We have decided to use AWS S3 and the AWS Cognito service for any user to store their profile picture while registering into the mobile application.
What we have done:
- Created an S3 bucket in the Bahrain region as our customer was from the Middle east, and so to reduce the latency, we wanted to have all the services in that region.
- Set up the permissions necessary like bucket policy and CORS.
Therefore, once the bucket was created, we had to enable AWS Cognito to allow the user to authenticate to access AWS resources.
From the Cognito console, selected “Manage Identity Pool”
Gave a name to the identity pool
Under “Unauthenticated identities“ Enabled the access to unauthenticated identities
Created the Pool.
That automatically created two IAM roles
- Unauthenticated role
- Authenticated role
Note: To make the permission even granular, we can add the S3 bucket the Cognito to have permission to. But, in our case, we did not need to do any changes to the existing inline policy.
Once all are set correctly, provided the information to the developer as
The Android developers updated that into their code,
Once they upload the code and tried to test, they were getting the error as below
After some research, it was found that the S3 service in the Bahrain region does not accept any data transfer, it needs some other component to get that done.
To reduce the overhead, we decided to move the S3 bucket and Cognito to other supported AWS regions, and then the code was working fine.
The application was able to upload the user profile during the registration.
LIA Infraservices AWS cloud migration Ensure data integrity & security as our primary focus. Migrate Your Data To A More Safe and Secure Cloud Platform using LIA Infraservices cloud migration services.
Click on the link to know more about the AWS cloud migration services