aws-amplify / amplify-swift

A declarative library for application development using cloud services.
Apache License 2.0
453 stars 196 forks source link

Amplify push notifications documentation doesn't include escape hatch (see storage and authentication) #3181

Closed drmarkpowell closed 1 year ago

drmarkpowell commented 1 year ago

Describe the content issue: We don't want to use Pinpoint for mobile push, just SNS. We don't do user tracking in our app.

There is not yet any "escape hatch" tutorial for push notifications that provides guidance on how to drop down to the lower level SDK for SNS (topic subscription, device registration, etc.)

URL page where content issue is: https://docs.amplify.aws/lib/push-notifications/getting-started/q/platform/ios/

abdallahshaban557 commented 1 year ago

Hello @drmarkpowell - You can use Pinpoint with push notifications without needing to use user tracking. Is there another reason you would want to use SNS other than not wanting to use user tracking from Pinpoint?

ruisebas commented 1 year ago

Hi @drmarkpowell! We've added the escape hatch API to the Push Notifications plugin, which was missing in Swift's implementation. It will be available in the next release.

Having said that, the escape hatch will only give you the PinpointClientProtocol instance that the Amplify category uses. It will not allow you to switch services to SNS.

drmarkpowell commented 1 year ago

This addition is very welcome!

What is the best documentation to explain what IAM policies are needed for using Pinpoint as a service?

Our application also uses Govcloud where amplify-cli is not working yet, so it's extra difficult for us to understand what's happening under the hood in order for our cyber DevOps folks to assess whether we can use it.

After 2 hours of mostly failures, we were able to tentatively glean that

It would be great to understand what Pinpoint needs to have to operate and thus how we can consider applying it to our use case, which is pretty simple:

ruisebas commented 1 year ago

Using Amplify's Push Notifications in your app does automatically record session-related analytics events on every app launch.
A "session" is basically a use of the app, and the event types recorded are these:


To use Amplify's Push Notifications without using the CLI to set up the resources, here's what you have to do:

Create a Pinpoint Project

  1. Sign in to the AWS Management Console and open the Amazon Pinpoint console.
  2. Under the Get started section, enter a name for your project and click the Create a project button.
    • If you already have existing projects, a Manage projects button will be displayed instead. Click it and then click Create a project.
  3. In the Configure features page, click the Configure button under the Push Notifications section.
  4. Select Apple Push Notification service (APNs) and configure it properly by providing the required information.
  5. Click on Save and write down the Project ID.

Create an Identity Pool

  1. Navigate to the Cognito console.
  2. Select Identity pools and then click on the Create Identity pool button.
  3. Check what type of authentication you want to use. If you don't want to sign up/sign in users, you can check only Guest access.
    • If you want to use Authenticated access, then you'd need to configure the identity sources as well, e.g. Cognito User Pool.
  4. Create a new Guest IAM role.
  5. Name your Identity pool.
  6. Click on Create Identity pool and write down the Identity pool ID.

Configure the IAM role for Amplify's Pinpoint usage

  1. Navigate to the IAM console.
  2. Select Roles under Access management.
  3. Search for the Guest IAM role you created and click on it.
  4. Under Permissions policies, click on Add permissions and select the Create inline policy option.
  5. Click on the JSON button and paste the following content, replacing it with your AWS account number and the Pinpoint Project ID:
    
    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Action": [
                "mobiletargeting:PutEvents",
                "mobiletargeting:UpdateEndpoint"
            ],
            "Resource": "arn:aws:mobiletargeting:*:[AWS ACCOUNT]:apps/[PINPOINT PROJECT ID]*"
        }
    ]
    }
6. Click on **Next**, write a name for the policy and then click on **Create policy**.

#### Set up Amplify's Push Notifications in your Xcode project

1. Follow the instructions [on this page](https://docs.amplify.aws/lib/push-notifications/getting-started/q/platform/ios/) on how to set up your application for Amplify's Push Notifications. You can skip the _Set up backend resources_ section.
2. Follow the instructions [on this page](https://docs.amplify.aws/lib/push-notifications/register-device/q/platform/ios/) on how to request Push Notifications permissions and how to register the device with Pinpoint.
3. Finally, create a `amplifyconfiguration.json` file with the following contents:
```json
{
    "notifications": {
        "plugins": {
            "awsPinpointPushNotificationsPlugin": {
                "appId": "[PINPOINT PROJECT ID]",
                "region": "[REGION]"
            }
        }
    },

    "auth": {
        "plugins": {
            "awsCognitoAuthPlugin": {
                "CredentialsProvider": {
                    "CognitoIdentity": {
                        "Default": {
                            "PoolId": "[COGNITO IDENTITY POOL ID]",
                            "Region": "[REGION]"
                        }
                    }
                }
            }
        }
    }
}

That's it 😃! Now you can use Pinpoint to send push notifications to your app users. You can create Segments to target specific users with Campaigns and/or Journeys.