Questions tagged as ['amazon-web-services']
Please help understand the cause and solution for the problem.
SageMaker Studio domain creation fails due to KMS permissions. The IAM Role specified to the SageMaker arn:aws:iam::316725000538:role/SageMaker has the permissions for KMS required as specified in https://docs.aws.amazon.com/sagemaker/latest/dg/api-permissions-reference.html.
Domain creation failed
Unable to create Amazo ...
is it possible to configure apache2 in a heterogeneous cluster across 4 nodes while 2 nodes are in OCI and 2 nodes are within AWS ?
node 1 os : ubuntu 20.04 running wordpress node 2 os : ubunto 20.04 running magento node 3 os : ubuntu 20.4 running laravel application node 4 os : oracle autonomous linux zimbra
I am familiar with pacemakers but I am not sure about the inter-cloud and oracle autonomous L ...
Is there a way to log the connections blocked by the AWS Network Firewall, or filter the logs of blocked connections?
Currently having setup the rules, and would like to know which IP or domains have been blocked.
Looking at Logging network traffic from AWS Network Firewall but not clear if it is possible.
You can record flow logs and alert logs from your Network Firewall st ...
My AWS LightSail Ubuntu instances used to allow my ssh clients to stay connected forever. However, a newly created Ubuntu 20.04 instance now keeps dropping the ssh connection, even though connections on the same PC to other cloud Ubuntu instances remain uninterrupted. I am unable to tell whether it is due to inactivity.
/etc/ssh/sshd_config and the following are all unset:
#TCPKeepAlive yes ...
I have multiple websites, running on Nginx, and I am trying to set up a load balancer, with 3-5 instances sitting under it. All these websites will need an SSL cert. I am trying to think of the best way possible.
- Use nginx instance as a load balancer, attach an EBS to the instance, install certbot and store the certificates on the EBS. certbot will renew and update the certs on EBS. The web server in ...
This is a very basic question, but all the answers I can find either relate to WordPress installs or Bitnami installs. I have a plain Debian instance running Nginx.
I would like to set up Fail2Ban. The problem is that Lightsail seems to have its own firewall, configurable via the console. It isn't clear to me how Fail2Ban would work with such a firewall, and I don't want to potentially screw up ...
We have a domain wich is managed on AWS 53. Is it possible to create an alias record in AWS route 53 to refer to a public IP address (for instance AZURE VM public IP). So that I could use this example "azvm.domain.com" to reference to the Azure VM .
I think the answer is no, but I want to make sure that I'm not missing anything. Is it possible for an EC2 instance to have IP addresses in more than one VPC at the same time?
I tried creating 2 VPCs, and then two network interfaces, one in each VPC, but it seems it's not possible to attach them to the same EC2 instance because it's not possible to attach them to an instance that's not on that VP ...
I have a number of lambda functions which run my serverless backend. Something somewhere is misbehaving, and I need to bring up/search all the logs from a particular time — from all log groups, not just a single one, or a single stream.
Is there a good way to search across all log groups and all streams?
I have tried the console, but this insists on driving down from log groups (for lambda, these eq ...
I have a number of domains (e.g. 10 or 20) and I would like to redirect any visitors to anywhere on those pages to one page on another domain (for example my stackoverflow.com profile page).
- apex domain using
- apex domain using
- sub domains using
I created a fresh EC2 instance, this is the setup:
|IP version||Type||Protocol||Port Range||Source|
|IP version||Type||Protocol||Port Range||Source|
I've currently set up a classic AWS loadbalancer with an SSL listener and a public certificate issued through AWS certificate manager, e.g.
query.mydomain. This redirects to a HiveServer2/Thrift instance.
I'm connecting to the public endpoint using beeline like this:
beeline -u "jdbc:hive2://query.mydomain:10100/default;ssl=true" -n <username> -p <password> --verbose=true -d org.apache. ...
My own image
public.ecr.aws/f6q1r4v8/amazonlinuxwithshell:latest fails to start on AWS (FARGATE) in a very weird way:
Last status Stopped
Stopped reason CannotPullContainerError: inspect image has been retried 5 time(s): failed to resolve ref "public.ecr.aws/f6q1r4v8/amazonlinuxwithshell:latest": failed to do request: Head https://public.ecr.aws/v2/f6q1r4v8/amazonlinuxwithshell/manifests/latest: dial ...
To do any ops work on our servers, we first need to ssh into a DMZ server with a public IP, before ssh-ing on to the app servers, with ips such as 172.16.3.239. I would rather have memorable hostnames, to do something like
ssh app.staging, but I am unsure how this works on AWS. I have only setup DNS for globally accessible ips with my registrar, and since the AWS private subnet is for a private range ...
I am learning aws's EC2 server. I configured apache and php. I started the apache server with the command
Sudo service httpd start
But every time I stop my pc, or the next day, when I want to continue the course. I have to start again the apache server. I mean it is not on started status always.
Imagine if I have a website running on that instance, it means that users won't be able to go on to my websi ...
Within AWS I terminate TLS at an Application Load Balancer. I have configured a wildcard TLS certificate with AWS' Certificate Manager (ACM), e.g.
*.example.com. I have AWS Route 53 resolving
*.example.com, but I have nothing for
*.*.example.com as I have no need for this.
I know you can't configure wildcard certificates for multi-level domains such as
https://x.example.com is all good a ...
I'm trying to get QuickBooks Desktop 2021 working on multiple instances of Amazon Workspaces. My end goal is for each Windows 10 Workspace to access our QuickBooks company file via a mapped drive from an Amazon EC2 instance running Windows Server 2019. I can log in to the company file if I run QuickBooks on the server, but when I log in to it on a Workspace, QuickBooks crashes with no error code. The sa ...
I'm trying to create an AMI for parallelcluster. I used amazon's stock AMI (ami-0436692c7b452bae4 for us-west-2, the region I am in, and alinux) and modified it slightly by adding a few packages.
However, when I run
pcluster create foo --norollback I get the error:
Beginning cluster creation for cluster: stockAWS Creating stack named: parallelcluster-stockAWS Status: parallelcluster-stockAWS - ROLL ...
I try to find out, if it is possible to configure an AWS Application Load Balancer in a way, that if the backend service responds with an error status code (e.G.
503 Service Unavailable) to a regular incoming http request, that the Application Load Balancer then marks the requested backend service as "unhealthy"? Maybe even tries a different one?
I am aware of the typical health checks that AWS Applicat ...
Our company has a large amount of credits with which we pay our AWS bills, but I would still like to monitor the costs.
If I try to setup a billing alarm, it shows that our estimated charges are $ 0.00. How do I base the alarm on the costs, even if we pay with credits?
We have an issue where we have two separate task definitions which need to be deployed together. We need to split the task definitions since the number of containers for this service is more than 10. If one of the deployments fail we will need to roll-back the other deployment to keep the revisions in sync. Is there any best practice about this deployment method? We are using both CodeDeploy and ECS dep ...
I have instances configured with cloudwatch agent which daily pull the config from AWS SSM parameter store. From https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-cloudwatch-agent-configuration-file-wizard.html
which aren't much of use since I'm only ever interested in disk usage/inode usage for the root(/) parition. How ca ...
I setting a mission on schedule, and I choose administrator to run and setting "when loggin EC2" or "when ec2 start up", but they are doesn't work in every morning, it will close at midnight and start at 9:00 am, when I connect to EC2 in the morning, I see they are not working.
How to make it auto run?
I'm new to web deployment. I have this at this stack at the moment:
- Route 53
When I access the website through the public IPv4, it is instantaneous.
However, when I access the web page through the domain, it takes 2 minutes and 30 seconds exactly.
I see that there's no problem with the DNS lookup, nor the SSL, so the ...
I had deregistered some AMIs in a region I believed was not being used anywhere in the current account, and indeed AWS gave me no warning that the AMI IDs were referred to anywhere.
Unfortunately I didn't realize they'd actually been shared into another AWS User Id/account where they were being used. I found out the hard way when the auto-scaler failed to start a new instance.
I've worked out how t ...
I have a CloudFront which has one of its origins as an application load balancer, this load balancer is available in a different region from the CloudFront which is only available in N.Virginia and is using a different SSL certificate, as its domain name is different. I need to have this alb in its region and can't move it to N.Virginia as well. I am not sure why I am getting the 502 error on the CloudF ...
I got a certificate from AWS and did dns validation in the process of https communication. But I'm not sure why you are doing that verification. To use the domain, I got a domain from a hosting company and registered it on route53. Isn't this process itself dns validation? I want to know the effect of dns validation, and I want to know what happens when dns validation is not done.
My web page is hosted on AWS.and it was SSL converted.
I can see the page from my own computer and smartphone in my home Network and Wifi area. But from the outside (ex: access website from a smartphone outside) the page is not reachable.
So I checked the Security group and port NO.
Inbound rules are below.
According a manual I reffered it seems OK, but if there is something wrong please let me know.
I'm looking for a suggestion to choose a region for a global site(Not targetted for any specific country/region). At the moment I'm looking for a simpler solution without having multiple replicas in different regions. So I'm wondering if anybody knows which AWS region is best in terms of latency all across the world? I'm also open to suggestions for tools like cloudping.info.
I do have a Stripe webhook that is successfully caught and processed in Stripe's TEST MODE, on http local host server. http://18.104.22.168/subscriptions/webhook/
When switching to Stripe's LIVE MODE DATA, I need to SSL converted "http" to "https" So I set a Load Balancer and exposed the server over HTTPS by AWS. ...