Based on Google Documentation, the Activity that is returned by Reports API, should contain ipAddress:
ipAddress (string)
IP address of the user doing the action. This is the Internet Protocol (IP) address of the user when logging into Google Workspace, which may or may not reflect the user's physical location. For example, the IP address can be the user's proxy server's address or a virtual private network (VPN) address. The API supports IPv4 and IPv6.
But I've noticed that sometimes it does not return ipAddress inside Activity payload at all (so there is no even key ipAddress inside the payload). I thought it could be related to Anonymous users, but it's not, I have events where the actor is a specific user but there is still missing ipAddress.
Any idea why? And how can I be sure to get ipAddress always?
Related
I am exploring wso2 apim 4.0.0. I would like to find out if it is possible to bind a user to certain ip address so that it can invoke an api only from specified ip address.
For instance user1 one is bound to 192.168.10.106, hence it can call apis only from 192.168.10.106 address. I read about the feature that can be applied to an api itself so that every user can invoke certain api from particular ip address.
So my question is how I can bind a user to certain ip address so it can invoke apis only from this ip address
You can attach a custom sequence to the API. In the custom sequence you can write any logic. So in your case, you can write a logic to match a particular IP address.
https://apim.docs.wso2.com/en/latest/deploy-and-publish/deploy-on-gateway/api-gateway/message-mediation/changing-the-default-mediation-flow-of-api-requests/#changing-the-default-mediation-flow-of-api-requests
I have an AWS Client VPN set up using certificate auth. I'm setting this up for a client-client access system, essentially as is described in this AWS scenario/example. It's all working, and I can ping from one client to another if I know their IP address.
My question is: in actual use, what use is this system if clients get assigned a random IP address every time they connect to the VPN, and there's no way to tell which clients are connected or what their IP addresses are without checking the AWS console or using the describe-client-vpn-connections CLI (which requires IAM credentials)?
Is there any way to:
Assign static IP addresses to specific clients, so they receive the same one every time they connect to the VPN?
Get a list of connected clients (with their CommonName and IP address)?
Use a connected client's host name / computer name instead of their random VPN IP address?
Any other way to connect from one client to another without having to use the AWS Console or describe-client-vpn-connections CLI to get a list of connected clients?
Much of what you're asking for is not possible. In many organizations, client-to-client communication is not the norm. For client-to-server communication, AWS Client VPN works well.
There is no way to assign static IP addresses to specific clients.
You can get a list of current connections and client IP addresses with the following AWS CLI command:
aws ec2 describe-client-vpn-connections --client-vpn-endpoint-id (endpoint ID)
You might be able to get your clients to register via a shared DNS server to get their VPN IP address.
I suspect you'll have better luck rolling your own VPN solution with something like OpenVPN, which much of the AWS Client VPN is built off of.
I have whitelisted my mobile data IP address in the Load Balancer Security Group and I can access my application. But my mobile data IP address keeps changing when I am travelling. And I can not keep whitelisting my new IP addresses every time to access the mobile application running backend server on EC2.
So, how this situation can be tackled ?
One suggestion to can tackle this - The service that your mobile app is using open it for public IP (instead of restricting it mobile device app) and have some kind of authentication in your service using which only your mobile app can access.
For example - Send some userid/pwd in our service call which only your mobile device knows, validate the userid and password at server-side and hence no one else can access the service.
I can't seem to be able to whitelist the correct IP ranges for use with Sagepay direct payment module.
I keep getting invalid response 4020 : Information received from an Invalid IP address.
The instance is a non VPC instance and it is able to talk outbound on the correct port (hence getting any response at all). It has a public IP address attached to it and I have whitelisted that in the sagepay backend.
The entry looks something like this
054.217.010.211 - 255.255.255.000
Any help with this would be greatly appreciated
4020 error - happens with a Server or Direct integration. Fixed IP recommended. If you've added the IP address and subnet mask to cover the range to MySagePay (Sage Pays admin portal) and still getting error, means we're not recognising the IP your posting from as the IP you have given.
Invalid Transactions within MySagePay, you should be able to see the IP we're recognising that you're posting from. Then add that IP to MySagePay.
Sage Pay may need to check that our internal IPs are registered against your account.
Sage Pay can add the IP ranges for you to your Sage Pay account if needed so you can check it resolves.
I have a web service running on aws under the following URL http://"54.194.164.164:8080"/webapi and the instance is associated with an Elastic IP 54.194.164.164. Now i want to add a DNS record so that i can access this easily like htttp://demo.mydomain.com/webapi.
what i have done so far is, i have added an A record called demo.mudomain.com to 54.194.164.164 in the Godaddy DNS console but still i cant access demo.mydomain.com/webapi.
Can you please guide me what i have to do where i can access the web service easily as demo.mydomain.com/webapi
Thanks
saththiyan
You can't do this. DNS maps names to IP addresses but not ports.
If you are going to access HTTP at an address it has to be:
Bound to the default port (80) if you don't want to specify the port.
Specified in the URL if it is a different port.
If you are trying to do this for an "easier" address you'll have to use port 80. If that is used by something else you are stuck with nominating a specific port.
You could consider assigning another ip address and setting up an address like api.mydomain.com to point to it. That way you could use http://api.mydomain.com/webapi by binding the API to that address rather than http://demo.mydomain.com which you are presumably using for something else.