Developer Tools

How can I do alive monitoring for AWS managed service(e.g. ALB/Route53/etc)? I want to detect when AWS managed service is down by email or telephone.

Are nested step functions supported on AWS Step Functions Local? I am trying to create 2 step functions, where the outer one executes the inner one. However, when trying to execute the outer step function, getting an error: "The security token included in the request is invalid". To reproduce, use the latest `amazon/aws-stepfunctions-local:1.10.1` Docker image. Launch the container with the following command: ```sh docker run -p 8083:8083 -e AWS_DEFAULT_REGION=us-east-1 -e AWS_ACCESS_KEY_ID=TESTID -e AWS_SECRET_ACCESS_KEY=TESTKEY amazon/aws-stepfunctions-local ``` Then create a simple HelloWorld _inner_ step function in the Step Functions Local container: ```sh aws stepfunctions --endpoint-url http://localhost:8083 create-state-machine --definition "{\ \"Comment\": \"A Hello World example of the Amazon States Language using a Pass state\",\ \"StartAt\": \"HelloWorld\",\ \"States\": {\ \"HelloWorld\": {\ \"Type\": \"Pass\",\ \"End\": true\ }\ }}" --name "HelloWorld" --role-arn "arn:aws:iam::012345678901:role/DummyRole" ``` Then add a simple _outer_ step function that executes the HelloWorld one: ```sh aws stepfunctions --endpoint-url http://localhost:8083 create-state-machine --definition "{\ \"Comment\": \"OuterTestComment\",\ \"StartAt\": \"InnerInvoke\",\ \"States\": {\ \"InnerInvoke\": {\ \"Type\": \"Task\",\ \"Resource\": \"arn:aws:states:::states:startExecution\",\ \"Parameters\": {\ \"StateMachineArn\": \"arn:aws:states:us-east-1:123456789012:stateMachine:HelloWorld\"\ },\ \"End\": true\ }\ }}" --name "HelloWorldOuter" --role-arn "arn:aws:iam::012345678901:role/DummyRole" ``` Finally, start execution of the outer Step Function: ```sh aws stepfunctions --endpoint-url http://localhost:8083 start-execution --state-machine-arn arn:aws:states:us-east-1:123456789012:stateMachine:HelloWorldOuter ``` The execution fails with the _The security token included in the request is invalid_ error in the logs: ``` arn:aws:states:us-east-1:123456789012:execution:HelloWorldOuter:b9627a1f-55ed-41a6-9702-43ffe1cacc2c : {"Type":"TaskSubmitFailed","PreviousEventId":4,"TaskSubmitFailedEventDetails":{"ResourceType":"states","Resource":"startExecution","Error":"StepFunctions.AWSStepFunctionsException","Cause":"The security token included in the request is invalid. (Service: AWSStepFunctions; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: ad8a51c0-b8bf-42a0-a78d-a24fea0b7823; Proxy: null)"}} ``` Am I doing something wrong? Is any additional configuration necessary?

I found that the [moto open source library](https://github.com/spulec/moto) provides a way to mock multiple AWS service apis to enable faster and simple unit testing. But I couldn't find the similar/equivalent library in Java/Kotlin. Hence reaching out to this forum to check any leads on this topic. Any help will be super helpful.

I created an IAM user and attached a [Permission Boundary Policy to it ](https://aws.amazon.com/premiumsupport/knowledge-center/iam-permission-boundaries/). The permission boundary does not work when I deploy a CDK stack. My terminal setup with access_key_id, and secrete_access_key of the IAM user (attached permission boundary). ``` cdk deploy iamUserWitthAdminAccess ``` Here is the stack ``` new aws_iam.User( this, "IamUserWithAdminAccess", { managedPolicies: [ aws_iam.ManagedPolicy.fromAwsManagePolicyName("AdmininstratorAccess")] } ) ``` Then an IAM user with AdminAccess was able to created. Can any one explain? and what is the best practice to prevent CDK to create Admin Users?

Secrets Manager Error Message: The json key does not exist in this secret Seeing above error while trying to build a new branch of package in Codebuild. I created a secret for a particular isengard account. Then created a policy which was attached to the role I am using to build the package.

What is the workflow for seeing a plot when developing in cloud9? for example, the following code will show me a plot in VSCode or as a Jupyter Notebook: ``` import matplotlib.pyplot as plt import numpy as np x = np.linspace(0, 2 * np.pi, 200) y = np.sin(x) fig, ax = plt.subplots() ax.plot(x, y) plt.show() ```

Good day! **My main purpose:** Easy way to collect information about different failure scenarios in SageMaker TrainingJob. **What do I use currently?** Sagemaker SKLearn Estimator(TrainingJobs are inside) **Where will my model train?** Different datasets. So, I need control and collect all information about all training processes and their final statuses on different datasets. **Which failure scenarios do I have?** There are plenty of them. I have create my own python Errors for them. For example: 1. There are labels only for one class. 2. Too small dataset(by my own criterions) 3. Missing data for crucial columns 4. e.t.c. **Where am I stuck?** After failed training I can't get own errors from training job response. All of them are "ExecuteUserScriptError" I can't pass my own info in FailureReason or ErrorMessage(always it's empty). I see which error was raised in CloudWatchLogs and TrainingJobTraceback(from SagemakerNotebook). So, bad solution is parse all CloudWatchLogs in case of failure. **Question: How to provide my own ErrorMessage or FailureReason? ** May be I am digging in the wrong direction. Anyway, I need your advice. Thank you so much for possibility to ask an advice here)

Is there a solution for the *fatal* message *0x6c6* that shows up in git-bash for Windows? It's annoying since it appears that operations continue normally other than the "fatal" part. My coworkers using Windows experience the same problem. I've included the full error along with the *GIT_TRACE=1* info. 09:45:39.933420 run-command.c:654 trace: run_command: 'git credential-manager-core store' 09:45:40.042896 exec-cmd.c:237 trace: resolved executable dir: C:/Users/xxxxxxxx/AppData/Local/Programs/Git/mingw64/libexec/git-core 09:45:40.042896 git.c:748 trace: exec: git-credential-manager-core store 09:45:40.042896 run-command.c:654 trace: run_command: git-credential-manager-core store fatal: Failed to write item to store. [0x6c6] fatal: The array bounds are invalid This is a newly setup Win10 Pro system. I'm using the following: git 2.36.1, Python 3.10.4, git-remote-codecommit 1.16, and we use a non AWS identity provider for SSO. $ aws --version aws-cli/2.6.3 Python/3.9.11 Windows/10 exe/AMD64 prompt/off Here's ~/.gitconfig on the affected system. [credential "url pointing to aws codecommit"] provider = generic [protocol "codecommit"] allow = always Here's part of the repo .git/config [core] repositoryformatversion = 0 filemode = false bare = false logallrefupdates = true symlinks = false ignorecase = true [submodule] active = . [remote "origin"] url = codecommit::region://repo-name fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master Linux systems don't have this problem.

Hello, I have added xray to my django app and it works correctly for every api call , Custom segment and subsegments I created except custom segments of functions that are called inside async_django_q_task. It looks like it does create traces for them but they are empty, example of such trace: ``` { "Id": "some_id", "Duration": null, "LimitExceeded": false, "Segments": [] } ``` Example of the way I try to trace the function in async_django_q_task: ``` def dummy_function(): xray_recorder.begin_segment('segment') do_something() xray_recorder.end_segment() async_django_q_task(dummy_function) ``` Thanks in advance for help.

Good afternoon dear experts. Help solve the issue. I run the sh file (with rights) through the terminal, I get No such file or directory/.bashrc Google didn't help. I'm beating this wall for the 3rd evening). sh file content: ` source ~/.bashrc cd ~/data python file.py ` Contents of the .bashrc file: ` # .bashrc export PATH="~/.pyenv/bin:$PATH" eval "$(pyenv init -)" eval "$(pyenv virtualenv-init -)" # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi # Uncomment the following line if you don't like systemctl's auto-paging feature: # export SYSTEMD_PAGER= # User specific aliases and functi # >>> conda initialize >>> # !! Contents within this block are managed by 'conda init' !! __conda_setup="$('/home/ec2-user/.pyenv/versions/anaconda3-2020.11/bin/conda' 'shell.bash' 'hook' 2> /dev/null)" if [ $? -eq 0 ]; then eval "$__conda_setup" else if [ -f "/home/ec2-user/.pyenv/versions/anaconda3-2020.11/etc/profile.d/conda.sh" ]; then . "/home/ec2-user/.pyenv/versions/anaconda3-2020.11/etc/profile.d/conda.sh" else export PATH="/home/ec2-user/.pyenv/versions/anaconda3-2020.11/bin:$PATH" fi fi unset __conda_setup # <<< conda initialize <<< `

Hi, we have a CodePipeline that we use to deploy our static website. We have it configured to be triggered whenever a zip file is dropped in a specific S3 location, following this: https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-s3deploy.html The problem we have is that we publish some documents to the website, which after some time will have to be deleted from it. With the current behaviour, we will push a new zip file without those files that have to be deleted, but since the pipeline will not delete those files, they will still be available. e.g. 1. We will deploy our website with a new job post. When the user goes to https://www.my-website.com/careers/senior-developer it will access the file `careers/senior-developer.html` in our bucket. 2. A few weeks later, redeploy the website removing that job post. Because the pipeline doesn't delete any files, a user could still go to https://www.my-website.com/careers/senior-developer and still access the file. What's the recommended way of dealing with this issue? Thanks in advance

Hi Team I need to know what strategy we should use when we try to upgrade an agent on a running ec2. In order to follow cloud standards what i did is. i created an AMI and that has got my agent installed, so any new ec2 made by that AMI is having the agent installed. But when i want to upgrade the agent. how should i go about it? Which is the best option here: 1. Code deploy 2. Code pipeline 3. Lambda. or what else should be a good approach to follow? Thanks

I find myself continually migrating further into the AWS eco-system. I would love to make Cloud9 a larger part of my workflow for ease of integration with both GIT and Lambda functions. As part of my writing Python scripts, I would love to interactively run snippets of scripts and have code sent to an ipython (or equivalent) terminal for interactive executuion. Is this possible out of the box? or by adding some keyboard shortcut?

Is it possible to connect to AWS service for e.g MySQL DB using private IP from AWS CloudShell on the console. It was in pipeline in 2020 to enable AWS Cloudshell to make connection to other services.

I wanted to test whether Codedeploy can be deployed without ECS tasks, so I tested the ECS service with the task number set to 0. Contrary to expectations, CodeDeploy was successfully deployed with no tasks. If it was successfully deployed, it means that the content was properly distributed to the task. I wonder why it succeeded in the absence of the task. Below is the codedeploy result. [ECS image01](https://i.ibb.co/G0vTQ7L/ECS-codedeploy01.png) [ECS image02](https://i.ibb.co/7NJXmSn/ECS-codedeploy02.png)

I'm following the helloworld tutorial for RoboMaker, and when I have to launch the simulation application with the following command: >docker run -it -v /tmp/.X11-unix/:/tmp/.X11-unix/ \-u robomaker -e ROBOMAKER_GAZEBO_MASTER_URI=http://localhost:5555 \-e ROBOMAKER_ROS_MASTER_URI=http://localhost:11311 \robomaker-helloworld-sim-app:latest roslaunch hello_world_simulation empty_world.launch it runs the application but it does not open Gazebo in the virtual desktop to visualize the robot. How do I have to change this command?

Hi, I would like to know easy way to start from the first line of log for the code-build execution (either in code-build console or cloudwatch-log console) My case, I had run the code-build, there are loads of logs (probably 100 of clicks on show previous logs, might take me to the first line of log, alternative clicking on view entire log, takes me to cloudwatch log, still no good way to go the first line of log for this loggroup (code-build execution) Thanks Ajay Kasam

Hi - We are using CfCT, which is great. We currently have cloudformation templates mapped to specific Organizational Units and it works like a charm. I now have a AWS SAM Template that I would like to deploy but I could find 0 documentation about it. At the solution repository, I can see that are features enabled to support SAM[1], but no guidance on how to do it. Could you please share more information on how to deploy a AWS SAM Template through CfCT? [1] - https://github.com/aws-solutions/aws-control-tower-customizations/blob/08f76abd9548cc88d091ab6a8d8f127c768c331b/CHANGELOG.md#L18