Skip to main content

Questions tagged [amazon-web-services]

Amazon Web Services (AWS) delivers a set of services that together form a reliable, scalable, and inexpensive computing platform "in the cloud". If you have a question about a specific web service, consider asking on its tag, e.g., amazon-ec2.

2,687 questions with no upvoted or accepted answers
Filter by
Sorted by
Tagged with
11 votes
0 answers
7k views

How can a Cognito user initialize TOTP on first login when MFA is required?

I am setting up Amazon Cognito for authentication to use a Kibana instance. I only permit administrators to create users, and I permit only the Cognito User Pool identity provider. When creating the ...
Andrew's user avatar
  • 186
7 votes
1 answer
3k views

How can one configure an AWS ElasticSearch access policy using CloudFormation?

The AWS documentation on ElasticSearch access control talks about how to grant access to the ES domains subresources while preventing changes to the domain's configuration by creating an ES domain ...
gene_wood's user avatar
  • 555
7 votes
1 answer
2k views

Joining a server to AD via AWS cloudformation

I want to use cloudformation to automatically join new instances to AD. When I googled this it looks like many people just use scripts in there cloudformation templates and pass in credentials- I don'...
red888's user avatar
  • 4,273
7 votes
0 answers
2k views

TCP congestion collapse

I am experiencing suboptimal performance on an EC2 instance connecting to an RDS instance. This particular instance was built before VPC's existed, so all the traffic is flowing through a single ...
user avatar
6 votes
3 answers
4k views

Best way to log to two different CloudWatch log streams from an ECS container?

We are running our services on AWS's ECS platform, and we send our logs to AWS CloudWatch. We have two types of logs, any container can produce either type: the usual application logs (access, error,...
Bass's user avatar
  • 611
5 votes
1 answer
7k views

What options do I have if I need a firewall behind AWS network load balancer?

Today we're using WAF for Application Load Balancer and it's great, but WAF not support Network Load balancer. So we need a solution that will protect us behind or after the NLB. For example: 1. ...
Noamway's user avatar
  • 163
5 votes
1 answer
3k views

EC2 VPC Intermittent outbound connection timeouts

My production web service consists of: Auto-scaling group Network loadbalancer (ELB) 2x EC2 instances as web servers This configuration was running fine until yesterday when one of the EC2 instances ...
DanielB6's user avatar
  • 121
5 votes
2 answers
5k views

AWS "No credentials specified" even when EC2 IAM policy applied

This is an odd issue which we can't find a solution for. On AWS, we are running Microsoft Remote Desktop Services on Windows Server 2019. All servers are joined to an AWS AD Directory Services ...
Christian's user avatar
  • 806
5 votes
0 answers
5k views

How to handle trailing slash in a redirect rule for an AWS S3 website?

I'm trying to build up some landing pages in my s3 hosted web site. For example: http://www.example.com/products That should redirect to http://www.example.com/products.html To accomplish this, I ...
101010's user avatar
  • 375
5 votes
0 answers
522 views

Updating to latest Docker images in Elastic Beanstalk Multicontainer

I'm running a site on Elastic Beanstalk using a multi container set up. I'm wondering what is the preferred strategy to pull in the latest images. On the CI server, after successful commits to master,...
Juan Delgado's user avatar
5 votes
0 answers
1k views

CloudFormation fails deleting a stack if a hostedzone contains non-required records, how can it be avoided?

I wrote a CloudFormation template which creates a whole environment which includes the creation of VPC, HostedZone, Subnets, Autoscaling Groups, etc... The servers which are created and are members ...
Itai Ganot's user avatar
  • 10.9k
5 votes
0 answers
3k views

Newly installed programs in Server 2016 can't be clicked from the start menu

I created a new instance of Windows Server Datacenter 2016 on AWS (Version: 1607 OS Build 14393.321). When I install a new application and try to click on it from the start menu it does not work. ...
Shaun Bowe's user avatar
5 votes
2 answers
742 views

Automate war deployment in VPC's private subnet on tomcat7

I have a VPC with public and private subnets. Public subnet contains my Nating and Bastion instances Private subnet contains my application servers (3 ec2 instances running tomcat7 with my project ...
PHP Avenger's user avatar
5 votes
1 answer
895 views

ECS Stopped Task not Releasing Port

I have an ECS cluster with ELB. Last night I saw that a task was stuck in restarting loop. From the service Events log, it said: "service xxxxx was unable to place a task because no container ...
billyklh's user avatar
5 votes
2 answers
2k views

If you can't change the RDS endpoint of an AWS Beanstalk instance, how do you do a blue/green deployment?

From what I can tell, one can't change the Amazon RDS (RDS) endpoint of an existing Elastic Beanstalk (EB) instance? If that is the case, than you can't have your code deployed to a stage server, ...
Ryan's user avatar
  • 233
5 votes
2 answers
2k views

AWS connection error: Permission denied (publickey)

Sorry if this sounds redundant to you but trust me its not. I have tried almost majority of the links related to this problem but nothing is working for me so far. I even tried this article two. Below ...
Waqas Jamal's user avatar
4 votes
1 answer
862 views

Will critical security updates get applied even with "auto minor version upgrade" disabled?

RDS offers an "auto minor version upgrade" setting, described in the docs, which causes AWS to automatically upgrade your database engine from time to time: If you want Amazon RDS to ...
Mark Amery's user avatar
4 votes
0 answers
8k views

Enabling HSTS header on AWS Application Load Balancer

We have a Spring Boot application behind an AWS Application Load Balancer. The load balancer terminates SSL before forwarding coming requests to our application and also redirects 80 port to 443 port. ...
berkay.ozturk's user avatar
4 votes
0 answers
3k views

Why AWS Cognito client secret is not "secret"

We are setting up SaaS server-to-server auth solution using AWS Cognito + API Gateway using oAuth2 Client credentials flow. And one thing is totally bugging me - I can access App client secret in ...
Lukas LT's user avatar
4 votes
0 answers
690 views

Getting error “PHP Fatal error: Uncaught Zend\Uri\Exception\InvalidUriPartException” on AWS server

I am getting following error in error_log after moving the site (developed in Magento ver. 2.3.2) on new server (AWS Server): PHP Fatal error: Uncaught Zend\Uri\Exception\InvalidUriPartException: ...
Lalit Kaushik's user avatar
4 votes
0 answers
2k views

Understand S3 cost at folder level

I am planning for a use case wherein which my S3 bucket is used by 10 different users. All these users has separate folders within this bucket, to where they'll store their files. Now I want to know ...
serverstackqns's user avatar
4 votes
1 answer
2k views

AWS console - This site cannot be reached - Only on my PC

I have an AWS insatance and whenever I go to the console page, ie: https://us-west-2.console.aws.amazon.com on a browser I get the message: This site can’t be reached us-west-2.console.aws.amazon....
user3294532's user avatar
4 votes
0 answers
1k views

Autoscaling AWS ECS services with soft limits

As per the service utilization documentation it is possible to have a Memory utilizations over 100% when using soft limits in the ECS tasks (because you don't want to kill your app with hard limits). ...
Phillip's user avatar
  • 291
4 votes
0 answers
5k views

AWS: ssh_exchange_identification: read: Connection reset by peer

I am facing "ssh_exchange_identification: read: Connection reset by peer" error. I am not able to ssh my instance. Any help is highly appreciated. Thank you. Below is the debug information ssh -i ~/....
Dora's user avatar
  • 341
4 votes
0 answers
746 views

AWS ElastiCache Redis - Why has SwapUsage slowly climbed just over 100MB dispite having FreeableMemory available?

Starting around 7/28/2017 the SwapUsage started to climb for reasons I cannot figure out. I have spent many hours Googling and reading AWS documentation. At no point do we run out of FreeableMemory. ...
Curtis's user avatar
  • 41
4 votes
0 answers
339 views

EC2 CPU Credit Balance: Why are there gaps in my credit balance graph?

I use CloudWatch to monitor dozens of aspects of our platform's ecosystem, and occasionally we'll have a machine that does this: Why are there gaps in this green line? The other instances being ...
Adam Tuttle's user avatar
4 votes
3 answers
5k views

How to enable DNS over HTTPS for the public DNS route in EC2

I am working on a Facebook bot app. A requirements is to setup a webbook on my webserver to return a token, to validate my account. I configured a micro instance (Ubuntu) and created a web server (...
BausNauf's user avatar
  • 149
4 votes
1 answer
3k views

Configure SFTP with OpenSSH and an AWS S3 Bucket mounted via S3FS on Amazon EC2

How do I allow multiple SFTP Users with S3FS and OpenSSH? Everything works, except SFTP Users don't have permission to write to their Chrooted Home Directory: remote open("/some_file"): Permission ...
T. Brian Jones's user avatar
4 votes
1 answer
3k views

Does CloudFront support S3 signature version 4 for KMS encrypted objects?

I'm using Cloudfront with an S3 origin that is using KMS to encrypt objects. I'm getting the following error when sending a GET request for an object in the S3 bucket. Requests specifying Server ...
DJ Tarazona's user avatar
4 votes
0 answers
1k views

S3 restoration using s3api get-object is not working in aws china region

I have set up a daily backup script in my aws china instance which uploads my required files to be backed-up to s3 bucket. I have a restoration script which uses s3api to restore the objects to the ...
Arjun Prasad's user avatar
4 votes
1 answer
669 views

AWS ELB: cloudwatch metric for open connections?

I'm setting up ELB, and I'm having trouble finding a suitable metric to use to adjust the size of the pool. RequestCount doesn't work because some requests are much cheaper than others. Latency ...
Bryan Larsen's user avatar
4 votes
0 answers
1k views

AWS ElasticBeanstalk: container keeps restarting

I'm trying to deploy a multi-container docker Elastic Beanstalk cluster on AWS and my situation is; I have 7 docker containers, six of which are Scala applications each listening on port 9000 for ...
Ashesh's user avatar
  • 233
4 votes
0 answers
295 views

What does Process/CPU metric in atop really mean?

I've been using the excellent atop for reviewing load test impact in detail, and the distinction between the SystemLevel/CPU metric in the top (system-wide) section and the ProcessLevel/CPU metric in ...
Dave Gregory's user avatar
4 votes
0 answers
358 views

Nginx setup on aws - redirecting to port 81, cannot reverse

I've tried to setup nginx on my free AWS instance so that it can host multiple domains on single ip address (not sure if it can be managed, but I'm trying to dig in). In that process I created ...
Arcagully's user avatar
  • 141
4 votes
0 answers
1k views

Coreos auto scaling with docker and fleetctl on AWS

I spent a lot of time evaluating different ways to deploy an application to the cloud (let's assume AWS for this question) in the last few weeks but couldn't really find a satisfying solution. We ...
Daniel Torres's user avatar
4 votes
1 answer
1k views

Dockerun.aws.json referring to bucket of another account

I have the following Dockerrun.aws.json: { "AWSEBDockerrunVersion": "1", "Authentication": { "Bucket": "bucket-of-another-aws-account", "Key": "docker/.dockercfg" }, "Image":...
Alexander's user avatar
  • 181
4 votes
0 answers
611 views

Does AWS Elastic Beanstalk Swap Environment Url swaps environments for git push?

I have read the docs for zero downtime on aws but cant seem to understand what happens in this scenario? I have a environment running in production called 'red' I duplicate the environment as 'blue' ...
Pinser's user avatar
  • 151
4 votes
2 answers
2k views

Shared files folder in Amazon Elastic Beanstalk environment

I'm working on a Drupal application, which is planned to be hosted in Amazon Elastic Beanstalk environment. Basically, Elastic Beanstalk enables the application to scale automatically by starting ...
por's user avatar
  • 740
4 votes
2 answers
258 views

Abuse report attack on AWS SES

An application that runs on AWS uses SES to send verification emails to new customers. An attacker signs up to the website and reports the verification email as abuse. I'm wondering what options are ...
AscendingEagle's user avatar
3 votes
0 answers
3k views

AWS VPN Client - "Unknown error ocurred. Try again"

I'm experiencing a persistent issue with the AWS VPN Client and need some assistance. Despite numerous troubleshooting attempts, I'm unable to establish a connection and fail even before reaching the ...
Just Another Nerd's user avatar
3 votes
0 answers
896 views

I get the error "AWS account ID not found for provider" when setting up LocalStack in on-premises environment

I'm attempting to set up LocalStack on my local environment to prepare for an AWS certification using this GitHub project. So far, everything appears to be working correctly, but I've encountered an ...
R1w's user avatar
  • 255
3 votes
1 answer
732 views

Since S3 charges by request, couldn't a malicious hacker cause a huge AWS bill just by spamming requests?

What would stop them from doing so, against, say, a static website hosted using S3? Is there a good way to deny some requests such that one avoids getting billed for them? (Context: I want to host a ...
Asker's user avatar
  • 131
3 votes
0 answers
4k views

AWS OpenVpn "Connection failed. Try again" - Exception (0x80004005)

I have been unable to connect through the AWS OpenVPN client for quite some time. When I click connect, the message "Connection failed. Please try again." I found a similar case on other ...
NewUser12567's user avatar
3 votes
1 answer
3k views

Deploying an AWS Load Balancer Controller for EKS Fargate API service

Context I'm trying to deploy a containerised API service to an EKS Fargate cluster and have it service requests from external internet addresses as an over-engineered POC/learning experience. I'm ...
Declan's user avatar
  • 31
3 votes
0 answers
5k views

Can't open port 443 on AWS EC2 fresh instance

I created a fresh EC2 instance, this is the setup: Security Group Inbound rules IP version Type Protocol Port Range Source IPv4 HTTP TCP 80 0.0.0.0/0 IPv6 HTTPS TCP 443 ::/0 IPv6 HTTP TCP 80 ::/0 ...
Ralexrdz's user avatar
  • 131
3 votes
0 answers
1k views

EKS - Use IAM roles for service accounts on multiple clusters

I am trying to use IAM roles for service accounts in EKS. https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html When it comes to create the IAM role to be assigned to a ...
signaleleven's user avatar
3 votes
1 answer
1k views

Configure AWS CloudFront to send custom query params to origin

Is it possible to configure my AWS CloudFront distribution to append to the request a custom query param (e.g a private key) before sending it to the origin? For example, the front end is calling *....
Nadav96's user avatar
  • 131
3 votes
1 answer
2k views

How do I resolve a private DNS address from within an AWS Fargate task

I'm trying to setup a connection to a MongoDB Atlas database from an AWS Fargate container. The VPC peering is setup and works and I can successfully connect to the MongoDB Atlas cluster from a ...
Fergal Dearle's user avatar
3 votes
1 answer
2k views

Can't deploy same lambda in multiple regions from s3 bucket

We are deploying a lambda using CloudFormation SAM templates. We would like to package the lambda into an S3 bucket, then deploy the AWS::Serverless::Function in multiple regions. However, lambda code ...
mdarwin's user avatar
  • 121
3 votes
0 answers
296 views

Can an instance profile's condition reference EC2 instance's tags?

I'm trying to setup an instance profile for an EC2 instance that limits its access to a particular path within an S3 bucket, based on the Name tag of that EC2 instance. I've gotten a policy that's ...
leedm777's user avatar
  • 355

1
2 3 4 5
54