Questions tagged as ['amazon-web-services']

Amazon Web Services (AWS) delivers a set of services that together form a reliable, scalable, and inexpensive computing platform "in the cloud". If you have a question about a specific web service, consider asking on its tag, e.g., amazon-ec2.
Score: 0
S3 access control based on bucket tags
cn flag

i hope you can help me out. I have read a couple of docs now, and I am still unsure whether this actually works.

I want to give access in different levels to AWS users based on S3 tags.


  • S3 bucket mybucket has tags {"access-team-dev": "rwd"}, which should lead to the "dev" team having "read, write, delete" access.
  • one tag for each team, the value is the access level.

I have tried at least 10 di ...

Score: 0
AnchovyLegend avatar
Running modify-instance-attribute on multiple ec2 instances at once
us flag

I'd like to run a modify-instance-attribute command like the one below, but run it on multiple instances at once. I'm having a difficult time determining how to do this, as it seems the command only takes in a single instance id at a time. Is there a way to perform a 'lookup' of instance id's and run the the modify-command on multiple ec2 instances at once?

Command I'm using to supply instance id ...

Score: 0
philolegein avatar
How to optimise javascript delivery on wordpress / apache / AWS?
cv flag

I'm down the rabbit-hole of website speed optimization. I have a site that's getting terrible marks from all of the usual suspects (PageSpeed and GT Metrics, specifically; it looks OK on Pingdom tools).

My setup is a single T3-Medium server running Apache and Wordpress, behind an AWS ELB, with deployment to CloudFront as the CDN.

My first attempts to improve performance included

  • upgraded to Mediu ...
Score: 0
Zaffry avatar
Cannot Ping Primary interface after configuring second INT on AWS
in flag

I have an Amazon EC2 Instance running Ubuntu server 16.04

I want the EC2 to have two network interfaces. After configuring the secondary interface. I cannot ping my primary interface from my other instances. This is my configuration of the /etc/network/interfaces.d/51-secondary.cfg . I have enable to allow all traffic on the ec2 as well. My interfaces are ens5 the primary and ens6 the secondary.  ...

Score: 0
Redis on AWS task
kr flag

I have an API that have some heavy processing endpoints. To avoid problems, I created a queue system using redis.

Now I put this API into a docker, and I'm using ECS to deploy service that creates a task that loads the docker with the API. However, when introducing the docker I read I have to create a new docker with Redis. Now, my question is:

Who will do the heavy processing here? the redis docker ...

Score: -1
Emily Wong avatar
Best AWS service to host a software that can listen on the given ports
pk flag

I am looking for the correct AWS service to use to host a software.

The software itself includes modules that acts as a mini server, the users can start the module and then it will listen on the given port and should be accessible externally.

Currently, I am using AWS Ec2 to do it, as it allow me to open all the ports 0-65535 and it gives the public IP too. I am wondering if there is any better and  ...

Score: 0
serhatbalik avatar
Configure EKS to use Nexus Private Docker Registry (HTTP/HTTPS)
id flag

I've created an EKS cluster on AWS along with Nexus Repository on DigitalOcean using Terraform & Ansible.

Also I've not created any SSL for the Nexus Repository, so it is "http."

Normally, it is sufficient to add [insecure-registries:...] entry into the self hosted nodes' docker config file, but I am working with EKS the first time and I don't have any access to configuration of the worker nodes ...

Score: 0
forgondolin avatar
TCP communication on port not responding on different Availability Zone or Subnet
sa flag

I'm a little curious and confused about this situation. We setup a monitoring instance scraping an exposed endpoint on 2 different instances. Both on same VPC, same security group, same route table and ACL. Also, both instances uses the same AMI. For some reason the tcp communication on port 5001 doesn't work on the machine that's using the subnet , but it works on the using the subnet ...

Score: 0
How to increase 1st partition size via terminal only when there are second and third adjacent partitions for NVME
in flag

This is on an AWS EC2 M5a with EBS (Ubuntu 16.04)


nvme0n1              259:1    0    50G  0 disk 
├─nvme0n1p1          259:2    0    20G  0 part /
├─nvme0n1p2          259:3    0     2G  0 part [SWAP]
└─nvme0n1p3          259:4    0    28G  0 part 
  ├─vg_abcdef-logs      251:1    0     8G  0 lvm  /var/log
  └─vg_abcdef-a ...
Score: 0
deann avatar
Issues configuring strongSwan client on AWS instance for site-to-site VPN
ru flag

I am trying to setup a IPSec VPN client on a debian-10 AWS instance.

Unfortunately, I do not have access to the VPN server as it is configured by another party, so all I know is they told me it is configured for my my-aws-public-ip.

I am trying to use a Strongswan - Linux strongSwan U5.7.2/K4.19.0-16-cloud-amd64

Here is my conf file:

config setup

conn vpn
Score: 0
Quicksight Error: This user name already exists in this account
ge flag

When I want to login to view my Quicksight dashboard I get this error:

This user name already exists in this account.
Contact your QuickSight administrator, and ask
them to invite you with a unique name.

I have searched this error online but there was no answer for it. Here is a screenshot of the error: enter image description here

Score: 0
Monitor session duration on AWS Cognito
ge flag

I am using AWS Amplify to host an Angular application and using Cognito user pool. I have created a dashboard on Amazon Quicksight for BI purposes. One of the metrics that I want to monitor is how much time a user spend in the application. Obviously I can't calculate the time that the user log out because not many users log out once they are done with the app. Do you have any idea on how I can achieve t ...

Score: 0
Mathieu Landry avatar
elastic beanstalk custom domain redirect http to https
bm flag

I'm having issues forcing http to https. I have my certificate for my domain, which i added in aws certificate and then added the proper entries in my dns config (godaddy) with both and

After i went to the load balancer and added a listener for https using my certificate. Once that was done i went in ec2 load balancer and changed the http rule to redirect to  ...

Score: 0
0diseuz avatar
Issue with build phase in AWS Pipeline (VUE)
cn flag

We would like to deploy this Node website using these aws artefacts (codepipeline, codebuild, etc.) The website's node version is 15.14.

We have all the code in AWS Codecommit. Everything in the pipeline runs fine until it reach the build phase. I think something is wrong with the yml file, it looks something like this:

version: 0.2

      - pip install --upgrade pip
Score: 0
Santosh Baruah avatar
Nginx 502 Issue with the API & php-fpm
co flag

I've configured the new dev machine but can't get nginx working with the API as it is supposed to. The current error is that 'curl localhost/api' returns a 502.


    PHP 8.1.x, php-fpm
    - ext-ctype, ext-fileinfo, ext-iconv, ext-intl, ext-libxml,
    - ext-mbstring, ext-openssl, ext-pdo, ext-simplexml
    - composer 2.x
    FOP Version 1.1 (java for pdf))
    postgresql14, postgresql14-c ...
Score: 0
Zorgoth avatar
Good technology for a large-scale batch operation on many S3 files in AWS Batch with Spot instances
lb flag

I have an enormous corpus of text data stored in millions of files on S3. It's very common that I want to perform some operation on every one of those files, which uses only that file and creates a new file from it. Usually, I use my company's DataBricks for this, but it's so locked down that it's hard to deploy complex code there.

I've been considering using AWS Batch with Spot Instances as an a ...

Score: 0
Does proxypass put a toll on network traffic for streamable sources?
in flag

First of all I have never tried it and it may not be possible, but I do imagine a case when things like AWS S3 services offers files on their "buckets", and some part of security procedure is to tamper the real URL.

Many systems do this by passing the response through their backend, like they convert:


I see a problem i ...

Score: 0
Zorgoth avatar
How to run a Fargate task? My cluster seems to be invisible
lb flag

I don't know what details to provide here, so bear with me. I want to use AWS Fargate. I successfully uploaded my docker image, created a Task Definition, and created an EKS cluster, but when I attempt to "Run Task," I am unable to because the "cluster" dropdown is greyed out and reads "None Available," and when I click Run Task, it says I need to choose a cluster.

The cluster exists and claims t ...

Score: 0
Running moments avatar
Pm2 and Nginx wont communicate and SSL handshake failed
cn flag

Hello I am fairly new to ubuntu and pm2 and Nginx but have been having this inconsistent problem for a few days and have no clue how to fix it as google doesn't tell me anything. Keep it me it used to work and now it dosent.

So in short I have set up Nginx with the config below.

server {

         root /home/ubuntu/apps/bachelor-app/client/build;

        # Add index.php to the list if you are using P ...
Score: 0
Uday Kiran Reddy avatar
How to copy a file to aws ec2 instance and use it in the user-data?
cn flag

I have an rpm file for an application which is generated daily that I want to install on an EC2 server using user-data of ec2-instance using terraform.

I got file provisioner in a search result, but found that it will do the step after user-data.

Any suggestions how to do that?

Score: 0
I am trying to connect to RDS (mysql) with haproxy, but sometimes I can't connect
de flag

I have mysql built on AWS.

Sometimes I get the following error when connecting via haproxy.

ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 0

This does not happen every time, but sometimes the connection succeeds.

Please let me know as the cause is unknown.

Score: 0
Dean Hiller avatar
Best practice for AWS root account or superuser?
br flag

Normally, we have the rule of 3 people having superuser access with 3 username/passwords and if anyone is ever offboarded(they leave or are fired), on vacation, out sick, different time-zone, someone has access still and we are never crippled. When looking at AWS, I don't get why it seems there is only one AWS 'root account' and password. It would seem the person with the keys to the castle is not in  ...

Score: 0
ServerMonkey avatar
Service Control Policy - Prevent Root
ng flag

I would like to prevent the root account in my AWS Organization from taking actions in all the other accounts in the organization so I was planning to setup a Service Control Policy to block the root account which is also recommended guidance from AWS.

Sounds good in theory but can't the root account just remove the Service Control Policy?

Score: 0
Extending File-system after EBS volume increase on M5 type EC2 with Ubuntu 16.04
in flag

Production AWS Instance: We have an m5 ec2 nitro instance that is in need of query optimization. However, we are in a time crunch and have decided to temporarily throw memory and storage at this until we can complete the optimization of queries. (Apologies in advance)

There is 50GB on one EBS volume (/dev/sda1) and another 50GB on a second volume (/dev/sdf). As far as I can tell, the EC2 is only using on ...

Score: 0
How to assign internal hostnames to Fargate internal services?
in flag

I'm using CDK (via the Typescript lib) to setup my network infrastructure on ECS. There are some background workers that often report errors to a Slack channel and I'd like to assign random hostnames based on their names, something like worker-<generated-name>.internal or web-<generated-name>.internal.

These don't have ELB or anything, they're internal services with no exposure to the web ...

Score: 0
oynozan avatar
How can I use's and AWS's nameservers at the same time
in flag

I want to use Titan Email extension but it requires changing my nameservers to's nameservers. The warning message is like that:

Message 1

Message 2

But I also need to use AWS's nameservers to use Route 53. I've tried to add 8 nameservers (4 of them were's and the rest of it was AWS's) but when some time passes the webpage started giving NXDOMAIN error. What should I do?

Edit Okay, I'm kinda inexperienc ...

Score: 0
disassociate EIP and then convert to vps eip
sa flag

I have an eip that I want to convert from scope EC2-classic to VPC. Can I disassociate, convert to VPC eip, and then just re-associate with the same ec2 instance? I'm not sure if I will be able to reattach it to an instance, not in the VPC.

Score: 1
Appleoddity avatar
How to optimize network throughput with AWS Redshift
ng flag

I've read about the sslcompression ODBC option in PostgreSQL, which seems to have some artifacts left in Redshift. But, I'm unsure if it is supported at all, and documentation seems to show that sslcompression has been deprecated for security concerns.

With that said, I have large queries that appear (in cloudwatch) to be transferring about 600MB/s between the Redshift cluster and an EC2 instance ove ...

Score: 0
AWS Elastic beanstalk cname with and without www
cn flag

So, I've got a website running in Elastic beanstalk on AWS and I have a custom domain name which points to it, which is managed in Route 53. When I set up the custom domain initially, I just looked up the IP of the default domain name ( and then just created a couple of A records (with and without www) which pointed to that IP address and all was well

Then I  ...

Score: 0
AWS Postgres database IP in security group, how to enter info to survive IP address changes?
cn flag

I have an existing prod Postgres database and I would like to replicate a table to a new Postgres database. In order to get the two to be able to talk to each other, I had to edit an AWS security group and add the public IP address of the new database since both databases are on a common VPC. While reading, I saw that the public IP of an RDS database can change. This would mean that the IP entered into  ...