Mobile在aws的认证授权方案

移动端访问aws的方案

* 使用 aws的root 用户帐户信息 ：                     -----权限太大，不合适

* 使用 aws的创建的IAM user的信息：                ------无法轮换身份信息

aws的思路------------>利用token vendor machine方案

Anonymous TVM

Cognito

User Pool vs Identity Pool

 

 

参考：

https://aws.amazon.com/cn/articles/authenticating-users-of-aws-mobile-applications-with-a-token-vending-machine/

https://aws.amazon.com/cn/code/token-vending-machine-for-identity-registration-sample-java-web-application/

http://docs.aws.amazon.com/zh_cn/STS/latest/APIReference/API_AssumeRole.html

 https://stackoverflow.com/questions/42521695/aws-sts-assumerole-do-i-have-to-provide-access-and-secret-keys

aws-sdk-ios-samples:  https://github.com/awslabs/aws-sdk-ios-samples

http://www.jianshu.com/p/112438fb86aa