Questions tagged [amazon-web-services]
Amazon Web Services (AWS) delivers a set of services that together form a reliable, scalable, and inexpensive computing platform "in the cloud". If you have a question about a specific web service, consider asking on its tag, e.g., amazon-ec2.
8,773
questions
0
votes
0
answers
7
views
AWS S3 transfer acceleration: Access Denied Error for IAM User with AdministratorAccess
Objective
To enable transfer acceleration for a S3 bucket in a management account in AWS Organization using an IAM user having AdministratorAccess.
Issue
Getting Access Denied error.
Some context
The ...
0
votes
0
answers
10
views
AWS - consuming free tier SQS queries
I have a simple personal project I work on from time to time to learn AWS.
Recently I received an alert emailk from aws stating that I'm reaching the free tier quota for one or more services with the ...
0
votes
0
answers
10
views
Public IP should not be changed when aws eks cluster and managed nodegroup is upgraded
We have used the eks cluster(current version 1.20) and managed nodegroup and used the public IPs of the nodes for our purpose so now when we upgrade the eks cluster and nodegroup with version 1.21 all ...
0
votes
1
answer
38
views
k8s pods on different EKS nodes not getting traffic
I have eks cluster with two nodes, I have four k8s services deployed in the cluster, two of them are in node-1 and the other two in node-2. I have have a Kong api gateway in front of these k8s ...
0
votes
0
answers
12
views
The specified database instance is currently in storage-full state. Please allocate more storage by modifying the DB instance
One of our slaveDb is showing as Storage-full state.
The initial Allocated size was 466 and Db.m4.large instance ( RDS)
Steps followed to increase the allocated space < 10% of the allocated space ...
0
votes
0
answers
13
views
Reduce AWS Load Balancer health check delay
When I make a deployment to my Fargate service, the new containers experience a strange 3 minute delay when registered with the Network Load Balancer. The new HTTP Targets are taking exactly 3 minutes ...
0
votes
0
answers
22
views
Amazon Linux 2023 set up sftp for several users [duplicate]
I have an app that receives data files from users. Each user should only have access to their "upload" folder.
i.e. data/user1, data/user2, data/user3.
What is the best way to set this up?
...
0
votes
1
answer
24
views
How to limit AWS VPC endpoint to to signed requests
We had a scan done recently of our AWS infrastructure, and one of the high risk level items that we need to address is to
Identify any fully accessible VPC endpoints and update their access policy in ...
2
votes
2
answers
70
views
How to obtain authorization to access EKS cluster
Followed this document Cert Signing to get the certificate issued.
I created cluster role and role binding to test it.
$ kubectl auth can-i create pods --as=myserver
yes
$ kubectl auth can-i list pods ...
0
votes
1
answer
61
views
Internet speed from AWS Singapore region to EU is very slow
We are running k8s cluster in AWS Singapure region. We also have self-managed EC2 NAT instance of type t3.xlarge. According to spec, it has 1 Gbps baseline speed, and burst up to 5 Gbps.
When running ...
1
vote
1
answer
52
views
I am getting an error in the ansible playbook file
I am trying to learn ansible and I have coded my first playbook but it gives me the error saying
ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each:
JSON: ...
-2
votes
0
answers
22
views
I can't spur ec2 instances using autoscaling in AWS [closed]
Any fix on this?
I am attaching a screenshotenter image description here
0
votes
0
answers
26
views
AWS SES mail not received inside S3 bucket and yields error?
I can't seem to figure out how to receive emails inside my S3 bucket when mail is sent to my SES domain. Firstly, I set up my domain and added the CNAME, TXT, and MX records and then used SES's built ...
1
vote
0
answers
43
views
Implementing a forward proxy for internet bound traffic in AWS
Say I have a few internal services living in a private subnet that need to make external API calls. To achieve this, I implement a lambda living in another VPC that makes the call on their behalf. Now ...
0
votes
1
answer
64
views
AWS Windows Server 2022 with SQL Server, license for Reporting Services?
My client's SQL Server Reporting Services (SSRS) stopped working on their AWS instance of Windows Server 2022 with SQL Server. The SQL Server included with this instance is the Standard edition, which ...
0
votes
1
answer
57
views
When trying to connect to the cluster via lens: Failed to get /version for clusterId=id Internal Server Error
I am trying to connect to my kubernetes cluster which was spunup using kubeadm on aws instances.
I am using lens desktop app on windows.
My kubeconfig file
apiVersion: v1
clusters:
- cluster:
...
0
votes
1
answer
68
views
Not possible to update Helm AWS TargetGroupBinding
I have a helm chart that contains a TargetGroupBinding
{{- range $v := .Values.targetBindings }}
apiVersion: elbv2.k8s.aws/v1beta1
kind: TargetGroupBinding
metadata:
name: {{ include "...
0
votes
1
answer
20
views
unable to get AWS session via AWSPowerShell in Milano Region via STS
I am using some AWSPowerShell script to get reports from my instances.
I have old working instances in Tokio region ap-northeast-1, new instances were deployed in Milano region eu-south-1,
To get ...
0
votes
0
answers
75
views
Assign static IP address (outbound traffic) for every pod in EKS cluster
I have my software running in EKS cluster, where every node can fit up to 5 pods. The software uses multiple accounts on 3rd-party service which requires IP whitelisting. I have separate manifest ...
0
votes
0
answers
36
views
Is there an equivalent to "CloudFormation quick-create" to update the existing stack?
I am using CloudFormation quick-create so that users can easily deploy a stack in their AWS account.
However I may update the stack in the future. I want my users to be able to deploy those changes as ...
-1
votes
1
answer
93
views
Intel turbo boost all core clock speed in practice
My understanding is that Intel's quoted "max turbo boost" speed is only guaranteed when a single core is active, and that when all cores are active, the clock speed could conceivably fall to ...
1
vote
1
answer
104
views
AWS - Client VPN Endpoint hostname is not resolvable
I created a Client-VPN-Endpoint in AWS and I'm trying to connect using AWS VPN client but I get the error "Connection failed. Try again."
I tried to nslookup or ping endpoint but I see that ...
1
vote
2
answers
254
views
Subnet associations in AWS Route tables
What is this "Subnet Associations" in AWS Route tables? Do I have to add the subnets under "Explicit Subnet Associations" as well?
It is already under "Subnets without ...
0
votes
0
answers
46
views
How to use bare metal Kubernetes with existing AWS Load Balancer (NLB)
I created a cluster manually with kubespray (NO cloud providers used) on AWS EC2 machines that I created myself. I have an AWS NLB that I created myself.
What is the proper way to configure Kubernetes ...
0
votes
0
answers
61
views
Nginx: Not loading wordpress repo on EC2 instance - Getting 'This site can't be reached'
I've been trawling through forums trying to figure out why nginx won't point to my wordpress repo and loads the page 'This site can't be reached'. I followed the steps in this guide https://medium.com/...
1
vote
2
answers
45
views
How to display all the resources present in aws using terraform command?
Terraform show command will show all the resources in the state file.
But we need to display all the resources present in AWS (or region specific), not just the one in the state file.
How to do that ...
0
votes
0
answers
28
views
Having issue with Route53, ec2, Apache Virtual host and wordpress working
I am having wordpress blog - https://blog.pepagora.com, hosted on Amazon aWS EC2 instance and DNS is managed in Route53. Suddenly blog site stopped responding and couldn't figure out why?
For testing ...
0
votes
1
answer
33
views
The EC2 connection was working fine but suddenly the connection timed out
`I have one bastion ec2, and I had no problem with connecting with putty, but when I tried to connect today, I couldn't connect with "Network Error : connection timed out".
I also set the ...
0
votes
0
answers
30
views
How to add tags automatically to AWS Volumes with Terraform
I have the following Terraform script to deploy an EKS cluster (tags left empty to hide values)
EKS.tf
provider "aws" {
region = var.region
profile = var.profile
default_tags {
...
0
votes
0
answers
13
views
Preferred AZ in AWS autoscaling group
Is there a way to allow an AWS autoscaling group to span multiple Availability Zones, but to prefer a particular one whenever possible? For example, when you have a capacity reservation in a ...
0
votes
0
answers
68
views
Linking AWS API Gateway with App Mesh on ECS
I'm trying to link AWS API Gateway with my ECS App Mesh and not cannot seem to make it work.
I currently have a working, public ALB that is successfully reaching my mesh service on ECS. To integrate ...
0
votes
0
answers
55
views
NGINX + Django + UBUNTU + GUNICORN + AWS + ROUTE53 = Default NGINX Page and not my Website
Right, I have a Django powered website which I am now ready to deploy into production. Except it keeps coming back with the default NGINX page - which I knew about already.
The tutorial is as follows, ...
0
votes
0
answers
62
views
Fargate task CannotPullContainerError failed to unpack image on snapshotter overlayfs failed to get stream processor for application/vnd.in-toto+json
I have a stack configured and deployed with AWS CDK
As part of that stack I have a Fargate task
It has worked in the past but today when I run it I get:
"StoppedReason": "...
0
votes
1
answer
21
views
AWS EKS DNS Error(Subnet B succeeds, connection C fails)
I am configuring EKS. I am using US-West-1 and configuring it on V1.29.
The current problem is that when you create a nodeGroup in EKS, add a node, and operate it, the DNS connection fails for the ...
0
votes
0
answers
38
views
ARP resolution does not work as intended in VPC when doing L2 Announcements with CIlium CNI on a K8S Cluster spanning EC2 instances
VPC Configuration
VPC CIDR: 10.0.0.0/16
Region 1: 10.0.0.0/24 (public), 10.0.64.0/24 (private)
Region 2: 10.0.16.0/24 (public), 10.0.80.0/24 (private)
Region 3: 10.0.32.0/24 (public), 10.0.96.0/24 (...
0
votes
0
answers
22
views
AWS SSO - How SSO role can assume an IAM policy in a specific AWS account?
Suppose
a user X is managed in Azure AD and linked to an SSO role in AWS organization.
we want to give IAM policy to access DynamoDB in an AWS account A to the user X.
I created the IAM policy in ...
0
votes
0
answers
26
views
AWS Console Fleet Manager errors when attempting to preview file from EC2 Instance's File System
I have accessed the AWS Fleet Manager service in the AWS Console and have navigated to an EC2 Instance's File System. After selecting a .log file I would like to interrogate I select the Action ...
0
votes
1
answer
43
views
Why adding a read replica creates a "Writer instance" on AWS?
I've just created an Aurora Read Replica for my RDS database and it shows up as "Writer instance" in the list. That doesn't make much sense to me - any idea if I somehow need to configure it ...
0
votes
1
answer
48
views
Cannot access the ALB URL for N8N, but my ECS Service is running fine, reaching steady state without issues
I'm trying to deploy and configure N8N in my AWS account. Now, I'm facing two challenges since but it was somehow tricky to run and configure its Docker image. However, I'll focus on the greatest one, ...
0
votes
0
answers
120
views
AWS application load balancer not registering targets for Kubernetes EKS node target group
I have an EKS cluster with public/private access on a VPC with public and private subnets. I've setup my ALB in the public subnets on port 80, internet-facing and ip and installed the AWS controller ...
0
votes
1
answer
59
views
What actually makes an EC2 instance in a private subnet unreachable from the internet?
I'm reading everywhere (including the official documentation) that an EC2 instance in a private subnet cannot be reached from the internet, even if it has a public IP.
Let's say I have a 10.0.0.0/16 ...
1
vote
1
answer
217
views
Remove public IPv4 from AWS EC2 instances
Since February 1, 2024, AWS started charging for public IPv4 and I have several EC2 instances.
Some instances I can having only public IPv6, for others I need to keep public IPv4. I disabled Elastic ...
0
votes
0
answers
47
views
Kubernetes pod name or print something unique in the pod logs entries or any alternative (rsyslog implementation)
I have implemented Rsyslog server for fetch the pod logs from EKS nodes (Rsyslog client). Everything is working fine but in the logs I need pod name or something uniq to identify the log entries ...
0
votes
1
answer
41
views
unable to see data/chart in cloudwatch for already terminated instance in AWS
Why I am unable to see data/chart for CPU Utilization Metrics in cloudwatch for already terminated instance ?
On other hand I can still see data/chart for Memory utilization.
0
votes
0
answers
41
views
Migrating a VM from AWS to GCP
We have plan to migrate a windows VM running on AWS to GCP. I have a few questions regarding this migration.
Will the credentials used for logging into the AWS machine work for the migrated GCP ...
0
votes
1
answer
73
views
AWS EB Docker Linux 2 Failed Deployment
I am running a Docker running on 64bit Amazon Linux 2/3.8.1 on my AWS EB
When deploying my source it works if I simply upload my docker-compose.yml file, the upload works and the app is live.
I am ...
0
votes
0
answers
45
views
Static files not being detected by the ALB
So, I have deployed an application in a Kubernetes environment (AWS EKS). It is a collection of various micro-applications exposed as services, each micro-service having three replica sets.
All the ...
0
votes
1
answer
86
views
How can I monitor Glue jobs that are fired by EventBridge?
My stack is as follows:
EventBridge fires a Glue job at a regular interval.
Said Glue job runs Python scripts, which run as Step Functions.
The output of these scripts is saved to S3.
How can I ...
0
votes
0
answers
52
views
Encountering error": "Internal Server Error", Code 500 - Okta Authentication with AWS OpenSearch VPC + Nginx Reverse Proxy
I have a AWS Opensearch in VPC network. I am using Nginx reverse proxy to access Opensearch Dashboard (Kibana). My Curent setup is working fine.
I tried to SAML Okta Authentication but getting ...
1
vote
1
answer
60
views
How can I list the files that are in one S3 bucket but not in the other bucket?
I have two AWS S3 buckets that have mostly the same content but with a few differences. How can I list the files that are in one bucket but not in the other bucket?