Browse through the questions and answers listed below or filter and sort to narrow down your results.
Using Timestream as a dataset for QuickSight (Domain: ap-southeast-2)
Hi, I'm trying to use my Timestream DB as a dataset for QuickSight BI. Both of them are in the ap-southeast-2 domain, but Timestream is not on the list. (Please find the attached screenshot). The only way I can make this work is by changing the domain to us-east-1,2. Is there any solution to this??![![screenshot](/media/postImages/original/IM3DF1XAYASLWrGe1oR2Iclg) Enter image description here](/media/postImages/original/IMBuBmaHDGRsyCCHZbjfdglA)
Server-Side LDAPS failing at SubCA (Two-Tier)
Using the following document, https://aws.amazon.com/blogs/security/how-to-enable-ldaps-for-your-aws-microsoft-ad-directory/, I'm attempting to set up server-side LDAPS. I'm running this from us-east-2. I've created a secret with the directory admin and password. Looks just like the example. I've created a S3 bucket that states Public accessible. For the * VPC CIDR - I used the IPV4 CDR for my VPC instance (172.31.0.0/16) * VPC ID - I used the only VPC instance I have. * CA(s) Subnet ID - Select one of the subnet the first subnet from my AD Networking Details, Subnets. * Domain Members Security Group ID - Added a SG for all traffic for 172.31.0.0/16 * Active Directory Domain Service Type - AWSManaged * Domain FQDN DNS Name - The Directory DNS name of the Directory * Domain NetBIOS Name - The Directory NetBIOS name of the Directory * IP used for DNS (Must be accessible) - First DNS address and Second DNS address * Secret ARN Containing CA Install Credentials - Using the ARN from the secret I created. * CA Deployment Type - Two Tier * Use S3 for CA CRL Location - Yes * CA CRL S3 Bucket Name - The name of the publicly accessible S3 bucket I created. After a while I get a CREATE_FAILED, Failed to receive 1 resource signal(s) within the specified duration for SubCA. I'm not sure on how to debug what took too long. Any help would be appreciated.
Managed AD, Multi Region, Limited to 5 : How to use same domain in more regions?
We have hundreds of machines spread across 12 regions. We started implementing AWS Directory Service Managed AD with multi-region Replication and ran up against the 5 region limit (why the limit if I'm willing to pay for the additional regions?). We'd like to have all of the instances in the same domain as we are a global organization and use machines around the world for sales, service and support of our software products. What is the best practice and architecture **(and how)** to get domain services into the remaining 7 regions?
Cannot delete AD connector
We have an AD connector that cannot be deleted. We deleted the test AD instance run on EC2 which we have and then when we tried to delete the connector its failed It says the console is still attached as an authorized application. When I try to disable the console, it says "You cannot disable the AWS Management Console because delegated users are still assigned to it. Remove all users and groups from the IAM roles below and try again."
how to post static files alongside wordpress installation that uses the same domain as the wordpress site
i am running a wordpress instance on lightsail with static ip and am pointing my domain earthjay.com to this. the wordpress works. i want to be able to sftp upload files to a static directory that has the same domain. my wordpress has thousands of existing url links to files in a directory earthjay.com/earthquakes (and subsidiary directories, e.g., earthjay.com/earthquakes/20220914_norcal). i learned that i cannot create a directory 'earthquakes' within htdocs. i created a directory in htdocs, but when i enter that url earthjay.com/earthquakes, the browser just shows my wordpress site. can i use sftp to create a subdirectory in my lightsail space or do i need to create a separate instance where i can place these files. files i want to post include jpg/pngs, pdfs, and other files (e.g., *.docx, *.xlsx, *.zip, etc.). do i use a "bucket?" the key thing is that wherever i place these files, they need to have the ability to be found at e.g., earthjay.com/earthquakes/*.* thanks in advance for your kind assistance.
Is it possible to map the group as an attribute?
Hi, I am using AWS IAM as IDP from Root account with AWS SSO (not AD or external), so I have AWS SSO and a SAML application for Jenkins configured on the root account. I have configured the SAML Jenkins app with the following attributes: ![Enter image description here](/media/postImages/original/IMAT8AyKcITPm2Ug8org3pgg) And i need propagate to Jenkins the groups to which that user belongs in the AWS SSO, to assign permissions in Jenkins according to the groups that the user has. Is it possible? Regards!
In App Stream 2.0 Getting error An unknown error occurred (1355).
Hi, I am trying to setup the ADFS with App Stream 2.0 with SAML Authentication, and have done all the steps for the needful (Referred from : https://aws.amazon.com/blogs/compute/enabling-identity-federation-with-ad-fs-3-0-and-amazon-appstream-2-0/ ) , but after login to App Stream relay state URL screen, system gives an error: "An unknown error occurred (1355)." As per my research its indicating some DNS issue. When we have checked my system ip configs, its displaying something like this : > **Windows IP Configuration** ( Host Name : EC2AMAZ-NMGRP10 [this is my server system name], Primary Dns Suffix : example.local. > **Ethernet adapter Ethernet** : Connection-specific DNS Suffix : sarvajeevan.com DNS Servers : ::1 127.0.0.1 Username for App Stream is : email@example.com As per my understanding, our Active directory domain name is **sarvajeevan.com**, but internal federation domain is **example.local**. Please help us to understand, we are doing something wrong or something needs to fix manually from Route 53 or something else ? Thanks