AWS REST Request - amazon-ec2

Below is my request body. When I hit the request using postman it throws forbidden with 403 error code but when I remove the "paymentOkUrl": "https://ei-prelive.dasitha.com:8289/general/api-gateway/v1/upad/pb/termUrl" from request body it executes successfully. I found it blocks any thing starts from "https://". I am using AWS ECS (with EC2) to host my springboot app.
I am new to AWS can anyone tell me what should I change in the aws configurations to solve this problem.
Request:
{
"paymentProvider": "ELAVON_REALEX",
"systemId": "30",
"orderId": "26518203_3afb594b-f25e-40de-bca2-650a1a234b53",
"amount": "14100",
"currencyCode": "GBP",
"cardDetails": {
"cardType": "MASTERCARD",
"cardNumber": "5269275301730688",
"expiryDate": "0424",
"cardHolderName": "Perera H T P M"
},
"paymentOkUrl": "https://ei-prelive.dasitha.com:8289/general/api-gateway/v1/upad/pb/termUrl"
}
Response:
{403 Forbidden}

Related

PublishGCPubSubLite processor in Apache NiFi is not working as expected

We are Using Apache Nifi to Publish events to PubsubLite using (PublishGCPubSubLite 1.17.0) Nifi processor.
GCP SA json files contains below field:
{
"type": "service_account",
"project_id": "",
"private_key_id": "",
"private_key": "",
"client_email": "",
"client_id": "",
"auth_uri": "",
"token_uri": "",
"auth_provider_x509_cert_url": "",
"client_x509_cert_url": ""
}
We tried using type:"service_account" and it is getting failed to communicate. and we are getting the below error,
PublishGCPubSubLite[id=7f9baf80-0184-1000-ffff-ffff8ec321b3] Failed to create Google Cloud PubsubLite Publisher: com.google.api.gax.rpc.UnauthenticatedException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
Caused by: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
From Nifi server we tested the connectivity and credential, it is working:
./google-cloud-sdk/bin/gcloud auth login --cred-file gcp.json
Authenticated with service account credentials for: [#.iam.gserviceaccount.com].
Your current project is [None]. You can change this setting by running:
$ gcloud config set project PROJECT_ID
Please suggest how to make connection to PubsubLite on Apache Nifi

AWS API Gateway not passing Endpoint request header even after transformation

I'm trying to pass an Authorization header through API Gateway into a Lambda function. I can see the key in the gateway logs. But, even after I transform the input with the standard script (see below), the Authorization head still doesn't make it to the Lambda function.
Any suggestions on what I'm missing?
API Log excerpt
Endpoint request headers:
{
X-Amz-Date=20220419T143450Z,
x-amzn-apigateway-api-id=?????????,
Accept=application/x-www-form-urlencoded,
User-Agent=AmazonAPIGateway_hhompg4,
Host=lambda.us-east-1.amazonaws.com,
X-Amz-Content-Sha256=??????????????????????????????????????????????????,
X-Amzn-Trace-Id=Root=1-????????-???????????????????,
x-amzn-lambda-integration-tag=abcd-4e32-1234-???????????????, Authorization=*********************************************************************************************************************************************************************************************************************************************************************************************************************************************70cc,
X-Amz-Source-Arn=arn:aws:execute-api:us-east-1:-----------------:asfd/test/POST/,
X-Amz-Security-Token=---------------------------------------// [TRUNCATED]
Method Execution / - POST - Integration Request Transformation script:
{
"method": "$context.httpMethod",
"body" : $input.json('$'),
"headers": {
#foreach($param in $input.params().header.keySet())
"$param": "$util.escapeJavaScript($input.params().header.get($param))"
#if($foreach.hasNext),#end
#end
}
}
event keys arriving to lambda function:
2022-04-19T14:29:34.457Z INFO Object.keys(event) [
'resource',
'path',
'httpMethod',
'headers',
'multiValueHeaders',
'queryStringParameters',
'multiValueQueryStringParameters',
'pathParameters',
'stageVariables',
'requestContext',
'body',
'isBase64Encoded'
]
Object.keys(event.headers)
[
'accept',
'accept-encoding',
'accept-language',
'cache-control',
'content-type',
'Host',
'origin',
'referer',
'sec-ch-ua',
'sec-ch-ua-mobile',
'sec-ch-ua-platform',
'sec-fetch-dest',
'sec-fetch-mode',
'sec-fetch-site',
'sec-fetch-user',
'upgrade-insecure-requests',
'User-Agent',
'X-Amzn-Trace-Id',
'X-Forwarded-For',
'X-Forwarded-Port',
'X-Forwarded-Proto'
]
I was able to see my request header (Authorization) in request headers but the same was not visible in the endpoint request headers. Found that you have to enable the 'Use HTTP Proxy integration' option while setting up the integration point.

JSON parse error: Can not set com.google.api.services.androidmanagement.v1.model.KioskCustomization field

Issue while creating Policy In Android Management API,Iam Using Spring Boot as BackEnd.
this is my request:
{
"name": "testpolicy",
"applications": [
{
"packageName": "com.adobe.reader",
"installType": "REQUIRED_FOR_SETUP",
"defaultPermissionPolicy": "GRANT"
}
],
"kioskCustomization":{
"powerButtonActions": "POWER_BUTTON_ACTIONS_UNSPECIFIED",
"systemErrorWarnings": "SYSTEM_ERROR_WARNINGS_UNSPECIFIED",
"systemNavigation": "SYSTEM_NAVIGATION_UNSPECIFIED",
"statusBar": "STATUS_BAR_UNSPECIFIED",
"deviceSettings": "DEVICE_SETTINGS_UNSPECIFIED"
},
"kioskCustomLauncherEnabled": true
}
This is my response:
JSON parse error: Can not set com.google.api.services.androidmanagement.v1.model.KioskCustomization field com.google.api.services.androidmanagement.v1.model.Policy.kioskCustomization to java.util.LinkedHashMap; nested exception is com.fasterxml.jackson.databind.JsonMappingException: Can not set com.google.api.services.androidmanagement.v1.model.KioskCustomization field com.google.api.services.androidmanagement.v1.model.Policy.kioskCustomization to java.util.LinkedHashMap (through reference chain: com.google.api.services.androidmanagement.v1.model.Policy["kioskCustomization"])
code written in the controller:
#PostMapping("/policies")
public ResponseEntity<com.google.api.services.androidmanagement.v1.model.Policy> savePolicy(
#RequestBody Policy policy, #RequestParam String enterpriseId) throws Exception {
}
control is not even coming inside the controller
I tried your request in Quickstart and did not encounter any error, the cause of your error may come from your implementation (Parser being used, or the format when typed) , I suggest that you try your request in quickstart to confirm that there is nothing wrong with your request.
Also you can check this documentation for a sample app that demonstrates how to provision a corporate-owned, single-use (COSU) device, and send it a reboot command. The app uses the Android Management API Java client library.

Postman AWS S3 snapshot request Elasticsearch

Hello I need some help with sending a PUT request to my ElasticSearch on AWS to create a snapshot in a S3 bucket, with POSTMAN.
I have created a S3 bucket called cb-search-es-backup.
I've created a role, and a policy for S3 (see:this post of mine for the steps I've taken).
REQUEST URL https://myelasticsearchendpoint.eu-west-1.es.amazonaws.com/
REQUEST METHOD: PUT
BODY : RAW / json
{
"type": "s3",
"settings": {
"bucket": "cb-search-es-backup", // my bucketname
"region": "eu-west-1", // region
"role_arn": "arn:aws:iam::12345676890:role/Role_ES_TO_S3" // my role arn
}
}
I've also tried the authorization type: 'AWS Signature', with access and secret key filled in.
It looks like you are not passing AWS credentials with this request.
There is a detailed guide how to make a Postman request with AWS authentication here: Use Postman to Call an API.
Your Postman window might look like this:
To do the same from python please check out Sample python client section of this documentation page, note that AWS4Auth object is created and it's passed as auth parameter to requests.put():
credentials = boto3.Session().get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)
# Register repository
path = '_snapshot/my-snapshot-repo' # the Elasticsearch API endpoint
url = host + path
payload = {
...
}
headers = {"Content-Type": "application/json"}
r = requests.put(url, auth=awsauth, json=payload, headers=headers)

Failure connecting to S/4 Hana via Cloud SDK

I'm following the OData tutorial at https://blogs.sap.com/2017/05/21/step-4-with-sap-s4hana-cloud-sdk-calling-an-odata-service/comment-page-1/ and I'm getting an error when I try to retrieve business partners using DefaultBusinessPartnerService.
The relevant piece of code is:
DefaultBusinessPartnerService businessPartnerService = new DefaultBusinessPartnerService();
System.err.println("criated default business partner");
List<BusinessPartner> partners = businessPartnerService
.getAllBusinessPartner()
.select(BusinessPartner.BUSINESS_PARTNER,
BusinessPartner.LAST_NAME,
BusinessPartner.FIRST_NAME)
//.filter(BusinessPartner.BUSINESS_PARTNER_CATEGORY.eq(CATEGORY_VENDOR))
.orderBy(BusinessPartner.LAST_NAME, Order.ASC)
.execute(new ErpEndpoint(new ErpConfigContext()));
response.setContentType("application/json");
response.getWriter().write(new Gson().toJson(partners));
My ErpQueryEndpoint configuration is as follows:
#Mon May 14 15:27:09 BRT 2018
URL=https\://host\:port
Name=ErpQueryEndpoint
TrustAll=TRUE
Type=HTTP
Password=Password
Authentication=BasicAuthentication
User=Username
Where host, port, Username and Password have been replaced by the correct values.
When I query http://localhost:8080/s4integration-application/businesspartners I get the following error:
The endpoint responded with HTTP error code 403.
No service found for namespace , name API_BUSINESS_PARTNER, version 0001
Full error message:
{
"error": {
"code": "/IWFND/MED/170",
"message": {
"lang": "en",
"value": "No service found for namespace , name API_BUSINESS_PARTNER, version 0001"
},
"innererror": {
"application": {
"component_id": "",
"service_namespace": "/SAP/",
"service_id": "API_BUSINESS_PARTNER",
"service_version": "0001"
},
"transactionid": "C83CB3D2A1420000E005AF97B0836AD5",
"timestamp": "20180514182746.3576100",
"Error_Resolution": {
"SAP_Transaction": "Run transaction /IWFND/ERROR_LOG on SAP Gateway hub system (System Alias ) and search for entries with the timestamp above for more details",
"SAP_Note": "See SAP Note 1797736 for error analysis (https://service.sap.com/sap/support/notes/1797736)"
},
"errordetails": []
}
}
}
It seems that the endpoint is not configured on the SAP system (it's an S/4 Hana system). I'm not sure if I have to add something else to the URL besides the host and port or if there is some other configuration that has to be done on the SAP system.
Instructions for activating OData APIs from the SAP S/4HANA backend can be found here: help.sap.com/viewer/cdc25c83b63e482586b31b8acd49cf2f/1610%20003/… Just ignore the notion of the Fiori app.

Resources