Amplify has re-imagined the way frontend developers build fullstack applications. Develop and deploy without the hassle.

Getting started

You are currently viewing the AWS SDK for Mobile documentation which is a collection of low-level libraries. Use the Amplify libraries for all new app development. Learn more

You can view the Mobile SDK API reference here.


Enable your app to store and retrieve user files from cloud storage with the permissions model that suits your purpose. The Amplify CLI will deploy and configures cloud storage buckets using Amazon Simple Storage Service.

Storage Access

The CLI configures three different access levels on the storage bucket: public, protected and private. When you run amplify add storage, the CLI will configure appropriate IAM policies on the bucket using an Amazon Cognito Identity Pools IAM Role. You will have the option of adding CRUD (Create, Read, Update, and Delete) permissions as well so that Authenticated and Guest users will be granted different permissions based on these levels.

If you had previously enabled user sign-in by running amplify add auth in your project, the policies will be connected to an Authenticated Role within Cognito Identity Pools which has scoped permissions to the objects in the S3 bucket prefixed by a user's Cognito Identity ID. If you haven't configured user sign-in, then an Unauthenticated Role will be assigned for each unique user/device combination, which will still have scoped permissions to owned objects.

  • Public: Accessible by all users of your app. Files are stored with the public/ prefix in your S3 bucket.
  • Protected: Readable by all authenticated users, writable only by the owner. Files are stored with the protected/{cognito_user_identity_id}/ prefix.
  • Private: Only accessible by the owner. Files are stored with the private/{cognito_user_identity_id}/ prefix.

The cognito_user_identity_id corresponds to the owner's unique Amazon Cognito Identity ID. See Authentication for more information on how to get the cognito_user_identity_id for a signed in user.

Set Up Your Backend

  1. Complete the Get Started steps before you proceed.

  2. Use the Amplify CLI to add storage to your app.

    In a terminal window, navigate to your project root folder (the folder that contains your app's .xcodeproj file), and add the SDK to your app.

    amplify add storage
  3. Choose Content as your storage service.

    ❯ Content (Images, audio, video, etc.)
  4. The CLI walks you through the options to enable Auth (if not enabled previously), in order to decide who should have access (select Auth and guest users and read/write for both auth and guest users).

  5. Confirm that you have storage and auth set up by running amplify status:

    $ amplify status
    | Category | Resource name | Operation | Provider plugin |
    | --------- | --------------- | --------- | ----------------- |
    | Auth | cognito2e202b09 | Create | awscloudformation |
    | Storage | sabc0123de | Create | awscloudformation |
  6. To create your backend run:

    amplify push

    The CLI will create the awsconfiguration.json file in your project directory. In the Finder, drag awsconfiguration.json into Xcode under the top Project Navigator folder (the folder name should match your Xcode project name). When the Options dialog box appears, do the following:

  • Clear the Copy items if needed check box.
  • Choose Create groups, and then choose Finish.
Lambda Triggers

The Amplify CLI supports associating Lambda triggers for Amazon S3 and DynamoDB events. This can be useful for a use case where you want to invoke a Lambda function after a create or update operation on a DynamoDB table managed by the CLI. Read More

Connect to Your Backend

Use the following steps to add storage services to your app.

  1. Add the AWSS3 dependency to the Podfile to install the AWS Mobile SDK:

    platform :ios, '9.0'
    target :'YOUR-APP-NAME' do
    pod 'AWSS3'
    # other pods . . .
    pod 'AWSMobileClient'

Run pod install --repo-update before you continue.

  1. Add the following import to the classes that perform user file storage operations:

    import AWSS3