We've created a service that sends you the flag, that's it. You just need to decrypt it. Use sc to bind the port on your machine:

sc -b <local_port> <instance_subdomain.instance_domain> curl http://localhost:<local_port>/flags

challenge provides us with zip inside which is main.rs.