Recently Google provided alert to one of my Apps that <blockquote> Your Amazon Web Services credentials may be exposed. This exposure of your credentials could lead to unauthorized access to your AWS account, which may include associated excessive charges, and potentially unauthorized access to your data and your users' data. </blockquote> In the application, I'm using Amazon Product Advertising API to get and display the information related to some products. I'm using SignedRequestsHelper class provided by the Amazon to request the data. I need to know how can I protect my AWS keys in the Android app. Thanks.

<blockquote> I need to know how can I protect my AWS keys in the Android app. </blockquote> As soon the credentials are at the client side, you can consider them compromised. Storing credentials in the app is usually wrong idea. you provided no other requirements or constraits, so without assuming anything I could only suggest a few ideas <ul> <li>use credentials with only necessary permissions (e. g. read s3 files, dynamodb records,...) </li> <li>implement API (called by the app) and store the aws credentials on the server. Then there's a question how would you reliably authenticate / authorize the mobile app</li> <li>use aws cognito to acquire temporary limited aws credentials based on a custom user pool or social login</li> </ul>

Amazon Web Services credentials may be exposed

Recently Google provided alert to one of my Apps that

Your Amazon Web Services credentials may be exposed. This exposure of your credentials could lead to unauthorized access to your AWS account, which may include associated excessive charges, and potentially unauthorized access to your data and your users' data.

In the application, I'm using Amazon Product Advertising API to get and display the information related to some products.

I'm using SignedRequestsHelper class provided by the Amazon to request the data.

I need to know how can I protect my AWS keys in the Android app.

Thanks.

What are credentials in AWS?

When you interact with AWS, you specify your AWS security credentials to verify who you are and whether you have permission to access the resources that you are requesting. AWS uses the security credentials to authenticate and authorize your requests.

How do you manage credentials and authentication in AWS?

You can activate and manage MFA devices for the AWS account root user by going to the Security credentials page or the IAM dashboard in the AWS Management Console. For more information about activating MFA for IAM users, see Enabling MFA Devices in the IAM User Guide.

I need to know how can I protect my AWS keys in the Android app.

As soon the credentials are at the client side, you can consider them compromised. Storing credentials in the app is usually wrong idea.

you provided no other requirements or constraits, so without assuming anything I could only suggest a few ideas

use credentials with only necessary permissions (e. g. read s3 files, dynamodb records,...)
implement API (called by the app) and store the aws credentials on the server. Then there's a question how would you reliably authenticate / authorize the mobile app
use aws cognito to acquire temporary limited aws credentials based on a custom user pool or social login

Amazon Web Services credentials may be exposed

Tags:

amazon-web-services

access-keys

Deepak Goyal

People also ask

1 Answers

gusto2

Recent Activity

Donate For Us

Amazon Web Services credentials may be exposed

Tags:

amazon-web-services

access-keys

Deepak Goyal

People also ask

1 Answers

gusto2

Related questions

Recent Activity

Donate For Us