Best practices for Amazon Location Service - Amazon Location Service
SecurityResource managementBilling and cost managementQuotas and usage

Best practices for Amazon Location Service

This topic provides best practices to help you use Amazon Location Service. While these best practices can help you take full advantage of the Amazon Location Service, they do not represent a complete solution. You should follow only the recommendations that are applicable for your environment.

Security

To help manage or even avoid security risks, consider the following best practices:

  • Use identity federation and IAM roles to manage, control, or limit access to your Amazon Location resources. For more information, see IAM Best Practices in the IAM User Guide.

  • Follow the Principle of Least Privilege to grant only the minimum required access to your Amazon Location Service resources. For more information, see Managing access using policies.

  • For Amazon Location Service resources used in web applications, restrict access using an aws:referer IAM condition, limiting use by sites other than those included in the allow-list.

  • Use monitoring and logging tools to track resource access and usage. For more information, see Logging and Monitoring in Amazon Location Service and Logging Data Events for Trails in the AWS CloudTrail User Guide.

  • Use secure connections, such as those that begin with https:// to add security and protect users against attacks while data is being transmitted between the server and browser.

For more information about detective and preventive security best practices, see the topic on Security best practices for Amazon Location Service.

Resource management

To help effectively manage your location resources in Amazon Location Service, consider the following best practices:

  • Use regional endpoints that are central to your expected user base to improve their experience. For information about region endpoints, see Amazon Location Regions and endpoints.

  • For resources that use data providers, such as map resources and place index resources, make sure to follow the terms of use agreement of the specific data provider. For more information, see Data providers.

  • Minimize the creation of resources by having one resource for each configuration of map, place index, or routes. Within a region, you typically need only one resource per data provider or map style. Most applications use existing resources, and do not create resources at run time.

  • When using different resources in a single application, such as a map resource and a route calculator, use the same data provider in each resource to ensure that the data matches. For example, that a route geometry you create with your route calculator aligns with the streets on the map drawn using the map resource.

Billing and cost management

To help manage your costs and billing, consider the following best practice:

Quotas and usage

You AWS account includes quotas that set a default limit your usage amount. You can set up alarms to alert you when your usage is getting close to your limit, and you can request a raise to a quota, when you need it. For information about how to work with quotas, see the following topics.

You can create alarms to give you advance warning when you are close to exceeding your limits. We recommend setting alarms for each quota in each AWS Region where you use Amazon Location. For example, you can monitor your use of the SearchPlaceIndexForText operation, and create an alarm when you exceed 80 percent of your current quota.

When you get an alarm warning about your quota, you must decide what to do. You might be using additional resources because your customer base has grown. In that case you may want to request an increase to your quota, such as a 50 percent increase in the quota for an API call in that Region. Or, maybe there's an error in your service that causes you to make additional unnecessary calls to Amazon Location. In that case you'd want to solve the problem in your service.