Reputation: 2356
Cognito DynamoDB aws sdk in mobile app
AWS.config.update({
accessKeyId: AWS_ACCESSKEYID,
secretAccessKey: AWS_SECRET_ACCESSKEYID,
region: AWS_DYNAMODB_REGION
});
var dynamodb = new AWS.DynamoDB();
I'm using the javascript aws sdk in an ionic mobile application, I only use it to do a simple query of my dynamodb instance. I am using aws access key and aws secret access key id in AWS.config - and not Cognito. The access key id and secret access key are stored in my app config.
Should I switch to Cognito instead of aws access key and secret? My app is a mobile app and not a browser app so these values will not be visible to users. I already have a Cognito identity pool set up, in case I make the switch.
Thanks for any suggestions.
Upvotes: 0
Views: 286
Answers (1)
Reputation: 1797
Secret keys cannot be securely stored on a mobile app. It is recommended that you use Amazon Cognito and create scoped roles. If you scope your role to access a dynamodb row per identity id, the temporary credentials vended by Cognito on a device can access to the specific row belonging to that identity only.
Upvotes: 4
Related Questions
- Detecting a mobile browser
- How to detect a mobile device using jQuery
- Can the AWS Credentials from Cognito send request to other Regions?
- How to store AWS Cognito User Pool users in DB (for instance DynamoDB)?
- AWS Cognito Identity NotAuthorizedException
- What are the security vulnerabilities for AWS DynamoDB accessing directly from client (web app) using AWS Cognito & IAM role based
- Using Cognito AccessKeyId / SecretAccessKey to access AWS services
- How to access DynamoDB by authenticated cognito user (user pool) in swift