Skip to main content

Questions tagged [amazon-web-services]

Amazon Web Services (AWS) delivers a set of services that together form a reliable, scalable, and inexpensive computing platform "in the cloud". If you have a question about a specific web service, consider asking on its tag, e.g., amazon-ec2.

Filter by
Sorted by
Tagged with
0 votes
1 answer
58 views

One site, multiple databases/servers

I'm using a US AWS region to host a website via Laravel Vapor. I have some potential European customers and due to regulations I need to have the AWS region that serves the site come out of Europe. ...
Eric's user avatar
  • 113
0 votes
1 answer
160 views

How can I keep track of nginx restarts and reloads?

I have an nginx reverse-proxy on a ubuntu server in AWS. How can I see when it's configurations were reloaded, either via CLI or otherwise, and when it was restarted altogether? If it doesn't record ...
simboyd's user avatar
2 votes
1 answer
760 views

AWS ALB health checks of Windows Server 2022 on a HTTP/1 target group works but not with HTTP/2

I have set up an AWS application load balancer with a target group specified to be HTTP/1. The target group contains a single Windows Server 2022 instance running IIS. The health check functionality ...
JR19's user avatar
  • 21
0 votes
1 answer
1k views

OpenSearch Cluster deployment in Kubernetes - Connection Refused Issue 9200 Port

I am running a Kubernetes cluster in AWS EC2 instances. I have one master node (t2.2large EC2 Instance) and two worker nodes (t2.xlarge EC2 instance). I created the cluster using KubeADM. The cluster ...
arjunbnair's user avatar
0 votes
1 answer
2k views

Error 400 - redirect_uri_mismatch in Google Console

I'm new to google console and encountering an issue while trying to access my app on Google Console, and the error message I'm encountering is: Error 400: redirect_uri_mismatch I have already added ...
Pragyan Satapathy's user avatar
0 votes
0 answers
504 views

AWS Route 53 > Error occured when creating/updating a record

I created a TXT record @.domain.com with TXT "v=spf1 a mx ~all" on AWS successfully. It didn't work with my post office config so I went to update it by removing the record name "@"...
noob's user avatar
  • 101
0 votes
1 answer
730 views

My Cloudfront distribution is showing access denied despite enabling all public access to the bucket objects

I am using the following CF policy in my S3 bucket: { "Version": "2008-10-17", "Id": "PolicyForCloudFrontPrivateContent", "...
Navdeep Singh's user avatar
1 vote
0 answers
34 views

Cant login to AWS EC2 instance with IGW/VPC

Used this q's 2nd answer checklist Hello, I am trying to login to an AWS Linux EC2 instance without much success. I am doing this via cloudshell/android phablet. The VPC has an IGW and a seeming ...
ArrowInTree's user avatar
0 votes
1 answer
53 views

Local terraform repository, remote ec2 with assumed role

My current setup is: My local machine (actually one for each developper) A git repository containing my terraform configuration An EC2 instance which assumes an IAM role which grants it permissions ...
Camusensei's user avatar
0 votes
0 answers
155 views

On AWS EKS, how can I update an addon multiple minor versions at once?

Some enabled add-on lags far behind the latest version. The add-on is NOT self-managed (checked using the doc with aws eks describe-addon) That specific addon has no compatibility issues between the ...
John Doe's user avatar
0 votes
1 answer
119 views

How to get 2 tunnels UP between OpenSwan and AWS?

I have a VPC and network in eu-central-1 and one in eu-west-1 in AWS. The eu-central-1 fakes my on-prem environment. There I installed and configured OpenSwan on an EC2. In in eu-west-1 I configured a ...
DenCowboy's user avatar
  • 343
0 votes
0 answers
171 views

Issue with Laravel ECS Deployment: Access denied for user 'forge'@'10.0.20.124'

I am facing an issue with my Laravel application deployment on AWS ECS. The deployment process involves Jenkins, AWS ECR, and ECS. The new task is created, but there's an "Access Denied" ...
Spiral's user avatar
  • 101
0 votes
0 answers
139 views

How to correctly load balance requests from a Java client to an NLB over multiple AZs

Requests from a Java client to an NLB over multiple AZs Not load-balanced Summary: Expectation: every request from Java is load balanced between two nodes. Actual behavior: all the requests go to one ...
ŌHARA Kazutaka's user avatar
0 votes
2 answers
201 views

Nginx Failed to load resource: the server responded with a status of 443

This store using WooCommerce has been set up for years. Today I got the complain from customers about this error. I checked it and found out that the css/js/images couldn't be loaded. Does anyone know ...
Kevin Nguyen's user avatar
0 votes
0 answers
140 views

Key_load_public : How does this particular 'no such file or directory' map to aws endpoint connect?

Simple ssh key-load-public serverfault article UPDATE 1:'aws ec2 describe-instances' works just fine and gives valid data. UPDATE 2 : aws Cloudtrail opentunnel reports 'dialfailure' ?? Hello! How ...
ArrowInTree's user avatar
0 votes
0 answers
42 views

AWS RDS Periodic Writes

I have an AWS RDS postgres instance (v15) that doesn't see much usage. However, every three hours at around the half hour mark, I get a flurry of writes (see screenshot, below). At first, I thought ...
adam-m-hanna's user avatar
0 votes
0 answers
272 views

Can't connect to my RDS instance

I created my RDS database with Postgresql using Terraform. But I can't connect to this instance from my computer. It is set with Publicly accessible: Yes. I have a security group for it too. I also ...
Antonio Moraes's user avatar
0 votes
0 answers
69 views

How to set a pre-exiting password for an aws_db_instance resource, from a secure SSoT container while keeping it out of the state file?

I'm trying to find a solution for setting the master user password of an aws_db_instance from a pre-existing secret (which is currently in an existing Secrets Manager resource). If I use password = ...
Tar's user avatar
  • 101
0 votes
0 answers
31 views

User dashboard: how to make sure user cannot access other people's data?

A user can log in to their dashboard. When they log in, the front end pulls data from an S3 bucket corresponding to the user, like (e.g.) bucket/data/user5/data.json. This data is then rendered into a ...
BigMistake's user avatar
0 votes
1 answer
106 views

Guaranteeing two EC2 instances on different hypervisors in same AZ

As part of a security evaluation we've been asked if we can set affinity so that two EC2 instances in the same AZ are not hosted on the same physical machine. Obviously it's very unlikely that two of ...
WaldenL's user avatar
  • 1,270
0 votes
0 answers
83 views

ALB: Should load-balance health-checks retry on failure?

We have some AWS ECS-based Fargate-hosted tasks/services running behind many ALBs. We seem to frequently get not-meaningful alerts from our own monitoring in our health-checks. It happens every twenty ...
Dustin Oprea's user avatar
0 votes
0 answers
247 views

AWS WAF and websockets

Can anyone tell me if the AWS WAF supports websockets (wss if important)? If so how is it costed given that it's a long lived connection and wouldn't seem to fit in to the per request style pricing I ...
Thomas's user avatar
  • 1
0 votes
0 answers
76 views

Every so often AWS target-groups become unhealthy and ornery

Every so often, I find that a service deployment refuses to complete because target-groups get into an unhealthy state even though the port-assignments are fine and the tasks appear to be fine. Every ...
Dustin Oprea's user avatar
2 votes
0 answers
433 views

Why is CloudFront failing to pass a header from the origin to the client?

I have CloudFront configured with an API Gateway origin. In the application accessed via API Gateway, my application responds to a particular request with a Content-Disposition header so that the data ...
Bill's user avatar
  • 201
1 vote
2 answers
786 views

Why isn't `nslookup` able to resolve an A record in route53, when I specifically use a nameserver from my hosted zone?

I'm trying to host a static website in s3. I have a domain registered with namecheap, and it is pointing at route53 nameservers. This part seems to be working correctly based on dig: dig getgargoyle....
mike's user avatar
  • 11
0 votes
1 answer
144 views

API Error labels all over AWS management console (EC2 Dashboard)

After deploying a VPC using terraform, I get this: What causes this / how can I debug this? the terraform validate always succeeds... Often when I refresh the whole browser window, the issue is gone ...
yen's user avatar
  • 117
0 votes
0 answers
58 views

Custom Linux AMI: How does AWS know where to install account SSH .PEM files when an AMI is provisioned?

We are building a custom AMI from a template EC2 EBS instance snapshot (Oracle Linux 8). This page shows there are many different user names depending on the AMI you choose: https://docs.aws.amazon....
KJ7LNW's user avatar
  • 161
0 votes
0 answers
113 views

AWS ELB leaks private ip address via dns name that are only accessible via VPN - can this be considered a security risk?

I'm using VPN for my AWS development environment and i have some databases running on EC2 behind an ELB. The thing is whenever i connect to them via VPN i will use database-12345678.elb.us-east-1....
Lorem ipsum's user avatar
1 vote
2 answers
405 views

IPv4 to IPv6 NAT on AWS

AWS supports connecting to external IPv4-only services from an IPv6-only node using NAT64. Is there an equivalent for the reverse? For context, I have an EKS cluster, which is currently IPv4-only, all ...
Ralf's user avatar
  • 179
0 votes
0 answers
22 views

AWS Security Groups misunderstanding

I have 2 windows server instances in AWS, both have their firewalls disabled. They are in the same VPC and the same availability zone. I'm simply trying to allow these servers to ping each other. Each ...
Aditya K's user avatar
  • 933
0 votes
0 answers
428 views

Understanding CPU Utilisation Graph for a task running AWS Fargate

I have a task defined with 0.5vCPU. It has two containers with 0.25vCPU Can someone explain to me what the below CPU Utilization graph represents? The above graph is from Health and Metrics section ...
tuk's user avatar
  • 353
0 votes
1 answer
396 views

AWS VPN Client fail

using debian 12 + aws vpn client 3.9.0 this is the log Any ideaaa ? 2023-10-20 10:38:51.769 -05:00 [DBG] Cancelling socket listen token 2023-10-20 10:38:51.769 -05:00 [DBG] Dispose socket 2023-10-20 ...
JPG's user avatar
  • 101
0 votes
0 answers
114 views

K8s Kops 1/3 Master nodes always turn into Not Ready & kube-apiserver pod of that node abnormally restarts frequently

Our production KOPS Kubernetes v1.20 deployed in AWS is unhealthy. Intermittently, 1 of the 3 master nodes we have is frequently going into Not Ready Status. Furthermore, the kube-apiserver pod is ...
Felix Labayen's user avatar
0 votes
1 answer
96 views

AWS NLB configuration for Tomcat hosts

I have a network load balancer setup with a TCP listener on port 443, nd in my target group I have two UI EC2 instances, both running tomcat. I would like for the users to be directed to second UI ...
Tina's user avatar
  • 1
0 votes
0 answers
261 views

How do I merge 2 partitions on AWS after expanding the volume and filesystem on linux

I have the original volume showing at 8GB on the default instance when i created it on AWS. Then I went through the process of expanding the existing volume to 500GB and then expanding the filesystem (...
marciokoko's user avatar
0 votes
0 answers
13 views

Does elastic search m4.x instance type supports gp3 EBS type?

I am currently using elasticsearch on aws for m4.xlarge.search what I am trying to upgrade gp2 to gp3 and my question is does it supports m4 instance type referring toc this doc i see N/A for m4 in ...
Neetesshhr's user avatar
0 votes
0 answers
26 views

Cloud solution architecture for sparsely used real-time AI [duplicate]

I have to deploy a real-time AI which is sparsely used, sometimes it's being used once in a week, sometimes 500 times in a day. The solution is working in a container locally for now and basically ...
Maxime Debarbat's user avatar
0 votes
0 answers
84 views

Can AWS NLB be used to load balance requests to Read Replicas?

This article from Nginx describes how Nginx TCP load balancing can be used against MySQL cluster. In the first diagram, I would like to replace the Nginx LB with AWS NLB where, the MySQL cluster runs ...
cogitoergosum's user avatar
1 vote
1 answer
384 views

How do I create an Elastic Beanstalk example?

I have tried to create and deploy on Elastic Beanstalk. It never works. I have spent over 14 hours trying to get EB to work over the course of 1 month. I have followed online tutorials in addition to ...
BigMistake's user avatar
0 votes
0 answers
62 views

Where does .env (which contains the client secret) go?

I have a React app with a Node.js server. Here is the directory structure: .env app     .env     .gitignore     build/     node_modules/     package copy.json     package-lock.json     package.json    ...
BigMistake's user avatar
1 vote
0 answers
180 views

Webapp in Azure huge time network response and latency compared to AWS

I own a pretty simple WebApp, based on php/mysql/redis/nginx. I was trying to move the server to Azure, to see if I could save some money, and today I created a WebApp on Azure using the wizard UI of ...
albanx's user avatar
  • 111
0 votes
1 answer
396 views

AWS Cognito: auth page not showing up, DNS_PROBE_FINISHED_NXDOMAIN from hosted UI URL

Here is the url I am navigating to: http​​s://​auth.[domain].com/oauth2/authorize?client_id=[id here]&response_type=code&scope=email+openid+phone&redirect_uri=https%3A%2F%2F[domain]%2F[...
BigMistake's user avatar
1 vote
1 answer
91 views

failed to get disk format of disk /dev/nvme1n1: exit status 127

What happened? I had an old AWS EKS kubernetes cluster, running 1.21, so i decided to upgrade it. While upgrading to 1.23 if not mistaken i was prompted that i need to install the AWS EBS CSI driver, ...
TheRusko0's user avatar
0 votes
1 answer
373 views

Logon Message Powershell Script Runs But Does Not Launch Prompt

I'm trying to setup a login prompt according to https://aws.amazon.com/blogs/desktop-and-application-streaming/generate-logon-messages-for-security-and-compliance-in-amazon-windows-workspaces/ because ...
nemesis22's user avatar
0 votes
1 answer
921 views

Adding more IP Addresses to a Subnet in AWS

I have a Subnet with CIDR 10.0.4.0/28 (15 IP addresses), which is now exhausted; so I want to add more IP addresses. Is it possible to add more IP addresses to the subnet? I see that I can add a ...
Techboy's user avatar
  • 1,582
0 votes
0 answers
190 views

SSH tunnel to access dual stack resources in AWS (IPv4 + IPv6)

I am trying to setup a Bastion and use it as an SSH proxy to access all my private resources in AWS. I am having hard time debugging why an SSH tunnel to a specific host with dual stack (IPv4 + IPv6) ...
MaesterZ's user avatar
0 votes
0 answers
109 views

AWS - Setup OIDC authentication in ALB with AWS Beanstalk

I have to setup my application in elastic beanstalk with High availability. My architecture involves a php application running in beanstalk in private subnet with ALB (public subnet) which is also ...
Goural's user avatar
  • 35
0 votes
0 answers
68 views

AWS CDK : how do I add a StringParameter as a secret to an ECS container?

I'm creating a StringParameter using AWS CDK : cwa_config = ssm.StringParameter( self, name + "_ssm", string_value=json.dumps(cw_config_content) ) How do I add this parameter to an ECS ...
sbrattla's user avatar
  • 1,630
0 votes
0 answers
238 views

Unexpected behavior with AWS Firewall and Default Stateful Rules

I have configured an AWS Firewall in our testing account, pretty much following the standard setup procedure as documented by AWS. From our private subnet, outbound traffic heading to the internet is ...
Thomas Langston's user avatar
0 votes
0 answers
157 views

Problems getting ACM cert to validate in AWS

I have a domain that I moved to route 53, to simplify interoperability with other AWS services. I created a hosted zone, and added a CNAME record for a WWW subdomain. I then went to the ACM and ...
Roger Hill's user avatar

1
3 4
5
6 7
176