I have cloud function in GCP which triggers when any object is received in s3 bucket using SNS notification. SNS has been configured in such a way, when any object comes in s3 bucket it notifies GCP cloud function about it using http trigger(https url). As of now Cloud function end point is public so that it could be triggered from anywhere even from web browser if someone has the url which is big security concern. Hence I would like to make it private and want it to be accessed only through AWS SNS but getting no idea how it could be done.
How to trigger GCP cloud function(private) from AWS SNS over http trigger
1.2k Views Asked by Abhishek Jain At
1
There are 1 best solutions below
Related Questions in AMAZON-WEB-SERVICES
- "Access Denied" - User's Permissions to S3 Bucket
- Cohort analysis with Amazon Redshift / PostgreSQL
- Using Amazon KMS service on Heroku
- can't ssh in after cloning an EC2 instance on Amazon AWS
- Using HDFS with Apache Spark on Amazon EC2
- How can I access Mule ESB Community edition via browser?
- AWS EC2: Migrating from Windows to Linux Server
- AWS ELB Load Balancer: is it possible to set multiple session cookies?
- AWS Flow Framework: Can we run activity worker and activity task on different EC2 instances
- Unable to access files from public s3 bucket with boto
- Cloudfront stream only part of the video
- s3cmd not working as cron-task when echos/dates are added
- How to deploy django 1.8 on Elastic Beanstalk using Docker
- InstanceProfile is required for creating cluster - create python function to install module
- How to fix WordPress HTTPS issues when behind an Amazon Load Balancer?
Related Questions in GOOGLE-CLOUD-PLATFORM
- Google Logging API - What service name to use when writing entries from non-Google application?
- Custom exception message from google endpoints exception
- Unable to connect database of lamp instance from servlet running on tomcat instance of google cloud
- How to launch a Jar file using Spark on hadoop
- Google Cloud Bigtable Durability/Availability Guarantees
- How do I add a startup script to an existing VM from the developer console?
- What is the difference between an Instance and an Instance group
- How do i change files using ftp in google cloud?
- How to update all machines in an instance group on Google Cloud Platform?
- Setting up freeswitch server on Google cloud compute
- Google Cloud Endpoints: verifyToken: Signature length not correct
- Google Cloud BigTable connection setup time
- How GCE HTTP Cross-Region Load Balancing implemented
- Google Cloud Bigtable compression
- Google cloud SDK code to execute via cron
Related Questions in GOOGLE-CLOUD-FUNCTIONS
- Deploying multiple Google Cloud Functions from same repo
- Intermittent authentication errors in Cloud Functions
- Functions debugging in VS Code
- Firebase cloud function not triggering when deleting in transaction
- Firebase functions onCreate() onDelete() path specificity
- How to trigger Cloud Function only when child is added to the database?
- Firebase Cloud Functions called multiple times
- 'firebase serve...'. Web service URL returns "Function X in location us-central1 in project Y does not exist"
- Firebase HTTP function accessing userID?
- Google Cloud Function Not Terminating Past Max Function Duration
- GET UID from firebase cloud functions
- Pointing a subdomain to Firebase functions
- Actions on Google TDD or testing environment
- Can't add 2 Cloud Functions?
- ReferenceError: firebase is not defined in cloud functions
Related Questions in AMAZON-SNS
- Production certificates not working for APNS but works for APNS_SANDBOX in AWS SNS
- Amazon SNS delivery retry policies for SQS
- SNS implementtion of IOS
- Handle GCM Canonical Id with Amazon SNS
- How can I use Amazon Web Services policy statement in my Java application?
- Remove amazon logs
- APNS_SANDBOX tokens deactivate instantly on Amazon SNS
- AWS SNS sending with Spring Cloud. Trying to understand
- How to deal with AWS security for SNS
- Amazon sns/sqs offline messages APNS(Pubnub,SNS,APNS)
- AWS SNS push notification
- AWS SNS not sending subscription confirmation for HTTP
- What Json string should it be to send SNS (AWS) message for iOS with sound by AWS Java SDK?
- Extracting message body from the push notification data structure
- Identify original email from Complaint SES notification
Related Questions in HYBRID-CLOUD
- Azure APIM and Hybrid Connections
- Can a precompiled Function App use Hybrid Connections to on-premise servers?
- How to access an OnPremise system from AWS using Node.JS
- Where to place Z/OS license file when push Cloud Foundry PHP app to Bluemix?
- Azure Service Bus: High Availability
- How to trigger GCP cloud function(private) from AWS SNS over http trigger
- Using softwares on Bluemix platform
- Azure Bastion for Hybrid Cloud Environment
- Using IBM Cloud for SaaS API management with on premise gateways
- is it necessary to have Site-to-Site VPN when using Azure VMs with on-premises database?
- Are on-premise Azure Functions suitable for production?
- Azure Service Fabric-based Services: Prerequisite is always a prepared cluster?
- Can a managed AWS service (e.g. Managed Airflow (MWAA)) be used in the cloud on data resources that are entirely on-premise?
- What is the closest latency efficient AWS region for GCP us-central1 region?
- State-of-the-art job scheduling (containers, hybrid cloud)?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
You cannot prevent users from calling your HTTP endpoint as you must make the endpoint public in order for Amazon SNS to be able to call your endpoint. You can validate requests and reject requests (return 401 Unauthorized) that you do not want to process.
There are several methods to validate requests. I am listing the methods from least secure to most secure (also easiest to hardest to implement).
Check the
x-amz-sns-topic-arnorx-amz-sns-subscription-arnfor values you expect in the HTTP POST request headers.Configure SNS to use Basic Authentication using a username and password. Verify both values.
Verify the SNS notification signature. This method requires downloading the Amazon certificate and validating the signature on each request.
Using Amazon SNS for system-to-system messaging with an HTTP/s endpoint as a subscriber