Browse through the questions and answers listed below or filter and sort to narrow down your results.
Not using "noexec" with "/run" mount, on EC2 Ubuntu 22.04.1 LTS
I believe this *might* be a security issue, as [this happened in 2014](https://www.tenable.com/plugins/nessus/73180), but would rather not pay $29 for "Premium Support". It looks like the `initramfs` is not always mounting the `/run` partition as `noexec`. A stock `Ubuntu 22.04` install shows the `noexec` mount option is present ([source](https://askubuntu.com/a/1432445/924107)), so I suspect one of the AWS modifications has affected this? I can check four EC2 servers that are running `Ubuntu 22.04.1 LTS`, three of them upgraded from `Ubuntu 20.04.5`, the other started new a few weeks ago... oddly, two of the upgraded servers have kept the `noexec`. ``` # New server # Launched: Sep 02 2022 # AMI name: ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20220609 mount | grep '/run ' tmpfs on /run type tmpfs (rw,nosuid,nodev,size=803020k,nr_inodes=819200,mode=755,inode64) uname -a Linux HostB 5.15.0-1020-aws #24-Ubuntu SMP Thu Sep 1 16:04:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux ``` ``` # Upgraded server # Launched: Apr 25 2022 # AMI name: ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20211129 mount | grep '/run ' tmpfs on /run type tmpfs (rw,nosuid,nodev,size=94812k,nr_inodes=819200,mode=755,inode64) uname -a Linux HostA 5.15.0-1020-aws #24-Ubuntu SMP Thu Sep 1 16:04:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux ``` ``` # Upgraded server # Launched: Nov 16 2021 # AMI name: ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20180522 mount | grep '/run ' tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=47408k,mode=755,inode64) uname -a Linux HostC 5.15.0-1020-aws #24-Ubuntu SMP Thu Sep 1 16:04:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux ``` ``` # Upgraded server # Launched: Feb 10 2017 # AMI name: ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170113 mount | grep '/run ' tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=202012k,mode=755,inode64) uname -a Linux HostD 5.15.0-48-generic #54-Ubuntu SMP Fri Aug 26 13:26:29 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux ```
BYOIP Public Address- Individual IP allocation
Hello, I read through the AWS Docs for IPAM but am a little unsure about public IP allocation. I plan on bringing a /24 CIDR and share across out organization with RAM. I understand the steps needed to create pools and share across the org. However, my question is, can I use a public pool to share my /24 across multiple accounts within a region. For example, can account-a and account-b, both in us-east-1 allocate public IP's from my /24 assigned to the us-east-1 region? accopunt-a may need 10 IP's and account-b about 5. Is something like that possible? Thanks
Ubuntu nodes failed to join fully private cluster
I have created a fully private cluster and it is working fine (means kubectl, eksctl, and aws commands are working) but there is a problem with the cluster. Whenever I create Amazon Linux 2 node instances, they successfully join the cluster but when I try to create Ubuntu instances then I get the following error message. ``` Instance failed to join the kubernetes cluster,(Service:null, Status Code: 0, Request ID:null)(RequestToken:c912435454-d3d1-2352-542321-4523543243, HandlerErrorCode:GeneralServiceException)
Network Load Balancer SSH with Proxy V2 and Client IP Preserving
In extend to following question, [https://repost.aws/questions/QUL1n0UH_ITzCNSZ5d_NR1Qg/proxy-protocol-v-2-with-disabling-client-ip-preservation-in-nlb-target-groups]() I have configured a network load balancer disabling client IP preservation and enabling proxy V2. Idea is to only allow requests from Load balancer to EC2 instance behind. All the configurations are in a private network and security groups have attached to EC2 instance to allow traffic only from load balancer for SSH and HTTP. I could find a way to get the client ip address in http using the configurations in nginx.*** Is there a way to get the original client ip address in SSH request and log it to a file?***
How to migrate from an m1.small to t2.small instance?
I've not been able to restart an m1.small instance because of insufficient capacity, so I'm trying change the instance type to t2.small. This page shows an [upgrade path](https://aws.amazon.com/ec2/previous-generation/#Upgrade_Paths) from m1 to t2, but no t2 type is selectable when try to change instance type. Any idea why and if there a way around this?
need help about load balancer
hello guys , i am new at amazon ec2 , i want to use application load balancer , i already post 1 time but that method didn't worked for me , i have currently 1 instances right now , i wanna use application load balancer on it , currently i am using cloud panel and WordPress and i am running 3 WordPress website on it , i want to use load balancer so i can use WAF & Shield and CloudFront cdn , please help me anyone
Inference pytorch model.pth stored on s3 bucket using app deployed on EC2 instance
Hi Dears, I am building a web application to present my works in NLP projects, I have different torch models stored in the s3 bucket, Can I inference it in my EC2 instance? noting that I am using streamlit framework for the ec2 application. The code below does not work!! import boto3 s3 = boto3.resource('s3') s3_object = s3.Bucket('nlp-gpt-models').Object('mod_v1.pth').get() model_path = s3_object Please help how can I communicate with the s3 bucket that has the models files. where is set up the IAM role and has access between s3 and EC2. Thanks Basem
Can Instances Be Used As a Service Which Operates Directly From The Target Country?
When I am using an instance for a region like Canada, when I try to use a specific application like Kijiji they easily detect my network and end their service. It is the same for Paypal for example also. When I am not in a specific country is there a way that I can use instances so my source of the network is not flagged and I can access some apps like PayPal or other payment providers for operating my business? Thanks. Onder A.