2👍
apart from the Https call ( which you should be making to transfer info to django ), you can go with AES encryption ( use Pycrypto/ any other lib). It takes a secret key to encrypt your message.
1👍
For server to server communication, traditional security advice would recommend some sort of IP range restriction at the web server level for the URLs in addition to whatever default security is in place. However, since you are making the call from a cloud provider to another cloud provider, your ability to permanently control the IP address of either the client and the server may diminished.
That said, I would recommend using a standard username/password authentication mechanism and HTTPS for transport security. A basic auth username/password would be my recommendation(https:\\username:password@appengine.com\). In addition, I would make sure to enforce a lockout based on a certain number of failed attempts in a specific time window. This would discourage attempts to brute force the password.
Depending on what web framework you are using on the App Engine, there is probably already support for some or all of what I just mentioned. If you update this question with more specifics on your architecture or open a new question with more information, we could give you a more accurate recommendation.
- [Django]-How do you remove html tags using Universal Feed Parser?
- [Django]-Style.css file location in django
- [Django]-Trying to pass two dictionaries but only first one works
1👍
SDC provides a secure tunnel from AppEngine to a private network elsewhere — which could be your EC2 instance, if you run it there.
- [Django]-How to do something when I change a field in Django admin for a model?
- [Django]-Django ORM: Filtering by array contains OuterRef within a subquery yields zero results