AWS Device Farm and intranet integration through laptop - intranet

I have a mobile application developed in Xamarin that works in the proximity of a wifi (island network, no internet). I can connect the simulators on my MacBook via ethernet to the intranet. But is there a way to connect devices on AWS Device Farm to that and test on multiple devices?

AWS Device Farm has a feature to support VPC endpoints.
So essentially, if your endpoint can be put behind a VPC or have an endpoint (proxy) on AWS that can talk to your endpoint then the device and the host machine on which your tests run will be able to talk to your desired endpoint.
Here is a reference about it:
AWS Device Farm VPC feature

Related

Difference between AWS IoT Device SDKs and AWS IoT Device Client

I am learning the way to use AWS and searching to understand the Difference between AWS IoT Device SDKs and AWS IoT Device Client.
Finally, I want to use Raspberry Pi for Telemetry, but which set of tools should I use AWS IoT Device SDKs OR AWS IoT Device Client.
Since you are working with Raspberry Pi, I would recommend you to use AWS IOT Device sdk. Specifically AWS IOT Device SDK for Python or Nodejs. Further using AWS IOT Device SDK :
Register Thing in AWS IOT Console
Register Certificates and Download them
Copy over Certificates to Raspberry PI
Use Sample Application provided in AWS IOT SDK GitHub and connect to AWS IOT and start publishing messages.
Here is the helpful repo to get you started : https://github.com/aws/aws-iot-device-sdk-python
AWS IoT Device Client looks like a complete software running on Linux (according to AWS description). AWS IoT Device SDKs on the other hand are libraries that allows you to connect your devices to AWS-IOT through mqtt and websockets protocol.
I personally would go with the classic SDKs approach for the reason that not enough information other than AWS Docs are available for Device Client so far
You can use the IoT Device client to embed within the Firmware of a Device however AWS IOT SDK is more of a library for accessing AWS resources programmatically.

How to connect a mobile app to IBM Blockchain

I am trying to link a mobile app to the IBM Blockchain network, and I do not see any options for mobile app linking.
Should I use the connection profile?
The IBP connection profile provides minimal information for an application to use the discovery service to discover your IBP Blockchain network. This connection profile is in a format that can be consumed easily by the gateway apis found in the fabric node sdk and fabric java sdk that you could use to write a client application or a client server that could process requests on behalf of a mobile app for example

Google App Engine equivalent VPC Peering with MongoDB Atlas

I find it odd that it's common to host your DB miles away from your webserver, which makes little sense to me.
Also, the cost of serving data from your DBaaS to your PaaS web service and back, then from the web service to the end user, means you're paying more than double as much.
Ideally, I would want a PaaS that scales really well and can host my database and web in the same region at least, while also minimizing costs.
I see many articles on how to do this the AWS way, with VPC Peering. While GCP has VPC also, I have not figured out how I can enable Google App Engine to exist in the same private cloud as a GCP hosted MongoDB Atlas cluster.
Is it possible? If so, how?
If the answer is "just use AWS then", unfortunately AWS does not have the desired PaaS per say, other than another 3rd party like Heroku, that then won't do VPC Peering.
Edit:
VPC peering is now available for GCP and Azure as well.
Original post:
It is not possible to have Google App Engine and a GCP hosted MongoDB Atlas cluster in the same Virtual Private Cloud.
Since they are different projects each one is in a different Virtual Private Cloud. The only way for the two VPCs to communicate internally would be VPC Peering, which is not currently supported. So the only way for them to communicate is publicly, by adding the IP addresses of the GCP services in the whitelist of the Atlas project.
Atlas VPC Peering Documentation:
Atlas does not support VPC Peering for clusters deployed on Google
Cloud Platform. For Atlas clusters deployed on GCP add the IP addresses of your GCP services to Atlas project IP whitelist to grant those services access to the cluster.
Choose the region of your MongoDB Atlas cluster to be the same as your Google App Engine application. Having the services in the same region minimizes latency and network costs.

Is there a way to deploy internal facing applications in Google App Engine?

Is there a way to deploy "internal facing" applications in Google App Engine. AWS offers this capability as explained here and so does Azure as explained here.
What is the GCP equivalent for this? It appears App Engine Flexible Environment could be the answer but I could not find a clear documentation on whether Flexible Environment is indeed the way to host intranet facing applications. Is there someone from GCP who can advise?
Update
I tested the solution recommended by Dan recently. Listed below are my observations:
App Engine Flex allows deploying to a VPC and this allows VPN scenarios. The VPN scenarios however is for connections (originating) from App Engine to GCP VPCs or to other networks outside GCP which can be on-prem or in another cloud.
Access (destined) to the app itself from a GCP or another network is always routed via the internet facing Public IPs. There is no option to access the app at a private IP at the moment.
If there's another update, I will update it here.
Update 28Oct2021
Google has now launched Serverless Network Endpoint Group(NEG)s. With this users can connect AppEngine, Cloud Run & Cloud Function endpoints to a LoadBalancer. However at the moment, you can only use Serverless NEGs with an external HTTP(S) load balancer. You cannot use serverless NEGs with regional external HTTP(S) load balancers or with any other load balancer types. Google documentation for Serverless NEGs is available here.
I'm not sure this meets your requirements, but it's possible to set up an App Engine Standard application (not certain about Flexible) such that it is only accessible to users logged into your G-Suite domain. This is the approach I've used for internal-facing applications in the past, but it only applies if your case involves an entity using G-Suite.
You can set this up under the App Engine application Settings, under Identity Aware Proxy.
In this scenario the application is still operating at a publicly accessible location, but only users logged into your G-Suite domain can access it.
It should be possible with the GAE flexible environment. From Advanced network configuration:
You can segment your Compute Engine network into subnetworks. This
allows you to enable VPN scenarios, such as accessing databases within
your corporate network.
To enable subnetworks for your App Engine application:
Create a custom subnet network.
Add the network name and subnetwork name to your app.yaml file, as specified above.
To establish a VPN, create a gateway and a tunnel for a custom subnet network.
The standard env GAE doesn't offer access to the networking layer to achieve such goal.

how to register device to azure iot hub from device(with iot client c sdk)

I couldn't connect my iot device to azure iot hub to register device.
I saw some example in node.js and c# sharp client sdk. But I couldn't find for c sdk. Is it possible register device (obtain credential) from client side?
How can I connect my device to iot hub?
I tried to use this code:
https://github.com/Azure/azure-iot-sdk-c/blob/master/iothub_client/samples/iothub_client_sample_mqtt/iothub_client_sample_mqtt.c
Also I used this article for help: https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-device-sdk-c-intro
Very important: you don't want a device to create a new identity on its own in IoT Hub as that would mean that the device has credentials to manage the IoT Hub instance. This is a considerable security risk.
This is one of the main reason why we have 2 types of SDKs: service client SDKs and device client SDKs.
The service client SDKs are meant to be used in back-end applications that will manage the Hub, while the device client SDKs are meant to be used on devices. This allows to keep control of your IoT solution and prevent a rogue compromised device to start messing around with the other devices or your data.
You can actually find a C service client SDK in the C SDK repo under the folder "service" if you want to develop a back-end or management application in C.
Now, all that said, what it seems you are actually looking for is for a secure auto-registration mechanism, which is something we don't have yet on Azure IoT Hub. You can actually vote this feature up on uservoice here, as we are using this to help prioritize the upcoming features of the service.

Resources