inside region_config.json in aws-sdk I can only see "eu-west-1"
Does AWS SDK for JavaScript support "eu-west-2" region ?
Regions endpoints are made as similar as possible to avoid multiple configuration keys.
In your case, you can just add the following line in the region_config.json to add the ability for s3:
"eu-west-2/s3": "s3dash",
Other service are generic enough to understand directly at call time how to route your request.
Related
I'm following an AWS workshop for SaaS Serverless, however they wrote it with python code and i'm not very good at python so i'm trying to rewrite everything in javascript. It was doing ok until i get to the problem in title.
They use this function to get authentication so i can register my tenant.
import boto3
from aws_requests_auth.aws_auth import AWSRequestsAuth
def get_auth(host, region):
session = boto3.Session()
credentials = session.get_credentials()
auth = AWSRequestsAuth(aws_access_key=credentials.access_key,
aws_secret_access_key=credentials.secret_key,
aws_token=credentials.token,
aws_host=host,
aws_region=region,
aws_service='execute-api')
return auth
The problem is I didn't find a way of getting credentials unless i hardcode it.
My question is: How can i make this function work the same way in javascript?
EDIT:
This is the workshop i'm following:
https://catalog.us-east-1.prod.workshops.aws/workshops/b0c6ad36-0a4b-45d8-856b-8a64f0ac76bb/en-US
This is the github repo (I'm currently on Lab 2):
https://github.com/aws-samples/aws-serverless-saas-workshop
This is the source of the function i talked about:
https://github.com/aws-samples/aws-serverless-saas-workshop/blob/main/Lab2/server/layers/utils.py
So I did a bit of digging through the source code and found the place where they declare the AWSRequestsAuth class here. TL;DR - it's a class that helps connect to AWS services via Amazon's signature version 4 signing process.
For your problem of getting credentials without hardcoding, I found this guide for Node.js on setting credentials:
You can supply your credentials in order of recommendation:
Loaded from AWS Identity and Access Management (IAM) roles for Amazon EC2
Loaded from the shared credentials file (~/.aws/credentials)
Loaded from environment variables
Loaded from a JSON file on disk
Other credential-provider classes provided by the JavaScript SDK
It also has further reading to help out with strategies for loading credentials. I know this doesn't directly answer the question, but I hope this helps!
To use any of the AWS SDKs, always refer to the corresponding Developer Guide. YOu can find a list of supported DEV Guides here:
https://docs.aws.amazon.com/code-library/latest/ug/what-is-code-library.html
See:
As you are interested in the AWS SDK for JavaScript, look at the DEV Guide for this SDK. You can find detailed information abut creds in this topic :
Setting credentials
I've developed a js to help users input there info in a form by fetching public data.
Now I'm thinking to deploy it as kind of an API service.
Is it possible and safe enough for HTTP trigger of PaaS's like GCF and Amazon Lambda to be triggered only from specif domains I allow? Like js's fetching and reading its header's origin and check its domain.
I've considered generating passcodes per my customer and placing it in key.js in user's directory or env value, have my js file open on URL, let user website read the js with return of key.js in query param and check its validity.
But forms can be everywhere in cutomers tree, placing it in env for each custmomer can be bothersome at scaling.
you can use ReCaptcha v3, add the allowed domains that can access your function endpoint, and verify the token is valid on the function implementation.
This isn't a native GCF feature, but you could try
Adding a filter in your GCF code (e.g. express.js) to check the requested domain
Making your GCF private and letting it ensure callers are authorized (GCP callers)
Run in Cloud Run, App Engine or another service with Identity Aware Proxy and screen out callers that way
Scenarios where i require to keep the keys as a secret
Azure / Google Maps API KEYs
STUN & TURN Server credentials for WEBRTC
First I was adding the keys directly , then I found out that those are very high vulnerabilities that others could take those credentials and use it for their needs
Later i tried using environment variables in .env file
But i could not find a way to use it properly
(express + nodeJS)
res.render("pages/crimestats", { apikey: process.env.AZURE_KEY })
here i was passing to the rendering page as a variable , but the key was still visible when i tried to see the source code on the browser.
So what is the proper way to use it ?
What i have in my mind
using an api call to get the key in the frontend
//but then any one can call that api request in the browser console right?
I am new to elasticsearch and I am trying to build a movie search app. For this I plan to get data from kaggle and add to my elasticsearch which I have setup locally at localhost:9200. I see this in the localhost link:
name "bxiIZLL"
cluster_name "elasticsearch"
cluster_uuid "zc_JPmw4TQ2G5bvahEF6LQ"
version
number "5.6.14"
build_hash "f310fe9"
build_date "2018-12-05T21:20:16.416Z"
build_snapshot false
lucene_version "6.6.1"
tagline "You Know, for Search"enter code here
Now I need to add Kaggle data to this server. How can I do it?
I saw somewhere the curld -XPUT command. I am not sure how that can work with Kaggle.
A follow up question - if I want to publish my app later on, how can I host the elasticsearch ?
In order to upload a CSV file to elasticsearch:
download the file.
use logstash in order to read the file using file input
modify and transform the data as you need using logstash's CSV filter
output logstash to elasticsearch
For your follow up question - how can I host Elasticsearch - you can either run it by your own, in AWS EC2 for example, or use a managed service like Elastic cloud or AWS ES. good luck
I try to migrate my google-auth-only project from firebase 2.x to 3.0 using the web-sdk example from:
https://github.com/firebase/quickstart-js/blob/master/auth/google-redirect.html
After setting up the initialisation-code with apiKey (via Google-Developer-Console - used the server-option) and all the other needed options, i use the "login with google"-button.
After this, an redirect-screen appears, then redirecting back to starting page and getting an "auth/internal-error".
Any suggestions?
I would recommend importing your project in the Firebase Console rather than configuring keys manually if possible, but appreciate there are some cases where that isn't ideal.
For the API key, try switching to the "Browser" type key rather than the "Server" one for anything running in the browser, and make sure it is approved for the domain you are using.
Google Sign In will need a client ID as well. The easiest way to implement is to use the signInWithPopUp method, but there are instructions for manually configuring the Google Sign In lib too.
If you do need to create a client ID, you can see the full instructions in the Google Sign In documentation.