17 messages
Discussion related to Amazon Web Services (AWS)
Archive: https://archive.sweetops.com/aws/
Vladimirover 2 years ago
Dear colleagues, what's the correct way to create a ROLE that would enable LAMBDA hosted in eu-central-1 to USE ECR IMAGE hosted in eu-central-2 ? Thanks a lot
Hariover 2 years ago
Hi, when I try to invoke one apigateway in another apigateway through http proxy of two different aws accounts, I am getting not authorized errors since my resource policy is restricted to only our network and client network, but request ip is getting from AWS public range( since apigateway is public), is there a way to solve this. Thanks
Michael Manganielloover 2 years ago
Hi all! I'm trying to have a central API Gateway in an Infrastructure AWS account, where different base paths from the API can be redirected to the respective apps, deployed in separate AWS accounts, but to the same VPC (shared between accounts). Currently, I have no way for the ECS in the AWS accounts to have permission to register in the target group created in the Infrastructure account (with error:
As Target groups do not support resource policies, I don't think it's possible to achieve something like this? I wanted to avoid: 1) having multiple separate API Gateways, to centralize its configuration and certificate management in the Infra account, and 2) having duplicated costs because of each app having their own NLB
Unable to assume role and validate the specified targetGroupArn).As Target groups do not support resource policies, I don't think it's possible to achieve something like this? I wanted to avoid: 1) having multiple separate API Gateways, to centralize its configuration and certificate management in the Infra account, and 2) having duplicated costs because of each app having their own NLB
Ihor Urazovover 2 years ago
https://aws.amazon.com/about-aws/whats-new/2023/08/amazon-ec2-m7i-flex-m7i-instances/ did anyone test new
-flex instances? how do they compare to burstable (t3) instances?
Gary Mcleanover 2 years ago
AWS now supports Security groups on network load balancers.
https://aws.amazon.com/about-aws/whats-new/2023/08/network-load-balancer-supports-security-groups/
https://aws.amazon.com/about-aws/whats-new/2023/08/network-load-balancer-supports-security-groups/
Elvis Larteyover 2 years ago
Hi all,
I am trying to review how we grant access to user on our AWS environment, there has been cases where users spin up services and forget to turn them off.
We have implemented a cron job to delete services left running with a nuke tool, however, I am wondering if there is a fine grain approach to managing the access or if anyone can share some experience, that will be helpful.
I am trying to review how we grant access to user on our AWS environment, there has been cases where users spin up services and forget to turn them off.
We have implemented a cron job to delete services left running with a nuke tool, however, I am wondering if there is a fine grain approach to managing the access or if anyone can share some experience, that will be helpful.
Joe Perezover 2 years ago
Has anyone successfully rolled their own Just In Time access for elevated permission through AWS Identity Center? I've seen this post on the AWS blog, but it seems like... I dunno? a lot? lol
Samantha Upeguiover 2 years ago
For members who speak/understand Spanish: We would like to extend an invitation to you for this virtual session that covers the "AWS Cloud Experience" event in Bogota.
Discover all the in-depth information about the event, including discussions with Cuemby's CRO, José Rodríguez, and Cast AI's Latin America Business Leader, José Peña!
This session will provide valuable insights into the key conversations and developments that have emerged, and how they impact the current technology and business landscape in the region.
To stay informed, please click on this link.
Discover all the in-depth information about the event, including discussions with Cuemby's CRO, José Rodríguez, and Cast AI's Latin America Business Leader, José Peña!
This session will provide valuable insights into the key conversations and developments that have emerged, and how they impact the current technology and business landscape in the region.
To stay informed, please click on this link.
U
U010W9VSBTLover 2 years ago(edited)
How do you usually authenticate to AWS?
diogofover 2 years ago
☝️ Can you help me obtain some quick feedback? Thank you
Balazs Vargaover 2 years ago
for aurora serverless v2. when I would like to use TLS connection from client... do I need to get the CA cert locally?
Felipe Vaca Ruedaover 2 years ago
Hi everyone. 😊
is there a Cloudwatch metric to obtain the size of the AWS Opensearch indexes ? I have been looking at the documentation but I can't find anything related to it.
if it does not exist, do you know of a workaround to implement this? since I really need to alert in Grafana when the indexes exceed a certain size.
Currently the datasource is Aws Cloudwatch
is there a Cloudwatch metric to obtain the size of the AWS Opensearch indexes ? I have been looking at the documentation but I can't find anything related to it.
if it does not exist, do you know of a workaround to implement this? since I really need to alert in Grafana when the indexes exceed a certain size.
Currently the datasource is Aws Cloudwatch
Balazs Vargaover 2 years ago
hello all,
with basic support how could I ask aws to delete a stuck rds instance? I am testing the global database and when I created the secondary, it stuck in creating. I cannot remove from global database and cannot delete.
Any idea?
with basic support how could I ask aws to delete a stuck rds instance? I am testing the global database and when I created the secondary, it stuck in creating. I cannot remove from global database and cannot delete.
Any idea?
managedkaosover 2 years ago
Hey team! Do you have a good example of a CloudFormation template that creates an EC2 instance with SSM connect configured? Specifically, it should include an IAM role/profile that allows a connection to the instance using SSM from the AWS web console. Any Linux OS works (AMZ Linux 2 or 2023; Ubuntu). I just need to share a template to someone so they can connect to an instance without creating an SSH key.
Dhamodharanover 2 years ago
Hello #aws team,
I have bamboo application hosted in ec2, i want to give access to the dev team who are working from home, But i dont want to neither whitelist their individual ip nor to go with VPN configuration aswell.
Is there any other approach to achieve this access?? As of now i had given access through workspace, the user will login and access. I am thinking its a complex approach, so looking for some easiest way...
I have bamboo application hosted in ec2, i want to give access to the dev team who are working from home, But i dont want to neither whitelist their individual ip nor to go with VPN configuration aswell.
Is there any other approach to achieve this access?? As of now i had given access through workspace, the user will login and access. I am thinking its a complex approach, so looking for some easiest way...