Welcome to AWS re:Post
re:Post gives you access to a vibrant community that helps you become even more successful on AWS
Recent questionssee all
AWS Lightsail Firewall
Hello, I am using AWS Lightsail to host my website. Using Cloudflare DNS + WAF for protection. I am trying to whitelist the Cloudflare IPs on the AWS infra but after defining the ACL, the site becomes unreachable. When i remove the ACL, site is back online. I am making firewall rules for http and https. Am i missing anything? https://www.cloudflare.com/en-gb/ips/ 126.96.36.199/20 188.8.131.52/22 184.108.40.206/22 220.127.116.11/22 18.104.22.168/18 22.214.171.124/18 126.96.36.199/20 188.8.131.52/20 184.108.40.206/22 220.127.116.11/17 18.104.22.168/15 22.214.171.124/13 126.96.36.199/14 188.8.131.52/13 184.108.40.206/22 2400:cb00::/32 2606:4700::/32 2803:f800::/32 2405:b500::/32 2405:8100::/32 2a06:98c0::/29 2c0f:f248::/32
DNS address could not be found
Hello, I am facing a problem where my website’s DNS address cannot be found. What I have done: I have purchased a domain through Route 53 and use S3 buckets. I have followed this guide https://docs.aws.amazon.com/AmazonS3/latest/userguide/website-hosting-custom-domain-walkthrough.html#website-hosting-custom-domain-walkthrough-domain-registry and everything was followed. The provided website endpoint works as I can see my website and it functions correctly. The hosted zone is set with the guide and it has 4 records. 2 that get generated (haven't been touched) and 2 for my domain and subdomain. The record names and the bucket names match. The value/route traffic to the NS record name is: * ns-1971.awsdns-54.co.uk. * ns-506.awsdns-63.com. * ns-769.awsdns-32.net. * ns-1249.awsdns-28.org. The name servers of the domain are the same * ns-1971.awsdns-54.co.uk * ns-506.awsdns-63.com * ns-769.awsdns-32.net * ns-1249.awsdns-28.org (They were not but I changed them) When I try the test record without entering enting in record name the DNS response code shows No Error, however when I type in the exact same name in the record name I get Non-Existent Domain. So basically I have no idea where to go from here, please help.
Canceling Inactive Service
Hi, My prior company was acquired by my current one, and the AWS services from the old company have been running for well over a year since then (without any use). I only have permissions to start/stop/create instances, so can't change billing or cancel service. Can anyone point me the right way to get this account killed off?
How to use CloudWatch to monitor the number of active connections to a Lightsail server
Is there any way to use CloudWatch to monitor the number of active connections to a Lightsail/EC2 server? I know there's such an indicator for the Application Load Balancer, however, there's no load balancer in my infrastructure. The number of active web users/connections is one of the most popular indicators and we want to find out more about it. Thank you.
How to deal with IoT policy documents being limited to 2048 bytes
The size limitation on iot policy documents seem quite small - If we have reasonably fine grained policy requirements, it blows out easily. is there any best practice to deal with this. ? Does this basically mean it's necessary to have multiple small policy documents ? Or do we just need to be frugal with our policy rules ?
AWS internal communication between 2 EC2 servers
Our infrastructure is in AWS. We use AWS Security Group to define inbound/outbound traffic rules. Our servers are ip restricted, as in only traffic from one particular ip is allowed as per the Security Group rule. Say, we have 2 EC2 apps that serve web traffic. And, as per the Security Group rule, only traffic from that one ip is allowed to these servers on port 80 and 443. We now need for these apps to communicate with each other, i.e. send each other HTTP requests. We want the 2 apps to communicate with each other internally because they belong to the same Public Subnet and VPC. If the communication is not internal, traffic from one app would reach the other app via the internet, and this would not be allowed by the existing Security Group rules. Is trying to keep the communication internal between the 2 apps the standard way? I need some guidance on how to best implement this idea.
Route HTTP to HTTPS elastic beanstalk load balancer
Hello, Using this link as a guide https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html I added an AWS "classic" load balancer to an existing elastic beanstalk environment (accepted default load balance settings); the listener was updated to include https on port 443 with an AWS provided SSL certificate. After applying these settings, the website is only available as http://bsatroop706.org/index (the https url is does not accept a browser request). What additional configuration might be needed to enable SSL/TLS? The https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html doesnt indicate if additional configuration is needed... Ideas appreciated
What is the difference between Lightsail availability and EC2 availability?
As of now, I have been using Lightsail-related computing business for several months, but I have found that sometimes my customers cannot connect to the server in recent months, and this time lasts for a short time, and it will be restored in a few minutes. Still, it makes me worry about its usability. After my investigation, when my client can't access the server, he can't ping the target IP address. Does this explain the difference in the availability of EC2 and Lightsail? Or is it an issue with the AWS network? If my business requires high availability of the network, will using more expensive EC2 improve availability?
How does EC2 hop to a publicly accessible RDS endpoint?
Hey team, say I have an RDS endpoint that's publicly available. I then access this endpoint from an EC2 instance. What happens at the network layer? Does the request go to the public internet? Ideally, the system would know that the we're inside the same vpc and hop right over. How could I confirm this?
AWS Control Tower failed to set up your landing zone completely: You don't have permissions to access this resource
I have already decommissioned AWS tower from ap-northeast-1 and want to reconfigure AWS tower again on the same region ap-northeast-1 But when I setup landing zone again. I received this error message "AWS Control Tower failed to set up your landing zone completely: You don't have permissions to access this resource" Can someone help me on this issue ? really appreciate as its high priority. -->> Already performed manual decommission process <<--
Update email address used for communications from AWS
Where can I go to change or add another email address used for communications from AWS? For example, AWS periodically sends out deprecation notices to users and I get them at my primary email address. I'd like them to go to another address but can't seem to find where to set this. I tried updating the Alternate Contacts in the Accounts screen (I updated both Operations and Security contacts) but I'm not getting the emails at those addresses. Thanks!
Appstream Application mode - Office 365 issue
Hello, I am having an odd issue with activating my 365 products using Appstream in Application mode- at this time I have tried using office installations using a custom XML for RDS however when ever I enter my email (or a user their email) for activation, Excel locks up and we are unable to run reports. I am using azure sso for this configuration, anyone have ideas or encounter this issue? Help would be appreciated!
How to create a IoT Project with multiple collaborators?
Hello, maybe my question is completely dumb, but I cant find anything in the internet... I want to create an IoT project with AWS using the IoT Core, Dynamo DB and Amplify. I am working on this project with two other peoples. How can I create a Project that each of us can work on without having to log into my AWS account? If that is possible, can we work on it at the same time? If such a project is not possible, can I somehow export my IoT Core and make it available to my collaborators? Thanks for your help
Recent articlessee all
Support Automation Workflow (SAW) Runbook: AWSSupport-ConfigureTrafficMirroring
published 11 days ago0 votes49 views
Creating Dynamic Grafana Dashboards for AWS IoT TwinMaker
published 22 days ago5 votes145 views
This article provides guidance on using Grafana Variables together AWS IoT TwinMaker to build dynamic dashboards that will display Entity specific data as you navigate from one Tag to another within a Scene. This approach helps scale your application and reduces the burden of creating unique dashboards for every Entity you may have within IoT TwinMaker.
New NLP/CV Examples to Get Started on AWS Inferentia and AWS Trainium
published a month ago1 votes384 views
Support Automation Workflow (SAW) Runbook: AWSSupport-ManageWindowsService
published 2 months ago1 votes295 views
Build and Deploy Models Leveraging Cancer Gene Expression Data With SageMaker Pipelines and SageMaker Multi-Model Endpoints
published 2 months ago3 votes598 views
In this article we show how you can use SageMaker Pipelines and SageMaker Multi-Model Endpoints to efficiently orchestrate and deploy many models in a cost effective and efficient manner. We show how this can be leveraged in the context of cancer survival analysis to deploy many models that leverage gene expression signatures.