Mobile backend - AWS Serverless Multi-Tier Architectures with Amazon API Gateway and AWS Lambda

Mobile backend

Architectural pattern for serverless mobile backend

Architectural pattern for serverless mobile backend

Table 1 - Mobile backend tier components

Tier Components
Presentation Mobile application running on a user device.
Logic

Amazon API Gateway with AWS Lambda.

This architecture shows three exposed services (/tickets, /shows, and /info). API Gateway endpoints are secured by Amazon Cognito user pools In this method, users sign in to Amazon Cognito user pools (using a federated third-party if necessary), and receive access and ID tokens that are used to authorize API Gateway calls.

Each Lambda function is assigned its own Identity and Access Management (IAM) role to provide access to the appropriate data source.

Data

DynamoDB is used for the /tickets and /shows services.

Amazon RDS is used for the /info service. This Lambda function retrieves Amazon RDS credentials from AWS Secrets Manager and uses an elastic network interface to access the private subnet.