I am new to Google App Engine services. I have a Java Maven project with one module running on app engine flex and other on app engine standard. I am using JWT authentication for App Engine Flex APIs. I want to make a post request from App Engine Standard to App Engine Flex. What should be the best way to authenticate the service?
Also, I have a cron service hitting a particular URL I am using for some backend stuff. How can I authenticate that the request has came from Cron service only?
For checking if the job is coming from the Cron service (assuming you are using the requests module):
is_cron = request.headers.get('X-Appengine-Cron', False)
if not is_cron:
return 'Bad Request', 400
If you are using another module, you just have to check the header from the cron job to make sure it is 'X-Appengine-Cron'
Source: https://cloud.google.com/appengine/docs/standard/python/config/cronref#cron_requests
Related
I have an API running in Google App Engine and I want to introspect HTTP POST body to reject poorly formed calls before it hits my API running in app engine. Is there a way to front an App Engine application whereby I can introspect the URI, the POST body and return a 400 without it actually being processed by my code running in App Engine? Please let me know, thanks.
If you want to inspect HTTP, then you will need to write a proxy application to do so. Neither the Google Cloud Load Balancer nor App Engine support hooking HTTP requests.
Proxies have the MITM (Man In The Middle) problem in that HTTP traffic is often encrypted. You will not be able to inspect that traffic unless your proxy is the endpoint. If you implement your proxy with Apache or Nginx then you can use the ModSecurity project.
Basically, you want to implement a WAF. Google offers Cloud Armor which supports inspecting traffic via Cloud Armor rules.
My team is exploring the possibility of cross-application communication within Google App Engine environment. We have our core Python app running on GAE, and a new NodeJS App running on GAE Managed VM. So far we could only find information on URL fetch service supported in Python, Java, and Go.
Does anyone know if URL fetch service is available in Node running on GAE managed VM?
Or is there other solution my team can use for high-performing cross-application communication within Google's network infrastructure for efficiency and scaling purposes.
The URL Fetch service is not available for NodeJS on app engine. However, for cross-application communication, you can use Google Cloud Pub/Sub. You can use the Google Cloud Client library for NodeJS to access the Pub/Sub service from a NodeJS app running on a flexible VM.
In App Engine I'd like to make http fetch calls to a web server running on an Compute Engine instance, created within the same Google cloud project, and I'm wondering if I can make such calls to the instance without enabling an external IP for it? Are App Engine and Compute Engine instances, from the same project, within the same network and can I call a Compute Engine instance by name from App Engine?
The best way to solve that in the short/medium term is to deploy the VM as a VM-based backend (we are accepting TT applications). You can deploy the VM backend as a different App Engine module of the app. Then you can urlfetch "mymodule.myapp.appspot.com" from the frontend and it will hit your VM without going through the public IP.
You can also serve your app straight from the VM backend. There you can load classes that are blocked by the normal App Engine sandbox (and well as have full access to all App Engine APIs!). The downside with VM backends is that we don't have auto-scaling yet.
This is currently unsupported. Communication between App Engine and GCE must go through the URLFetch API and use a public IP.
I'm developing a Java app in GAE, which offers an API through Google Cloud Endpoints.
Basically it receives requests in the endpoints and uses a number of web services from different providers, stores some data and returns some data through the endpoints...
I understand that my app is conceptually a backend, because it doesn't provide any web page, but only the endpoints, don't you think so?
But there's no way to create only a backend, without being associated to any frontend app, is there? At least Google Plugin for Eclipse only allow you to "Generate App Engine Backend", from an existing app, and moreover this app must be an Android project...
I'm using it as a frontend and there's no problem, but apart from the conceptual issue, I've read that backends are kind of optimized to be backends, with more memory and CPU...
I think you're just confused because the Cloud Endpoints documentation uses the word 'backend' to refer to the entire cloud-hosted server implementation. It doesn't specifically refer to the use of GAE backend instances. Endpoint requests can be served by frontend or backend instances, based on how you set them up and the url being accessed.
From the App Ending docs:
"When an application is called to serve a web request, it must issue a response within 60 seconds"
"App Engine Backends are instances of your application that are exempt from request deadlines and have access to more memory (up to 1GB) and CPU (up to 4.8GHz) than normal instances."
So unless you're requests are doing something crazy, you don't need to use a backend. In the google-plugin-for-eclipse, "generate appengine backend" is talking about creating a backend for your android app... a server for your android app to contact (in this case your android app is the frontend and you're appengine app is the backend). In the example app you can remove the web side (index.html) to the appengine application and you'll have no web frontend. Index.html is using the gapi javascript library to make endpoints calls to your appengine service.
I am new to Google App Engine, I have an existing web application and now I need to integrate that with Google App Engine for https://developers.google.com/appengine/docs/java/mail/receiving purpose, how to do that?
One way would be to write your appengine application with a RPC service
http://googleappengine.blogspot.com/2011/04/introducing-protorpc-for-writing-app.html