Due to security policy, connecting to AWS programmatically with PowerShell using an Access/Secret Key is not allowed at our organization anymore, and needs to be replaced with AWS SSO. But I didn't find any clear documentation on how to actually connect to AWS with PowerShell, using AWS SSO. On AWS official documentation for PowerShell Cmdlets, I can see a cmdlet named: Close-SSOSession, which is very straight forward about what is does. but which cmdlet is used to open the session in the first place? I would expect something like: Open-SSOSession. I also need to mention, that we are not allowed to install AWS CLI V2 on our Windows servers, as only the AWS PowerShell Module is approved to use by developers.
Related
I'm trying to make a request in Go client.AnnotateVideo(ctx, &annotateVideoRequest) to the Google Cloud Video Intelligence API using the package cloud.google.com/go/videointelligence/apiv1.
I noticed that if I'm on a Google VM, i don't need any credentials or environment variable because the API says:
For API packages whose import path is starting with "cloud.google.com/go",
such as cloud.google.com/go/storage in this case, if there are no credentials
provided, the client library will look for credentials in the environment.
But I guess I can't authenticate because I'm running a Docker Container inside the Google VM, and I don't know if I really need a credentials file in that docker container, because I don't know if the library automatically creates a credentials file, or it just check if there is a $GOOGLE_APPLICATION_CREDENTIALS and then use that (But that makes no sense. I'm on a GOOGLE VM, and I'm supposed to have that permission).
The error is:
PermissionDenied: The caller does not have permissions
Some links that might be helpful:
https://pkg.go.dev/cloud.google.com/go/storage
https://cloud.google.com/docs/authentication#environment-service-accounts
https://cloud.google.com/docs/authentication/production#auth-cloud-implicit-go
https://cloud.google.com/video-intelligence/docs/common/auth#adc
Thanks in advance!
I am trying to use the snowflake connector inside docker container. I want to use the externalbrowser authenticator so that I can make connection using Okta credentials but the connector is failing with below mentioned error.
DatabaseError: (snowflake.connector.errors.DatabaseError) 250008 (08001): None: Failed to connect to DB: xx.snowflakecomputing.com:443, Unable to open a browser in this environment.
(Background on this error at: http://sqlalche.me/e/13/4xp6)
As an aside, I'd recommend removing your account name from the question (shown in the error).
You are correct that the "externalbrowser" option is a browser-based SSO. It might be possible to get this running a docker container with some extended software and configuration, but I wouldn't recommend it as it doesn't seem worth the effort.
Instead, there's alternative SSO authentication methods you can look at such as Native SSO Okta, key-pair authentication, or external OAuth. These won't require the browser.
I want to try out continuous deployment with Jenkins on Google Kubernetes Engine. Of course, by using the Jenkins API Rest.
I have gone through https://cloud.google.com/solutions/jenkins-on-container-engine-tutorial
I got Jenkins running. The problem is with regard to the Jenkins API Rest when I try to consume it by using Postman or curl. I'm prompted to Sign in to continue to Google Cloud Shell.
By using curl
curl -X GET https://8080-dot-3828316-dot-devshell.appspot.com/job/dev.ci/api/json\?pretty\=true --user USER:TOKEN
Found.
In Postman
In incognito window
My problem was related to the fact that I didn't expose the service properly. I was using the preview URL that Google provides you. So I had to follow the architecture shown here: https://cloud.google.com/solutions/jenkins-on-kubernetes-engine?fbclid=IwAR19Dl_kUSGzK1cfqyYA1s9cNt26CBnSgXf6zV104NGtIiXNtpTTKrfo3TI. I had to expose my jenkins ui as a NodePort and learn about ingress.
we have the following situation. A Open Source Cloud Foundry installation and an independent Gitlab installation. I would like to use the Gitlab Token to identify User in the CF UAA, means everybody registered at the Gitlab is able to use CF.
Is there a possibility to combine this two system?
This is currently not supported by UAA.
We have plans to add supports for Generic OAuth 2.0 based external identity providers in the future.
I have used Bitnami VM to deploy Parse Server on Azure but I cannot seem to be able to access Parse Server Dashboard. What URL is it available on? Do I need to open any ports?
Just an update on this. A new version of Parse Server provided by Bitnami is now available in the Azure Marketplace. The new version does include the Dashboard.
Have you been following Bitnami instructions?
It states you can access the dashboard using this URL: http://[server-IP-address]/parse
This means only TCP/80 port needs to be open (on your Network Security Group if you use one or in your VM ACL if you don't).
You have now other (probably easier) options to deploy Parse Server on Azure:
using a dedicated ARM template leveraging Azure services (App Service, DocumentDB, Notification hub, ...).
using Azure App Service with the original Facebook/Parse version with MongoDB.
I've got it. The bitnami guys were kind enough to reply to me for this topic:
You can launch the latest Parse version that ships the Dashboard from https://vmdepot.msopentech.com/Vhd/Show?vhdId=64574&version=66817 It could take some time to be available in the Azure Marketplace
So bottom line, use the image from VM depot and not the one on Azure Marketplace as it is an old one and doesn't include the Dashboard.