Failed to create cloud account while adding an Object Storage Service - storage

I am Trying to create a new free Object Storage Service for testing - and I am getting error:
Service broker error: {"description"=>"Failed to create cloud account."}
I have other Bluxmix services created, and can remove/create other services.
I am only receiving this error while trying to add the IBM Object Storage

The object storage service has some issue. You can see the service's status on status page here: http://ibm.biz/bluemixstatus
You can also be alerted of any notifications by subscribing to the RSS feed for the Bluemix Status page. This approach provides a way for you to get updates without having to regularly consult the status page.
Use the Support Widget to open a ticket. It is available from the user avatar in the upper right corner of the main Bluemix UI. After opening the support widget panel, select Get Help > Get In Touch, select the type of assistance you need, and then fill out the support form.
Use the Support Site 'Get Help' form. This form is available on a separate site that is made available for ticket submission when you cannot log into Bluemix and access the Support Widget. Go to http://ibm.biz/bluemixsupport and fill in the support request form.

I was seeing the same error with Object Storage. I contacted Bluemix support and they told me this error was occurring because "my name had raised a false flag against the U.S. debarred parties list." They said this is very rare, and the only way to fix the problem is to contact support with a request.
To contact support:
Login to Bluemix
Open the account tray by clicking the avatar in the top right
Click “Get Help”
Click “Get In Touch”
I'm now able to provision Object Storage.

Related

Unable to get Salesforce ClientID and SecretID

I'm attempting to use Outh authentication for my PHP request to Salesforce but I can't get my ClientID and SecretID for my app.
I normally have an option to View these values but for some reason I'm unable to view them with an administrator login.
I created a new App and was able to get the credentials successfully, so I know it's not the account permissions preventing me from accessing this information.
Does anyone with experience of Salesforce have any experience with an inability to get these details?
Thanks!
Is it a normal app created in this org or managed connected app, coming from installed package? You can't see secrets of managed app.
For normal app they're hidden behind a button. For me clicking it takes me to email challenge (provide OTC or one-time code we've sent to your mailbox). Completing that I can access the page with key and secret I can copy-paste.
Your user might be misconfigured. Try to fish around with browser's source inspector, maybe the button's there but doesn't render?
<input id="appsetup:setupForm:details:oauthSettingsSection:manageConsumerKeySecretSection:manageConsumer" type="submit" name="appsetup:setupForm:details:oauthSettingsSection:manageConsumerKeySecretSection:manageConsumer" value="Manage Consumer Details" class="btn gsbutton">
Is your email valid in this org (maybe it's a fresh sandbox with ".invalid")? Do you use Multi Factor Authentication? Do you think you have "high assurance session" configured when accessing certain areas of setup? Can be in Setup -> Session Settings or in your Profile
thank you for writing back to me regarding the issue.
The issue I encountered was trying to get the API credentials for an existing app but I was able to create a new App which is posting the Leads successfully into the system.
So the answer to my problem was that the original app was misconfigured when it was created and I was able to create a new App to resolve the problem.

'gcloud alpha iap oauth-brands create' getting INVALID PARAMETER

For some reason I deleted so called brand entity at my gcloud console. Now I want to create new one using the command in the console:
gcloud alpha iap oauth-brands create --application_title='EmojiRave' --support_email='rebelusgames#gmail.com'
But the console returns me back : INVALID_ARGUMENT: Request contains an invalid argument.
I've used different formats (using brackets and without them)
I've checked whether I have enough permissions to do it (I use owner account, so it's enough permissions)
I'm desperate.
There are two potential reasons for the failure:
1. Incorrect email address. According to the docs: "This [support] email address can either be a user's address or a Google Groups alias. [...] Note: The user issuing the request must be an owner of the specified support email address."
2. Project is not in an organisation. According to this source (see under limitations): If you're [..] outside a Cloud Orginization most likely you'll get an error on step "Creating oauth brand".
Overall, my suggestion is to update the OAuth Consent Screen via GCP Console.
Go to the Google Cloud Platform Console.
From the projects list, select a project or create a new one.
If the APIs & services page isn't already open, click on the Navigation Menu on the upper left and select APIs & services.
On the left, click OAuth Consent Screen.
Click Edit App.
First, it's not possible to delete the OAuth Consent Screen (Brand) once created. This can be seen from #DaImTo's answer, and the lack of delete option in both gcloud command and in the console.
I also tested your command on my Cloud Shell and it works fine as well. I've checked the documentation with regards gcloud alpha iap oauth-brands and it is currently in ALPHA state. It may change without prior notice and it may not be stable or work to all users. If you still want to use the CLI and request to be allow-listed regarding this command, my suggestion is to contact sales, as instructed on the issue tracker you've made.

Request, Response and Event tabs are missing for certain users when viewing webhook history

Some users in our client's Azure DevOps Server (on-prem) instance are unable to see the Request, Response and Event tabs when they view the history for webhooks. Other users can see the tabs.
The issue is as follows...
Under Project Settings --> Service Hooks, my client has a number of service hooks/webhooks defined.
When clicking the ellipse menu next to a Service Hook and selecting "History" it opens a modal window showing previous "runs" of the service hook in question.
On the right hand side of the modal window there are several tabs. Summary, Request, Response and Event (Screenshot attached)
Some users are unable to see the "Response", "Request" and "Event" tabs.
Some more background... The users in question cannot be placed in the "Project Collection Administrators" group due to company policy. They have been given "EditSubscription" permissions using tfssecurity.exe command line but it's still not working. I was hoping there might be a way to give them the required access using the REST API but it seems like the Azure DevOps CLI does not work with Azure DevOps Server 2019?
If anyone else has any advice I'd appreciate the help.
Thanks in advance.
Devon.
You should be able to grant a regular project user the ability to view and manage service hook subscriptions for a project.
tfssecurity /a+ /collection: https://dev.azure.com/fabrikam-fiber-inc/DefaultCollection ServiceHooks PublisherSecurity/abcdef00-abcd-0000-0000-abcdef000000 EditSubscriptions n:fabrikamfiber4#hotmail.com ALLOW
Make sure you used the command with same format and the users also have View subscriptions permission.
Take a look at What permissions do I need to set up a subscription?
Q: What are the security implications of granting Edit subscriptions
and View subscriptions permissions?
A: The user with these permissions can see all subscriptions created
in the project and the notification history for those subscriptions.
That user can then create any type of service hook subscription in
that project. If the user sets up a subscription for a resource that
they don't otherwise have permission to access, the subscription won't
get triggered.
For example: if I don't have access to work items in area path XYZ,
and I set up a subscription to the work item update events, I won't
get notifications for updates to work items in area path XYZ. However,
if another user who does have access to the work items in area path
XYZ is receiving those "work item update" events, then I could see the
notification history of that other user's events, which includes work
item data that I don't otherwise have access to.
If users are still not able to view those tabs with granting both Edit subscriptions and View subscriptions. Suggest they completely sign out the browser and clear cache. Then login in TFS web portal again. Which may do the trick.

Microsoft Graph API Problems iOS : Unable to Complete Request Validation Error

I have registered my application here.
I have given all permissions to my App in that panel as well.
I specifically need Groups.ReadWrite.All which requires an admin ? requirement I am not sure what this even means.
https://apps.dev.microsoft.com/#/application/
Okay App is registered and redirect url has been copied.
Now I take that redirect url copy it and paste it into the admin panel for apps. At this link at App Registrations
https://portal.azure.com/
I am not sure why I have to register in two different panels, one which gives me a redirect url for my native app and the other that leaves it blank.
Great So then I setup my iOS app to make a graph request. This scope
https://graph.microsoft.com/Calendars.ReadWrite
I need to readwrite groups so I add this permission
https://graph.microsoft.com/Group.ReadWrite.All
It fails to authenticate.
I have checked that I have added the permissions to my app, and I have at this app registration panel https://apps.dev.microsoft.com/#/application/
Then I try to add the same permissions in the
https://portal.azure.com/
it gives me
Unable to Complete Request Validation Error, then doesn't do anything.
I tried to add a non admin permission same error.
So what is going on here ... ?
So even though they told me use the Graph API from now on moving forward in the docs I tried to go back to their office 365 SDK for iOS, it also has problems as I cannot get the pods to work as per instructions.
I am 100% sure after this issue is resolved I will need permissions
Note: I work at as a consultant for a bank so if someone can tell me what the azure administrator at the bank has to do to get my permissions escalated to admin status that would be great....
Thanks
Those are 2 different registrations,
Per this documentation (https://graph.microsoft.io/en-us/docs/authorization/auth_overview), for personal accounts like live.com or outlook.com, use the Azure AD v2.0, and for the enterprise, use the Azure AD.
So, for your case, I believe you need the latter, the azure AD.
For this to happen, as you said, go https://portal.azure.com/ and add the app registration.
In order to do so, you would need to
select "Azure Active Directory" and go "App registrations".
Once you create an app, you would need to select "native" for the iOS, and then under app access, under "required permissions" add "Microsoft Graph" followed by selected permissions you would like.
To answer the note, you would need permissions to create an app at the portal, otherwise, you would need to ask for that permission or have the admin create an app for you.
Some samples are available at https://github.com/microsoftgraph/ios-objectivec-connect-sample and https://github.com/microsoftgraph/ios-swift-connect-sample for iOS samples.
Hope this helps!

AWSMobileHubHelper DynamoDB AccessDeniedException

I'm using the Swift AWS Mobile Hub Helper to build my iOS app and connect to my DynamoDB database. I can see that after logging in using a Facebook SignInProvider I'm getting an assumed role arn for an authorized role for the table I'm trying to connect to, but when I try to use the load method on my DynamoDBObjectMapper I get an error telling like this:
is not authorized to perform: dynamodb:GetItem on resource
I tried downloading a new base app from the mobile hub page and making no other alterations but to point it to the new table but it had the same error. My colleague is building an android version of our app and he is able to connect to the database and he says that he made no changes to how he connects so I'm unsure as to what is causing the error.
EDIT: I've been looking at the federated identity pool that I'm ostensibly being assigned and the identity id that cognito is assigning my device (the simulator) is appearing there if I search for it with the dataset that my code is creating.
For each table in your Mobile Hub app, Hub creates an IAM role policy, and attaches it to the policy your users assume. If you look under your auth/unauth roles for the app (it will have the Mobile Hub project name in it). You should see a list of attached policies. One of those policies will be for the table you created in Hub. If you want that policy to have expanded capabilities, or in your case give access to a different table. You will either need to edit the policy or create a new policy.

Resources