Amazon Cognito - User Identity and Access Management

Amazon Cognito

section-228fc7a

Amazon Cognito | User Identity and Access Management

As mobile usage has dramatically increased over the years, it is more relevant than ever to design for mobile and work backward towards the desktop. Working back like this creates a need to get users of these mobile apps and web applications, this is where Amazon Cognito comes into play.

Amazon Cognito allows you to easily add user sign in and sign out to your mobile apps and web apps. Also, Amazon Cognito enables you to save data locally on your user devices, allowing your applications to work, even when your devices are offline. You can then synchronize data across user devices, so the app experience remains consistent regardless of the device you use.

Amazon Cognito provides an authentication mechanism for your mobile app. Once a user has been authenticated, they will have access to your AWS services linked to the application. Amazon Cognito even provides a mechanism to grant unauthenticated users access to your AWS services. Additionally, Amazon Cognito sync allows you to sync data across devices, which means that users will have a unified experience no matter the platform.

User identity is the unique identifier you associated with a particular end-user. The three mechanisms that facilitate this are authentication, authorization, and user management. Authentication provides the entry point for your users to sign in. This is the place where you would also enable federation with enterprise and social identity. Authorization allows you to protect data and operations. This is the place you provide fine grade access control. Finally, user management is where you manage user lifecycles, storing and managing user profile data, and where you would monitor user engagement.

There are two ways to federate with Amazon Cognito; Cognito user pools and Cognito identity pools.
1. Cognito user pools allow you to create and maintain a user directory and add sign up and sign in into your mobile app or web application. User pools scale to hundreds of millions of users and are designed to supply simple, secure, low-cost options for you.
2. Cognito identity pools allow you to create unique identities for your users and federate then with identity providers at no cost. With that identity, you can obtain temporary, limited privilege AWS credentials to synchronize data for Amazon Cognito sync or directly access other AWS services.

With federation, you can link user information stored across multiple separate and decent management systems. Cognito handles these interactions to authenticate users and receive tokens. These identity providers are configuring Cognito. Cognito user pools act as a universal directory, providing user-profiles and authentication tokens for federated and native users.

Let Amazon Cognito handle your authentication needs. Cloud Rush has partnered with Amazon Web Services to provide you with AWS services such as Cognito. Contact us today for a complimentary consultation for Amazon Cognito.

Let's Talk
AWS Amazon Polly

Amazon Polly

section-ae2af19

Turn text into lifelike speech with Amazon Polly.

When it comes to using technology, sometimes using a screen is not an option. Text to speech technology is useful in these situations. However, older early day text to speech solutions can sound more like a robot and makes it difficult to understand and tiresome to listen to over extended periods of time. Amazon Polly, an AWS managed cloud service, provides an artificial intelligence service whose job is to translate text information into speech. Polly focuses on converting text into speech using national sounding lifelike voices.

Amazon Polly is a best in class solution. Its top features are as follows:
• Create applications that talk and increase accessibility
• Provides an easy to use and device-independent solution
• Voices are high quality and as good as natural human speech
• Supports 24 languages with multi voices per language
• Store and distribute the generated speech as an audio file
• Accurate text processing
• Highly intelligible
• Supports speech synthesis markup language (SSML)
• Supports dictionaries (Lexicons)
• Natural sounding speech generation from text

Let’s talk a little about Amazon Polly and SSML. It is a speech synthesis markup language. It is XML based markup language, and tags comply with SSML 1.0. The SSML start with and end with . You can modify aspects of the speech output, such as the expansion of abbreviations and acronyms as well as control of pitch, volume, and speed of speech. For example, if you wanted your text to speech solution to have a Boston accent, this would be possible.

Amazon Polly can be used in many cases. Here are some typical applications:
• Education – It provides language learning applications that support 24 languages. Listening to actual spoken languages is very important for language learning, and accurate pronunciation is even more critical. With the use of speech marks, Amazon Polly can provide more immersive storytelling and better reading experience for anyone struggling with reading and writing.
• Gaming – It can be used to test in-game dialogs without needing a voice actor.
• Content Creation – Amazon Polly can be used to read news channels out loud.
• Telephony – Polly is used in the form of a phone call to an interactive voice response system, it enables automated self-service call center operations as well.

Amazon Polly provides real-time streaming at a low cost. The audio can be streamed so you can play the sound immediately, in a real-time scenario. Besides, you pay by the character and only the characters you use. This allows unlimited replays, making it an effective way to voice your applications. You can go as far as creating a custom brand voice for your organization.

Amazon Polly is an AWS cloud service that is used to translate text into speech using natural-sounding lifelike voices. It provides many features and benefits that may help set your organization apart. If you think Amazon Polly may be right for you, contact Cloud Rush today. We offer complimentary consultations for all AWS cloud services.

Let's Talk
Amazon Redshift

Amazon Redshift – AWS Analytics Tool

Amazon Redshift - AWS Analytics Tool

Amazon Redshift is a fast, scalable data warehouse that makes it simple and cost-effective to analyze all your organization’s data across your data warehouse. It will deliver ten times faster performance than other data warehouses by using machine learning, massively parallel query execution, and columnar storage on high-performance disk.

First, let’s start with the basics. Data warehouses are databases that are designed and used as depositories for analytical data. Data warehouses share many characteristics to relational databases but serve different purposes. A relational database is used to store individual records, while data warehouses are used to store and maintain aggregate values generated from relational databases.

Amazon Redshift automatically provisions the infrastructure and automates administrative tasks such as backups, replication, and fault tolerance. With concurrency scaling, you can support virtually unlimited concurrent users and concurrent queries. When enabled, it automatically adds additional cluster capacity when you need it to process an increase to concurrent read queries. When the demand decreases, the additional capacity is automatically removed.

The Amazon Redshift Spectrum is an optional feature that allows you to query all types of data stored in Amazon simple storage service or Amazon S3 buckets. You don’t need to load that data into the Redshift database to work. One of the advantages of Amazon Redshift is that it uses a massively parallel columnar architecture. This means the data is indexed in the same way that analytical queries are written.

How Does Amazon Redshift Work?

Internally Amazon Redshift is broken down into nodes. There is a single leader node and several compute nodes. Clients access it via a SQL endpoint on the leader node. The client then sends a query to the endpoint. The leader node creates jobs based on the query logic and sends it in parallel to the compute nodes. The compute nodes contain the actual data the queries need. The compute nodes find the required data, form operations and return results to the leader node. The leader node then aggregates the results from all of the computer nodes and sends a report back to the clients.

Amazon Redshift Data Warehouse Uses

You can use Amazon Redshift to build a unified data platform. Creating multiple copies of data is a massive waste of time and money. However, traditional data warehousing requires the data to be loaded into the data warehouse. Redshift Spectrum can run queries across your data warehouse and Amazon S3 simultaneously. This will save you time and money.

Amazon Redshift Costs

Amazon Redshift costs have been simplified to help you determine your overall costs. You start by choosing the cluster nodes that meet your needs. Each cluster node includes memory, storage, and IO. The node type is billed per hour. There are 4 types of pricing:
1. On-Demand Pricing
2. Concurrency Scaling Pricing
3. Reserved Instance Pricing
4. Amazon Redshift Spectrum Pricing

Whether you are a startup to a Fortune 500 company, this tool will help save your organization time and money. Contact Cloud Rush today to get started with a complimentary consultation.

Let's Talk
Amazon RDS

Amazon RDS

section-3d14077

Amazon RDS - AWS Database

Data is a strategic asset in any organization. Companies of all shapes and sizes are looking to get value from data. But before you can find value in your data, you need to find ways to store it efficiently. Amazon RDS will help you reduce the infrastructure costs associated with running and managing databases, improve the time it takes to develop applications, and create value using analytics and machine learning services.

Amazon RDS is a relational database service. The relational database makes use of schemas to normalize data. Also, they reduce their storage costs with these schemas. The data within the database is accessed by using a structured query language (SQL). Amazon RDS was created to minizine the effort involved in managing the relational database. The service automates time-consuming administrative tasks such as hardware provisioning, OS and database setups, patching, and backups, all while providing cost-efficient and reliable resizable capacity.

Amazon RDS provides enhanced availability and durability for the use of multi-AZ deployments. Meaning, Amazon RDS will create multiple instances of the databases in different availability zones. In case of infrastructure failure, Amazon RDS will perform an automatic failover to the standby to another availability zone. The database operations will resume as soon as the failover is complete. Your organization will not have to update connection strings because Amazon RDS uses a DNS service to point to the new master instance.

When you build your first Amazon RDS database, your organization will need to make a few key decisions. First, you will decide on the database instance type, which determines the resources your database will have. Next, you will determine the type of database engine you want to run. You can choose from the following:
• Amazon Aurora
• PostgreSQL
• MySQL
• MariaDB
• Oracle
• SQL Server

Amazon RDS stores data in the forms of tables, records, and fields. In most tables, records must be unique; this is called a primary key. Primary keys from one table can be added to another table, creating a relationship. Relationships are one of the benefits of relational databases.
Relational databases will store transactional data and analytical data, providing stability and reliability.

Amazon RDS has a pay as you go mentality. There are three parts to Amazon RDS billing.
1. You pay for the instance hosting the databases. There are two instance types to choose from, on-demand and reserved. The on-demand instance pricing allows you to pay for the compute capacity by the hour. Also, reserved instance pricing is best when you have a good understanding of the resource consumption of your database.
2. You pay for the storage consumed by your database. The storage consumed is billed per gigabyte per month.
3. You pay for the amount of data transferred to or from the Internet and other AWS regions.

Amazon RDS can help your organization get the value out of the data, giving you a leg up against your competitors. Curious about how to get started? Cloud Rush offers complimentary consultations to help your organization better understand the benefits of Amazon RDS.

Lets Talk!
Public Cloud Governance

Public Cloud Governance

With all the economies of scale afforded through cloud adoption, it is essential to understand that only through public cloud governance are costs managed, data and infrastructure secured, and realize the competitive benefits of cloud providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) and Azure.
For most organizations, cloud adoption spans business units, is siloed, skill levels vary and generally, results in “black-boxed” in conversations. Public cloud governance is not something that can be overlooked or dismissed, without having an impactful result on the business.
You moved to the cloud in part, to reduce your capital expenses, but you could also have operational expenses accruing that are not aligned with the forecast. Cloud adoption does not have to be a zero-sum game, you can actually realize all of the benefits that the cloud has to offer without breaking the bank and losing track of your data.
Public cloud governance is a discipline that the technical as well as the business savvy can gain control of and have a finger on the pulse of your cloud footprint at all times. Governance is not just for the Enterprise; it is incumbent on any company leveraging the cloud to employ some level of governance, or you will suffer setbacks in areas that were not anticipated.

What is Public Cloud Governance?

At Cloud Rush, we view Public Cloud Governance as having 4 pillars;

  • Resource management
    To govern the cloud, you have to know what is deployed at any point in time.
  • Proactive cost management
    It’s not enough to look at your bill. The cloud changes rapidly, and manually keeping up with the pricing matrices can be a tall order. As a result, public cloud governance will provide cost savings and aggregated recommendations.
  • Policy compliance
    Compliance can be summarized as merely a set of rules. These rules are codified in a way that provide uniform governance that is both proactive and reactive.
  • Access and data security
    Public cloud governance must also monitor usage patterns for compliance and security purposes, but also must account for and categorize data you have in cloud. At the end of the day, compliance officers want on-demand compliance reporting.

How do we govern the cloud?

Fortunately, cloud governance is achievable for companies of any size. In order to govern your clouds, you must aggregate all of your machine data for analysis in real time, or near real time.
Splunk defines machine data as, “one of the most underused and undervalued assets of any organization. But some of the most important insights that you can gain—across IT and the business—are hidden in this data: where things went wrong, how to optimize the customer experience, the fingerprints of fraud. All of these insights can be found in the machine data that’s generated by the normal operations of your organization.”
Because of a wide array of SaaS solutions in the marketplace, companies are now able to define a monitoring stack that brings all of the machine data together to provide real insights, sophisticated compliance monitoring and track your costs. Note however, that there is NOT a single, silver bullet present day; your monitoring stack will generally be comprised of 2-4 vendors, depending on your organization’s needs. As you might guess, many of these platforms will have overlap between each other, but they all have their own unique features that fill various voids.

What does a typical monitoring stack look like?

  • Resource Management
    When it comes to resource management, config management (CMDB) there are a few options;
    – Cloudaware (Cloud Rush recommended)
    – Scalr
    – CloudCheckr
    – CloudHealth
  • Cost Management
    Many platforms offer core cost management and have recommendation engines designed to maximize your dollars spent. Some of our favorites are;
    – CloudHealth (Cloud Rush recommended)
    – Cloudaware
    – Cloudability
  • Compliance
    Organizations have varying levels of compliance needs. Make sure you understand your organization’s compliance and reporting needs. This will help inform vendor selection.
    – Divvy Cloud (Cloud Rush recommended)
    – Cloudaware
  • Log Aggregation
    Everything deployed in the cloud emits data. As a result, these logs must be aggregated for analysis, alerting, reporting and dash-boarding. This data provides operational insights that illuminates your infrastructure as if it were sitting in your on-prem data center.
    – Splunk Cloud
    – Scalyr
    – Sumo Logic
    – ELK stack (“roll your own” platform)
  • Conclusion

    In conclusion, we discussed how important public cloud governance is, where it fits into the organization and briefly introduced you to vendors in this space. In this five (5) part series, we’ll be taking a deep dive into the discipline, and along the way, you’ll broaden your knowledge around how we harness all that we do in the cloud.

    About the Author

    Chris Scragg is a principal cloud architect for Cloud Rush, with years of industry experience related to public cloud governance. Chris’ cloud journey began with a pivot to Amazon Web Services, out of legacy data center environments, back in 2011. A serial entrepreneur, Chris continues to maintain a deep focus in AWS, GCP and Azure, with an eye toward helping clients increase their competitiveness through digital transformations.