#aws - June 2024 | Slack Archive

13 messages

Discussion related to Amazon Web Services (AWS)
Archive: https://archive.sweetops.com/aws/

May 2024

June 2024

Jul 2024

Enrique Lopezover 1 year ago(edited)

Hi guys, I'm preparing an slide in a training to some mentees, I wanna present this info to explain the AWS Developer Tools in a single chart, and this summary:

• CodeStar <- Just an interface to manage several pipelines
• Cloud9 <- Just an IDE, like VSCode but in the cloud
• CodeBuild <- Similar to Github Actions
• CodePipeline <- A group of codebuilds/codedeploys
• CodeDeploy <- To deploy your code, usually to move your code from S3 to EC2
• CodeCommit <- Like GitHub
My question is: does this makes sense to you, can I make it clearer? What would you change?

andrei nover 1 year ago

Hello! How can I add for the msk-apache-kafka-cluster terraform module custom server configs for kafka e.g.:
kafka_configuration_properties = {
"auto.create.topics.enable": true
}

andrei nover 1 year ago

Error: Unsupported argument
│
│ on main.tf line 91, in module "kafka":
│ 91: kafka_configuration_properties = {
│
│ An argument named "kafka_configuration_properties" is not expected here.

Maarten van der Hoefover 1 year ago(edited)

Has anyone ever been confronted with: “Parameter: SpotFleetRequestConfig.IamFleetRole is invalid. ” when doing a spot-request ? The Role, Trust Policy and Policy all look fine to me. Some Redditor had the same unsolved question. It works in one region, but not in the other, it does not look like a policy issue to me.

Matt Gowieover 1 year ago

Would appreciate any 👍️ on this insane AWS Amplify Hosting issue: https://github.com/aws-amplify/amplify-hosting/issues/2563

omkarover 1 year ago

Issue: Application Performance
Explanation: We have deployed all our microservices on AWS EKS. Some are backend services that communicate internally (around 50 services), and our main API service, "loco," handles logging and other functions. The main API service is accessed through the following flow:
AWS API Gateway -> Nginx Ingress Controller -> Service.
In the ingress, we use path-based routing, and we have added six services to the ingress, each with a corresponding resource in a single API gateway.
Our Angular static application is deployed on S3 and accessed through CloudFront. The complete flow is as follows:
CloudFront -> Static S3 (frontend) -> AWS API Gateway -> VPC Link -> Ingress (Nginx Ingress Controller with path-based routing) -> Services -> Container.
Problem: Occasionally, the login process takes around 6-10 seconds, while at other times it only takes 1 second. The resource usage of my API services is within the limit.
Below are the screenshots from Datadog traces of my API service:
• Screenshot of the API service when it took only 1 second
• Screenshot of the API service when it took 6-10 seconds
Request for Help: How should I troubleshoot this issue to identify where the slowness is occurring?

Juan Pablo Lorierover 1 year ago

Hi, I'm trying to understand why the ecs cluster module is trying to recreate the policy attachments every time I add more than one module instance via a for_each.
The plan shows the arn will change, but it's a AWS managed policy, so it won't change:

update
policy_arn :
"arn

iam:

policy/AmazonSSMManagedInstanceCore"

change to
Known after apply
Forces replacement

the resource address is:

module.ecs_clusters["xxx"].module.ecs_cluster.aws_iam_role_policy_attachment.default["AmazonSSMManagedInstanceCore"]

Ermisover 1 year ago

I'm getting an error when creating ec2-instance, trying to reference the private subnet for a dynamic_subnet I created, any ideas how to reference the private_subnet_id into ec2?

subnet = module.dynamic_subnets.private_subnet_id

Ermisover 1 year ago

That was the wrong screenshot please see below.

Mehakover 1 year ago

This policy we have to enforce mutilaz on elasticache clusters. Do we have some such policy to enforce Multi-AZ in RDS Aurora and Elasticsearch?

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Deny",
            "Action": [
                "elasticache:CreateCacheCluster",
                "elasticache:CreateReplicationGroup"
            ],
            "Resource": [
                "arn:aws:elasticache:us-east-1:4852:replicationgroup*",
                "arn:aws:elasticache:us-east-1:4852:cluster*"
            ],
            "Condition": {
                "StringNotEqualsIgnoreCase": {
                    "elasticache:MultiAZEnabled": true
                }
            }
        }
    ]
}

Mehakover 1 year ago

Can someone help me with sentinel policy to enforce multi-az on rds aurora and elasticsearch clusters. I will create policy in TF cloud?

Alex Atkinsonover 1 year ago

I don't think the updated cert chain will be added to this npm module before August 22.
https://github.com/mysqljs/mysql/blob/master/lib/protocol/constants/ssl_profiles.js

Sudheerover 1 year ago

Hi Folks, Have you ever wanted a generative AI assistant that could go through S3, Redis, RDS, Confluence, or an internet web crawler and answer questions about your product using generative AI? If you're building this from scratch, think again. Check out Amazon Q! and How did First Orion optimize their workflow with Amazon Q?
Check the link above for a detailed post describing the architecture and other aspects. Feel free to comment and share your views.

May 2024 Browse by date July 2024