Ir al contenido principal

Modern Architecture for Native Apps with AWS Backend: A Practical Guide

Introduction Designing a mobile app today goes far beyond building a beautiful interface. Native apps — whether for iOS or Android — need secure authentication, user role management, real-time communication with the backend, and scalable infrastructure to support growth. In this post, I’ll walk you through a clean and modern architecture to connect native mobile apps to a robust backend on AWS. The architecture is modular, scalable, and aligned with best practices for security and performance — without relying on overly complex tools. Why it matters: apps today are more than just UI A production-grade mobile app often includes: User login (email, Google, or others), Differentiated access for multiple roles (e.g., user vs admin), Secure token-based communication, A backend capable of handling business logic and data, Data storage, asset management, and scalable APIs, Compliance with Google Play and App Store requirements. All of these require a backend architecture ...
Publicar un comentario

Modern Architecture for Native Apps with AWS Backend: A Practical Guide

Introduction

Designing a mobile app today goes far beyond building a beautiful interface. Native apps — whether for iOS or Android — need secure authentication, user role management, real-time communication with the backend, and scalable infrastructure to support growth.

In this post, I’ll walk you through a clean and modern architecture to connect native mobile apps to a robust backend on AWS. The architecture is modular, scalable, and aligned with best practices for security and performance — without relying on overly complex tools.

Why it matters: apps today are more than just UI

A production-grade mobile app often includes:

  • User login (email, Google, or others),

  • Differentiated access for multiple roles (e.g., user vs admin),

  • Secure token-based communication,

  • A backend capable of handling business logic and data,

  • Data storage, asset management, and scalable APIs,

  • Compliance with Google Play and App Store requirements.

All of these require a backend architecture that’s cloud-native and well-structured.

Core requirements this architecture addresses

  • Two native apps: one built in Swift (iOS) and the other in Kotlin (Android).

  • Login via email and Google using AWS Cognito.

  • Token-based authorization using JWT.

  • Role-based dashboards: e.g., Admin, Client, Operator.

  • REST API backend built in Node.js (NestJS recommended).

  • Secure and modular deployment using AWS services.

  • Scalable and maintainable infrastructure with CI/CD pipelines.

  • Full Spanish UI support and compliance with privacy policies.

Architecture Overview

🧩 Mobile Frontend:

  • Swift and Kotlin apps communicate via HTTPS.

  • JWT tokens stored securely on-device.

  • API requests authenticated and role-restricted.

🛠️ Backend:

  • Node.js / NestJS for API logic and routes.

  • Authentication and role-checking middleware.

  • Connection to a PostgreSQL database via ORM.

🔐 Security & Identity:

  • AWS Cognito for user pool, federated login (Google), and password recovery.

  • JWT tokens with custom claims for roles.

  • Role-based access control enforced at API level.

☁️ AWS Infrastructure:

  • ECS (Fargate) for serverless container deployment.

  • API Gateway as secure entry point.

  • RDS PostgreSQL for persistent data storage.

  • Parameter Store for secrets and config variables.

  • S3 for user assets (e.g., images or documents).

  • CloudWatch for logs and monitoring.

⚙️ DevOps & Deployment:

  • Git-based CI/CD using GitLab pipelines.

  • Separate environments (dev, staging, prod).

  • Dockerized backend and easy rollbacks.

  • Environment variables and secrets injected from AWS.

Key Lessons Learned

  • Start modular: separating concerns early (auth, API, DB, frontend) simplifies scaling.

  • JWT + roles offers a clean way to manage access across user types.

  • AWS Cognito saves time and ensures secure, standards-compliant login.

  • Parameter Store avoids hardcoding secrets and supports good ops hygiene.

  • Fargate + API Gateway gives you scalability without managing servers.

Want to see a real diagram or get code examples?

If you're interested in seeing how this architecture looks visually, or want a working template to build your own, I’m happy to share diagrams or GitHub samples.

Leave a comment below or reach out — let’s connect and accelerate your app’s development journey.

Comentarios

Publicar un comentario

Entradas populares de este blog

Understanding Liveness, Readiness and Startup Probes in Kubernetes

 This is a small article about understanding the liveness, readiness and startup in kubernetes.  There's good explanation in the kubernetes documentation: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ This video also explains well the process: https://www.youtube.com/watch?v=aTlQBofihJQ But I wanted to understand it in a practical way. So I have this demo: https://github.com/DiegoTc/guest-book-js-docker/tree/Running-App-Version-1 It's a simple application running on a kubernetes cluster. https://github.com/DiegoTc/guest-book-js-docker/blob/Running-App-Version-1/argo/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: chat-ui spec: replicas: 1 revisionHistoryLimit: 3 selector: matchLabels: app: chat-ui template: metadata: labels: app: chat-ui spec: containers: - image: diegotc/guestbook:20230803-064434 imagePullPolicy: Alwa...
Publicar un comentario
Leer más

Getting Docker Syntax In Gedit

I have been working with docker in the last days, and encounter the syntax issue with gedit. Just pure plain text. So make a small search and found an easy way for fixing this. I found Jasper J.F. van den Bosch repository in GitHub and found the solution for this simple problem. We need to download the docker.lang file, available here:  https://github.com/ilogue/docker.lang/blob/master/docker.lang After that, you go to the folder you save the file and do the following command. sudo mv docker.lang /usr/share/gtksourceview-3.0/language-specs/  If this doesn't work you can try the following: sudo mv docker.lang  ~/.local/share/gtksourceview-3.0/language-specs/ And that's all! Screenshot of gedit with no docker lang Screenshot of gedit with docker lang
1 comentario
Leer más

Ansible using plugins for dynamic inventories

This is a small post about how to use inventory plugins in Ansible. If you are looking the script way I recommend to read this article: http://gloriasilveira.com/setting-up-ansible-for-aws-with-dynamic-inventory-ec2.html It explains really good this or you can watch this video: https://www.youtube.com/watch?v=LnbqO1kTPqE&t=6s But if you’re looking to use inventory this article can help you. First of all, why should I used inventory if all over the internet they’re using the python scripts? Well, Ansible recommends it: Inventory plugins take advantage of the most recent updates to Ansible’s core code. We recommend plugins over scripts for dynamic inventory. You can write your own plugin to connect to additional dynamic inventory sources. https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html The actual ansible guide is quite good, but there was a step that got me confused, probably my english isn’t so good and I didn’t understood it. We need to ena...
Publicar un comentario
Leer más