stackoom
  简体   繁体   中英

Android AWS S3 security alert

 原文  2014-11-26 03:23:58       android/ amazon-s3

Question

I published android apps 2 days ago. The apps is working well what I think. But, now I get a message from google-play. Like this.

Security alert

Your Amazon Web Services credentials may be exposed. This exposure of your credentials could lead to unauthorized access to your AWS account, which may include associated excessive charges, and potentially unauthorized access to your data and your users' data.

My apps use S3 connection for direct upload. I referred follow page " http://java.awsblog.com/post/Tx2Q9SGR6OKSVYX/Amazon-S3-TransferManager " for implementing upload function.

And also I make instance of TransferManager like this.

TransferManager tx = new TransferManager(new BasicAWSCredentials(ACCESS_KEY_ID, SECRET_KEY));

What is my mistake? Is it bed at using keys directly? If yes, what can I do to avoid this alert?

1 answers

solution1
 3 ACCPTED  2014-11-26 03:57:34

I think you are using the Java server libraries which assume only a few machines will be connecting to your S3 account. You should probably be looking at Amazon's mobile SDK:

http://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/setup.html

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Android and AWS S3 How to use AWS S3 credentials without security vulnerability? Unable to access AWS S3 from Android android aws s3 display image Amazon AWS S3 Transfer Tracking - Android Android AWS s3 CognitoCachingCredentialsProvider throws NoSuchMethodError AWS s3 TransferListener not updating in Android How to resume upload with AWS S3 Android AWS S3 Android SDK 2.11.0 AWS Cognito permissions to access S3 on Android
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM