In this post, I will try to hijack a video sent to biometric tools. I will use Chrome with Developer Tools in Device Mode and Video Recorder Extension. So let’s try to open the link for my Onfido trial account, go through the wizard, and record the video that is sent to Onfido. Ok. Let’s … Read more
Recently, I had a chance to test the Onfido Digital Identity Verification Provider. I have downloaded the Onfido app for Android. And went through sample wizard. Here is the sample I have completed. I opened the Onfido demo app, which offers various options. I selected ‘Document & Biometric Selfie.’ For this demonstration, I chose a … Read more
As I prepare for my presentation at the Code Europe Conference, I’m diving into various aspects of Identity Verification. Let’s kick things off, with a quick overview of what Identity Verification entails. Identity Verification is the process of validating an individual’s identity using various methods and technologies to ensure that they are who they claim … Read more
Recently, I have got 500 HTTP response from my API Gateway endpoint integrated with lambda function. I found integration error in logs Lambda invocation failed with status: 409. Lambda request id: f272af2a-2631-48b8-b0b2-3f5e1193a393 Execution failed due to configuration error: Lambda is initializing your function.It will be ready to invoke once your function state becomes ACTIV It … Read more
Recently I have been working on a task to enable CloudFront real-time logs and add them to CloudWatch. I have had already enabled Standard logs but found them useless as they are stored in S3 and therefore not easy searchable. It was desirable to be able to query logs in CloudWatch. Real-time logs configuration CloudFront … Read more
Today I was struggling with exception It was thrown by piece of code sAMLAssertion is as AWS javadoc states: The base64 encoded SAML authentication response provided by the IdP. I was getting sAMLAssertion by calling ADFS Saml provider with service account credentials.After decoding base64 sAMLAssertion looked like So it turned out that I was trying … Read more
Yesterday, I had a task to setup SQS access policy to allow reading messages from queue only by one lambda. Another part of this task was to allow sending messages only by Api Gateway. I tried following access policies with Deny + Principal to restrict SQS:ReceiveMessage action only to my lambda. Or Deny + NotPrincipal … Read more
This week I was working on a simple task to modify S3 bucket policy to deny s3:PutObject action to anyone except services in particular vpc or AWS presigned URL. It was just a matter of adding to bucket policy AWS S3 Presigned URL is generated by lambda with execution role get-presigned-url-lambda-role. According to doc Anyone with valid security credentials … Read more
Today I got an error Provisioned Concurrency configuration failed to be applied. Reason: FUNCTION_ERROR_INIT_FAILURE in CloudFormation while deploying stack with Lambda And that’s all. No more details about the root cause. My SAM file configures lambda with Provisioned Concurrency. After switching off Provisioned Concurrency my stack was successfully deployed but first lambda invocation finished with exception. … Read more
Yesterday while testing my React App on Internet Explorer 11 I got SEC7123: Request header content-type was not present in the Access-Control-Allow-Headers list in F12 Developers Tools Console.It happened during OPTIONS preflight HTTPS request to AWS API Gateway with CORS enabled. CORS was enabled via MOCK Integration Request. Mandatory CORS response headers Access-Control-Allow-Headers Access-Control-Allow-Origin Access-Control-Allow-Methods … Read more