Lambda timeout connecting to S3
I have an S3 bucket in Account A and a lambda function in Account B. I want the lambda to read the contents from the bucket, so have assigned the appropriate permissions to the IAM role and added that IAM…
AWS Cloudformation nested stack deployment template path
I'm trying to deploy nested stack using command aws cloudformation deploy --stack-name "${STACK_NAME}" --template-file "${S3_ROOT_TEMPLATE}" --parameter-overrides ${PARAMS[@]} --region ${REGION} But despite the S3_ROOT_TEMPLATE having proper url, I get the error Invalid template path https://<s3-bucket-name>.s3.us-east-2.amazonaws.com/sm-domain-templates/main_stack.yaml Any idea what's wrong with the…
Do EKS Secrets are encrypted by default?
I was going by this update for EKS https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-eks-adds-envelope-encryption-for-secrets-with-aws-kms/ and this blog from AWS https://aws.amazon.com/blogs/containers/using-eks-encryption-provider-support-for-defense-in-depth/. This is a very cryptic line which never confirms whether EKS encrypts secrets or not by default In EKS, we operate the etcd volumes encrypted…
How to use aws-sdk-v3 to search in opensearch with nodejs
I have a nodejs lambda function that needs to search into an opensearch DB. I want to use the aws-sdk-v3. I found the doc here for OpenSearchClient: https://github.com/aws/aws-sdk-js-v3/tree/246d6534c53dcf9bd2eb6a620cb5b6c04b27451a/clients/client-opensearch But as you see, there is almost nothing explained there. For example,…
AWS EC2 SSH crashes on running a script/program/process
Problem: I am running into an issue with my AWS EC2 instance where I am trying to ssh to the instance from both the mac terminal and Visual studio code. The ssh gets connected initially without any problem from the…
How do i add a security group as an inbound rule to another security group in terraform
I have a Terraform codebase which deploys a private EKS cluster, a bastion host and other AWS services. I have also added a few security groups to the in Terraform. One of the security groups allows inbound traffic from my…
Why you need to specify subnets in Application Load Balancer?
I'll start with describing the architecture of Application Load Balancer: We have the Application Load Balancer, which contains a list of one or more listeners. Each listener is associated with one specific port and protocol, so that traffic incoming to…
AWS Keyspace DSBulk unload failed, "Token metadata not present"
Getting error when trying to unload or count data from AWS Keyspace using dsbulk. Error: Operation COUNT_20221021-192729-813222 failed: Token metadata not present. Command line: $ dsbulk count/unload -k my_best_storage -t book_awards -f ./dsbulk_keyspaces.conf Config: datastax-java-driver { basic.contact-points = [ "cassandra.us-east-2.amazonaws.com:9142"]…
Redshift Lambda UDF not batching as expected
How do I configure a redshift lambda UDF to batch requests? On this page Creating a scalar Lambda UDF - Amazon Redshift it says in the note section: You can configure batching of multiple invocations of your Lambda function to…
Is there a 'internal' endpoint we should be using to connect between RDS/EC2
Provided that EC2 and RDS are on the same VPC, is there an internal endpoint we need to use to speed up data exchange between the two? Similar to how if MySQL + Apache are on 1 server we would…