Welcome to AWS re:Post

I am trying to create a view but the error I am facing is the query keeps timing out. But if I run the query without trying to save the view, It has no errors and runs successfully.lg...

Hi, i need a tool that can be implemented easely to control the lineage between external sources like SnowFlake and AWS(Glue,lambda etc), thanks for your helplg...

Hi there, I couldn't find any actual numbers for the `put-paramter` rate limit for the paramter store for both the a) standard and b) higher throughput. Use case: I have a build stage with multiple parallel steps that use the `put-parameter` command. At the moment, some of the steps within that stage fail randomly due to the rate limit. In order to make a decision how far I have to space them apart, it's necessary to understand the rate/throughput limit for both the standard and higher throughput. Thanks!lg...

I have hosted a React Application on AWS Amplify. And I am using Cognito User Pool to allow only authenticated users(federated with Azure AD) to access my Amplify app by providing users the Cognito Hosted UI URL(in cognito Call back URL = Amplify App URL) , its working fine my AD users are able to authenticate and access the Amplify App. But the problem is still users can directly access (without authentication) if they access it via Amplify URL which is I want to block, how to do this? How to restrict AWS Amplify hosted App to be accessed only via Cognito Hosted UI and not with the direct Amplify App URL (Production environment URL) ?lg...

I'm trying to create alarm for multiple instances using cloud watch metric query. I have used the sample query as shown below. SELECT MAX(CPUUtilization) FROM "AWS/EC2" GROUP BY InstanceId ORDER BY MAX() ASC LIMIT 10 I have different environments in my aws account in same region. If i use above query then its shown all instances. I want only to select particular environment instances. Is there a way to achieve it.lg...

Hi everyone, I would like to deploy my existed Spring MVC web application (Using external Tomcat) to Lambda I tried to use `SpringLambdaContainerHandler` and `org.apache.tomcat.embed`, create a Application.java file to start my project, it's working at my local, but when i deplyed to lambda, invoke the function, it's show the error 404 Can you hlep me with this, thanks in advance !  My Application.java  My LambdaHanlder.java lg...

i want to deploy my express project with ec2, s3 and codedeploy this is my IAM user setting  and this is my ec2 IAM setting  and this is my code deploy IAM setting  this is ec2 security setting  I can access to S3 resouce with aws cli, but codeDeploy didn't work. this is error log. 2023-05-18T15:49:58 ERROR [codedeploy-agent(682)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Cannot reach InstanceService: Aws::CodeDeployCommand::Errors::AccessDeniedException - Aws::CodeDeployCommand::Errors::AccessDeniedExceptionlg...

Being an AWS Administrator I want to avoid giving AWS KMS Access to developers. Is there a work around or some automated process that we can follow incase we don't want to give AWS KMS access to developers even if they are using KMS keys in there code. Any suggestions or ideas are highly appreciated !!lg...

I'm trying to connect to database MySQL that i create in EC2 instance by using Navicat ver.11.2.16 and SQLyog Community ver.13.2.0 and got an error 10061 "Unknown Error"..I also added SQL port into Inbound Rules but still the same. Please help how to connect by using this GUI.. lg...

Hi, We are not able to delete a S3 bucket - even as root user or an IAM user with FullS3Access permissions. Neither able to list the objects within this bucket nor empty the bucket. We are not able to find out who the owner of this bucket either. Is there any other way to delete this bucket being the root user or IAM user with FullAdmin Access ? The bucket policy looks like this > { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": [ "s3:Get*", "s3:List*" ], "Resource": [ "arn:aws:s3:::pol-ctrl", "arn:aws:s3:::pol-ctrl/*" ] }, { "Effect": "Deny", "Principal": "*", "Action": "s3:*", "Resource": [ "arn:aws:s3:::pol-ctrl", "arn:aws:s3:::pol-ctrl/*" ], "Condition": { "StringNotLike": { "aws:userId": [ "AROAZJDZU5QSGDLXTQ37J:*", "AIDAIX4VQCCS2IDFS6LOK", "AIDAZJDZU5QSKQAGUZ4XJ", "AIDAZJDZU5QSAOPHO4NI2", "AIDAJFUCG36HXSSD5E4AA", "AIDAZJDZU5QSAZRPTZBOZ", "AIDAZJDZU5QSH6S2KG3DM", "111111111111" ] } } } ] } Getting the following error when logged in as root user. > You don't have permission to view Object ownership (bucket settings) configuration > You need s3:GetBucketOwnershipControls to view Object ownership (bucket settings) configuration. Learn more about Object ownership in Amazon S3 Thanks, Vijaylg...

Here is the issue I'm currently facing when running the Python package (pypmml) within Sagemaker Studio notebooks. I am encountering a "No such file or directory: 'java': 'java'" error. It seems that the error arises from Java not being installed for the Python kernel. I attempted the following solutions, but unfortunately, none of them resolved the error: I think the error results from java not installed for the python kernel. I tried the following but none solved the error: 1. I successfully used 'yum install java' in the terminal but no luck to call the java within notebooks. 2. The 'sudo install' command inside Studio notebook is disabled. Can someone please provide guidance on how to install java or specify the java path within Sagemaker Studio notebooks?lg...

Which AWS IAM policy is most secure and best for user for all services and resources accesslg...

Hello, I am currently working on partitioning and have created an external table in Athena, done msck repair table and inserted data to partitioned table from an existing table and when I ran these queries, Athena said 'query successful'. Dynamic structure is used (i.e. on customer id and transaction date(i.e. dt=2023-05-18) However, when I tried to do cdc to update the partitioned table (through crawling parquet file from existing table to partitioned table), Athena fails to return the latest record but the data have dynamically already been stored in S3 bucket and according folder. I tried running through msck repair table and inserting data from existing table again, Athena still doesn't show anything. I checked the s3 path of the partitioned table, the location is pointing to the correct folder. Any idea why would this happen? Please help. Thankslg...

We have a web service accessed from outside of AWS via a load Balancer. It works fine from small payloads but fail once the payload grows to around 4 mb. How to find the network setting and adjust them is needed on the Load Balancer? (non -AWS web client has already had setting increased)lg...

Can a firewall be added to a basic account that allows geoblocking AND individual IP blocking? The application on our basic plan places a form on our website. That form is getting fake submissions from Russia and other countries. We have GeoBlocked our website but some bad actors in other countries are submitting the form through the application hosted on AWS basic. (This is an assumption since I have blocked them by geography and individual IP a the wordpress website. They still reach the application through the blocked country and specific IP address. So I assume the bad actor is accessing our application directly on the AWS server somehow and filling out the form.) Thank you for your assistance with this. Q!lg...

Hello, I have a docker container in my ECR. I have adjusted access to this so that a specific root account (X) can use it to instantiate a lambda instance with a specific name. So once X instantiates the lambda, is there any way that he can view the content of my docker container? This is the access policy in my ECR { "Version": "2008-10-17", "Statement": [ { "Sid": "AllowPushForLambda", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::<ExtAccountID1>:root", "AWS": "arn:aws:iam::<ExtAccountID2>:root" }, "Action": "ecr:GetImage", "Condition": { "StringLike": { "aws:Referer": [ "arn:aws:lambda:<region>:<ExtAccountID1>:function:ExpectedLambdaFunctionName", "arn:aws:lambda:<region>:<ExtAccountID2>:function:ExpectedLambdaFunctionName" ] } }, "Resource": "arn:aws:ecr:<region>:<MyAccountID>:repository/<repository-name>" } ] }lg...

Hi, I am setting up cross account event bridges and want the messages to be transmitted securely and not via public network. I understand I can create VPC endpoints on event bridge but those can be used only from the resources within the VPC (same account). I want to create a secure channel between the two event bridges that are hosted on different accounts. Or does the traffic between two eventbridges (essentially AWS services) ever go over public network? Thankslg...

Amazon free tier says we can store 20 GB of data in RDS. I'm getting billed even though I have only about 50 MB of data stored in RDS. Why is that happening?lg...