Skip to main content

Questions tagged [amazon-web-services]

Amazon Web Services (AWS) delivers a set of services that together form a reliable, scalable, and inexpensive computing platform "in the cloud". If you have a question about a specific web service, consider asking on its tag, e.g., amazon-ec2.

Filter by
Sorted by
Tagged with
0 votes
1 answer
104 views

What are the options for Layer 7 DDoS protection of AWS resources

The following are my assumptions based on AWS docs. It's only because the docs do not precisely address my questions that I'm here asking. AWS WAF (whether used directly or via Shield Advanced) is ...
Ash's user avatar
  • 129
0 votes
0 answers
32 views

What part does AWS Global Accelerator play in established TCP connections

Reading the docs I can see that Global Accelerator (GA) routes to nearest region and has failover protection that will cause it to route to a different region if one fails. I can't find any info that ...
Ash's user avatar
  • 129
0 votes
0 answers
15 views

How to define which AWS services to use and how to use them when deploying an ACS server? [duplicate]

I want to use AWS for deploying an open source ACS software that uses mongodb to manage my CPE devices. I want it to manage thousands-tens of thousands of devices with minimal interruption. What ...
idk_im_a_junior's user avatar
0 votes
0 answers
61 views

Route53 IPv6 Outbound Resolver not forwarding

I can't seem to get Route53 to correctly forward DNS requests to nat64.net when using IPv6. The host in this case is Ubuntu 22 (though I think this is about AWS). Here's the background: I've created ...
MattW's user avatar
  • 101
0 votes
0 answers
49 views

Base image similar to Amazon AMI 2018.03

My question is without having to take an old AMI server snapshot, where can I get an image (ISO or VB vdi etc) very close to the AMI 2018.03 image? I think? this version was based off Centos while the ...
Jan Nell's user avatar
0 votes
1 answer
149 views

Why does `aws s3 ls s3://mybucket/ --recursive | wc -l` list fewer files than the number of objects mentioned in the AWS web UI in my S3 bucket?

I have an AWS S3 bucket s3://mybucket/. Running the following command to count all files: aws s3 ls s3://mybucket/ --recursive | wc -l outputs: 279847 Meanwhile, the AWS console web UI clearly ...
Franck Dernoncourt's user avatar
0 votes
0 answers
42 views

Rancher with AWS LB controller fails health checks

I'm trying to launch Rancher with the AWS LB controller and i'm getting health checks failed for the ingress. Can someone please look at my set up and let me know if something that's obvious? EKS ...
user2051904's user avatar
0 votes
0 answers
33 views

RDS in the same security group does not allow connection whilst another does

I had a similar issue with EC2 (not solved yet: SSH to EC2 times out, but other instances in the same security group are reachable) and here is the same with RDS. I have existing RDS running with SG ...
Gino Pane's user avatar
  • 101
0 votes
2 answers
91 views

SSH to EC2 times out, but other instances in the same security group are reachable

Something really weird happened to one of my EC2 istances. So I have a security group and a bunch of instances associated with that group. I can SSH into all of those intances. I created a new ...
Gino Pane's user avatar
  • 101
0 votes
1 answer
291 views

Fluent-Bit - How to extract part of a file name and append it to log_stream_name for Cloudwatch log group

New to Fluent-Bit and looking for some guidance on this. Latest version of Fluent-Bit is installed on ec2 and successfully running and working. I am pushing logs from /var/log/nginx... to Cloudwatch ...
user2500414's user avatar
0 votes
0 answers
31 views

AWS IAM policy for partial username match (extract username from SSO)

We are using single sign-on for AWS users, so when a user logs in they assume a role, and they don't have an actual IAM user account. We use CodeCommit, which requires an SSH key added to an IAM user. ...
Malvineous's user avatar
  • 1,145
2 votes
2 answers
759 views

How can I know which AWS S3 bucket(s) an AWS key and secret key that can access?

I have an AWS key and secret key that can access some AWS S3 buckets. How can I know which ones?
Franck Dernoncourt's user avatar
1 vote
1 answer
94 views

NAT gateway costs on AWS

I have a django app on AWS using ECS Fargate behind a VPC. A NAT gateway is required with this setup, but most of the costs are from the NAT gateway. How I can reduce this? My docker image is 600 MB. ...
david backx's user avatar
0 votes
0 answers
43 views

Client --> AWS ALB --> AWS Lambda: connection lost somewhere, how to identify?

The client made an API request. Client --> ALB --> Lambda Lambda worked fine with a response. Lambda duration is only about 3 seconds. The client encountered timeout at 15th second. The ALB ...
Zhuang Paulus's user avatar
0 votes
0 answers
55 views

Is it possible to deploy Milvus on Kubernetes without using Helm?

I'm trying to deploy an application on Kubernetes using a Helm chart, specifically the storage classes, following the instructions provided in the documentation (https://milvus.io/docs/eks.md). ...
MPP's user avatar
  • 1
0 votes
1 answer
47 views

Redirection of Domain in Route 53 and AWS

I have help desk created in Zendesk, but the zendesk provided an URL with their domain ("example.zendesk.com"). I wanted to redirect this service with my domain name, so I added an Route 53 ...
Roronoa Zoro's user avatar
0 votes
2 answers
76 views

Wordpress and MySQL on same EC2 instance, different subnets. One public one Private

My goal is to have a single EC2 instance containing both WordPress and its MySQL database on same VPC and have the WordPress available on the public subnet and MySQL on the private subnet. The purpose ...
manoman687's user avatar
0 votes
2 answers
69 views

Windows server spot instance shuts down randomly (status failed / bad-parameters)

I've been using AWS for decades at this point and I started using spot instances for various reasons including professional reasons such as testing software I develop, etc. I mostly use Windows Server ...
Tommy B.'s user avatar
  • 1,444
0 votes
1 answer
100 views

Best practices on managing Terraform project repositories

As part of a new job role, I have started learning Terraform recently. Before, my main orchestration/provisioning tool was Ansible, and the best practice at my previous place was to hold the state for ...
Yuri's user avatar
  • 3
0 votes
1 answer
112 views

AWS SSL Certificate for Laravel on EC2 instance

I have Laravel application on EC2 instance on Ubuntu, also I have Application Load Balancer and verified AWS SSL certificate. But logically I can’t run Laravel without, NGINX or Apache. I can adjust ...
Богдан's user avatar
0 votes
1 answer
66 views

What exactly is aws load balancer "Protocol : Port"?

I have never been able to figure out what this configuration is or does when creating load balancers. The documentation says Choose a protocol for your target group that corresponds to the Load ...
Rb C's user avatar
  • 1
0 votes
0 answers
29 views

Charts of Lambda Function usage in AWS

I have multiple Serverless PHP applications deployed at AWS via Vapor for Laravel. The Lambda bill is high since a few months. I wanna know which Lambda are causing the higher usage. But I can't find ...
user1469734's user avatar
0 votes
0 answers
41 views

Unable to join EC2 worker to VirtualBox master

Im deploying a Hybrid Cloud(VirtualBox-AWS) Kubernetes cluster. What I have done so far: Set the control-plane on Ubuntu Server 22.04 LTS via VirtualBox 6.1. Change network adapter to bridged Ran the ...
Mabadai's user avatar
  • 101
0 votes
0 answers
25 views

Lambda horizontal scaling when consuming from FIFO SQS queue

We have messages which need to be consumed by a lambda. We opted to use a FIFO SQS queue solely for the deduplication ID feature, but do not otherwise need FIFO features. The lambda is not scaling ...
Möbius Dickus's user avatar
0 votes
0 answers
64 views

Options to enforce transitive routing in 3 peered VPCs in AWS

To start this off, this is strictly a test scenario that I'm playing with, I know transitive peering is not allowed but I would still like to know what technical workarounds are possible to enforce ...
lazy_davinci's user avatar
0 votes
1 answer
518 views

unable to login via putty ssh to my ec2 linux instance in aws : no supported authentication methods available

i am new in aws, i created two linux instances : amazon linux and ubuntu linux I downloaded RSA ppk key pairs + imported to putty, however I am unable to login via putty, i get this error no ...
andrew's user avatar
  • 231
0 votes
1 answer
122 views

Outbound IPv6 connection replies not routed back to firewall in VPC

In a newly-built AWS VPC (deployed with Terraform to minimise typos), I have one "DMZ" subnet and one internal. A firewall appliance bridges the two, with an interface in each. Both ...
Ian Gibbs's user avatar
1 vote
1 answer
367 views

Migrate AWS ECS cluster IPV4 to IPV6

I'm trying to avoid this new cost (public IPv4) in aws for small projects because it will represent a big percentage of the cost. In my ECS cluster, I use EC2 instances as capacity providers, ...
Matheus's user avatar
  • 63
0 votes
0 answers
141 views

AWS Appflow - Incremental Transfer & Overwriting Existing Files in S3

I'm using AWS Appflow to transfer files from a SharePoint site to an S3 bucket. My goal is to achieve the following: Weekly Runs: Schedule the flow to run on a weekly basis. Incremental Transfers: ...
Nicolas's user avatar
0 votes
0 answers
160 views

EC2 network burst credit balance

How do I know my usage of network credit balance? I have a t4g.small instance and periodically I face timeout issues on the networking services hosted there. As it stated here: An instance receives ...
mega.venik's user avatar
0 votes
0 answers
30 views

Not able to FTPS to another server from EC2 under ALB and WAF

I'm having an issue whereby I'm not able to ftps to another server from my EC2. If I run a simple command lftp username:password@serverurl:2121 then proceed to ls, I will be stuck at ls at 0 [...
user774150's user avatar
0 votes
1 answer
79 views

AWS-SES sending from one site, from is another site - will DMARC help or hurt

Alright, to keep this simple: I have a project that is using AWS's SES to send transactional emails. The project is hosted on one site (let's call it example-site.com), but for reasons, the From: is ...
P. Gearman's user avatar
0 votes
0 answers
24 views

Does EKS bill include the costs for control-plane (master) nodes?

EKS costs $0.10 / hr + you pay for the worker nodes (EC2 + storage + data transfer). But EKS itself runs master nodes. So the question is: does $0.10 covers the costs of master nodes? If not, then how ...
Dmitry Belaventsev's user avatar
0 votes
1 answer
286 views

AWS VPC CNI PLUGIN - Error: container runtime network not ready due to NetworkPluginNotReady - How to Resolve

I am facing difficulty in this, maybe the answer is simple so if someone knows the answer, please comment here. I have created an EKS cluster using the following manifest. apiVersion: eksctl.io/...
Arun Lal's user avatar
0 votes
0 answers
211 views

How to create a Service Principal Name (SPN) for an AWS RDS-managed SQL Server instance computer object in AD?

We are using AWS RDS for SQL Server, an AWS managed service. We joined our RDS to our self-managed AD: We found the Active Directory Service Principal Name (SPN) for the RDS-managed-service database ...
Federico Navarrete's user avatar
0 votes
0 answers
42 views

Updating csi-driver without stopping

I'm now facing this. # module.eks_volume_provisioning.aws_eks_addon.csi_driver will be updated in-place ~ resource "aws_eks_addon" "csi_driver" { ~ addon_version ...
jesus's user avatar
  • 1
0 votes
0 answers
76 views

Cluster Openshift on AWS with IPI, installation error no such host

I'm trying to deploy an OpenShift cluster on AWS using the IPI installation. I've used a t3.xlarge instance and followed the steps in the following guide https://docs.openshift.com/container-platform/...
Felice Coppola's user avatar
0 votes
1 answer
297 views

Best approach to install gdal for rasterio in aws/lambda/python Dockerfile

The python dependencies for an AWS lambda application have exceeded the 250 MB limit for AWS Lambdas. One of these dependencies is rasterio which depends on gdal. I'm attempting to build a docker ...
AJP's user avatar
  • 155
0 votes
0 answers
33 views

AWS CodeBuild user doesn't take on service role

I am working on setting up a build project in CodeBuild that creates a Docker container from a GitHub repo, and pushes it to ECR. This build process uses a container built previously that's stored in ...
HighElfWisard's user avatar
-1 votes
1 answer
108 views

Linux system mails alternative for sending and receiving besides SMTP

I have multiple EC2 servers which run either Ubuntu or Amazon Linux. I want to run automatic system updates but get a message when the system is updated. The yum-cron package can send emails, but I do ...
lony's user avatar
  • 107
0 votes
0 answers
106 views

dns problems in self managed aws ec2 cluster with aws-vpc-cni

I'm new to k8s and I've been trying to learn it. I faced a problem with trying to setup aws-vpc-k8s-cni on my fresh k8s cluster with coredns. Here's the problem in detail. Cluster & Network ...
Ayush's user avatar
  • 131
0 votes
1 answer
320 views

AWS Security Group Inbound rules for SSM Session Manager

I have an instance in a private subnet and a security group that allows any inbound access. I can connect to it with Session Manager. If I restrict inbound access to port 22 only I can no longer ...
Jake's user avatar
  • 631
0 votes
0 answers
67 views

Observing AWS App Runner 429s

During performance testing we're seeing 429s from App Runner. The body of the response will say "Max queue length has been reached". I know this is a known issue and it's described here in ...
Steve Wortham's user avatar
0 votes
0 answers
63 views

PVC is in terminating state and PV is in bound state in Kubernetes

I have the PVC which is in terminating state (because it is referenced from 3 other pods) and the PV is in bound state. PV has the retain reclaiming policy. Also I am not sure on the reason for the ...
Harry's user avatar
  • 111
0 votes
0 answers
41 views

How can I set separate phase 1 and phase 2 IPs using AWS Managed IPSec offerring?

I'm trying to setup an AWS Site-to-Site VPN connection that is IPSec based. It seems to be their managed offering. A particular connection I am trying to setup specifies distinct Phase 1 and Phase 2 ...
Dennis's user avatar
  • 1
0 votes
0 answers
13 views

AWS VPC Connect Endpoint and Workbrench integration

I have some RDS instances under a private subnet and a bastion host (ec2 instance) with a public IP to connect to it. As part of getting a security certification we need to get rid of all ec2 ...
Andrés Páez's user avatar
0 votes
0 answers
121 views

AWS ALB inbound requests/traffic and denial of wallet attacks

Scenario: I have an AWS ALB protected by AWS WAF with lots of AWS Managed WAF Rules, rate limiting rules, etc. I'm having a hard time in understanding why, even requests blocked by WAF, are impacting ...
gidici's user avatar
  • 1
0 votes
0 answers
55 views

404 error on jaeger-collector in kubernetes deployment

I've tried istio in kubernetes by referring official site of istio. In that, I can access kiali, prometheus but I can't connect the jaeger-collector. Since I'm using EKS and VM, I've exposed them as ...
Mathew F's user avatar
0 votes
1 answer
51 views

MQ broker in private or public subnet?

I'm setting up an MQ broker in an AWS environment. The MQ broker will be used by both services running in that AWS environment as well as services running in other locations. All other services ...
sbrattla's user avatar
  • 1,630
0 votes
0 answers
64 views

AWS Site to Site VPN to Kerio Control Phase 2 parsed INFORMATIONAL_V1 request 380820527 [ HASH N(INVALID) ]

I'm setting up a Site-to-Site VPN between my on-premises network and AWS VPC, and encountering an INVALID_ID_INFORMATION error during the phase 2 (Quick Mode) negotiation. The setup involves IPsec ...
ale_93_be's user avatar