使用AWS Appsync ||将图像上传到s3的过程使用Appsync上传iOS图片

Question

I'm working on a new project that requires uploading attachments in the form of images. I'm using DynamoDB and AppSync API's to insert and retrieve data from database. As we are new to the AppSync and all the amazon services and database we are using for the app i'm little bit confused about the authentication process. Right now we are using API key for authentication and I have tried these steps to upload image to s3.

1 Configue the AWSServiceManager with static configuration like :-

let staticCredit =  AWSStaticCredentialsProvider(accessKey: kAppSyncAccessKey, secretKey: kAppSyncSecretKey)
let AppSyncRegion: AWSRegionType = .USEast2
let config = AWSServiceConfiguration(region: AppSyncRegion, credentialsProvider: staticCredit)
AWSServiceManager.default().defaultServiceConfiguration = config

2 Uploading picture with this method : -

func updatePictureToServer(url:URL, completion:@escaping (Bool)->Void){
    let transferManager = AWSS3TransferManager.default()
    let uploadingFileURL = url
    let uploadRequest = AWSS3TransferManagerUploadRequest()
    let userBucket = String(format: "BUCKET")
    uploadRequest?.bucket = userBucket
    let fileName = String(format: "%@%@", AppSettings.getUserId(),".jpg")
    uploadRequest?.key = fileName
    uploadRequest?.body = uploadingFileURL
    transferManager.upload(uploadRequest!).continueWith(executor: AWSExecutor.mainThread(), block: { (task:AWSTask<AnyObject>) -> Any? in
        if let error = task.error as NSError? {
            if error.domain == AWSS3TransferManagerErrorDomain, let code = AWSS3TransferManagerErrorType(rawValue: error.code) {
                switch code {
                case .cancelled, .paused:
                    break
                default:
                    print("Error uploading: \(String(describing: uploadRequest!.key)) Error: \(error)")
                }
            } else {
                print("Error uploading: \(String(describing: uploadRequest!.key)) Error: \(error)")
            }
            completion(false)
            return nil
        }

        _ = task.result
        completion(true)
        print("Upload complete for: \(String(describing: uploadRequest!.key))")
        return nil
    })
}

3 And finally i'm able to see the uploaded image on the S3 bucket

But i'm concerned about how to save the url of the image and how to retrieve the image because when i have to make the buket PUBLIC to retrieve the image and i don't think that's a good approach, plus is it necessary to have a Cognito user pool because we aren't using Cognito user pool yet in our app and not have much knowledge about that too and documents are not helping in practical situations because we are implementing ti for the first time so we need some little help.

So two question : -

1. Proper procedure to use for uploading and retrieving images for S3 and AppSync.
2. Is it necessary to use Cognito user pool for image uploading and retrieving.

Thanks

Note: Any suggestion or improvement or anything related to the AppSync, S3 or DynamoDB will be truly appreciated and language is not a barrier just looking for directions so swift or objective-c no problem.

Answer 1

You need per-identity security on the bucket using Cognito Federated Identities which gives each user their own secure bucket. You can leverage the AWS Amplify to set this up for your project with $amplify add auth and selecting the default config, then $amplify add storage which configures that bucket and pool with appropriate permissions to use private uploads.

For more info checkout the repo: https://github.com/aws-amplify/amplify-cli