Questions tagged as ['amazon-web-services']

i hope you can help me out. I have read a couple of docs now, and I am still unsure whether this actually works.

I want to give access in different levels to AWS users based on S3 tags.

Example:

• S3 bucket mybucket has tags {"access-team-dev": "rwd"}, which should lead to the "dev" team having "read, write, delete" access.
• one tag for each team, the value is the access level.

I have tried at least 10 di ...

I'd like to run a modify-instance-attribute command like the one below, but run it on multiple instances at once. I'm having a difficult time determining how to do this, as it seems the command only takes in a single instance id at a time. Is there a way to perform a 'lookup' of instance id's and run the the modify-command on multiple ec2 instances at once?

Command I'm using to supply instance id ...

I'm down the rabbit-hole of website speed optimization. I have a site that's getting terrible marks from all of the usual suspects (PageSpeed and GT Metrics, specifically; it looks OK on Pingdom tools).

My setup is a single T3-Medium server running Apache and Wordpress, behind an AWS ELB, with deployment to CloudFront as the CDN.

My first attempts to improve performance included

• upgraded to Mediu ...

I have an Amazon EC2 Instance running Ubuntu server 16.04

I want the EC2 to have two network interfaces. After configuring the secondary interface. I cannot ping my primary interface from my other instances. This is my configuration of the /etc/network/interfaces.d/51-secondary.cfg . I have enable to allow all traffic on the ec2 as well. My interfaces are ens5 the primary and ens6 the secondary.  ...

I have an API that have some heavy processing endpoints. To avoid problems, I created a queue system using redis.

Now I put this API into a docker, and I'm using ECS to deploy service that creates a task that loads the docker with the API. However, when introducing the docker I read I have to create a new docker with Redis. Now, my question is:

Who will do the heavy processing here? the redis docker ...

I am looking for the correct AWS service to use to host a software.

The software itself includes modules that acts as a mini server, the users can start the module and then it will listen on the given port and should be accessible externally.

Currently, I am using AWS Ec2 to do it, as it allow me to open all the ports 0-65535 and it gives the public IP too. I am wondering if there is any better and  ...

I've created an EKS cluster on AWS along with Nexus Repository on DigitalOcean using Terraform & Ansible.

Also I've not created any SSL for the Nexus Repository, so it is "http."

Normally, it is sufficient to add [insecure-registries:...] entry into the self hosted nodes' docker config file, but I am working with EKS the first time and I don't have any access to configuration of the worker nodes ...

I'm a little curious and confused about this situation. We setup a monitoring instance scraping an exposed endpoint on 2 different instances. Both on same VPC, same security group, same route table and ACL. Also, both instances uses the same AMI. For some reason the tcp communication on port 5001 doesn't work on the machine that's using the subnet 10.0.1.0 , but it works on the using the subnet 10.0.0.0 ...

This is on an AWS EC2 M5a with EBS (Ubuntu 16.04)

NAME                MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT

nvme0n1              259:1    0    50G  0 disk 
├─nvme0n1p1          259:2    0    20G  0 part /
├─nvme0n1p2          259:3    0     2G  0 part [SWAP]
└─nvme0n1p3          259:4    0    28G  0 part 
  ├─vg_abcdef-logs      251:1    0     8G  0 lvm  /var/log
  └─vg_abcdef-a ...

I am trying to setup a IPSec VPN client on a debian-10 AWS instance.

Unfortunately, I do not have access to the VPN server as it is configured by another party, so all I know is they told me it is configured for my my-aws-public-ip.

I am trying to use a Strongswan - Linux strongSwan U5.7.2/K4.19.0-16-cloud-amd64

Here is my conf file:

config setup
        uniqueids=no
        charondebug="all"

conn vpn
  ...

When I want to login to view my Quicksight dashboard I get this error:

This user name already exists in this account.
Contact your QuickSight administrator, and ask
them to invite you with a unique name.

I have searched this error online but there was no answer for it. Here is a screenshot of the error:

I am using AWS Amplify to host an Angular application and using Cognito user pool. I have created a dashboard on Amazon Quicksight for BI purposes. One of the metrics that I want to monitor is how much time a user spend in the application. Obviously I can't calculate the time that the user log out because not many users log out once they are done with the app. Do you have any idea on how I can achieve t ...

I'm having issues forcing http to https. I have my certificate for my domain, my-domain.com which i added in aws certificate and then added the proper entries in my dns config (godaddy) with both my-domain.com and www.my-domain.com

After i went to the load balancer and added a listener for https using my certificate. Once that was done i went in ec2 load balancer and changed the http rule to redirect to  ...

We would like to deploy this Node website using these aws artefacts (codepipeline, codebuild, etc.) The website's node version is 15.14.

We have all the code in AWS Codecommit. Everything in the pipeline runs fine until it reach the build phase. I think something is wrong with the yml file, it looks something like this:

version: 0.2

phases:
  install:
    commands:
      - pip install --upgrade pip
  ...

I've configured the new dev machine but can't get nginx working with the API as it is supposed to. The current error is that 'curl localhost/api' returns a 502.

Host:

    Nginx
    PHP 8.1.x, php-fpm
    - ext-ctype, ext-fileinfo, ext-iconv, ext-intl, ext-libxml,
    - ext-mbstring, ext-openssl, ext-pdo, ext-simplexml
    - composer 2.x
    FOP Version 1.1 (java for pdf))
    postgresql14, postgresql14-c ...

I have an enormous corpus of text data stored in millions of files on S3. It's very common that I want to perform some operation on every one of those files, which uses only that file and creates a new file from it. Usually, I use my company's DataBricks for this, but it's so locked down that it's hard to deploy complex code there.

I've been considering using AWS Batch with Spot Instances as an a ...

First of all I have never tried it and it may not be possible, but I do imagine a case when things like AWS S3 services offers files on their "buckets", and some part of security procedure is to tamper the real URL.

Many systems do this by passing the response through their backend, like they convert:

s3.bucket.example-com-44512.aws.eu/image/file/0x123abc

into

example.com/file/123

I see a problem i ...

I don't know what details to provide here, so bear with me. I want to use AWS Fargate. I successfully uploaded my docker image, created a Task Definition, and created an EKS cluster, but when I attempt to "Run Task," I am unable to because the "cluster" dropdown is greyed out and reads "None Available," and when I click Run Task, it says I need to choose a cluster.

The cluster exists and claims t ...

Hello I am fairly new to ubuntu and pm2 and Nginx but have been having this inconsistent problem for a few days and have no clue how to fix it as google doesn't tell me anything. Keep it me it used to work and now it dosent.

So in short I have set up Nginx with the config below.

server {

         root /home/ubuntu/apps/bachelor-app/client/build;

        # Add index.php to the list if you are using P ...

I have an rpm file for an application which is generated daily that I want to install on an EC2 server using user-data of ec2-instance using terraform.

I got file provisioner in a search result, but found that it will do the step after user-data.

Any suggestions how to do that?

I have mysql built on AWS.

Sometimes I get the following error when connecting via haproxy.

ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 0

This does not happen every time, but sometimes the connection succeeds.

Please let me know as the cause is unknown.

Normally, we have the rule of 3 people having superuser access with 3 username/passwords and if anyone is ever offboarded(they leave or are fired), on vacation, out sick, different time-zone, someone has access still and we are never crippled. When looking at AWS, I don't get why it seems there is only one AWS 'root account' and password. It would seem the person with the keys to the castle is not in  ...

I would like to prevent the root account in my AWS Organization from taking actions in all the other accounts in the organization so I was planning to setup a Service Control Policy to block the root account which is also recommended guidance from AWS.

Sounds good in theory but can't the root account just remove the Service Control Policy?

Production AWS Instance: We have an m5 ec2 nitro instance that is in need of query optimization. However, we are in a time crunch and have decided to temporarily throw memory and storage at this until we can complete the optimization of queries. (Apologies in advance)

There is 50GB on one EBS volume (/dev/sda1) and another 50GB on a second volume (/dev/sdf). As far as I can tell, the EC2 is only using on ...

I'm using CDK (via the Typescript lib) to setup my network infrastructure on ECS. There are some background workers that often report errors to a Slack channel and I'd like to assign random hostnames based on their names, something like worker-<generated-name>.internal or web-<generated-name>.internal.

These don't have ELB or anything, they're internal services with no exposure to the web ...

I want to use Titan Email extension but it requires changing my nameservers to Name.com's nameservers. The warning message is like that:

But I also need to use AWS's nameservers to use Route 53. I've tried to add 8 nameservers (4 of them were name.com's and the rest of it was AWS's) but when some time passes the webpage started giving NXDOMAIN error. What should I do?

Edit Okay, I'm kinda inexperienc ...

I have an eip that I want to convert from scope EC2-classic to VPC. Can I disassociate, convert to VPC eip, and then just re-associate with the same ec2 instance? I'm not sure if I will be able to reattach it to an instance, not in the VPC.

I've read about the sslcompression ODBC option in PostgreSQL, which seems to have some artifacts left in Redshift. But, I'm unsure if it is supported at all, and documentation seems to show that sslcompression has been deprecated for security concerns.

With that said, I have large queries that appear (in cloudwatch) to be transferring about 600MB/s between the Redshift cluster and an EC2 instance ove ...

So, I've got a website running in Elastic beanstalk on AWS and I have a custom domain name which points to it, which is managed in Route 53. When I set up the custom domain initially, I just looked up the IP of the default domain name (xxxx.eu-north-1.elasticbeanstalk.com) and then just created a couple of A records (with and without www) which pointed to that IP address and all was well

Then I  ...

I have an existing prod Postgres database and I would like to replicate a table to a new Postgres database. In order to get the two to be able to talk to each other, I had to edit an AWS security group and add the public IP address of the new database since both databases are on a common VPC. While reading, I saw that the public IP of an RDS database can change. This would mean that the IP entered into  ...