logic Tier provides the following features and benefits to the solution:

Data Tier

The Data Tier of the solution consists of fully managed, scalable and highly available services like DynamoDB and Amazon S3. DynamoDB provides a NoSQL datastore for storing structured data with low latency access. Amazon S3 provides a highly durable and infinitely scalable object storage for storing photos, videos, binary data and other files that can be accessed directly via HTTP. Data stored in Amazon S3 can be archived to Amazon Glacier service by applying an archival policy to the S3 bucket.

Identity Management

Amazon Cognito can simplify user authentication and authorization, giving customers the options to authenticate users with Amazon Cognito user pools, social identity providers, or their own identity management system. Amazon Cognito provides user sign-up features and integrates with AWS Identity and Access Management which adds additional security capabilities to your mobile backend while simplifying the management of crucial security features for your app.

Sign-in UI With MFA Login with Facebook, Google, and Twitter

Add user sign-up and sign-in workflows for customer onboarding with support for multifactor authentication to your apps with a fully managed service. You can also authenticate users through social identity providers such as Facebook, Twitter, and Google+. This feature is powered by Amazon Cognito.

Event-Driven Architecture

AWS Lambda enables to easily implement event-driven architectures that do not require persistent resources. Lambda to host backend logic for mobile apps. Lambda automatically runs your code in response to events and allocates resources to resolve requests on an as-needed basis. This allows you to put minimal logic in the mobile app itself making it easier to scale and update. AWS Lambda automatically monitors Lambda functions on your behalf, reporting metrics through Amazon CloudWatch. To help you troubleshoot failures, Lambda logs all function requests and automatically stores logs through Amazon CloudWatch Logs.

App Storage

Amazon Cognito Sync supports reading and writing to a local data store. This means that your app can work in the same way regardless of whether the device is online or offline. You can also save user data, such as user preferences, sign-in, and game state, and then sync this data across a user’s devices to create a consistent experience.

Amazon DynamoDB provides a managed, highly available NoSQL database for storing and querying app data while preventing superfluous client downloads and content mining. Amazon DynamoDB includes fine-grained access control to follow the best practice of least privilege for Lambda functions querying specific data

Mobile Push Notifications

Amazon Simple Notification Service (Amazon SNS) is a fast, flexible, managed push notification service that makes it simple and cost-effective to send push notifications to mobile device users, email recipients or even send messages to other distributed services. Mobile push notifications send messages directly to apps on mobile devices, which can appear in the mobile app as message alerts, badge updates, or even sound alerts.

Disaster Recovery Planning

The underlying AWS services being consumed by the solution offers built-in fault tolerance and guarantees high availability by using multiple availability zones in each region to help protect against individual machine or data center failures.

Conclusion

Serverless architectures powered by PaaS offerings from leading public cloud AWS offers the ability to implement highly scalable and available applications without the groundwork of capacity planning and server setups. The ability to independently scale the Web, Logic and Data Tiers results in delivering the most optimum performance of the overall solution

 

 

 

 

Top