Currently facing an issue about creating a notification rule for code pipeline
Resource handler returned message: "Invalid request provided: AWS::CodeStarNotifications::NotificationRule" (RequestToken: 4cf585ed-150e-78ee-6c23-d01870c1dbc4, HandlerErrorCode: InvalidRequest)
My problem is the same as in this StackOverflow post
CDK Unable to Add CodeStarNotification to CodePipeline.
Suggested solutions focus on whether or not access policy on topic is set and this is all taken care in my case
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "AWSCodeStarNotifications_publish",
"Effect": "Allow",
"Principal": {
"Service": "codestar-notifications.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "arn:aws:sns:us-east-1:123456789:PipelineNotifications"
}
]
}
I am importing already existing topic in that stack, that topic already have properly configured access policy so I don’t really understand what’s the problem - tried several times but it never succeeds creating it and it fails.
cdk version 2.31.0
Related
I was following the instructions provided by Codemagic to add a WebHook to CodeCommit. Which includes creating a topic, adding to it a subscription and then configuring Notify in repository.
Anyhow, after merging or changing my master directly no build is still triggered.
Here is my setup:
Webhook in Codemagic:
Topic with a subscription:
Notification rule targets:
What I did notice is that notification target status is unreachable. But I have no clue what it actually means.
Does my problem occur because of the unreachable status?
What exactly does it mean then?
do you reference this document? https://docs.codemagic.io/configuration/webhooks/#setting-up-webhooks-for-aws-codecommit
Have you done following steps and can you see any incoming requests from AWS in Codemagic?
6. In the Codemagic UI, navigate to your application and select the Webhooks tab.
7. Under Recent deliveries, choose the most recent webhook, and copy the subscription link under the Results tab to your browser.
Well, apparently the documentation here has been updated:
https://docs.codemagic.io/configuration/webhooks/#setting-up-webhooks-for-aws-codecommit
There is a configuration that you have to update for your topic's access policy:
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "CodeNotification_publish",
"Effect": "Allow",
"Principal": {
"Service": "codestar-notifications.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "arn:aws:sns:REGION:ACCOUNT_ID:REPOSITORY"
}
]
}
Make sure to update Resource!
"Resource": "arn:aws:sns:REGION:ACCOUNT_ID:REPOSITORY"
Copy ARN from your topic:
Apart from that(as said above) this step is important:
Under Recent deliveries (in Codemagic -> App -> Webhooks), choose the most recent webhook, and copy the
subscription link under the Results tab to your browser.
on a Wordpress site linking to pdfs successfully up till now, adding a new course and associated links to pdfs stored in S3.
here's my bucket policy
"Version": "2012-10-17",
"Id": "Policy1495663956019",
"Statement": [
{
"Sid": "Stmt1495663819956",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Resource": "arn:aws:s3:::courses-example-com/*",
"Condition": {
"StringLike": {
"aws:Referer": [
"http://example.com/*",
"http://www.example.com/*",
"https://example
"https://www.example.com/*"
]
}
}
}
]
}
The bucket has different folders for each course - course1/ course2/ etc
I copy the Object URL from S3 as the link within Wordpress
Here is an example of a link used
Download the course text here.
Some of the links, both those that work or do not (access denied) may have rel="nooperner noreferer", yet some of these work, while others do not. When trying to remove the noreferer - Wordpress just adds it back in.... changing the link to open in the same window is not desired as it loses the student's place in the course...
I am not sure how to check the header for the referer that is likely sent from the different pages... might provide a clue. Also, not sure how to override the Wordpress automatic addition of noreferer.
check S3 permissions, went over the bucket policy carefully, cleared cache, tried different browsers, rebooted, cleared cache on site host side,
ideas?
cheers,
Fred
We are encountering a very strange condition with Apache NiFi and SQS. We are using the AWSCredentialsProviderControllerService to manage our authentication. If we use an unencrypted queue it works fine, however, if using an encrypted queue it doesn't fail but nothing gets written. It doesn't appear to be generating anything in the NiFi or cloud trail logs either. Just wondered if there is anything special that needs to get done to support this condition. If it is failing, we are not able to figure out where that is occurring. Any suggestions or ideas would be greatly appreciated.
I was able to reproduce the silent failure with PutSQS under the following conditions:
SQS Queue configured with server-side encryption using a custom KMS customer master key rather than the default AWS key
AWS credentials used by NiFi had permission to send a message, but not permissions to use the custom KMS key
The solution was to provide NiFi's AWS credential with the permissions to use both SQS and KMS. I found the example policy below documented in What AWS KMS Permissions Do I Need to Use SSE for Amazon SQS?:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"kms:GenerateDataKey",
"kms:Decrypt"
],
"Resource": "arn:aws:kms:us-east-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab"
}, {
"Effect": "Allow",
"Action": [
"sqs:SendMessage",
"sqs:SendMessageBatch"
],
"Resource": "arn:aws:sqs:*:123456789012:MyQueue"
}]
}
How can I do h2 server push with firebase/google cloud functions? I want to implement something like this - h2 server push only with firebase functions. The polymer team says they did it here - Polymer HNPWA - but looking at the functions code, I don't see that they actually are. Any help/direction appreciated.
One way to configure H2 Server Push, is to set the 'Link' header to indicate what resources you want to preload.
You can actually do this through the firebase.json file, like its done for the Polymer HNPWA example: https://github.com/Polymer/hn-polymer-2/blob/master/firebase.json
For instance:
"headers": [
{
"source": "/*",
"headers": [{"key": "Link", "value": "</myscript.js>;rel=preload;as=script,</mydocument.html>;rel=preload;as=document"}]
}
]
indicates that for any request against /*, a push of myscript.js and mydocument.html will be triggered.
Hope it helps.
I've recently upgraded our PBX to Asterisk 13, in the hope that the new REST API and WebSockets support would solve some problems we were having with tracking calls via the AMI.
We're building a C# application that will sit in the Windows tool tray and bring up information based on caller ID by querying our CRM whenever a user makes or receives a call.
Can someone clarify if it's possible via WS to subscribe to a WS channel that reports all (or even just extension specific) events taking place on the PBX?
In terms of progress made so far, I've used Swagger to explore the ARI, and the channel information given back via the channel endpoint (e.g. http://10.0.0.1:8088/ari/channels?api_key=admin:secret) looks perfect:
[
{
"id": "1466860766.240522",
"name": "PJSIP/905-00000c74",
"state": "Ring",
"caller": {
"name": "",
"number": "020xxx"
},
"connected": {
"name": "CID:020xxx",
"number": "07xxx"
},
"accountcode": "",
"dialplan": {
"context": "macro-dialout-trunk",
"exten": "s",
"priority": 22
},
"creationtime": "2016-06-25T14:19:26.040+0100",
"language": "en"
},
{
"id": "1466860766.240524",
"name": "SIP/siptrunk-000003fc",
"state": "Down",
"caller": {
"name": "CID:02033554047",
"number": "07xxx"
},
"connected": {
"name": "",
"number": "020xxx"
},
"accountcode": "",
"dialplan": {
"context": "ext-did",
"exten": "07xxx",
"priority": 1
},
"creationtime": "2016-06-25T14:19:26.264+0100",
"language": "en"
}
]
That channel information gives us everything we need in a concise, easy to digest format - PJSIP channel (i.e. the extension), state, outgoing trunk CID, and outbound number being dialled.
However, the /events endpoint as far as I can see depends on you creating an 'application' within Asterisk (from what I can gather like a conference or such?) - and despite two days of trying various things using wscat and reading documentation I can't see any way whereby you can subscribe to a WS channel that will give you all events back similar to the JSON above.
Am I misunderstanding the intentions behind WS support with Asterisk 13? Is it not meant for this purpose? Is there a better way to achieve my aim without polling /channels? Any help/pointers appreciated.
I think that Asterisk WebSockets support is intended for interop between WebRTC browser and Asterisk. It's common to use WebSockets to transport SIP messages from web-browser (look at the SIPml and JSSip). So, it's not ami replacement.
Update: it seems that now Asterisk use websockets for ARI also, so my initial suggestion is wrong, sorry. So, according to another stack overflow question you should use 'application'.