Welcome to AWS re:Post

Hi, Recently I have received an email from AWS and the detail follows. In reviewing your Amazon EC2 instances, it appears you have left several ports open to the public (0.0.0.0/0). Please let me know how to fix this issue.

Hi Team, I have written a python program that copies videos from S3 bucket to an EC2 machine, videos that are more than 100 MB in size. While the program runs fine most of the time, but sometimes the download of the file fails with the error, wherein the name of the file is changed to video_name+<hash_characters>. After doing wee bit of research I found out the boto3 library of python, downloads the file temp with a hash name and then replaces it with the name of the file once the download is completed. Below is the log when the download fails : : ERROR/ForkPoolWorker-3] Task api.service.push_to_async_report_generation[25fdce51-a067-4893-bf4c-22013368e59f] raised unexpected: FileNotFoundError(2, 'No such file or directory') Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/celery/app/trace.py", line 451, in trace_task R = retval = fun(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/celery/app/trace.py", line 734, in __protected_call__ return self.run(*args, **kwargs) File "/home/ubuntu/src/api/service.py", line 100, in push_to_async_report_generation image_path = bucket.download_file(Kwargs["file_name"]) File "/home/ubuntu/src/utils/s3_services.py", line 81, in download_file self.bucket.download_file(file_name, os.path.join('./static',file_name)) File "/usr/local/lib/python3.8/dist-packages/boto3/s3/inject.py", line 244, in bucket_download_file return self.meta.client.download_file( File "/usr/local/lib/python3.8/dist-packages/boto3/s3/inject.py", line 170, in download_file return transfer.download_file( File "/usr/local/lib/python3.8/dist-packages/boto3/s3/transfer.py", line 307, in download_file future.result() File "/usr/local/lib/python3.8/dist-packages/s3transfer/futures.py", line 106, in result return self._coordinator.result() File "/usr/local/lib/python3.8/dist-packages/s3transfer/futures.py", line 265, in result raise self._exception File "/usr/local/lib/python3.8/dist-packages/s3transfer/tasks.py", line 126, in __call__ return self._execute_main(kwargs) File "/usr/local/lib/python3.8/dist-packages/s3transfer/tasks.py", line 150, in _execute_main return_value = self._main(**kwargs) File "/usr/local/lib/python3.8/dist-packages/s3transfer/download.py", line 571, in _main fileobj.seek(offset) File "/usr/local/lib/python3.8/dist-packages/s3transfer/utils.py", line 367, in seek self._open_if_needed() File "/usr/local/lib/python3.8/dist-packages/s3transfer/utils.py", line 350, in _open_if_needed self._fileobj = self._open_function(self._filename, self._mode) File "/usr/local/lib/python3.8/dist-packages/s3transfer/utils.py", line 261, in open return open(filename, mode) FileNotFoundError: [Errno 2] No such file or directory: './static/example.mp4.F5e1dAFE It seems like the S3transfer package is trying to open the file before it gets downloaded. Any help related to the topic is appreciated! Thanks!

AWS Backups : When adding an EC2 resource, do I have to add the corresponding EBS volume as well ? Is it enough to check EC2 resource only ?

Steps given to get started with Angular.js to run in local is failing with compilation error. import { Customer } from './models'; Above line is throwing an error: "Cannot find module './models' or its corresponding type declarations"

We are currently getting this error on the AWS Lambda page: You do not have sufficient permission. Access denied. This started when AWS opened a case 10 hours ago and which is yet to be fixed. Also, some of the lambda services are down and just throwing internal server errors. The AWS Support team is not helping at all as this has been going on for 10 hours with no valid solution and they keep on waiting for their internal response team. Our core business system is down and cant do anything because we don't have access to Lambda. Whats the faster way to fix this.

Hi, I just deployed an AD connector in AWS and it connects to my on-prem domain controllers. As part of verifying connectivity per AWS doc (https://docs.aws.amazon.com/directoryservice/latest/admin-guide/prereq_connector.html#connect_verification), I remote into a VM on the subnet where the AD connector has ENI in and test with DirectoryServicePortTest.exe. The ports are open fine but it can't query the forest functional level. I am sure the DC/DNS I use to test is good and SRV records are there. [my-domain] is the fully qualified domain name and forest functional level is 2012R2 which meets the requirement. ``` C:\>DirectoryServicePortTest.exe -d [my-domain] -ip [my-dns] -tcp "53,88,389" -dup "53,88,389" Testing forest functional level. The domain [my-domain] could not be found. Testing TCP ports to [my-dns]: Checking TCP port 53: PASSED Checking TCP port 88: PASSED Checking TCP port 389: PASSED ``` Any suggestions on what might be the issue. Thanks.

I inadvertently deleted the default VPC that was associated with my account. I tried to recreate it but the option is greyed out within the console and the "aws ec2 create-default-vpc" reports I'm not allowed to do that. I want to use the "AWSSupport-MigrateEC2ClassicToVPC Automation" process as I'm not a systems person and I simply want to migrate before Aug 15. Could you provide me details on recreated the default VPC in order for the "automation" process listed about could go smoothly?

As I understand Data API is not supported yet for Aurora PostgreSQL serverless v2. I couldn't find any detailed instructions on how to connect from a lambda to Aurora PostgreSQL serverless v2. Can i assume that instructions here [Connecting to RDS from lambda](https://aws.amazon.com/premiumsupport/knowledge-center/connect-lambda-to-an-rds-instance/) are applicable? If not can I be pointed to something similar?

I have an Elastic Beanstalk application in a custom VPC running a .NET Linux instance that has a endpoint that uses a third-party SDK. The SDK needs to make a separate API call when the endpoint is hit. As an experiment, when I put the instance in a public subnet, this works. However, once I configure a Classic Load Balancer in front of the instance, I get a 504 "GATEWAY_TIMEOUT" on this endpoint. Note that all my other endpoints still work behind the Classic Load Balancer. As another experiment, I opened up all the related security groups to allow all inbound/outbound traffic from all IPs but it still did not work. What could I be missing here?

Hi, I'm hoping someone can help me, I have to say first off that I'm not a developer so my terminology may not be correct. I've had a stable running ASP.NET app http://app.wearethrive.com Recently my account was suspended and when I've reactivated it seems I can't connect to the running EC2 instance. I was hoping naively that everything would restart and be ok. I don't have any developer support and the app has been up and stable for years. I have a few legacy customers and keep it running for them. I have a feeling the app probably needs to be redeployed which I can't do. I have RDP access so can stop/restart things via ISS. From the stack trace here http://app.wearethrive.com could anyone help point me in the right direction or give any advice? cheers Jerome

*What are the details for the AWS Transfer Family SFTP server?* I want to better understand the security of the provided SFTP server. I can get good information based on the security policy [here](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html), but that does not provide all the information I need. - Which protocol draft is supported? I am guessing either [SFTP v3](https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02) or [SFTP v4](https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-04) or something else. - Does this SFTP break the moved files into packets and perform a checksum on each packet to ensure transmission file integrity, failing the transmission when one or more packets are fail? - Is there documentation specific to the hosted SFTP server and its protocol implementation?

My health lake is gone. Just disappeared.

I'm trying to install the Work Docs Drive app and receive this error message: WorkDocs Drive is not supported on Apple silicon machines. To learn more, go to https://docs.aws.amazon.com/workdocs/latest/userguide/drive_install.html The link doesn't provide any guidance specific to this issue. Is there any solution so I can use this app on my Mac?

We have a Neptune graph with 1 writer and 1 reader. We are using gremlinpython connector and can successfully query Neptune when connecting to the *writer* endpoint. However, when we attempt the exact same connection and (read) query using the *reader* endpoint, we get a 400 / Invalid Response status from Neptune. The connection and query code is pretty straightforward: ``` access_key = os.getenv('AWS_ACCESS_KEY_ID') secret_key = os.getenv('AWS_SECRET_ACCESS_KEY') credentials = Credentials(access_key, secret_key) endpoint = '{OUR_ENDPOINT}.us-east-1.neptune.amazonaws.com' endpoints = Endpoints(neptune_endpoint=endpoint,credentials=credentials) gremlin_utils = GremlinUtils(endpoints) conn = gremlin_utils.remote_connection() g = gremlin_utils.traversal_source(connection=conn) g.V().count().next() ``` This works when OUR_ENDPOINT is pointing to the writer instance, but it throws the 400 error when connecting to the Reader instance. Any idea why this could be?

While running AWS glue Job facing this error

Hi, I'm very new to backups and all aws. I can't figure out how to upload the files to the cloud And I read the information posted on the site. Every backup software has an option to search for files to upload and here I do not find

Our AWS partner setup metrics and alarms for us a couple years ago, and one of them was an alarm to watch for API activity where the "user" was not signed in with MFA. It appears they used something like in this link, but it's not in the public documentation anymore. https://github.com/awsdocs/aws-cloudtrail-user-guide/blob/master/doc_source/cloudwatch-alarms-for-cloudtrail-additional-examples.md#cloudwatch-alarms-for-cloudtrail-no-mfa-example Over time we had to add additional parameters to the filter for things like AWSServiceRoleForAutoScaling. Eventually we reached the 1024 character limit of the filter expression. Is there a way to work around that limit, or since the example has been removed from AWS documentation, is it no longer necessary to have an alarm that is triggered when API calls are made without MFA?

First time user, scavenged the web on this previously. Starting my environment it keeps showing this error message when I hit run top or in the terminal. /usr/bin/python3: can't find '__main__' module in '' Ive been following this guide https://docs.aws.amazon.com/cloud9/latest/user-guide/sample-python.html I can't figure out how to even complete step 1 because this save issue