You are currently viewing content for use with Unreal Engine software. See all AWS GameKit documentation
Achievements solution architecture
This topic offers a detailed description of the AWS solution that provides cloud-based backend services to support the AWS GameKit achievements feature. You don't have to master this information before using AWS GameKit to build the feature into your game and maintaining it. However, it is useful in gaining a deeper understanding of the AWS services and resources that are deployed for your game backend. You always have the option to view the backend components directly in AWS and use them with other AWS services, such as for monitoring or analytics. If you want to further customize or extend your game's backend services beyond what is available through AWS GameKit, you need to understand the role of each component in the solution.
The achievements backend architecture manages two call flows:
-
Call flow to manage achievement definitions. This flow is used in the AWS GameKit plugin to configure the set of achievements that players can earn in the game.
-
Call flow to manage player-related achievement actions and statuses.
The workflow sequence is similar for both flows:
-
A game client calls an achievements API operation, which prompts AWS GameKit to send a request to the API Gateway endpoint. Amazon Cognito verifies the game client’s access token, as described in Identity and authentication solution architecture. If the request involves player achievement data, an Amazon Cognito authorizer verifies that the access token is valid for the player as defined in the user pool.
If authentication is successful, the game client request is passed through to the relevant Lambda function.
The Lambda function interacts with DynamoDB to store or retrieve data as requested. Achievements definitions and player-related data are stored in two separate DynamoDB tables, one for achievement definitions, and one for player-related actions.
Achievements services
All AWS GameKit solutions rely on a core set of AWS services, as described in Core services.
The following services are used specifically to manage achievements activity:
Amazon DynamoDB
AWS GameKit uses DynamoDB tables to store achievement definitions for the game and to track each player's achievement status. By using DynamoDB to store this type of data supports frequent read and write requests from game clients.
AWS Lambda
AWS GameKit uses Lambda functions to manage the process of storing and retrieving achievement data in the DynamoDB tables. Another Lambda function runs the logic to determines when a player successfully earns an achievement.
Amazon Simple Storage Service
AWS GameKit uses an Amazon S3 bucket to store achievement image files. Amazon S3 provides durable object storage capabilities.
Amazon CloudFront
AWS GameKit uses CloudFront to publish achievement image files for display in your game. CloudFront is a content delivery system that lets you cache content geographically near your players to minimize latency when downloading the content.
Achievements data encryption
Player data is encrypted both in transit and at rest.
In transit, AWS GameKit uses transport layer security (TLS) 1.2 or later for communication between a game frontend and backend components on AWS. All AWS GameKit game features use the Amazon API Gateway service to accept and process API calls. Learn more in the API Gateway Developer Guide, Data protection in transit.
At rest, player identity data is encrypted by the AWS services that the Achievement game feature uses. These services comply with industry standards. Learn more about how these services handle data encryption at rest:
Amazon DynamoDB Developer Guide, DynamoDB encryption at rest
Amazon S3 User Guide, Protecting data using encryption
Amazon CloudFront Developer Guide, Data protection in Amazon CloudFront