Questions tagged [amazon-web-services]
Amazon Web Services (AWS) delivers a set of services that together form a reliable, scalable, and inexpensive computing platform "in the cloud". If you have a question about a specific web service, consider asking on its tag, e.g., amazon-ec2.
8,773
questions
398
votes
27
answers
487k
views
How can I get the size of an Amazon S3 bucket?
I'd like to graph the size (in bytes, and # of items) of an Amazon S3 bucket and am looking for an efficient way to get the data.
The s3cmd tools provide a way to get the total file size using s3cmd ...
158
votes
8
answers
166k
views
Amazon Cloudfront with S3. Access Denied
We're trying to distribute out S3 buckets via Cloudfront but for some reason the only response is an AccessDenied XML document like the following:
<Error>
<Code>AccessDenied</Code&...
146
votes
3
answers
190k
views
How can I upgrade to Java 1.8 on an Amazon Linux Server?
I tried sudo yum update but it just keeps java "1.7.0_75". I need 1.8 for it to work with another application but can't figure out how to upgrade it.
Do I need to manually install it somehow? There's ...
125
votes
7
answers
165k
views
What Linux distribution is the Amazon Linux AMI based on?
Amazon Web Services (AWS) offers an officially supported Amazon Machine Image (AMI), but it doesn't indicate which Linux distribution it's based upon.
Is the official Amazon Linux AMI based on ...
93
votes
8
answers
72k
views
Route 53 doesn't allow adding DKIM keys because length is too long
Here is how I enter the value for DKIM key:
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwztXzIUqic95qSESmnqX U5v4W4ENbciFWyBkymsmmSNOhLlEtzp/mnyhf50ApwCTGLK9U7goo/ijX/wr5roy ...
91
votes
4
answers
63k
views
How to change the name and description of an AWS EC2 security group?
How do you change the name and description of a security group in AWS EC2?
My security group is named quick-start-1 (the default) and I want to change it to "HTTP, HTTPS and Limited SSH".
82
votes
8
answers
214k
views
Copy directory structure intact to AWS S3 bucket
I want to use the AWS S3 cli to copy a full directory structure to an S3 bucket.
So far, everything I've tried copies the files to the bucket, but the directory structure is collapsed. (to say it ...
80
votes
8
answers
244k
views
AWS RDS connection limits
RDS server come up with 40 connection max, as in the following documentation
I am using Magento 1.9, and at some points, i reach the max number then website is out of service.
Do you have any ...
79
votes
2
answers
57k
views
Tried to create 2 record set type=TXT in Route53
I'm trying to add a second TXT record to a domain, but I get the following error:
Tried to create resource record set type='TXT but it already exists
Can I add two records at the same domain?
71
votes
3
answers
69k
views
Search ec2 instance by its name from aws command line tool
I have an instance named dev-server-03. Now how can I search all dev-server-* instances from command line?
I am using aws cli tool.
68
votes
2
answers
20k
views
Why does AWS recommend against public S3 buckets?
"We highly recommend that you never grant any kind of public access to your S3 bucket."
I have set a very granular public policy (s3:GetObject) for one bucket that I use to host a website. Route53 ...
68
votes
5
answers
115k
views
What is the difference between a public and private subnet in a Amazon VPC?
When I launch a server with a security group that allows all traffic into my private subnet, it displays a warning that it may be open to the world.
If it is a private subnet, how can that be?
63
votes
4
answers
92k
views
Download SSL certificate from aws certificate manager
I am using aws certificate manager for managing SSL. Recently I purchased a wildcard ssl *.example-private.com Now I need that SSL certificate to deploy on enterprise git instance on aws.
How can i ...
61
votes
9
answers
139k
views
How do you recover you RDS master user username?
Resetting the RDS master user's password is simple enough, but how do you find your master users username?
61
votes
4
answers
46k
views
Multiple EC2 security groups - permissive or restrictive?
What happens when I assign multiple security groups to an instance? Is it permissive in the sense that the traffic is allowed in if any one of the security groups allows it. OR is it restrictive in ...
58
votes
2
answers
57k
views
Are EC2 security group changes effective immediately for running instances?
I have an EC2 instance running, and it belongs to a security group. If I add a new allowed connection to that security group through AWS Management Console, should that change be effective immediately?...
56
votes
7
answers
67k
views
How to delete EC2 AMI
I know that the command ec2-create-image instance-id will be creating an image of the ec2 instance, creating snapshots file and registering as an AMI. But what is the equivalent command to delete the ...
54
votes
3
answers
86k
views
Rsync to AWS S3 bucket
For a server I am hosting a website on I want to backup the data and settings to an S3 bucket. I found out that you can't directly use rsync to backup to an S3 bucket. Is there another way to achieve ...
53
votes
11
answers
42k
views
Why should I use Amazon Route 53 over my registrar's DNS servers?
I am building a site that I anticipate will have high usage. Currently, my registrar (GoDaddy) is handling DNS. However, Amazon's Route 53 looks interesting. They promise high speed and offer globally ...
51
votes
5
answers
131k
views
How to install Docker on AWS EC2 instance with AMI (CE/EE Update)
What is the current way of installing Docker on an AWS EC2 instance running the AMI?
There has been an announcement of Docker Enterprise Edition and now I want to know if anything has changed.
Until ...
50
votes
5
answers
48k
views
Can't connect to EC2 instance in VPC (Amazon AWS)
I've taken the following steps:
Created a VPC (with a single public subnet)
Added an EC2 instance to the VPC
Allocated an elastic IP
Associated the elastic IP with the instance
Created a security ...
49
votes
5
answers
66k
views
Is there a cloud-based reverse proxy solution in AWS? [closed]
The system
I have an API deployed on EC2 machines on AWS. Incoming HTTPS requests are passed to an elastic load balancer. The load balancer handles the SSL, and passes the request to an Nginx server, ...
46
votes
5
answers
99k
views
Why can't I reach my Amazon EC2 instance via its Elastic IP address?
The server works fine via the Amazon assigned DNS entry, but I cannot reach it (using a browser) via the Elastic IP address Amazon assigned the box. Ping does not work either. I am trying to confirm ...
46
votes
3
answers
14k
views
Can different AWS accounts manage different subdomains?
I have two AWS accounts. The master account with example.com as a Hosted Zone, this then has a number of record sets (i.e. api.example.com and kibana.example.com).
A second account will be managing ...
44
votes
14
answers
67k
views
AWS: Environment named *** is in an invalid state for this operation. Must be Ready
I get a message when I am trying to deploy my php app on EC2 using Elastic Beanstalk.
Environment named *** is in an invalid state for this operation. Must be Ready.
I am unable to deploy. The ...
41
votes
11
answers
79k
views
How do you restart all Tasks of a Service?
We have a task that loads some configuration files from an external data source. After the settings are uploaded we would like to be able to restart all the tasks in a service so that the settings ...
40
votes
2
answers
11k
views
AWS S3 charging for 4 TB of storage when only using less than 1 GB
I'm having trouble understanding my large S3 bill, and figured I'd ask here before dropping $30 on AWS monthly support.
Basically, I have an Amazon EC2 instance that makes an API to different ...
40
votes
7
answers
29k
views
Update the container of a service in Amazon ECS
What kind of approach is recommended for updating the container of a service which is running in Amazon ECS?
The AWS documentation says: "If you have updated the Docker image of your application, you ...
39
votes
8
answers
29k
views
Locked out of my own server: getting "Too many authentication failures" right away when connecting via ssh
I have an AWS EC2 Ubuntu instance for pet projects. When I tried logging in one day, this error results:
~$ ssh -i"/home/kona/.ssh/aws_kona_id" [email protected] -p22
Enter passphrase for key '/...
37
votes
1
answer
33k
views
Should I append a dot (.) at the end of my DNS urls?
I've noticed that AWS's DNS service (Route53) appends a dot (.) at the end of every DNS URL:
ns-xxx.awsdns-yy.co.uk.
ns-xxx.awsdns-yy.net.
ns-xxx.awsdns-yy.org.
ns-xxx.awsdns-yy.com.
Question: Is ...
37
votes
5
answers
43k
views
AWS CloudFormation - Custom variables in templates
Is there any way to define shortcuts for often-used values derived from CloudFormation template parameters?
For example - I've got a script that creates a Multi-AZ Project stack with ELB name project ...
36
votes
16
answers
52k
views
Can't run AWS CLI from CRON (credentials)
Trying to run a simple AWS CLI backup script. It loops through lines in an include file, backs those paths up to S3, and dumps output to a log file. When I run this command directly, it runs without ...
35
votes
4
answers
53k
views
Where does Amazon publish the range of IP addresses used for EC2 instances by region?
How can I keep updated of changes to the range of IP addresses that Amazon will use for EC2 instances. I want to add a range of IPs to my firewall settings to allow access to my 'ground based' mysql ...
35
votes
2
answers
37k
views
Elastic file system (EFS) mount outside of AWS
I have a server that is outside of AWS. I'd like to be able to mount an EFS volume to it, but I am not sure if that is possible.
Perhaps if you create a VPC, and you create a tunnel over VPN?
Does ...
35
votes
3
answers
32k
views
Static IP address for outgoing traffic from AWS autoscaling group
I'm going to have a number of EC2 instances in an Elastic Beanstalk autoscaling group in a default subnet in a VPC. The app on these EC2 instances needs to connect to a third party service who uses an ...
35
votes
6
answers
39k
views
Can you require MFA for AWS IAM accounts?
Is it possible to require Multi-factor Authentication (MFA) be enabled for specific/all IAM accounts in Amazon Web Services?
There are options for password requirements and it's clear how one can ...
34
votes
8
answers
14k
views
Why do IOPS matter?
I understand what IOPS and throughput are. Throughput measures data flow as MB/s and IOPS says how many I/O operations are happening per second.
What I don't understand is why many storage services ...
34
votes
3
answers
65k
views
Cannot mount an existing EBS on AWS
I tried mounting an existing EBS Storage (which has data) to an instance, but it keeps throwing this error.
mount: wrong fs type, bad option, bad superblock on /dev/xvdf,
missing codepage or ...
34
votes
2
answers
42k
views
No Cache-Control Header for files from AWS CloudFront with S3 Origin
We just migrated to Amazon AWS. We currently have an EC2 instance that's working well. It's running Nginx in front and Apache in the back-end. That's running well also. All sites are launched properly ...
34
votes
2
answers
47k
views
Fundamental difference between t3 and t3a EC2 instances
Both T3 and T3a instances offer the same configuration, CPU credits and network performance. The only difference that I find is T3 uses Intel processor while T3a uses AMD processor, while both are ...
34
votes
3
answers
41k
views
EBS vs SSD definition
I am confused about the EBS and SSD choice while creating an instance .
while choosing instance parameters (Step 2) you will see 2 options in the column Instance Storage (GB) : EBS only or SSD .
...
34
votes
3
answers
79k
views
Why can't I create a superuser in AWS Postgresql instance?
I have an AWS EC2 instance connecting to an RDS instance (Postgresql). When I created the RDS instance, I told it the DB root's username was: my_user1 and the password was password1. Now I'm ...
34
votes
4
answers
30k
views
Assigning a domain name to an AWS Fargate task
I have an AWS Fargate task running a web app in a public subnet so it has a public address. My question is how to I connect a domain (through Route 53) to that task, so that nothing breaks when I ...
33
votes
5
answers
50k
views
Nginx set_real_ip_from AWS ELB load balancer address
I have a set of Nginx servers behind an Amazon ELB load balancer. I am using set_real_ip (from the HttpRealIpModule) so that I can access the originating client IP address on these servers (for ...
33
votes
5
answers
50k
views
AWS can not change DB Subnet Group for AWS RDS
we have to (want to..) rename our DB Subnet Groups on AWS, so i created a new DB Subnet Group with same settings as the old one. When i want to switch the Group on "Modify Tab" in AWS GUI and hit ...
33
votes
1
answer
13k
views
How do I ensure my AWS free tier plan doesn't exceed the free usage limit?
I'm spinning up a free tier instance and I don't want to accidentally exceed the limit. How do I do that?
33
votes
3
answers
18k
views
How can I reuse existing resources in CloudFormation?
I have an S3 bucket as a resource in my CloudFormation template, with DeletionPolicy set to Retain. This works as expected: when deleting the stack, it does indeed retain the bucket. However, when I ...
32
votes
1
answer
4k
views
Why is the year in this ISO timestamp not 2019?
For a simple app I'm using to test a devops pipeline I'm outputting the start time of a build to the homepage. On my development machine the year of the ISO-8601 timestamp I expect, 2019, is printed (...
32
votes
8
answers
103k
views
Kubernetes always gives 503 Service Temporarily Unavailable with multiple TLS Ingress
I have a kubernetes cluster setup by kops on Amazon Web Services
I have a 2 sites setup. One is secured via SSL/TLS/https and the other is just http. Both are Wordpress sites. Domains changed to ...
32
votes
7
answers
44k
views
How to verify a AWS VPC (S3) endpoint works?
I added a VPC endpoint to my VPC using CloudFormation, and allowed s3 usage. The routes are visible in the AWS console, but not in the local routing tables of the
EC2 instances:
$ route -n
Kernel IP ...