#aws - May 2024 | Slack Archive

aws

9 messages

Discussion related to Amazon Web Services (AWS)
Archive: https://archive.sweetops.com/aws/

Apr 2024

May 2024

Jun 2024

Sergeyralmost 2 years ago

Hi everyone
Quick question - does anyone have experience with serverless application and vector db?

Pawel Reinalmost 2 years ago

Anyone using microsecond time accuracy on AWS EC2? The availability is still limited at least based on this https://aws.amazon.com/about-aws/whats-new/2024/04/amazon-time-sync-service-microsecond-accurate-time-additonal-ec2-instance-types/ which is 2 weeks old.
How does one make chrony use it?

Ritika Kumarover 1 year ago

Why it's showing unauthorized, i tried chnaging outbound configuration but it didnt work. Any suggestions?

Slackbotover 1 year ago

This message was deleted.

Dexter Cariñoover 1 year ago

is there someone try to use datastream gcp?
AWS RDS AuroraMySQL to connect in datastream profile? I tried to use VPC peering but only the instances are connecting. I alreay setup VPN on this and also transit gateway in aws.

Mehakover 1 year ago

getting this error in api-gateway-deployment creation

{"@level":"error","@message":"Error: creating API Gateway Deployment: operation error API Gateway: CreateDeployment, https response error StatusCode: 400, RequestID: dac22dcb-084c-41ff-8d0c-28b8006fa136, BadRequestException: AWS ARN for integration contains invalid action","@module":"terraform.ui","@timestamp":"2024-05-24T03:53:49.371354Z","diagnostic":{"severity":"error","summary":"creating API Gateway Deployment: operation error API Gateway: CreateDeployment, https response error StatusCode: 400, RequestID: dac22dcb-084c-41ff-8d0c-28b8006fa136, BadRequestException: AWS ARN for integration contains invalid action","detail":"","address":"module.fna-publisher-management.module.apigateway.aws_api_gateway_deployment.alertutils-deployment-1","range":{"filename":"../../../../projects/supply-experience/fna-publisher-management/prod/apigateway/main.tf","start":{"line":143,"column":65,"byte":5061},"end":{"line":143,"column":66,"byte":5062}},"snippet":{"context":"resource \"aws_api_gateway_deployment\" \"alertutils-deployment-1\"","code":"resource \"aws_api_gateway_deployment\" \"alertutils-deployment-1\" {","start_line":143,"highlight_start_offset":64,"highlight_end_offset":65,"values":[]}},"type":"diagnostic"}

This is the api-gateway main.tf and it is failing for the deployment part

# Define the REST API
resource "aws_api_gateway_rest_api" "alertutils" {
  api_key_source               = "HEADER"
  description                  = "alert utils"
  disable_execute_api_endpoint = false

  endpoint_configuration {
    types = ["EDGE"]
  }

  minimum_compression_size = -1
  name                     = "alertutils"
}

# Define the resource
resource "aws_api_gateway_resource" "alertutils-resource-1" {
  parent_id   = aws_api_gateway_rest_api.alertutils.root_resource_id
  path_part   = "preview"
  rest_api_id = aws_api_gateway_rest_api.alertutils.id
}

# Define the GET method
resource "aws_api_gateway_method" "alertutils-method-get" {
  api_key_required = false
  authorization    = "NONE"
  http_method      = "GET"
  resource_id      = aws_api_gateway_resource.alertutils-resource-1.id
  rest_api_id      = aws_api_gateway_rest_api.alertutils.id
}

# Define the POST method
resource "aws_api_gateway_method" "alertutils-method-post" {
  api_key_required = false
  authorization    = "NONE"
  http_method      = "POST"
  resource_id      = aws_api_gateway_resource.alertutils-resource-1.id
  rest_api_id      = aws_api_gateway_rest_api.alertutils.id
}

# Define the GET method response
resource "aws_api_gateway_method_response" "alertutils-method-response-get" {
  http_method = aws_api_gateway_method.alertutils-method-get.http_method
  resource_id = aws_api_gateway_resource.alertutils-resource-1.id

  response_models = {
    "application/json" = "Empty"
  }

  response_parameters = {
    "method.response.header.Access-Control-Allow-Headers" = false
    "method.response.header.Access-Control-Allow-Methods" = false
    "method.response.header.Access-Control-Allow-Origin"  = false
  }

  rest_api_id = aws_api_gateway_rest_api.alertutils.id
  status_code = "200"
}

# Define the POST method response
resource "aws_api_gateway_method_response" "alertutils-method-response-post" {
  http_method = aws_api_gateway_method.alertutils-method-post.http_method
  resource_id = aws_api_gateway_resource.alertutils-resource-1.id

  response_models = {
    "application/json" = "Empty"
  }

  response_parameters = {
    "method.response.header.Access-Control-Allow-Headers" = false
    "method.response.header.Access-Control-Allow-Methods" = false
    "method.response.header.Access-Control-Allow-Origin"  = false
  }

  rest_api_id = aws_api_gateway_rest_api.alertutils.id
  status_code = "200"
}

# Define the GET integration
resource "aws_api_gateway_integration" "alertutils-integration-get" {
  cache_namespace      = aws_api_gateway_resource.alertutils-resource-1.id
  connection_type      = "INTERNET"
  http_method          = aws_api_gateway_method.alertutils-method-get.http_method
  passthrough_behavior = "WHEN_NO_MATCH"

  request_templates = {
    "application/json" = "{\"statusCode\": 200}"
  }

  resource_id          = aws_api_gateway_resource.alertutils-resource-1.id
  rest_api_id          = aws_api_gateway_rest_api.alertutils.id
  timeout_milliseconds = 29000
  type                 = "MOCK"
}

# Define the POST integration
resource "aws_api_gateway_integration" "alertutils-integration-post" {
  cache_namespace      = aws_api_gateway_resource.alertutils-resource-1.id
  connection_type      = "INTERNET"
  http_method          = aws_api_gateway_method.alertutils-method-post.http_method
  passthrough_behavior = "WHEN_NO_MATCH"

  request_templates = {
    "application/json" = "{\"statusCode\": 200}"
  }

  resource_id          = aws_api_gateway_resource.alertutils-resource-1.id
  rest_api_id          = aws_api_gateway_rest_api.alertutils.id
  timeout_milliseconds = 29000
  type                 = "MOCK"
}

# Define the GET integration response
resource "aws_api_gateway_integration_response" "alertutils-integration-response-get" {
  http_method = aws_api_gateway_integration.alertutils-integration-get.http_method
  resource_id = aws_api_gateway_resource.alertutils-resource-1.id

  response_parameters = {
    "method.response.header.Access-Control-Allow-Headers" = "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
    "method.response.header.Access-Control-Allow-Methods" = "'GET,POST'"
    "method.response.header.Access-Control-Allow-Origin"  = "'*'"
  }

  rest_api_id = aws_api_gateway_rest_api.alertutils.id
  status_code = "200"
}

# Define the POST integration response
resource "aws_api_gateway_integration_response" "alertutils-integration-response-post" {
  http_method = aws_api_gateway_integration.alertutils-integration-post.http_method
  resource_id = aws_api_gateway_resource.alertutils-resource-1.id

  response_parameters = {
    "method.response.header.Access-Control-Allow-Headers" = "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
    "method.response.header.Access-Control-Allow-Methods" = "'GET,POST'"
    "method.response.header.Access-Control-Allow-Origin"  = "'*'"
  }

  rest_api_id = aws_api_gateway_rest_api.alertutils.id
  status_code = "200"
}

# Define the deployment
resource "aws_api_gateway_deployment" "alertutils-deployment-1" {
  rest_api_id = aws_api_gateway_rest_api.alertutils.id

  depends_on = [
    aws_api_gateway_method.alertutils-method-get,
    aws_api_gateway_integration.alertutils-integration-get,
    aws_api_gateway_method_response.alertutils-method-response-get,
    aws_api_gateway_integration_response.alertutils-integration-response-get,
    aws_api_gateway_method.alertutils-method-post,
    aws_api_gateway_integration.alertutils-integration-post,
    aws_api_gateway_method_response.alertutils-method-response-post,
    aws_api_gateway_integration_response.alertutils-integration-response-post,
  ]
}

# Define the stage
resource "aws_api_gateway_stage" "alertutils-v1-stage" {
  cache_cluster_enabled = false
  cache_cluster_size    = "0.5"
  deployment_id         = aws_api_gateway_deployment.alertutils-deployment-1.id
  rest_api_id           = aws_api_gateway_rest_api.alertutils.id
  stage_name            = "v1"
  xray_tracing_enabled  = false
}

Mehakover 1 year ago

How to identify in which s3 bucket is the opensearch cluster backup stored when the backup is automated?

RBover 1 year ago

Id like to enable this root user deny scp but what if an s3 bucket or another resource policy was misconfigured locking out all users except the root user? Wouldn't we need a list of exceptions?

https://docs.aws.amazon.com/IAM/latest/UserGuide/root-user-tasks.html

Balazs Vargaover 1 year ago(edited)

we have a containerd on kubernetes. and we have an ecr repo. We would like to use cert as pull trough cache.
the config:

server = "<https://docker.io>"
  [host."<https://12345678.dkr.ecr.eu-central-1.amazonaws.com/dockerhub>"]
  capabilities = ["resolve","pull"]

I got 403 if I add the aws ecr get-login-password results to the containerd config file what is not contstant so not the best.
w/0 that I got 401
Any idea?

April 2024 Browse by date June 2024