How can i control the aws iot by ec2 instances - aws-iot

I want to control the IOT devices via my EC2 instance. Is it possible ? I am running my program in aws ec2 .And i am locally able to control the devices. How can i connect with ec2 with AWS IOT

Related

Is Google Cloud VPN only compatible with Compute Engine instances?

Use case: I am managing both GCP infrastructure and local infrastructure and am looking for a way for an app on Google App Engine to send data to/from a MySQL database on the local infrastructure, which is behind a VPN. I've set up and tested a Cloud VPN Gateway and VPC Connector that allows a Google Compute Engine instance to connect to the MySQL database and send and retrieve data.
Per this thread, and my own experimentation, the Google App Engine standard environment cannot currently connect to a local network via Google Cloud VPN directly. I've also been testing Cloud Function and Cloud Run to see if they can connect with the Cloud VPN, and it seems that they also have this limitation.
What I'd like to confirm is that only the Google App Engine flex environment OR a Google Compute Engine instance can connect through Cloud VPN. Google's documentation across all these resources doesn't ever outright say whether any of them can connect to Cloud VPN through a VPC Connector (just that they can connect to GCP networks via VPC Connector), so I'm hoping someone here can corroborate my testing. Additionally, is there any other GCP resource that can make use of this functionality that I've missed?

Is it possible to connect to a database stored in Google Cloud VM instance from a Google App Engine instance without using a VPC connector?

I have a project running on APP Engine that must connect to a database located on a Google Cloud VM instance. The project works normally when I run it from my local machine but after deployment it can't connect to the database. After some research I found out that we can use a VPC connector, but this is not a free service. As far as I could understand, the VPC connector allows me to use the internal ip instead of an external ip. For me, there would be no problem using an external ip, but I don't know if that's possible (I'm using a standard GAE environment). Is there any other way to make the connection works without using the VPC connector?

Connect Google App Engine to a IPSEC Tunnel

I'm not an expert in networking so excuse the bad wording.
I have a Google App Engine service running in Google cloud (Standard environment). I need this service to access a VPN (i.e. ip-addresses in that VPN setup). How can I set this up with an IPSEC tunnel? I've looked a bit at Google VPN but it most seems how to setup a VPN Server, I want to be the client to an external VPN network so my App Engine service can access computers on that VPN.
Thanks
As other members have pointed out, there is no a direct way to connect GAE Standard service to a resource inside an external, on-premise, VPN. However, there some approaches.
There is a feature called Serverless VPC Access that allows GAE Standard to connect to other Google Cloud resources through an internal IP, but here is the interesting part:
Serverless VPC Access supports communication to VPC networks connected via Cloud VPN
Looking at the tutorial on Connecting to a VPC network, it is mentioned something similar to what I understood you are trying to achieve:
Your app needs to access data from your on-premises database through Cloud VPN.
The first step I would say is to connect your VPN to Cloud VPN. Since I'm not expert in those matters I'd suggest you take at its documentation.

Accessing files on FTP server through custom VPN from app deployed on App Engine Flex: doable?

I have the following use case:
Application is deployed on App Engine Flex environment.
Application fetches data from an FTP server on API request.
FTP server can only be accessed through a custom VPN.
Can I access the FTP server from an App Engine Flex environment? If so, what would I need?
Apologies if this is not clear, I am not a network/devOps person.
As a solution, you can connect your on-premises network and application deployed to App Engine Flex via Google Cloud VPN:
Cloud VPN securely connects your peer network to your Google
Cloud (GCP) Virtual Private Cloud (VPC) network through an
IPsec VPN connection. Traffic traveling between the two
networks is encrypted by one VPN gateway, then decrypted by the other
VPN gateway. This protects your data as it travels over the internet.
You can also connect two instances of Cloud VPN to each other.
App Engine Flexible Environment is based on Google Compute Engine and consequently can connect to your remote network via Cloud VPNs. As described in the documentation Configuring your App with app.yaml, you can specify network settings in your app.yaml configuration file:
... app in App Engine is configured using an app.yaml file, that
contains CPU, memory, network and disk resources, scaling, and other
general settings including environment variables.

AWS EC2 Linux take iOS client command to execute python script to query database in RDS

I currently have an EC2 Amazon linux instance running, I have some python scripts I have created and stored in my cgi-bin. I am having my iOS client (iPhone app) make an http request to execute the python scripts located in the cgi-bin directory of my EC2 instance, which then the script makes a request or insert into my MariaDB which is hosted on a remote database server by the RDS service provided by amazon.
Is this a safe practice method to execute commands? I want to know whats the best way to make calls into the RDS database from the EC2 instance that gets triggered by a python script which is called from an iOS device. Should I take a different approach?
The security of your RDS database is dependent on the security of your python script. If you have configured your EC2 and RDS instances correctly they should be in the same VPN and your RDS instance should not be exposed outside of the VPN.

Resources