BayunS3 is a sample application that uses overridden methods from S3Wrapper SDK for secure storage onto AWS S3. The app itself works exactly similar to the case of an app using the original AWS S3 SDK directly. However, the wrapper SDK automatically encrypts a file before uploading it to the S3 bucket and decrypts it after downloading it, without the application having to deal with encryption keys, etc.
To use Amazon Cognito user pools, you need an AWS account. You can create a user pool through the Amazon Cognito console. You can follow the AWS developer guide to create user pool.
Replace the values of CognitoIdentityUserPoolId, CognitoIdentityUserPoolAppClientId, CognitoIdentityUserPoolAppClientSecret and CognitoIdentityPoolId their respective values in the
You are provided with an appId when your app is registered with Bayun, see Registering a new App.
Constants.m file, replace value of "BayunAppId" with your Bayun AppId.
AWSRegionType const CognitoIdentityUserPoolRegion = "Your AWSRegion"; NSString *const CognitoIdentityUserPoolId = @"Your Cognito Identity UserPoolId"; NSString *const CognitoIdentityUserPoolAppClientId = @"Your Cognito Identity UserPool AppClientId"; NSString *const CognitoIdentityUserPoolAppClientSecret = @"Your Cognito Identity UserPool AppClientSecret"; NSString *const CognitoIdentityPoolId = @"Your Cognito IdentityPoolId"; NSString *const BayunAppId = @"Your BayunAppId";
Register and Login
You need to first signUp using Amazon Cognito User Pools . Enter your username, password, phone number and set your company name. Hit Register button. You will receive a confirmation code on your email address. Enter the confirmation code in the confirm signUp screen and complete your signup process.
After signup you can signIn the app. Provide your username and password to signIn. A bucket with name 'bayun-test-yourCompanyName' is created. You should be able to upload/download files to/from the bucket.
Note - In the BayunS3 sample app, a new bucket is created for a new company named 'bayun-test-yourCompanyName'. You can provide your own bucket name for upload/download operations.
BayunS3 provides groups for secure group-based data-access and basic group-management. Every group has its own secret-key that is unique for the group, and is accessible only to the members of that group. This shared group-key is used to encrypt the messages that are locked with encryption-policy of group, and also authenticate members, and control access to group resources. Since nobody other than group-members have access to the group's secret-key, only those belonging to the group will be able to access data encrypted with group-policy tied to that specific groupId.
BayunS3 demonstrates the Group Management APIs, like - create group, get joined groups, get unjoined groups, join a particular group, add or remove a member, leave and delete a group.
Where to Go From Here?
You can find the BayunS3 app on Github.
For detailed step-by-step instructions on how to build and run the iOS application, see the README file.