Questions tagged with AWS Marketplace
Content language: English
Sort by most recent
Mikrotik CHR sever connection lost
I have created a server using the Mikrotik created AMI for their CHR software. I keep losing connection to the server entirely; no Winbox, no SSH, no console connect from the Instances page. I keep having to spin up a new server and rebuild my work. No other AWS server (mostly Ubuntu AMI's) on our account has had this issue. I am assuming there is something about the CHR AMI that I am missing which is causing this issue. I am attempting to set up a VPN using OpenVPN to connect the field devices my employer creates. A previous VPN project was run last year and that server was up for nearly the full year and we could still connect to it, until I removed the PPTP setup and replaced it with the Mikrotik built-in OpenVPN server. Here is the config export for the CHR. ``` # mar/31/2022 17:55:47 by RouterOS 6.44.3 # software id = # # # /interface bridge add arp=local-proxy-arp fast-forward=no name=afads priority=0x8192 \ transmit-hold-count=1 /interface ethernet set [ find default-name=ether1 ] disable-running-check=no /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=afadpool ranges=10.8.0.1-10.8.127.255 /ppp profile set *0 bridge=afads change-tcp-mss=default local-address=10.8.0.1 only-one=\ yes use-encryption=yes add bridge=afads local-address=10.8.0.1 name=SmartFlaggerL3 only-one=yes \ remote-address=afadpool use-encryption=yes /interface bridge port add bridge=afads hw=no interface=ether1 add bridge=afads interface=*F005C9 add bridge=afads interface=*F004E9 add bridge=afads interface=dynamic /interface ovpn-server server set auth=sha1 certificate=[ServerCertName] cipher=aes256 default-profile=\ SmartFlaggerL3 enabled=yes keepalive-timeout=30 netmask=17 /ip firewall address-list add address=10.8.40.1 list=undeployed [Removed approx 4000 lines, similar to the one above] /ip firewall filter add action=accept chain=forward comment=\ "Allows units in the Test group to communicate." dst-address-list=test \ src-address-list=test add action=accept chain=forward comment=\ "Allows all traffic from Internal Trusted Servers to units." \ dst-address-list=!InternalTrustedServers src-address=0.0.0.0 \ src-address-list=InternalTrustedServers add action=accept chain=forward comment=\ "Allows all traffic from units to Internal Trusted Servers." \ dst-address-list=InternalTrustedServers add action=accept chain=forward comment="Test of unit to unit communication" \ disabled=yes dst-address-list=test src-address-list=test add action=accept chain=forward comment=\ "Accept Forward for Established and Related Connections" \ connection-state=established,related,untracked add action=accept chain=forward comment="Allow Forwarding by OVPN Clients" \ src-address=192.168.22.128/25 add action=accept chain=input comment=\ "Accept Input for Established and Related Connections" connection-state=\ established,related,untracked add action=accept chain=input comment="Allow OpenVPN Connection" dst-port=\ 1194 protocol=tcp add action=accept chain=input comment="Allow Input by OVPN Clients" \ in-interface=all-ppp add action=accept chain=input comment="Allow Winbox Input" dst-port=8291 \ protocol=tcp add action=accept chain=input comment="Allow HTTPS Input" dst-port=443 \ protocol=tcp add action=drop chain=input comment="Input drop for all other connection" \ disabled=yes add action=drop chain=forward comment="Forward drop for all other connection" \ disabled=yes add action=drop chain=forward comment="Invalid drop for all other connection" \ connection-state=invalid disabled=yes add action=drop chain=forward comment="PREVENT ALL TALK BETWEEN UNITS." \ disabled=yes src-address=!10.8.0.5 /ip firewall nat add action=masquerade chain=srcnat out-interface=all-ppp /ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set api-ssl disabled=yes /ppp secret add name=AFD0001 password=[Redacted] profile=SmartFlaggerL3 remote-address=\ 10.8.80.1 service=ovpn [Removed nearly 4000 lines, similar to the one above] /system identity set namep[AWS instance auto-generated name] /system logging add topics=ovpn add topics=debug ```
Access to Feeds.SubmitFeed is denied
I am trying to connect Seller Partner API from C# console , but it will gives error "Access to Feeds.SubmitFeed is denied" for SubmitFeedRequests . Passed all required parameters i.e Action MarketplaceIdList Merchant MWSAuthToken FeedType ContentMD5Value AWSAccessKeyId Timestamp Version SignatureVersion SignatureMethod Signature Please suggest .
Marketplace: Need to Subscribe to Software using Java SDK
For our automation flow I need to find and then subscribe to software in Marketplace. I would much rather find appropriate service library (something similar to ***AmazonCloudFormation***, ***AmazonRDS*** etc). Is there such library and if not what other options to subscribe? Also I wanted to avoid managing token http requests myself, hence the use of libraries.
Can I use AWS Marketplace to purchase 3PP licenses and then use these 3PP product to populate the AppStore Catalog in AWS Workspace?
To populate my AWS Workspace Product Catalog with 3PP software products e.g., AutoCAD, Adobe Premier Pro, so IT Admin can provision them to virtual desktops, I need to purchase licenses for those 3PP software first. Should I go to AWS Marketplace to find these 3PP software e.g., AutoCAD, Adobe Premier Pro and purchase these licenses for use in my AWS Workspace (i.e., purchase license and install apps in the VM so my AWS Workspace can access them)? If that is the case, do I have to go to AWS Marketplace to add licenses each time I need new licenses in my AWS Workspace? Any info on this will be greatly appreciated. THANKS.
AWS NTP Server Access
Doesn't AWS have a publicly available NTP server at 169.254.169.123:123? I get destination host unreachable when I ping from my local PC. I've tried using command line and powershell from 2 different computers. I'm able to successfully ping and sync NTP time with time.google.com. *Edit* Here is the article where I found the NTP server address: https://aws.amazon.com/blogs/aws/keeping-time-with-amazon-time-sync-service/
Is SNS mandatory to determine 'subscribe-success' when verifying a customer subscription for Saas-based platform?
When the customer is redirected to the Saas-based product landing page, they will have a x-amzn-marketplace-token that can be exchanged for the unique customer identiﬁer, customer AWS account Id, and corresponding product code. However, there are few places in the SaaS manual that state to not create any resources for the customer unless the 'subscribe-success' status is verified. Is the exchange of the marketplace token enough to verify the 'subscribe-success' status or is confirming an SNS notification with 'subscribe-success' mandatory? I've looked around the documentation but did not find any verification, so I would appreciate any clarification.
connection to AWS t2 Micro service from 3CX
I have been using AWS to host Debian 10 to connect my 3CX accounts for our phone systems. All working fine. All of a sudden, when i go to create a new service on AWS and then connect to it from 3CX via the installer, I get the following message An unknown error occured: User: arn:aws:iam::090946289178:user/ICT is not authorized to perform: servicequotas:GetServiceQuota on resource: arn:aws:servicequotas:ap-southeast-2:090946289178:ec2/L-34B43A08 because no identity-based policy allows the servicequotas:GetServiceQuota action I have tried everything I can think of. Delete the AWS service and install again Create user in IAM Create key pairs add debian subscription. I am following the same path as when I setup the existing system which works fine. I have also tried connecting with my other subscriptions to AWS and get the same message I also created a new AWS account and added a new subscription, IAM and Key pair there and got the same message. 3CX support has no idea what it is. Can anyone shed some light here? David
AWS marketplace token generation for CI/CD tests
Is there any simpler (api/sdk) way to generate the x-amzn-marketplace-token token based on the stored credentials of the amazon test account? So when we try to setup our software via the marketplace listing, a https://aws.amazon.com/marketplace/saas/ordering/setupAccount POST call is made in response to which aws generates a registration token. this token is then used in the AWS Marketplace Metering Service calls later to perform different operations. And i was basically trying to automate the process of signing up from marketplace but as far as i could see, the token generation is opaque and only generated by amazon itself. so i couldn't find any corresponding sdk/api call in amazon documentation to simulate this action in my automation. In order to get that marketplace registration token, I really want to avoid spawning a full browser and simulating a user logging in, going to the product page, and clicking subscribe which would be my second approach if i don't have a direct way of generating the token.
SUSE 15 SP3 stucked on "status check 1/2" during reboot after update to latest version.
Hello Team, our SUSE 15 SP3 instance(r4.2xlarge) is stucked in "status check 1/2" during reboot after upgraded it latest version. Here are some logs as well. Please share some solutions. **"cloud-init: ci-info: | Device | Up | Address | Mask | Scope | Hw-Address | [ 41.805561] cloud-init: ci-info: +--------+------+-----------+-----------+-------+------------+ [ 41.810798] cloud-init: ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | host | . | [ 41.816025] cloud-init: ci-info: | lo | True | ::1/128 | . | host | . | [ 41.820613] cloud-init: ci-info: +--------+------+-----------+-----------+-------+------------+ [ 41.824672] cloud-init: ci-info: +++++++++++++++++++Route IPv6 info+++++++++++++++++++ [ 41.828212] cloud-init: ci-info: +-------+-------------+---------+-----------+-------+ [ 41.832368] cloud-init: ci-info: | Route | Destination | Gateway | Interface | Flags | [ 41.837993] cloud-init: ci-info: +-------+-------------+---------+-----------+-------+ [ 41.842556] cloud-init: ci-info: +-------+-------------+--------[ 0.000000] Linux version 5.3.18-150300.59.49-default (geeko@buildhost) (gcc version 7.5.0 (SUSE Linux)) #1 SMP Mon Feb 7 14:40:20 UTC 2022 (77d9d02)" ** Thanks, Bhupendra +91-XXXXXXXXXX Edit: Removed personally identifiable information (phone number) per Community Guidelines.
Cisco FTDv Firewall Initial Configuration issue with connectivity to AWS VPC
Hello AWS Community I have an issue with the initial configuration on a Cisco FTDv Firewall FDM, pretty much the issue is that I cannot seem to receive the traffic on the FTDv when I try to reach any Public addresses , a little bit about the setup 4 Interfaces (Inside, Outside, MGMT and Diagnostic) From the FTDv directly I can ping google(188.8.131.52) without issues From the subnets on AWS I can ping all interfaces of the FTDv, but not to google or any public subnet. I did a packet tracer test on the FIrewall simulating any of the servers I have on AWS and traffic is allowed correctly. However I never see the attempts reaching the FTD when I ping google or any public IP if I do it from the servers on the AWS VPC. In the VPC my next hop for 0.0.0.0/0 is the Inside Interface NIC of the FTDv PD: I do see the traffic of the servers in the Inside interface when I ping the interfaces of the FTDv since those are working fine. but not when I ping anything Public. I also setup a capture on the FTDv and I never see attempts of the internal servers only when try to reach anything Public. Seems like an issue between the FTDv and AWS Vpc Hoping somebody has some insight on it Thanks in Advance
How do I query in SM Parameter Store AMI Alias for a specific version of Amazon ECS-Optimized Amazon Linux 2 AMI
I am trying to query the AMI by lookup up the AMI Alias in SM Parameter Store for a specific version of Amazon ECS-Optimized Amazon Linux 2 AMI. The AMI Alias listed on Marketplace (https://aws.amazon.com/marketplace/server/configuration?productId=9c5eb799-bb6a-4a52-8fda-8e90b3f751f1) is `Ami Alias: /aws/service/marketplace/prod-phaazl5qm6pka/2.0.20220121` When I query `Name: equals: /aws/service/marketplace/prod-phaazl5qm6pka/2.0.20220121` I get "You do not have any parameters in this region." I am able to query the "latest" version of the AMI Alias with a query `Name: equals: /aws/service/marketplace/prod-phaazl5qm6pka/latest` and get back exactly on result that has a string value with the expected AMI (currently `ami-0e4efed85dffc2b28` for `us-east-2`). I want to create some automation that uses the AMI Alias for specific version, and not "latest" and be able to lookup the AMI by region. What am I doing wrong in my query? Or am I maybe missing some permissions or something somewhere?