JavaScript SDK Opens Direct Access To Amazon Web Services

Amazon Web Services’ new SDK for JavaScript allows browser-based applications to make direct calls to AWS services without the need for server-side code

Amazon Web Services (AWS) has released a new AWS SDK for JavaScript that enables developers to build rich, browser-based applications that make direct calls to AWS services without the need for any server-side code.

In a blog post, Jeff Barr, chief evangelist at AWS, said the SDK supports access to a variety of AWS services, including Amazon S3 and Amazon DynamoDB.

Direct calls

Amazon Web Services (AWS)With the new developer preview of the AWS SDK for JavaScript, developers can make direct calls to the following AWS services:

–Amazon S3 to store and retrieve objects at any scale.
–Amazon SQS to read from and write to message queues.
–Amazon SNS to generate and process notifications to mobile devices and other distributed services.
–Amazon DynamoDB to store and retrieve any amount of data, at any access rate.

Moreover, developers can create and populate S3 buckets, manage message queues, create, populate and query DynamoDB tables, and more, Barr said.

“If you have used the AWS SDKs and APIs in the past, you know that each request must be signed with your AWS credentials,” Barr said in the post. “You almost certainly don’t want to include your credentials in your HTML or your JavaScript where anyone could find and use them. Instead, you should use our web identity federation [WIF] feature to authenticate the users of your application. By incorporating WIF into your application, you can use a public identity provider (Facebook, Google or Login with Amazon) to initiate the creation of a set of temporary security credentials.”

The AWS SDK for JavaScript uses the same programming model in the browser and in server-side Node.js code, Barr said. Amazon is providing several resources to help developers take advantage of the new SDK, including a new AWS JavaScript Developer Centre.

DynamoDB access control

In related news, AWS also announced fine-grained access control for DynamoDB.

DynamoDB is Amazon’s fast, managed NoSQL database service that makes it simple and cost-effective to store and retrieve any amount of data, and serve any level of request traffic, the company said. All data items are stored on solid-state drives (SSDs), and are replicated across three AWS Availability Zones for high availability and durability.

In a separate post, Barr said Amazon DynamoDB has become very popular with developers in a very short time.

“Many developers are building mobile apps and online games using DynamoDB, he said. “Apps of this type can benefit from DynamoDB’s scalability, flexibility and efficiency. These apps generally use a single table to store information for the entire user base, which can easily grow to the millions or tens of millions of users. This scenario requires the use of a proxy tier between the app and DynamoDB in order to handle authentication and authorisation.”

The proxy introduces additional latency and complexity, not to mention the added expense, he said.

To make it easier for developers to implement the use case that Barr described, AWS launched Fine-Grained Access Control for DynamoDB. Developers can now use AWS Identity and Access Management (IAM) policies to regulate access to items and attributes stored in DynamoDB tables, without the need for a middle-tier proxy, Barr said.

Putting access control to use

In addition, Barr listed some things developers can build using fine-grained access control:

1. A mobile app that displays information for nearby airports, based on the user’s location: The app can access and display attributes such as airline names, arrival times and flight numbers. However, it cannot access or display pilot names or passenger counts.

2. A mobile game that stores high scores for all users in a single table: Each user can update his or her own scores but has no access to the other ones.

Do you know all about the Internet of Things? Take our quiz.

Originally published on eWeek.