AWS SDK for Swift Authentication

Question

I am trying the new AWS SDK for Swift (Developer Preview) and it’s not clear how authenticate with AWS.

I can enter the AWS access and secret keys into Xcode and authentication works fine as long as as the app is run within Xcode, but when run on a device outside of Xcode it doesn’t have the AWS access and secret keys and won’t authenticate with AWS.

I also found that I can put the AWS access and secret keys in the app using this code:

let credentialIdentity = AWSCredentialIdentity(accessKey: “ACCESS_KEY, secret: “SECRET_KEY)
let credentialIdentityResolver = try StaticAWSCredentialIdentityResolver(credentialIdentity)
let lambdaClientConfiguration = try await LambdaClient.LambdaClientConfiguration(awsCredentialIdentityResolver: credentialIdentityResolver, region: "us-east-1")
let lambdaClient = LambdaClient(config: lambdaClientConfiguration)

This works but isn’t good because I don’t want to have the AWS access and secret keys in the app.

With AWS SDK iOS I have used Cognito and this code:

let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: “IDENTITY_POOL_ID”)
AWSServiceManager.default().defaultServiceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: credentialsProvider)

AWS SDK for Swift doesn’t seem to support Cognito authentication and this post, https://github.com/awslabs/aws-sdk-swift/issues/1082, says that they don’t plan to support it.

So, my question is how can I authenticate using AWS SDK for Swift without having the AWS access and secret keys in the app?

Answer 1

Cognito is already supported; the Cognito Credentials Provider is a specific feature that will not be supported. It streamlines the process by blending Cognito and STS features to make certain authentication tasks easier. But it's really just a feature of a specific SDK or two rather than a standard SDK feature.

Cognito Identity is supported and does work. Sample code is forthcoming.