AWS Mobile Console Review

I did a post on Why Native Apps are better then HTML5 apps while reviewing the AWS Mobile Console. I did this because there are several really bad design choices in the AWS Mobile Console, which are common to many HTML5 applications.

The problem with the AWS Mobile Console is three parts:

  • Authentication
  • Limited Scope
  • HTML5 Application instead of native


Passwords suck. They're insecure, and hard to manage properly. If you're asking for my password it's already insecure. If you're asking for it more then once, it's really insecure. If you're asking for it on a mobile device, chances are I'm going to have to make it something simple and memorable, thus very insecure.

My AWS password isn't simple, isn't memorable, and is barely typable. It's a pain in the ass to type in on Mobile devices, and I never remember it because it's 32 random characters and symbols. I especially hate typing it in on a mobile device, so making me type it in multiple times (about every day or so) makes me angry. Fortunately, I just got angry, and didn't change my password to something simple like I'm sure most people will do.

I've also got an MFA device, which happens to also be my phone. Every time I have to re-enter my password I also have to get that MFA token from my phone, which is in a different app. That means going back and forth between apps making sure I get the code in before it expires. Doing this multiple times makes for an absolutely horrible user experience.

If I'm already upset and I haven't even gotten into your app, then You're no better then Mickey.

Instead of this, why not have the device have it's own set of AWS credentials, where I can set it up as an IAM role or user, and give it or take away access to it's individual features, and even revoke the credentials if my phone gets lost? I have a passcode on my phone already, so why make it double-protected when all you're doing is making me more insecure? Make it simple to revoke all access to just that device, and then authenticate the device, not just me.

The worst thing is that when you do need to use the mobile console, you're not at your desk, you're on the road, just got a CloudWatch alert, and need to reboot an instance only to find out you have to re-enter your 32 character password to even see what's going on.

Limited Scope

Once you get into the app, you're presented with a very narrow scope of options. In fact, all you can really do is manage your S3 and EC2 activities. You can do much more just from a browser, and you don't have to worry about re-typing in your password since you can actually save passwords there.

While I want to applaud the effort, I can't help but feel like this was released way before it was ready, just to fill some sort of requirement. It's not ready for users, maybe beta tests but certainly not prime-time. There just aren't enough features to make it useful in the general population, especially when there are alternatives.

HTML5 Applications suck

The app doesn't look native, the controls aren't standardized, and it takes forever to load. When I look at this for the first few seconds, I want to scream:
It's bad on WiFi, but it's even worse on mobile networks. If I have access to WiFi, chances are I'm at home, which means I can just log onto the real console on my desktop or laptop, so why would I go to the mobile app then? I wouldn't, especially when it's this bad of an experience.

If it's on mobile, it needs to be optimized for mobile.  Make it feel native, make it fast, and make it get me to my information quickly.