How to use ses dedicated ips, if auto warm up is disabled? - amazon-cognito

I am using a dedicated ip for my ses region. But for some reasons I am not receiving mails from that dedicated ip.
I have disabled the auto warm up process for my dedicated ip pool. As far as my understanding all the mails should go from the dedicated ip. But its not happening.
I am using amazon cognito user pool for user management and expecting to receive inviation and forgot password email from the dedicated ip we have.

Recently aws-congnito has added an option to use developer ses apart from what congito user pool uses internally. As of now, one can use that option only from user pool dasboard, from messgae customization part.

Related

Authentication logs monitoring GCP

How can I monitor the authentication logs on the Google cloud platform?
For example, to check if someone has tried to make unauthorized access.
With Admin Activity audit logs you will be able to answer the questions of "who did what, where, and when?" within your Google Cloud resources. It provides the following audit logs for each Cloud project, folder, and organization:
Admin Activity audit logs
Data Access audit logs
System Event audit logs
Policy Denied audit logs
You can obtain more information on Cloud Audit Logs, It will be useful to see all the events that happen into your projects, but it might not be useful for the information you want to see.
Nevertheless, there is a tool Event Threat Detection that uses log data from inside your systems and when a threat is detected, Event Threat Detection writes a Finding to Security Command Center and to a Cloud Logging project.
For example:
Event Threat Detection detects brute force of password authentication SSH by examining syslog logs for repeated failures followed by a success.
But this feature is available only for Security Command Center Premium tier.
On the other hand you mentioned that you have some VM instances and want to prevent attacks.
I recommend you to check the following documentation: Securely connecting to VM instances
There are several methods for protecting services on VMs with external IP addresses explained in this document, including Firewalls, HTTPS and SSL, port forwarding over SSH, and SOCKS proxy over SSH.
For example, by creating firewall rules, you can restrict all traffic to a network or target machines on a given set of ports to specific source IP addresses.

Which address are accessed when I use the GCM (Google Cloud Messaging)?

I'm faced with a problem when trying to access the GCM from a controlled environment that restrict me to a few websites that I can access. In this environment I need to specify what websites I would get access. At first time, I allow the https://android.googleapis.com/gcm/send to free access, but it does not work. Only when I allowed the whole http://google* (notice the asterisc) that worked fine, but I don't can let that mode.
Anybody knows the whole list of websites that are accessed by GCM, in order to register them in my firewall whitelisting?
From the GCM Http Connection server documentation, it states that:
Note: If your organization has a firewall that restricts the traffic to or from the Internet, you need to configure it to allow connectivity with GCM in order for your GCM client apps to receive messages. The ports to open are: 5228, 5229, and 5230. GCM typically only uses 5228, but it sometimes uses 5229 and 5230. GCM doesn't provide specific IPs, so you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169.
So you need to configure you ports for 5228, 5229, and 5230.

Amazon AWS Security Group - Allow Microsoft Azure Web App IP Address

This is the first time I've published a web app on Azure. I have a SQL Server database on Amazon AWS that I'm connecting to. I need to set the security group to allow the Azure Web App to connect. How do I get the IP address of the Azure web app?
From what I understand about Azure, the web apps have a rotating IP address because they're on shared servers. What can I tell the security group to allow?
Check this Azure Outbound Address
There can be only 4 IPs your web app can have. Add 4 rules to your SG, one for each IP. It is much safer than allowing a larger CIDR block.
As MS updated their portal, So it would look like the attached screen shot.

is it safe to open Google SQL instance for any IP but with SSL connection only?

I have an application that using Google mysql database anywhere, so I opened my instance for any ip address by whitelisting the subnet in this way :0.0.0.0/0
But I also made it available for ssl connections only with certificates and now I am connecting with that way.
Is that secure enough ? And will it be possible for the hackers to hack my database ?
Thank you
If you are using the 'Only allow SSL connections.' then you should be reasonable safe. I would also recommend using the mysql passwords.
Note that the SSL verification is done by mysqld so the instance needs to spin up to check each connection that passes the IP ACL. If you use whitelist then 0.0.0.0/0 then anyone can spin up your instance. This is not an issue for the monthly plan but it will probably be if you plan to take advantage of the on-demand mode.
If you're opening up the IP ACL to the entire internet, I'd definitely suggest requiring SSL for the incoming connections. You can do that via Developers Console: Go to the database instance details page, click "ACCESS CONTROL", and check the "Only allow SSL connections" check box.

Internal SMTP relay

internally, our organization limits what servers and applications can send emails. I would like to be able to have scripts that could be run on any server send an email when done. Is it possible to install IIS SMTP on a single server and have that relay all mail the servers send to our standard relay servers? All the advice I see on the internet talks about configuring relays for outbound connectivity, but this would be for internal use only. the flow would be something like this, I believe
[any server] --> My SMTP relay --> corporate SMTP relay --> Internal Mail system
Is this doable? if so, any links on how to configure? I have nearly zero SMTP knowledge.
Doable, you should search for "SMARTHOST SMTP" in google. If your mail server limits relaying to specific HOSTS/IP address, you'll still need to add the new server to the relay list. Setup will be a little different depending on you mail server/version (Exchange, IIS SMTP).
SMART HOST for Exchange:
http://www.dnsexit.com/support/mailrelay/exchange/setup.htm
I have a similar setup to what you have described. You might want want to check if your SMTP server allows relaying for authenticated users, since this might allow you current script to send emails using a domain/email user account.