Questions tagged with AWS Management Console
Content language: English
Sort by most recent
I have configured the Grafana workspace using the SAML configuration, and I can able login to Grafana console not able to see the admin privileges in the console like I can't see the configuration setting option in the console.
I am logged into AWS console as administrator and trying to use Athena to read files on s3 that I don't allow public access to, but it doesn't work. budget policy is as follows, work group is The budget policy is as follows and the work group is the primary Athena SQL one. database
I have confirmed that the database is using the one generated by default and that the Data lake permissions also give All permissions to the IAM user used to log in to the console and I can open and download s3 budget file.
The DDL query for the create table including the s3 LOCATION succeeds, but when I try to hit the select statement
"Permission denied on s3 path: (s3 url)
This query ran against the "default" database, unless qualified by the query. Please post the error message on our forum or contact customer support with Query Id: 444f5547-4c37-4e05-a4a7-d1cd67cb865d"
I think this is probably because the IAM role used in the Athena query that I type in AWS console is different from the IAM user used for login, but I don't know where to refer to the Athena IAM User. (The work group in spark has IAM, but the primary in Athena SQL didn't have IAM.)
```
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "sample",
"Effect": "Allow",
"Principal": {
"AWS": [
"IAM user login to console"
]
},
"Action": "s3:*",
"Resource": [
"s3 arn",
"s3 arn/*"
]
}
]
}
```
about answer
1.About Output folder, budget policy has already been set.
2.And Glue Data Catalog Policy is configured as this.
```
{
"Version" : "2012-10-17",
"Statement" : [ {
"Effect" : "Allow",
"Principal" : {
"AWS" : [ "my Iam user arn" ]
},
"Action" : "glue:*",
"Resource" : "arn:aws:glue:ap-northeast-1:my id number:*"
} ]
}
```
3.I confirmed s3 is encrypted by Amazon S3 managed keys (SSE-S3).
I mistaked encrypted by my KSM key. but user and administrater key policy is attach to my iam account
but same error happened on AWS management console Athena
error messages s3 url is one I wanted to read from s3. not output folder
Permission denied on s3 path: (s3 url)
We are seeing an error in the AWS console when trying to access our CloudFormation StackSets. We get a red banner at the top of the screen with the message "Failed to load StackSet".
We have been getting this error for about a week now and we did not make any changes at the time this began. Fortunately, the deployments from our central DevOps account (where StackSets live) to our environment level accounts still works. We just can't do anything to update the StackSet: new template, check events, change parameter values, etc.
Is anyone else experiencing this issue also or has experienced this before? Are there any recommendations to resolve it?
Being in the AWS Activate startup program, we've been allocated free credits. I know how to setup alerts for billing usage, but how can I setup alerts for credit usage?
For example; when credits are 50%-90% depleted I am notified.
Thanks
AWS has recently changed their UI, and when i try to change EBS settings for logging and click saves, it loads for a bit and then does nothing, therefore not saving my recent changes. is anyone experiencing this issue ?
Has configured 2- Virtual Interface but still showing Verifying , it s been more than 72 Hours
Account Id: 304790515132
Account Name: TPGenesysCloud
Virtual Interface ID - dxvif-ffpuccev
Virtual Interface ID - dxvif-fhb5e60x
Thanks,
Prashant N
Currently set of admin users can close the account. Trying to come up with a policy to prevent the users from doing it and this is the policy I wrote.
`{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Deny",
"Action": [
"account:CloseAccount"
],
"Resource": "*"
}
]
}`
Even after the above policy, I am able to see the Close Account action on the web page.
First, is there a way to get the old EB UI back? The new one requires too many clicks to even get started. It would also automatically solve my issue.
---
Currently, all I want to do is update a single environment variable in the management console. However, this is not possible because apparently other things are now also checked even if nothing is changed at all. I cannot continue without getting:
**"You can't edit listener rule options for a shared load balancer after the environment is created. You can't edit listener rule options for a shared load balancer after the environment is created."**
(yes, it is written twice)
I am not editing any listener rules! This happens for all my environments. They have a shared application load balancer attached, but this never caused any issues when just updating something like an environment variable. Any ideas?
Hi,
I'm trying to run this command in powershell in my Microsoft EC2 instance:
aws ssm put-parameter --name "WindowsAgentConfig" --type "String" --value file://C:\ProgramData\Amazon\AmazonCloudWatchAgent\amazon-cloudwatch-agent.json --overwrite --tier Intelligent-Tiering
However I'm getting the following error:
An error occurred (AccessDeniedException) when calling the PutParameter operation: User: arn:aws:sts::480607316411:assumed-role/CloudWatchAgentAdminRole/i-071eb9d7a32d10801 is not authorized to perform: ssm:PutParameter on resource: arn:aws:ssm:us-east-1:480607316411:parameter/WindowsAgentConfig because no identity-based policy allows the ssm:PutParameter action
I checked my AIM Role for permissions and I see this:
For that same role I also use the folowing policies:
- CloudWatchAgentServerPolicy
- AmazonSSMManagedInstanceCore
Is there something obvious I'm doing wrong here? Any help will be very appreciated.
Adrian.
The instance status check is failing on my windows server. Now when i replace the volume it runs again but with my current volume the server is not responding. I just want my data from this faulty volume. So i can move this data to another volume and run.
I don't have any image or screenshots of this volume from earlier. I tried creating new volume and attaching this volume as additional storage but it doesn't show up. I tried creating screenshots and then creating new volume and attaching this volume. but the problem is same.
I have an account for LightSail virtual machine. I did not enter this machine for about 3 weeks, but when I tried to enter it using my account, it gave a blank screen.
https://lightsail.aws.amazon.com/ls/webapp/home/instances?#
Please advise!
Hello,
I have created the pinpoint account with below features for SMS Gateway:
* Registered with TRAI (India)
* Registered SenderIds and Templates in aws sms pinpoint (Region-Mumbai)
* Increased the limit from sandBox to Production.
What else will be the remaining steps to complete the process of sms pinpoint. Please, guide us with the furthur steps to start sending messages to users. Do i Need to register dedicated short code