Leaked AWS credentials, Amazon Web Services credentials may be exposed - Google play console [closed]

android amazon-web-services amazon-s3 sdk

Solution 1:

Embedding AWS credentials on any client-side apps is a scary idea. In order to solve this challenge, you would have to use either CloudFront or S3 Signed URLs.

This approach requires the generation of short-lived upload/download URLs in one of your APIs so that it could send back to the client-application a URL where we can directly upload/download assets to/from an S3 bucket.

It allows us to avoid the hardcoding of AWS credentials on client-applications and have dynamic short-lived URLs dedicated for one-time upload/download operations on-demand.

It shouldn't be that hard and you could follow this tutorial to learn more about S3 signed urls.

Related

STL vector implementation header size
Information-hiding in Groovy (using closures? naming conventions?)
is nodejs cheating when comparing to big numbers? [duplicate]
Identifying groups/networks of customers
Android animate drop down/up view proper
How to Maintain VOIP socket connection in background?
symfony2 chained selectors
Finding out the duplicate element in an array
Launch screens supporting iOS6 and iOS7 - forced to splash screen
Writing FizzBuzz
spring property substitution for test and production
Windows Phone 8 Startscreen Tile sizes and margins