When designing an iOS app that will interact with AWS (e.g. S3, Cloudfront, etc), what are the pros and cons of managing the access to these services on the client vs. on the server.
By "managing the access", I mean things like uploading private content to S3, downloading private content via Cloudfront.
Of course, whichever side that handles the access will need to store the AWS access key and access secret. Security is one of the concerns.
I am equally interested in the impacts of this design choice on the performance and the flexibility of either implementation.
Lastly, is there an argument for implementing a hybrid approach where both client and server both interact directly with AWS. Or, does the implementation usually go with either one or the other, but not both.
Aucun commentaire:
Enregistrer un commentaire