24 messages
Discussion related to Amazon Web Services (AWS)
Archive: https://archive.sweetops.com/aws/
Hamed Pourshafieeover 3 years ago
👋 Hello, team!
ROover 3 years ago
Hi Everyone, Learning a lot of AWS and just joining today here. When I have questions can I simply paste them on this channel?
Shivanshuover 3 years ago
Not a question but I learned the hard way that the eks package on terraform has quite a few subtle bugs that make using terraform to deploy eks clusters with managed nodegroups quite annoying. My focus is exclusively on compute, so I can only talk about multi gpu instances (mainly p4ds and p3ds) which have the efa networking. Turns out that the variable that decides the number of EFA NiCs to attach to the instances has differing names in cloudformation API and the eks module in terraform.
Shivanshuover 3 years ago
And the eksctl package is completely busted if you work with on-demand capacity reservations
Shivanshuover 3 years ago
anyone else had similar issues on AWS?
Zeeshan Sover 3 years ago
Hello Everyone,
What is the most simple solution to rotate IAM user access keys and store them in parameter store.
What is the most simple solution to rotate IAM user access keys and store them in parameter store.
Adnanover 3 years ago(edited)
Hi Everyone,
For those who used IAM only and migrated to SSO ....
I have a certain IAM groups and roles configuration in a management account and roles like developer and admin in sub accounts.
Now after migrating to SSO, what exactly is SSO replacing in the current IAM configuration?
For example, does SSO replace the developer/admin roles in the sub accounts or can I keep them and continue using them with SSO?
In my case it is especially relevant in the CLI context where these roles are used for different tasks on developer computers (macs).
For those who used IAM only and migrated to SSO ....
I have a certain IAM groups and roles configuration in a management account and roles like developer and admin in sub accounts.
Now after migrating to SSO, what exactly is SSO replacing in the current IAM configuration?
For example, does SSO replace the developer/admin roles in the sub accounts or can I keep them and continue using them with SSO?
In my case it is especially relevant in the CLI context where these roles are used for different tasks on developer computers (macs).
Olaover 3 years ago
Hello @channel
Can anyone help with a script to Identify cloudwatch log-groups without logstreams, and groups with streams older than a year..
Can anyone help with a script to Identify cloudwatch log-groups without logstreams, and groups with streams older than a year..
Ananya Chowdhuryover 3 years ago(edited)
Hi Folks
I have aws SES email identities configured in one aws account and want to move those identities to another aws account. Is it possible to do? and do we have any documentation for that which can be referred.
Will the verfication email will again be triggered if it is moved to new aws account?
Can anyone please help me with the clarification.
I have aws SES email identities configured in one aws account and want to move those identities to another aws account. Is it possible to do? and do we have any documentation for that which can be referred.
Will the verfication email will again be triggered if it is moved to new aws account?
Can anyone please help me with the clarification.
К
Катерина Кучернюкover 3 years ago
Hey folks) AWS User Group Ukraine is running a virtual AWS Tech Conference #StandWithUkraine!
Join us to discuss Digital Transformation with AWS and meet peers from the global AWS community.
When? June 30
Where? Online
👉️ How to join?
1. Register for free and get full access to the event.
2. You can support freedom in Ukraine by buying a ticket of any type.
All profit will go to Ukrainian charity funds.
Sign up here: https://bit.ly/3zsQkq5
It’s going to be AWSome!
Join us to discuss Digital Transformation with AWS and meet peers from the global AWS community.
When? June 30
Where? Online
👉️ How to join?
1. Register for free and get full access to the event.
2. You can support freedom in Ukraine by buying a ticket of any type.
All profit will go to Ukrainian charity funds.
Sign up here: https://bit.ly/3zsQkq5
It’s going to be AWSome!
yegorskiover 3 years ago
Anyone been to AWS Summit at Javits Center? Is it worth the time going?
Adnanover 3 years ago
In the
I am confused about the
Does anybody understands what this means?
Does this mean
Does this mean it automatically scales replicas in engine mode is serverless?
aws_rds_cluster resource definition/docs it says ...To manage cluster instances that inherit configuration from the cluster (when not running the cluster in serverless engine mode),
see the aws_rds_cluster_instance resource.I am confused about the
when not running the cluster in serverless engine modeDoes anybody understands what this means?
Does this mean
aws_rds_cluster_instance is not supported in engine mode is serverless?Does this mean it automatically scales replicas in engine mode is serverless?
michael sewover 3 years ago(edited)
Hi folks. I'm trying to write standards/guidelines for AWS RDS instance type standards. For AMD-based instances (ie.
m5a), I believe they're supposed to give comparable performance to intel (m5) with about .. 10% less cost. Are there any cons when using say, RDS (where it's a PaaS and you don't really care about the individual OS compatibility)?
keenover 3 years ago
@michael sew I haven't thought about trying arm RDS instances (hadn't noticed availability). do they allow you to slide them into existing clusters/replace existing instances with them? that said - general rule of thumb here is always going to be testing for your self. if a 10% difference is worth the effort, model your workload, and simulate it. see how it compares. roll it into early environments (dev..) and evaluate for true compatibility with your application stack. if you're doing green field, probably worth just pulling the trigger to try it in your dev environments. at least then you can always write around incompatibility/performance concerns without any actual cost. (unless it breaks your frameworks.) but I'd venture that 10% might not be worth the investment for an existing platform.
Balazs Vargaover 3 years ago(edited)
Hello all,
What is the best way to automate subaccount creation. Let's say I have a main account and I would like to run k8s clusters under different accounts so they won't bother each other. Terraform ? Ansible?
What is the best way to automate subaccount creation. Let's say I have a main account and I would like to run k8s clusters under different accounts so they won't bother each other. Terraform ? Ansible?
Seth Sover 3 years ago
Hi there. I'm looking to provision RDS aurora using cloudposse
** I hope this hasn't been asked many times...
We have a cluster setup in one region, but would like to re-use the same module(cloudposse) to provision a replicant of the DB instance in another region.
I noticed the support for mult-region (ie using global db) exists.
• requires
•
• and I believe the
What I do not see is the binding for
The simple example I'm using as a reference is here:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_global_cluster#new-postgresql-global-cluster
The relevant part in the cloudposse TF is here: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_global_cluster#new-postgresql-global-cluster
• I also looked at variables.tf in this module and did not find anything obvious re: region.
Do I need to worry about setting the provider for input to cloudposse module?
terraform-aws-rds-cluster v0.47.2** I hope this hasn't been asked many times...
We have a cluster setup in one region, but would like to re-use the same module(cloudposse) to provision a replicant of the DB instance in another region.
I noticed the support for mult-region (ie using global db) exists.
• requires
global_database_identifier•
cluster_type should be set to global• and I believe the
'secondary' should have the source_region provided would be the region string for the primaryWhat I do not see is the binding for
provider So I most likely do not understand how it's handled, or it's not required. If it's not required - why?The simple example I'm using as a reference is here:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_global_cluster#new-postgresql-global-cluster
The relevant part in the cloudposse TF is here: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_global_cluster#new-postgresql-global-cluster
• I also looked at variables.tf in this module and did not find anything obvious re: region.
Do I need to worry about setting the provider for input to cloudposse module?
Grummfyover 3 years ago
anybody have some experience with aws codedeploy for ECS?
is there anyway to put some paramter to the hook of the lifecycle deployment? because it's only lambda call I don't want to create a lambda for each of my evenironment and hook for each app
is there anyway to put some paramter to the hook of the lifecycle deployment? because it's only lambda call I don't want to create a lambda for each of my evenironment and hook for each app
Aamir Ahmadover 3 years ago
Did anyone here have any experience with AWS SSM automation of the quicksetup to roll it out to entire infrastructure?
К
Катерина Кучернюкover 3 years ago
Hi everyone) AWS User Group Ukraine is running a virtual AWS Tech Conference! Don't miss it!
Dr. Werner Vogels, CTO at Amazon will be the keynote!
He’ll share his ideas on Next-Gen Cloud Computing.
Also, you’ll meet 12 top speakers from AWS, AWS User Groups, AWS heroes and, sure, Ukrainian AWS professionals, who will talk about #DevOps, #data and #backend.
When? June 30
Where? Online
👉️ How to join?
You can register for free or buy charity ticket.
*All profit will go to Ukrainian charity funds.
Check agenda and sign up for free here: https://bit.ly/3zsQkq5
It’s going to be AWSome!
Dr. Werner Vogels, CTO at Amazon will be the keynote!
He’ll share his ideas on Next-Gen Cloud Computing.
Also, you’ll meet 12 top speakers from AWS, AWS User Groups, AWS heroes and, sure, Ukrainian AWS professionals, who will talk about #DevOps, #data and #backend.
When? June 30
Where? Online
👉️ How to join?
You can register for free or buy charity ticket.
*All profit will go to Ukrainian charity funds.
Check agenda and sign up for free here: https://bit.ly/3zsQkq5
It’s going to be AWSome!
Brendenover 3 years ago
Hey All,
Anyone have any experience in AWS Application Insights? Or how are you monitoring serverless microservices?
I'm using AWS Application Insights with a SAM template, mainly to take advantage of the auto instrumentation of some basic monitoring, metrics and dashboards for api gateway, lambda, state machine, sqs etc?
I'm struggling to find an option to set a notification alarm state trigger to SNS (which just sends to pagerduty)?
I don't want to use Opscenter - there's no integration with pager duty, as PD just supports cloudwatch. I've got a similar issue with using event bridge rules sinxe I think its just going to be a
Snip from SAM template:
Anyone have any experience in AWS Application Insights? Or how are you monitoring serverless microservices?
I'm using AWS Application Insights with a SAM template, mainly to take advantage of the auto instrumentation of some basic monitoring, metrics and dashboards for api gateway, lambda, state machine, sqs etc?
I'm struggling to find an option to set a notification alarm state trigger to SNS (which just sends to pagerduty)?
I don't want to use Opscenter - there's no integration with pager duty, as PD just supports cloudwatch. I've got a similar issue with using event bridge rules sinxe I think its just going to be a
Application Insights Problem Detected which gives me the resource group arn which is just my serverless stack so my pager duty alert is just going to be dev_abcname has a problem instead of getting details like dev_abcname_lamba123 has been throttled which application insights has already created an alarm for I just can't see any method to add an sns alarm action.Snip from SAM template:
Resources:
resResourceGroup:
Type: "AWS::ResourceGroups::Group"
Properties:
Name: !Sub "${paramEnvironment}_${paramServiceName}"
resApplicationInsights:
Type: AWS::ApplicationInsights::Application
Properties:
AutoConfigurationEnabled: true
OpsCenterEnabled: false
ResourceGroupName: !Sub "${paramEnvironment}_${paramServiceName}"
DependsOn: resResourceGroup
jonjitsuover 3 years ago(edited)
I want to automate the creation of new AMIs when ubuntu releases new AMIs. Is there some kind of sns type subscription I can do similar to amazon linux? Or do I have to write a cron job that polls for changes to the right public ssm parameter for the particular ami I'm interested in? I know I could use event bridge for ssm parameters in my own account but I don't think I can use it to track events happening on the ssm parameters on a third parties account like ubuntus.
Shivanshuover 3 years ago
I migrated my FSx into my eks cluster by creating a PV and a PVC. But when I try to attach the pvc to my pods I get this:
Saw an issue around it that's as of yet unsolved. Anyone got any ideas?
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 6s default-scheduler Successfully assigned default/neox-0 to ip-10-0-98-61.ec2.internal
Warning FailedMount <invalid> (x5 over 2s) kubelet MountVolume.MountDevice failed for volume "pv-new" : <http://kubernetes.io/csi|kubernetes.io/csi>: attacher.MountDevice failed to create newCsiDriverClient: driver name <http://fsx.csi.aws.com|fsx.csi.aws.com> not found in the list of registered CSI drivers
Saw an issue around it that's as of yet unsolved. Anyone got any ideas?
Катерина Кучернюкover 3 years ago
Hi everyone! There are 2 more speakers ahead.
You can still register in our amazing AWS Tech Conference and receive the recordings after event.
Register here and support freedom in Ukraine 👉️ https://www.aws-user-group.com.ua/
You can still register in our amazing AWS Tech Conference and receive the recordings after event.
Register here and support freedom in Ukraine 👉️ https://www.aws-user-group.com.ua/