AWS Architecture Blog

Category: Amazon Cognito

Application Load Balancer integration with Amazon Cognito

Web application access control patterns using AWS services

The web application client-server pattern is widely adopted. The access control allows only authorized clients to access the backend server resources by authenticating the client and providing granular-level access based on who the client is. This post focuses on three solution architecture patterns that prevent unauthorized clients from gaining access to web application backend servers. […]

Read More
Cloud architecture of the sample code

Throttling a tiered, multi-tenant REST API at scale using API Gateway: Part 2

In Part 1 of this blog series, we demonstrated why tiering and throttling become necessary at scale for multi-tenant REST APIs, and explored tiering strategy and throttling with Amazon API Gateway. In this post, Part 2, we will examine tenant isolation strategies at scale with API Gateway and extend the sample code from Part 1. […]

Read More
Figure 1. Cloud Architecture of the sample code.

Throttling a tiered, multi-tenant REST API at scale using API Gateway: Part 1

Many software-as-a-service (SaaS) providers adopt throttling as a common technique to protect a distributed system from spikes of inbound traffic that might compromise reliability, reduce throughput, or increase operational cost. Multi-tenant SaaS systems have an additional concern of fairness; excessive traffic from one tenant needs to be selectively throttled without impacting the experience of other […]

Read More
A proxy solution to the Amazon Cognito regional endpoint

Enriching Amazon Cognito features with an Amazon API Gateway proxy

This post was co-written with Geoff Baskwill, member of the Architecture Enabling Team at Trend Micro. At Trend Micro, we use AWS technologies to build secure solutions to help our customers improve their security posture. This post builds on the architecture originally published in Protect public clients for Amazon Cognito with an Amazon CloudFront proxy. […]

Read More
Figure 1. Architecture diagram of QsrSoft TV solution

QsrSoft launches Digital Huddle Board in 3 months with AWS serverless and Fire devices

QsrSoft is a software as a service (SaaS) company that develops solutions for clients in the restaurant, hospitality, and retail industries to help them achieve operational excellence. QsrSoft has provided these services for more than two decades and now services over 14,000 locations. QsrSoft started using AWS in 2015 and fully migrated all their workloads […]

Read More
Figure 1. Multi-Region Amazon Cognito machine-to-machine architecture

How UnitedHealth Group Improved Disaster Recovery for Machine-to-Machine Authentication

This blog post was co-authored by Vinodh Kumar Rathnasabapathy, Senior Manager of Software Engineering, UnitedHealth Group.  Engineers who use Amazon Cognito for machine-to-machine authentication select a primary Region where they deploy their application infrastructure and the Amazon Cognito authorization endpoint. Amazon Cognito is a highly available service in single Region deployments with a published service-level […]

Read More
Figure 1. Pulse ingestion module architecture

Codacy Measures Developer Productivity using AWS Serverless

Codacy is a DevOps insights company based in Lisbon, Portugal. Since its launch in 2012, Codacy has helped software development and engineering teams reduce defects, keep technical debt in check, and ship better code, faster. Codacy’s latest product, Pulse, is a service that helps understand and improve the performance of software engineering teams. This includes […]

Read More
Figure 6. IoT Device Simulator architecture

Optimize your IoT Services for Scale with IoT Device Simulator

The IoT (Internet of Things) has accelerated digital transformation for many industries. Companies can now offer smarter home devices, remote patient monitoring, connected and autonomous vehicles, smart consumer devices, and many more products. The enormous volume of data emitted from IoT devices can be used to improve performance, efficiency, and develop new service and business […]

Read More
Figure 5. Event registration and check-in

Using AWS Serverless to Power Event Management Applications

Most large events have common activities such as event registration, check-in upon arrival, and requesting of amenities. When designing applications, factors such as high availability, low latency, reliability, and security must be considered. In this blog post, we’d like to show how Amazon Web Services (AWS) can assist you in event planning activities. We’ll share […]

Read More
Document processing architectural diagram

Convert and Watermark Documents Automatically with Amazon S3 Object Lambda

When you provide access to a sensitive document to someone outside of your organization, you likely need to ensure that the document is read-only. In this case, your document should be associated with a specific user in case it is shared. For example, authors often embed user-specific watermarks into their ebooks. This way, if their […]

Read More