When launching an EC2 instance from a marketplace image, you need to accept the End User License Agreement (EULA). This needs to be done only the first time the image is used to launch an instance. Any subsequent instantiations do not require this.
We have a web app which launches an instance in the customer's environment, but to be able to do this they need to accept EULA.
Regarding this I have the following questions:
Is there a programmatic way to get the agreement so that we could display it through our app and let the customer accept it. And then send the accepted agreement back to AWS? I came across this post: How to opt-in for AWS EC2 AMI from SDK but it is from 2015. I could not find if there is a way even today.
If there isn't a way to accomplish 1. we could tell the customer to go to the product page and accept it. But is there a way to confirm that they have done it? We thought of creating the instance as a dry-run to verify this. Dry run behaves as expected when the agreement has not been accepted; it shows the error message:
In order to use this AWS Marketplace product you need to accept
terms and subscribe. To do so please visit
https://aws.amazon.com/marketplace/pp?sku=9is83x7ec8xayzc533n58q6me
(Service: AmazonEC2; Status Code: 401; Error Code: OptInRequired;
Request ID: ad180465-a1c4-47c0-8115-475b759bbbe6)
But it shows the same error even when it has been accepted. I had to accept and deploy the image through the portal, and then the error went away.
Is this how it is supposed to be? Am I doing something wrong here? Is there any other way to do this?
Any advice is appreciated.
Related
Description:
Greetings, I have a Google App Engine standard web service deployed from Eclipse Oxygen that consists of a servlet connecting to a MySQL database with the same project id in the Google Cloud using hibernate. It is a simple event managing website where you (as an invitee) enter your email and a given code (don't worry about security at least here, please) and you confirm or cancel your assistance to a given event.
Error:
The error is the following, at localhost, the tested project will perform correctly on every connection and transference of data. But as soon as I deploy it, when I test it from the user side, on the first try (wether you confirm, cancel or enter invalid data) it will fail to connect to the database. If you redo the operation, it will work.
Information to take into account:
I did not use the JDBC GoogleDriver (as I couldn't find a way to make it work [ClassNotFoundException...]). I use "com.mysql.jdbc.Driver".
The database allows the IP 0.0.0.0/0 (everyone) to connect to it (I know, security issues).
The servlet access the database with root + password (more security issues...).
When the user confirms/cancels the servlet will ask the Business class instance to retrieve the user data to check if it pairs it's invitation code.
Notice:
I have no idea how is this happening. Please, ask me for the details you need, and I will edit this question with them, because I don't know where to start. I'm pretty sure this first-try-only pattern must be easily identifiable to anyone who had experienced this. Thank you very much.
When thing is running correctly on localhost then obviously Google Cloud has specific issue. Google Cloud's 0.0.0.0/0 is not really "whole earth". You have to add subnet from which you'll connect. That much I know.
Better you can test on some PaaS like Bluemix. Bluemix has own big Q&A - developer.ibm.com/answers/ plus StackOverflow.
Of course you can use VPS as other option than PaaS. Essentially you need to run an application NOT fight with some platform.
I've made a simple mailing app that takes in email credentials and uses it to send emails of certain kinds to selected addresses. Problem is, I've had to input the credentials right into the code, so anyone who uses dex2jar can get the source code and get the email used for forwarding and easily make the app obsolete.
I imagine I'm not the only one facing this issue, so what are some ways to make my code secure?
No matter how good of a technique you use to hide the credentials, if it's in the code then it can always be found.
Instead of hard coding them in, you could perhaps let the user specify them when he starts the app? If that can't be avoided you could instead have a remote service that will do the sending and forward your request to that.
You can not both connect to an e-mail account and keep those same users out of said e-mail account. Consider using a hosted server as part of the project to securely connect to the e-mail account from the server level and process these e-mails remotely.
I am having difficulty getting Cognito registration and login to work for my app in Android Studio using this sample. When I attempt to log in via the simulator, the app works for a few seconds, then displays an error message: "Unable to execute HTTP request: Unable to resolve host 'cognito-idp.us-east-1.amazonaws.com': No address associated with hostname". This same error is the only error that appears in the console. I have seen similar questions and tried solutions such as checking to ensure my app has the permissions android.permission.INTERNET and android.permission.ACCESS_NETWORK_STATE, but the error persists. It also doesn't seem to be a network issue. I have updated to the latest version of the Android SDK as well as the AWS SDK, and the problem persists.
I currently I have a Cognito user pool set up which works properly for login on the iOS version of my app. Following the instructions in the readme for the sample code, I added an app to my existing user pool, and then copied and pasted the newly generated app client ID and app client secret into AppHelper.java for clientId and clientSecret respectively. I also set userPoolId to the ID listed for my user pool under "pool details" in the Cognito conosle, and cognitoRegion to US East, since this is the region of my user pool. I noticed that there was no need for me to set the pool name, as there was in the iOS version, so I'm wondering if that's something I need to do.
Sorry if this counts as a duplicate, but I wanted to post a question with the exact error message I encountered and the steps I took, and I'm wondering if someone has managed to get this specific sample working and what I should do.
The problem has been resolved, but unfortunately I'm not quite sure what fixed it since I didn't change anything in the code. All I did was install an update, so anyone with a similar problem should probably ensure that all SDKs used in the sample are properly updated, along with the simulator. It's also worth noting that I was using a different network than in my previous tests, so it's possible that it was a network issue after all.
I had the same issue.
The issue occurred when I used a VPN with emulator to test my program. The reason was that the internet connection in the emulator was too slow when connecting through a VPN.
This could also happen if your internet connection is not strong enough.
The solution is, use a real android device to test your code, if your internet connection is not good enough.
More info: https://github.com/aws-amplify/aws-sdk-android/issues/567
for my master thesis I need to keep track of google searches that the users perform. It should be a web project. At first I want to setup a server (that acts like a proxy) to monitor all actions (search queries) performed by the user.
The server should deliver the google search page. I need to keep track of the input the users make and the corresponding results returned from google as well.
My questen is now.. How should I start?
I am not really sure which webserver to use. Should I use tomcat / jetty / or something else?
What about Java Server Faces or Servlets? I worked with JSF long time ago but I am not sure whether its a good decision to use it.
The server should deliver the google search page. Here is my idea: The user connects to my server. The server "reads" the google page and returns it (the source code) to the user. I think of using a listener on the default search field to monitor the search queries of the users. But how is it possible to monitor the results returned from google? The google site itself uses JavaScript I guess. So when the user makes some input it is directly sent to google and the results are directly shown on the webpage thus my webserver does not see anything from the connection between the client and the google services.
The main idea is to monitor a search query and the corresponding search results.
I just need some help and ideas to get started. This is just a small part of my thesis. I do not want to start from zero during my editing time thus I want to make sure that I make the right choices before I start.
Thank you in advance... best regards.
You could use netty as a proxy and just filter and log all search queries. But then again why even use java? From what you describe you wan't to play man-in-the-middle and manipulate/log http traffic.
A quick google search came up with this for python: https://code.google.com/p/proxpy/
Edit: and similar in java https://github.com/adamfisk/LittleProxy
I've been working on an Android App that has already been published to Google Play. For the next update (versionCode = 3) my client wants to include the LVL licensing scheme.
The first thing I did was set up a static test response from the licensing server. I set the test response to LICENSED. After reading this in the documentation:
This License Test Response will be sent to devices using [my email address]
or the Test Accounts listed above for applications you have uploaded to Google Play. >Additionally, this account (but not the Test Accounts) will receive this response for >applications that have not yet been uploaded to Google Play.
I thought, not a problem, since my developer account email is the same as my Google Play account email on my testing devices. So I should receive the test response when debugging the App.
After that, I read through all the other licensing documentation and sample code and integrated it into the App. I used a ServerManagedPolicy with the correct base64 public key and 20 random generated bytes as the salt.
Once everything looked good I uploaded it to the device to test it, but instead of receiving the LICENSED response that I expected, I am always receiving a NOT_LICENSED response. I went back and made sure that:
I was connected to the internet.
I was signed in to my developer account on Google Play.
The LicenseChecker was using the correct public key.
Clearing my Google Play cache.
At first, I thought maybe it had something to do with the caching, so I tried using a StrictPolicy instead. Same response. Since I haven't purchased the App from the store, I'm under the impression that the licensing server is responding normally instead of sending the static test response. Here are some other things I have tried:
Waiting 24 hours and trying again.
Tried building the App with the android debug key, as well as the current distribution key.
Setting up and using a different test user account on Google Play. I made sure to add this email account to the 'Test accounts' section in the developer console.
Uploading the APK to Google Play, but not publishing it.
Incrementing the versionCode from 2 to 3. This is interesting, because instead of responding NOT_LICENSED it returns the 'application error code' ERROR_NOT_MARKET_MANAGED.
This leads me to believe that the license server is always responding normally, instead of sending the static test response I set up to my developer account. I have a feeling it may be because the App is already published, but I cannot risk publishing a debug build just to test wether or not it is working.
Has anyone been in this situation before? Any help is greatly appreciated.
I had the same issue but was able to resolve it. Here are the things I did to fix:
1) on my device, I removed all google accounts except the test account I had configured for. Apparently, play store was still trying to use a non testing account.
2) I had to activate test status for my developer account even though I'm the main developer and only tester.
the version increment thing did not help and honestly was a distraction.....
I've spent hours and even days with the same problem, it is documented here and elsewhere, that pre-published license test is hit and miss, and more miss than hit from what I discovered.
The only way I've found to make it work "more reliably" (but still not totally reliable) is to have a hardware device that is a reset to factory defaults, then set it's PRIMARY google user as the same one as your dev account that has the app uploaded to test with.
The special AVDs are also not very reliable.
I have the same problem when testing using LVL library. I always get the 561 (0x231 NOT_LICENSED) response no matter what I set the License Test Response to in the settings page.
My paid app users don't seem to complain so I'm assuming LVL is working for them.
At first one of my apps had this problem and it went away after 1 day (published Dec 30 2012), now I get valid test response in that app.
However, I still get the 561 (0x231 NOT_LICENSED) response for a newer app (published Jan 31 2013)
So now I just comment out (disable the alert dialog code that pops up for 561) after I publish the APK and continue my development for the next release.
I un-comment (enable the alert dialog code) before I publish again!
I contacted Google Play, they referred me to their developer forums. I posted the same question there but then I can't find my post.
Good to know that I'm not the only one facing this problem.
Not sure I am adding anything new but having similar problems and frustrations at what-should-be-happening vs what-is-happening I'll offer up this which seemed to work: 1) remove all of the users in the Play Console's license testing list of users; 2) whatever device you are testing remove all of the Google accounts; 3) on that same device create a new, unique Google account (e.g., iamalicensetester#gmail.com); 4) add that Google account to the Play Console license testing list of users.
What I think might be happening is that if you have more than one account on a device and one of them is licensed then a non-licensed account of that same device (or other devices) will inherit that characteristic. This idea of mine is just a model (all models are wrong, but some are useful) to (mostly) allow me to get back to the work of testing...and (partially) to have some way to explain this nonsense to myself.
I did try most of the things mentioned above...clearing the cache, the storage, etc. -- you'd think that Google would want a better facility with dashboarding but don't know if that is even on their radar. I mean, revenue, right?