By using AWS re:Post, you agree to the Terms of Use

Questions tagged with Developer Tools

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

How do we look up more verbose information by RequestID's thrown in AWS CloudFormation events which status reports CREATE_FAILED?

Without setting up a CloudTrail and executing a CFN template which rolls back, I have started looking at Debugging options. I found [this](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-api-logging-cloudtrail.html) which says we can see the most recent without a created trail. I tried to find RequestId documentation from [here](https://docs.aws.amazon.com/search/doc-search.html?searchPath=documentation-guide&searchQuery=resourceid&this_doc_product=AWS+CloudFormation&facet_doc_product=AWS+CloudFormation) entering 'requested' in the search bar, which returned many unrelated items to my specific case (thanks for the attempt Kendra:). I also have looked at cli docs [here](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-listing-event-history.html) I guess I fist need to know what a RequestID is capable of helping me trace, as I am doing a simple debug of an instance I already know that has the wrong AMI ID for that region, but am trying. to re-familiarize myself. with fixing CFN templates after being out of the loop for a few years. I'd like to know how someone else handles a CREATE _FAILED and ways to use the status reason in a verbose way. Each reason appears to be ';' separated, so even just a point in that direction might help weed through the mountain of information here. Thanks ahead of time- Rudy
0
answers
0
votes
27
views
asked 2 months ago

Configure AWS SES as relay host in aaPanel

I have a lightsail instance with an Ubuntu 20 installation. I set up aaPanel as the main control panel. Because lightsail instances have locked port 25 for smtp service, I configured AWS SES as mail provider. aaPanel has a tool to configure a relayhost using postfix service. First, I verified my domain with SES by a TXT validation, my domain is properly configured in SES, also I made a test send and it was successful. By the way, my lightsail instance and SES domains are in the same region (us-west-1). Now, on my console, I entered these commands: ``` sudo postconf relayhost=in-v3.mailjet.com:2587 sudo postconf smtp_tls_security_level=encrypt sudo postconf smtp_sasl_auth_enable=yes sudo postconf smtp_sasl_password_maps=hash:/etc/postfix/sasl_password sudo postconf smtp_sasl_securty_options=noanonynous sudo vi /etc/postfix/sasl_password ``` In vi editor, enter this line: email-smtp.us-east-1.amazonaws.com:2587 [api]:[secret] ``` sudo postmap /etc/postfix/sasl_password sudo chown root:root /etc/postfix/sasl_password* sudo chmod 600 /etc/postfix/sasl_password* sudo systemctl restart postfix ``` In lightsail network section, I opened ports 2587, 25, and 465. And with this, I suppose I can send email by relayhost on aaPanel. When I made a test with the mailer tool on aaPanel, this is the log: ``` Jul 22 19:25:48 softnia postfix/qmgr[13083]: E2C8F81CD7: from=<>, size=3462, nrcpt=1 (queue active) Jul 22 19:25:48 softnia postfix/trivial-rewrite[90585]: warning: /etc/postfix/main.cf, line 75: overriding earlier entry: relayhost=email-smtp.us-east-1.amazonaws.com:2587 Jul 22 19:25:48 softnia postfix/trivial-rewrite[90585]: warning: /etc/postfix/main.cf, line 77: overriding earlier entry: smtp_sasl_password_maps=hash:/etc/postfix/sasl_password Jul 22 19:25:48 softnia postfix/lmtp[90586]: warning: /etc/postfix/main.cf, line 75: overriding earlier entry: relayhost=email-smtp.us-east-1.amazonaws.com:2587 Jul 22 19:25:48 softnia postfix/lmtp[90586]: warning: /etc/postfix/main.cf, line 77: overriding earlier entry: smtp_sasl_password_maps=hash:/etc/postfix/sasl_password Jul 22 19:25:48 softnia postfix/bounce[90587]: warning: /etc/postfix/main.cf, line 75: overriding earlier entry: relayhost=email-smtp.us-east-1.amazonaws.com:2587 Jul 22 19:25:48 softnia postfix/bounce[90587]: warning: /etc/postfix/main.cf, line 77: overriding earlier entry: smtp_sasl_password_maps=hash:/etc/postfix/sasl_password Jul 22 19:25:48 softnia postfix/lmtp[90586]: E2C8F81CD7: to=<root@softnia.com>, relay=none, delay=38331, delays=38331/0.01/0/0, dsn=4.4.1, status=deferred (connect to softnia.com[private/dovecot-lmtp]: No such file or directory) ``` This is the postfix configuration file: ``` # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on # fresh installs. compatibility_level = 2 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = softnia.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = relayhost = email-smtp.us-east-1.amazonaws.com:2587 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all virtual_mailbox_domains = sqlite:/etc/postfix/sqlite_virtual_domains_maps.cf virtual_alias_maps = sqlite:/etc/postfix/sqlite_virtual_alias_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_catchall_maps.cf virtual_mailbox_maps = sqlite:/etc/postfix/sqlite_virtual_mailbox_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_mailbox_maps.cf smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_use_tls = yes smtp_tls_security_level = may smtpd_tls_security_level = may virtual_transport = lmtp:unix:private/dovecot-lmtp smtpd_milters = inet:127.0.0.1:11332 non_smtpd_milters = inet:127.0.0.1:11332 milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} milter_protocol = 6 milter_default_action = accept message_size_limit = 102400000 recipient_bcc_maps = hash:/etc/postfix/recipient_bcc sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc sender_bcc_maps = hash:/etc/postfix/sender_bcc smtpd_tls_chain_files = /www/server/panel/plugin/mail_sys/cert/softnia.com/privkey.pem,/www/server/panel/plugin/mail_sys/cert/softnia.com/fullchain.pem tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_password smtp_sasl_securty_options = noanonynous ``` As you can see, my base domain is softnia.com, which is appropriately configurated in lightsail and SES.
1
answers
0
votes
27
views
profile picture
asked 2 months ago

CDK - Connect a Network Load Balancer and a Neptune Cluster Endpoint together

For the past two days I've been struggling with exposing a Neptune endpoint to the public using an NLB **in a single stack**. The architecture was inspired by [this document](https://github.com/aws-samples/aws-dbs-refarch-graph/tree/master/src/connecting-using-a-load-balancer#connecting-to-amazon-neptune-from-clients-outside-the-neptune-vpc-using-aws-network-load-balancer). For the life of me I haven't been able to figure out how to obtain the IP address of the Neptune endpoint to use as the target of NLB's listener. The main issue resides in the conversion of the Neptune `hostname` to an IP address as required by NLB's target group `IPTarget` and how CDK synthesizes stacks before deployment. I explored the use of CustomResources to no avail due to my limited familiarity with the topic (day 5 of my aws journey), and was hoping someone could point me in the right direction. Here's my stack (CDK app repo [here](https://github.com/neuxregime/cdk-neptune-nlb)): ```js import { Construct } from "constructs"; import { Stack } from "aws-cdk-lib"; import * as ec2 from "aws-cdk-lib/aws-ec2"; import * as elbv2 from "aws-cdk-lib/aws-elasticloadbalancingv2"; import * as neptune from "@aws-cdk/aws-neptune-alpha"; import { Props } from "../../_config"; import createVPC from "../helpers/createVPC"; import createNeptuneCluster from "../helpers/createNeptuneCluster"; import createNLB from "../helpers/createNLB"; export class ABCGraphStack extends Stack { public readonly vpc: ec2.Vpc; public readonly subnets: { public: ec2.ISubnet[]; private: ec2.ISubnet[]; isolated: ec2.ISubnet[]; }; public readonly neptuneCluster: neptune.DatabaseCluster; public readonly neptuneReadEndpoint: neptune.Endpoint; public readonly neptuneWriteEndpoint: neptune.Endpoint; public readonly nlb: elbv2.NetworkLoadBalancer; constructor(scope: Construct, id: string, props: Props) { super(scope, id, props); // Create VPC for use with Neptune const { vpc, subnets } = createVPC(props, this); this.vpc = vpc; this.subnets = subnets; // Create Neptune Cluster this.neptuneCluster = createNeptuneCluster( props, this, this.vpc, this.subnets ); // Update Neptune Security Group to allow-all-in this.neptuneCluster.connections.allowDefaultPortFromAnyIpv4( "Allow All Inbound to Neptune" ); // Add an ordering dependency on VPC. this.neptuneCluster.node.addDependency(this.vpc); // Output the Neptune read/write addresses this.neptuneReadEndpoint = this.neptuneCluster.clusterReadEndpoint; this.neptuneWriteEndpoint = this.neptuneCluster.clusterEndpoint; // HOW TO GET IP ADDRESS OF this.neptuneWriteEndpoint.hostname? // Create Network Load Balancer this.nlb = createNLB(props, this, this.vpc, "????????", 8182); this.nlb.node.addDependency(this.neptuneCluster); } } ```
1
answers
0
votes
48
views
asked 3 months ago