Amazon Cloud Development
We are happy to show our company
What is Amazon Cloud Development?
Amazon Web Services (AWS) is a commercial public cloud maintained and developed by Amazon since 2006. It provides subscribers with services both according to the infrastructure model (virtual servers, storage resources) and the platform level (cloud databases, cloud middleware, cloud server less computing, development tools). There are a lot of AWS services. For example, in January 2020, there were 147 services allocated in 25 groups. See Table 1 where all the services available are shown.
# | Group Name | Number | Services |
|---|---|---|---|
1 | Compute | 11 | EC2, Lightsail, ECR, ECS, EKS, Lambda, Batch, Elastic Beanstalk, Server less Application Repository, AWS Outposts, EC2 Image Builder |
2 | Storage | 6 | S3, EFS, FSx, S3 Glacier, Storage Gateway, AWS Backup |
3 | Database | 7 | RDS, DynamoDB, ElastiCache, Neptune, Amazon Redshift, Amazon QLDB, Amazon DocumentDB, Managed Cassandra Service |
4 | Migration & Transfer | 7 | AWS Migration Hub, Application Discovery Service, Database Migration Service, Server Migration Service AWS Transfer for SFTP, Snowball, DataSync |
5 | Networking & Content Delivery | 8 | VPC, CloudFront, Route 53, API Gateway, Direct Connect, AWS App Mesh, AWS Cloud Map, Global Accelerator |
6 | Developer Tools | 7 | CodeStar, CodeCommit, CodeBuild, CodeDeploy, CodePipeline, Cloud9, X-Ray |
7 | Customer Enablement | 3 | AWS IQ , Support, Managed Services |
8 | Robotics | 1 | AWS RoboMaker |
9 | Blockchain | 1 | Amazon Managed Blockchain |
10 | Satellite | 1 | Ground Station |
11 | Quantum Technologies | 1 | Amazon Bracket |
12 | Management & Governance | 17 | AWS Organizations, CloudWatch, AWS Auto Scaling, CloudFormation, CloudTrail, Config, OpsWorks, Service Catalog, Systems Manager, AWS AppConfig, Trusted Advisor, Control Tower, AWS License Manager, AWS Well-Architected Tool, Personal Health Dashboard, AWS Chatbot, Launch Wizard, AWS Compute Optimizer |
13 | Media Services | 9 | Elastic Transcoder, Kinesis Video Streams, MediaConnect, MediaConvert, MediaLive, MediaPackage, MediaStore, MediaTailor, Elemental Appliances & Software |
14 | Machine Learning | 17 | Amazon SageMaker, Amazon CodeGuru, Amazon Comprehend, Amazon Forecast, Amazon Fraud Detector, Amazon Kendra, Amazon Lex, Amazon Machine Learning, Amazon Personalize, Amazon Polly, Amazon Rekognition, Amazon Textract, Amazon Transcribe, Amazon Translate,AWS DeepLens AWS DeepRacer, Amazon Augmented AI |
15 | Analytics | 11 | Athena, EMR, CloudSearch, Elasticsearch Service, Kinesis, QuickSight, Data Pipeline, AWS Data Exchange, AWS Glue, AWS Lake Formation, MSK |
16 | Security, Identity & Compliance | 16 | IAM, Resource Access Manager, Cognito, Secrets Manager, GuardDuty, Inspector, Amazon Macie, AWS Single Sign-On, Certificate Manager, Key Management Service, CloudHSM, Directory Service WAF & Shield, Artifact, Security Hub, Detective |
17 | AWS Cost Management | 3 | AWS Cost Explorer, AWS Budgets, AWS Marketplace Subscriptions |
18 | Mobile | 4 | AWS Amplify, Mobile Hub, AWS AppSync,Device Farm |
19 | Augmented & Virtual Reality | 1 | Amazon Sumerian |
20 | Application Integration | 6 | Step Functions, Amazon EventBridge, Amazon MQ, Simple Notification Service, Simple Queue Service, SWF |
21 | Customer Engagement | 3 | Amazon Connect, Pinpoint, Simple Email Service |
22 | Business Applications | 3 | Alexa for Business, Amazon Chime, WorkMail |
23 | End User Computing | 4 | WorkSpaces, AppStream 2.0, WorkDocs, WorkLink |
24 | Internet Of Things | 9 | IoT Core, Amazon FreeRTOS, IoT 1-Click, IoT Analytics, IoT Device Defender, IoT Device Management, IoT Events, IoT Greengrass, IoT SiteWise, IoT Things Graph |
25 | Game Development | 1 | Amazon GameLift |
It is neither possible nor necessary to implement all AWS cloud services in one application. In this article, the AWS cloud development will be considered as part of the Internet of Things (IoT). Gambit Technology specializes in the electronic design of different devices as part of our products.
AWS Cloud Development Sample
Figure 1 below illustrates the AWS application which was realized by our company. Our project included the following Amazon services:
AWS IoT Core for communications with IoT devices;
AWS DynamoDB (NoSQL database) for keeping data received from the devices and information regarding the data users;
AWS Cognito for user access control;
AWS EC2 for providing virtual sever in the cloud.
Let’s consider the participation of each Amazon service in the project.
AWS IoT Core
The AWS IoT group of Amazon IoT services includes nine members (see the table above). The main service among them is AWS IoT Core. AWS IoT Core manages electronic devices which are involved in the Internet of Things. AWS IoT Core connects the devices, secures the device connections and data, processes the device data, reads and sets the device states.
Device Shadow
The key element of the AWS IoT Core conception is the device shadow. The device shadow is a JSON (JavaScript Object Notification) document used to store and retrieve current state information for a device.
The Device Shadow service provides persistent representations of the devices in the AWS Cloud. The device can publish updated state information to a device’s shadow, and the device can synchronize its state when it connects. The devices can also issue their current state to a shadow for use by applications or other devices.
As one can see from Figure 2, the device shadow document consists of the parts: “desired”, “reported” and “delta”. “Reported” part presents the current state of the device, “desired” part expresses the required state of the device, “delta” part is the difference between desired and reported state.
The communications between the devices and the AWS Cloud are realized by means of the publication of MQTT (MQ Telemetry Transport) protocol messages. These messages are protected using X.509 certificates.
AWS IoT Core generates a certificate the user. The certificate must be registered and activated with AWS IoT, and then copied onto the device. When the device communicates with AWS IoT Core, it presents the certificate to AWS IoT as a credential.
Amazon platform provides AWS IoT Device SDKs (using JavaScript or C computer languages) which help the users to easily and quickly connect their devices to AWS IoT. The AWS IoT Device SDKs include open-source libraries, developer guides with samples, and porting guides for different hardware products. For example, Embedded C SDK (Software Development Kit) consists of header and source files for creation of MQTT clients, device shadows, IoT jobs, JSON-format message parsing. AWS IoT jobs are remote operations that are executed on devices connected to AWS IoT. Frequently, IoT jobs are applied for firmware upgrades or security certificate updates.
AWS DynamoDB
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. AWS DynamoDB is one of the services related with AWS IoT. AWS IoT integrates directly with the AWS DynamoDB by means of the AWS IoT rules.
Rules give the connected devices the ability to interact with AWS services. Rules are analyzed and actions are performed based on the MQTT topic stream. For example, rules write data received from a device to an Amazon DynamoDB database. The Figure 3 below demonstrates a rule created in AWS IoT Manager Console. This rule writes the data received from IoT device to DynamoDB table by means of the SQL statement. The data is contained in the MQTT messages which update the device shadows.
The Figure 3 below demonstrates a rule created in AWS IoT Manager Console. This rule writes the data received from IoT device to DynamoDB table by means of the SQL statement. The data is contained in the MQTT messages which update the device shadows.
Figure 4 presents a fragment of the table created by the rules. One can see the primary key (the unique device identifier) and the sort key (recorded epoch time). Also, AWS DynamoDB can be used for keeping the information about users which apply the devices.
DynamoDB tables allow to match users to the devices and provide the access to the devices which the user owned.
AWS Cognito
Amazon Cognito provides authentication, authorization, and user management for web and mobile apps. The two main components of Amazon Cognito are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for application users. Identity pools enable you to grant your users access to other AWS services.
User authentication is necessary in order to provide secure access to the device shadows and device recorded information. Also, in combination with AWS DynamoDB, the AWS Cognito allows to create different levels of permission (for instance: administrator, agent, member roles).
AWS SDK .NET
Amazon platform provides low-level API (Application Programming Interface) actions for all its services. However, instead of making requests to the low-level API directly from customer application, it is recommended to use one of the AWS Software Development Kits (SDKs) for preferable programming language. There are SDKs for following languages: JavaScript, Python, PHP, .NET, Ruby, Java, C++, Node.js, Go. The AWS SDKs take care of request authentication, serialization, and connection management. In our company we opt the AWS SDK .NET with C# computer language. Figure 6 below presents a fragment of AWS SDK for .NET online documentation.
The AWS SDK for .NET is a single downloadable package that includes Visual Studio project templates, the AWS .NET library, C# code samples, and documentation. The SDK for .NET supports development on any platform that supports the .NET Framework 3.5 or later and can be applied with Visual Studio 2010 or later. Therefore, high-level web application can be designed by means of AWS SDK .NET with composition with ASP.NET. This web application provides the member authentication by means of AWS Cognito (AWSSDK.CognitoIdentityProvider.dll and AWSSDK.Extention.CognitoAuthtentication.dll libraries), database manipulation by means of AWS DynamoDB (AWSSDK.DynamoDBv2.dll library) and device data monitoring by means of AWS IoT Core (AWSSDK.Core.dll, AWSSDK.IoT.dll and AWSSDK.IotData.dll libraries). High-level web application provides the data processing and presents them for the customers (see Figure 7 as data chart sample).
Amazon EC2
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. This service allows the creation of a virtual web server and the deployment of the web application on it.
Amazon Cloud Applications
Let’s look at Figure 1 again in order to explain the interaction of all the Amazon cloud project parts in more details.
Devices 1,2,3 are involved in the Internet of Things by Wi-Fi communication. They exchange the MQTT messages with AWS IoT Core using Embedded C SDK library. In real time, the devices update their shadows, which report the device status. Also, the current parameters of the devices are recorded by means of AWS IoT rules in the AWS DynamoDB database. Each device has a unique name in AWS IoT (in our case MAC address).
Users sign up by themselves or can be registered by Admin in the application using AWS Cognito which is responsible for the user authentication. For the registration they use web portal which runs on the virtual web server located in AWS EC2. Their personal information (like name, address, phone number, device ownership) is kept in AWS DynamoDB. AWS SDK .NET provide all interactions between the users and the Amazon services.
Registered users can monitor their devices remotely on desktop computers, laptops and smart phones. They can see the reported attributes and modify desired parameters.
The Admin performs the user control (for example regulates the user-device subscription). They will have access for all devices and can provide the troubleshooting if necessary.