Browse through the questions and answers listed below or filter and sort to narrow down your results.
been working on AWS ORGANIZATIONS..i've my root account(management account) under that i've one vendor account now in management account i've 2 ec2 instance resource..with switch role from vendor account to management account..i should only see one ec2 instance among that 2 instance that already available in management account. now how can i apply policies to do this..i tried tag policies to do this which only restrict the vendor to do things..but for my use case i should hide one ec2 instance and show only one ec2 instance by vendor account..how can i do with?
Why does Inspector not scan my instances?
I have some EC2 linux instances with Amazon Linux 2 and SSM agent (ie amazon-ssm-agent-3.1.1575.0-1 ) running on them. I've modified the Roles for the instances and added the AmazonSSMManagedInstanceCore policy. In the past the inspector has worked in the past and I have some scan data, but now the instances are showing up as "Unmanaged EC2 instance". So per the suggestion I ran AWSSupport-TroubleshootManagedInstance, and everything passes with flying colors if I leave out the Role to assume. If I try to set the Role to be the same as the Role used by the instance then things fails. However, it's unclear what the Role should be as most of the permissions it's failing on seem to be the caller of SSM agent would need and not the agent itself. I'm stuck as to why this suddenly not working. So why's it not working? ssm logs: ``` 2022-09-11 03:23:14 ERROR [UpdateAssociationStatus @ service.go.367] [ssm-agent-worker] [MessageService] [Association] unable to update association status, RequestError: send request failed caused by: Post "https://ssm.us-east-1.amazonaws.com/": dial tcp 172.x.x.x:443: i/o timeout 2022-09-11 03:23:14 ERROR [HandleAwsError @ awserr.go.49] [ssm-agent-worker] [MessageService] [Association] error when calling AWS APIs. error details - RequestError: send request failed caused by: Post "https://ssm.us-east-1.amazonaws.com/": dial tcp 172.x.x.x:443: i/o timeout 2022-09-11 03:23:41 ERROR [HandleAwsError @ awserr.go.49] [ssm-agent-worker] [MessageService] [Association] error when calling AWS APIs. error details - RequestError: send request failed caused by: Post "https://ssm.us-east-1.amazonaws.com/": dial tcp 172.x.x.x:443: i/o timeout 2022-09-11 03:24:30 ERROR [replaceLogger @ ssmlog.go.153] New logger creation failed 2022-09-11 03:24:30 ERROR [replaceLogger @ ssmlog.go.154] xml has no content ```
missing properties in InstanceProps interface
Hi team, I'm creating an ec2 instance via CDK, but I can't find how to set: - Termination protection (Enabled) - Answer private resource DNS name (IPv4 (A)) I can't find those 2 properties on `InstanceProps` interface are they supported by CDK? Thank you!
A cancelled spot request has not been disappeared for a long time
Hi, I have a cancelled spot request that has not been deleted for 2 months. The state is displayed as cancelled and all instances were terminated, why is the request remained on the Spot Requests list? Any help would be appreciated. Thanks!
user data on EC2 not working with CDK
Hi team, I created an ec2 instance with CDK and added used data on it : ``` const userData = readFileSync("lib/my-script.sh", "utf8"); instance.addUserData(userData); instance.applyRemovalPolicy(RemovalPolicy.DESTROY); ``` my-script.sh : ``` #! /bin/bash sudo su yum -y update # adding MYSQL client to connect to RDS(MYSQL) instance. sudo yum install mysql ``` but when i connect to my ec2 instance via the session manager tab and do MySQL command I have this error : `sh: mysql: command not found` looks like the user data script was not run. I'm I missing something? how can I know if the user data script was successfully run on the ec2 instance? found this on : `/var/log/cloud-init-output.log` ``` Sep 15 00:17:50 cloud-init[xxxx]: util.py[WARNING]: Failed running /var/lib/cloud/instance/scripts/part-001  Sep 15 00:17:50 cloud-init[xxxx]: cc_scripts_user.py[WARNING]: Failed to run module scripts-user (scripts in /var/lib/cloud/instance/scripts) Sep 15 00:17:50 cloud-init[xxxx]: util.py[WARNING]: Running module scripts-user (<module 'cloudinit.config.cc_scripts_user' from '/usr/lib/python2.7/site-packages/cloudinit/config/cc_scripts_user.pyc'>) failed ci-info: no authorized ssh keys fingerprints found for user ec2-user. ``` thank you!
PCIe device passthrough on bare-metal EC2 instances
Hi I am trying to run some experiments which require passing one or more of the local NVMe SSDs on a bare-metal EC2 instance into a VM. I am running Linux as the host OS and would normally leverage kvm and vfio-pci to get this done. On my EC2 instance however I see no IOMMU groups or vfio kernel module. I have heard that PCIe passthrough is possible on EC2 bare-metal. Can I get some details on how to do that? I would prefer to use Ubuntu 22.04 as my bare-metal OS but if I need to use something else Linux based I can. Thanks Stephen
How could I avoid Billing?
Hi, I Stopped the instances 2 months ago and I already get a billing for the service. As long as I understand there is NO billing at least when the instance is stopped ![Enter image description here](/media/postImages/original/IMoiD5msL6QcmjE8ev7GrQ-g) This are my instances and the current status ![Enter image description here](/media/postImages/original/IMvKtpIWF_S3irAHumyiffiA) How could I avoid the billing if I dont using this instances? Thank you
EC2 Reserved Instances how to merge
Hi, I have 2 X t4g.nano reserved instances, which I like to merge them to create a t4g.micro RI. documentation in https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html is catered only for splitting the larger RIs to smaller RIs. what I want is to merge smaller RIs to create a bigger one. Thanks
Unable to access my Website on EC2
I have my website hosted on AWS EC2. I have a domain (from hostinger) which is pointed to the elastic IP of my EC2 instance. Since 12th Sept 2022 morning, I am unable to access the website using the domain, anymore. I have restarted the instance, without any success. Can someone please guide me what could be the reason and how to fix it.
Python Script has Value Error on EC2
The python script works well read/write file to S3 with my local machine by aws-vault authentication, then I wanted to deploy this script on EC2. However, this error pops up when I run the scripts on EC2 linux instance. What the script does are 1. Call the restAPI 2. Data Transformation from Json to Pandas Dataframe 3. Does some aggregation as report (I think this is where the error appears) 4. Write back report back to S3 ``` Traceback (most recent call last): File "/home/ec2-user/intl_salesOrder_query.py", line 146, in <module> orders_since_monthBeginning[float_columns] = orders_since_monthBeginning[float_columns].astype('float64').copy() File "/home/ec2-user/miniconda3/lib/python3.9/site-packages/pandas/core/frame.py", line 3643, in __setitem__ self._setitem_array(key, value) File "/home/ec2-user/miniconda3/lib/python3.9/site-packages/pandas/core/frame.py", line 3687, in _setitem_array self[k1] = value[k2] File "/home/ec2-user/miniconda3/lib/python3.9/site-packages/pandas/core/frame.py", line 3645, in __setitem__ self._set_item_frame_value(key, value) File "/home/ec2-user/miniconda3/lib/python3.9/site-packages/pandas/core/frame.py", line 3775, in _set_item_frame_value raise ValueError("Columns must be same length as key") ```
Is the Start/Stop scheduler using the Lamda function, and CLI or the Scheduler chargeable?
Hi Members I'm using the free Tier'with Elastic IP, and Elastic storage ( I've increased my SSD to 40Gig) and am creating backup snapshots, also at present I'm withing my 750 hours. I've been looking at setting up the Start / Stop schedule for my EC2 windows instance, I know that my Elastic IP is chargeable in the EC2 instance Server 'Stopped' state, to maintain the static IP address. What I'm unsure about is that if I setup a Start/Stop schedule creating a Rule and using the Lamda function, is this chargeable and if so how is it charged at? Again mambers help is very appreciated. Regards Livio
Progress of migrating C4/M4 instances to nitro hypervisor.
In this article: https://perspectives.mvdirona.com/2021/11/xen-on-nitro-aws-nitro-for-legacy-instances/ it mentioned that nitro can support legacy instances. But I can't find an official notice of this. Can you confirm this article is correct and if so, can you tell if M4/C4 instances are now supported or a time frame. Also, when they are supported, does this mean that the bidirectional serial console will also be supported for this legacy instances?