159,136 questions
0
votes
0
answers
18
views
How to identify which is used as a sign-in attribute, email or phone number in Cognito?
Assume you selected Email and Phone number but not Username as Options for sign-in identifiers when creating a Cognito userpool.
When a user has both of a verified email and a verified phone number, ...
- 5,077
0
votes
0
answers
14
views
AWS Amplify keeps clearing my session tokes from localStorace after a network droput
I'm a bit frustrated with AWS Amplify, what seems like a basic feature of maintaining sessions is seems to fail if the network drops.
Here is my Cogntio CDK setup, the refreshTokenValidity is set to ...
0
votes
1
answer
17
views
Why does CopyObject fail with "Header 'x-amz-tagging-directive' with value 'REPLACE' not implemented" for Cloudflare R2?
I'm trying to rename an object in an S3-compatible storage by copying it to a new key and then deleting the old one in Cloudflare R2. I'm using AWSSDK.S3 (4.0.13.1)
private (bool success, string ...
0
votes
1
answer
22
views
New EC2 Instance Returning "Failed to connect to your instance Error establishing SSH connection to your instance."
Background:
Other EC2 instances are working just fine. The instance itself is up and running.
I set up a new subnet for Miami as I needed to run tests from that location.
I launched a Miami instance ...
-3
votes
0
answers
24
views
AWS ECS + NLB deployment: LiveKit AI voice agent works locally but voice/websockets fail in production
I’ve built an AI voice agent that connects with a student in real-time. Here’s the setup:
The student asks questions via the frontend.
The agent follows predefined instructions and responds using ...
0
votes
1
answer
17
views
AWS Cognito custom domain fails to create — "Invalid request provided: AWS::Cognito::UserPoolDomain"
I'm creating an Amazon Cognito user pool with a custom user pool domain using AWS CDK.
My setup:
A parent domain (mycompany.app)
A delegated subdomain (education.mycompany.app) created as a separate ...
- 2,286
0
votes
0
answers
28
views
Next.js + AWS Amplify Middleware not redirecting after first login until refresh
I am working on a project using Next.js (App Router) and AWS Amplify Auth. I have implemented middleware to restrict access and redirect users based on a custom Cognito attribute (custom:...
- 61
0
votes
0
answers
29
views
AWS SageMaker PyTorch Model Deployment - is entry_point needed?
I'm trying to deploy a pre-trained PyTorch model to SageMaker using the Python SDK. I have a model.tar.gz file that is uploaded to S3, with the following structure:
code/
code/requirements.txt
code/...
-4
votes
0
answers
93
views
Access to this model is not available for channel program accounts. Claude Sonnet 4.5 Model [closed]
I am trying to invoke AWS Bedrock Claude Sonnet 4.5 model. I am getting below error botocore.errorfactory.ValidationException: An error occurred (ValidationException) when calling the InvokeModel ...
- 169
-1
votes
0
answers
45
views
Nodemailer 7 + AWS SESv2 + TypeScript: TS2769 "SES does not exist in type TransportOptions"
I'm trying to send emails using Nodemailer 7.0.11 with AWS SESv2 and TypeScript, but I'm running into this compile error when creating the transporter:
No overload matches this call.
The last ...
- 1,359
Advice
0
votes
0
replies
40
views
Store AD credentials in AWS and rotate automatically
I deployed a Windows AD server on an EC2 instance in AWS. I have created a user called "tesla" in the AD. How can I store this user's credentials in AWS and rotate the password automatically?...
- 87
-4
votes
1
answer
51
views
Can we achieve assigning roles and listing for multiple accounts using Native Terraform approach for AWS which is suitable for dyanmic too?
using Management account first i need to list all child accounts and i need to create an IAM role and IAM Trust policy with read only access to all child accounts through terraform and all the read ...
0
votes
0
answers
17
views
AWS MNG launch template cannot dynamically resolve AMI
I'm trying to use Kubernetes cluster-autoscaler in EKS, and I'd like to ensure fresh nodes are always created with the latest recommended AMI (so that OS patches don't have to wait for a manual CI/CD ...
- 5,092
-1
votes
0
answers
36
views
Why is AWS service connect idleTimeoutSeconds 0 when it was not set in terraform? [closed]
Our terraform for AWS service connect timeout looks like
timeout = {
per_request_timeout_seconds = 60
}
After the above code is run and I check the actual value using aws ecs describe-services the ...
- 156
0
votes
0
answers
33
views
EKS SignalR Hub - ALB Connection Handling Issue
SignalR hub running as an EKS pod handles 700 VUs via ALB but fails at 720+, yet successfully handles 1000 VUs via kubectl port-forward with 85% free CPU and 43% free memory. This confirms the ...
-3
votes
1
answer
48
views
Unable to update AWS Lambda because function execution role doesn’t have permission [closed]
I've created a function that has been working using Python 3.9 but I want to update to Python 3.14.
I've logged into AWS using the "root" account but when I try to update the function's ...
- 1,101
-1
votes
0
answers
108
views
Why does this error occur and how to resolve it
Error message
Error: listing tags for S3 Control Access Point (arn:aws:s3-outposts:ap-southeast-1:xxxxxxx:outpost/xxxxxx/accesspoint/xxxxx): operation error S3 Control: ListTagsForResource, https ...
- 47
-2
votes
0
answers
35
views
How to delete all records older than a certain date? [closed]
I've got a database table with a bunch of old records that are no longer needed. Is there an easy way to delete all records in a DynamoDB where the created date is older than a certain date (i.e. ...
-1
votes
0
answers
24
views
Setting registry pull and qps for BottleRocket AMIs in AWS
I am trying to set as bootstrap arguments in a bottleRocket AMIs in AWS for EKS cluster, the nodes are created via terraform so im passing flags like this
bootstrap_extra_args = <<-EOT
&...
- 153
Advice
0
votes
2
replies
34
views
How do I easily sync AWS Cognito members with Azure AD?
I have this Cognito group tied to its corresponding AD group, with lots of old members who don't even have access anymore because they were removed from AD. I'd really like to clean that up.
I think I ...
- 2,386
Advice
0
votes
1
replies
29
views
Cloudfront Cache policy headers vs Vary header
Why can we set which request headers should make up the cache key in a cloudfront distribution behaviour? If the origin responds with a Vary header, shouldn't the cache just use the headers in there ...
- 10.2k
-1
votes
1
answer
39
views
ListALLMyBuckets access
The AIM user can put items in buckets.
When trying to list buckets:
An error occurred (AccessDenied) when calling the ListBuckets operation: \
User: arn:aws:iam::919963110724:user/mikekilmer is not ...
- 6,628
3
votes
1
answer
113
views
Self-signed certificate error when forcing SSL connecting to RDS PSQL [closed]
Hoping to get yalls help on the issue I am now sort of desperate about
Context:
I am deploying a docker container on EC2 Ubuntu, where it is used by two images - one for my Prisma-NestJs-based API and ...
1
vote
1
answer
70
views
Exporting Incremental RDS Snapshot into an S3 Bucket
I would like to ask two questions;
1- if RDS snapshots are incremental when we exported the incremental snapshot in to s3 via ExportTask will it be the only partial data or full data.
2- When data is ...
- 13
1
vote
0
answers
46
views
How do I get cloudwatch agent to send jmx metrics to cloud watch in ECS
I'm needing someone who actually has this working to weigh in as I'm really struggling to get this running...
Here is my task definition in full:
Superfluous and irrelevant bits have been removed.
{
...
- 21.4k
0
votes
0
answers
20
views
AWS Batch job configured with Splunk log driver, jobs stuck in RUNNABLE
I'm attempting to configure my AWS Batch job with the Splunk log driver in order to get logs into Splunk. I tried following the steps according to this blog post using a valid Splunk url and token, ...
- 83
2
votes
1
answer
51
views
AWS AppConfig Multi-Variant flags always return default variant when passing context via SDK
AWS AppConfig Multi-Variant Feature Flags: Context Not Working (Always Returns Default Variant)
Problem
I'm trying to fetch AWS AppConfig Multi-Variant feature flags with user context from my React ...
0
votes
1
answer
32
views
AWS-Cloudformation: Ipv6 EC2 Route in a Private Nat Subnet - Provide one of DestinationCidrBlock or DestinationIpv6CidrBlock and a valid routeTableId
I am currently creating a network infrastructure within my vpc, that has private subnets and has a NAT gateway. I have a Route Table that has the private subnets associated to it and I intend to have ...
- 15
0
votes
0
answers
35
views
AWS Error in Cloudfront + Appsync with 2 Authorizers OICD and new additional API_KEY, Cloudfront forcing x-api-key
I have an application that is in production working with Cloudfront + Appsync with OICD Authorizer. In the Cloudfront configuration for some reason it is adding in the custom headers if API_KEY exists ...
1
vote
0
answers
83
views
Istio tracing issue
Does Istio’s VirtualService routing and header manipulation apply to tracing traffic generated by istio-proxy itself?
Here’s the situation: I have Istio configured to send spans to an external tracing ...
- 11
Best practices
0
votes
0
replies
32
views
screenshot unreal app in windows ci pipeline
Is there a best practice to capture screenshots of an unreal app when performing a test in a gitlab ci pipeline? gemini suggest using movie render queue w a vnc session or NICE DCV to stimulate a user ...
- 1,926
-2
votes
2
answers
68
views
Deploy zip to AWS application
I have been asked to look at an old Ruby application that is currently deployed to AWS via CodeShip on successful build.
CodeShip is obviously gong out of service end of Jan 26 and I need to deploy ...
- 165
0
votes
1
answer
25
views
How can I run a group by metric query for cloudwatch using boto3?
Using the cloudwatch ui, I created a query that looks like:
SELECT MAX(some_attribute)
FROM SCHEMA(MyTable, Queue, InstanceId, C, D)
WHERE path = '/work' AND Queue = 'my-queue'
GROUP BY InstanceId, ...
- 6,643
1
vote
0
answers
65
views
Not able to delete index from Amazon OpenSearch Serverless
As the title mentions, I am not able to delete an Amazon OpenSearch Serverless index from a collection. I have a collection with 9 indexes within it, I don't want to delete the entire collection, only ...
- 115
Advice
1
vote
5
replies
53
views
What actually is a Target Group in AWS ALB?
My app is working but I'm still confused why this works? Like why does port 80 for the target group work in this scenario? Could I have used a different port since the traffic, I'm assuming, has ...
0
votes
1
answer
47
views
AWS MQTT connect from Python - receive not working
I'm learning how to use MQTT on AWS IoT - the goal is to simply publish and receive between AWS IoT MQTT test client and a Python script.
I can successfully publish from my Python code but I am unable ...
- 134
1
vote
0
answers
21
views
How to capture IAM user identity in Aurora MySQL audit logs when connecting through AWS TEAM elevated access?
I’m using TEAM elevated access for AWS in my organization to temporarily access an Aurora MySQL cluster.
TEAM provides database access through a tunneled MySQL session using a generic database ...
0
votes
0
answers
42
views
How to create Amazon SES identity verification CNAME records in Route 53 across different AWS accounts using CDK?
I have two AWS accounts:
DNS Account: Contains my Route 53 hosted zone for example.com
Email Account: Where I need to send emails using Amazon SES with the domain example.com
To verify the SES email ...
0
votes
0
answers
32
views
How do I set the "main route table" to not be the "main route table" so I can delete it?
When creating a VPC in the AWS Console, a route table is created by default. I have since created another route table that I prefer to use instead. How can I switch the main route table (the one I'm ...
Advice
0
votes
0
replies
20
views
Applying a Single AWS Glue Data Quality Ruleset to Multiple Glue Jobs with Dynamic Column Input
Team,
We are implementing a new requirement to integrate Data Quality (DQ) rules within AWS Glue Studio. We have successfully created DQ rules using the DQDL builder, leveraging built-in rulesets, and ...
- 15
Tooling
0
votes
0
replies
71
views
R (R Studio) on AWS - Louis A. AMIs
It has been a while since I last used R AMIs (since about Fall of 2023) from here: https://www.louisaslett.com/RStudio_AMI/. Previously, when I clicked on any one of the AMI links, my AWS page would ...
- 519
Advice
2
votes
5
replies
81
views
Building Privacy-Compliant LLM Apps (e.g. Section 203 StGB)
I’m working on an app that leverages Large Language Models (LLMs) to assist professionals in regulated fields like medicine and law. My main concern is ensuring compliance with privacy and secrecy ...
- 3,541
0
votes
1
answer
65
views
I have a working AWS Appsync application that uses OPENID_CONNECT as authorization, when I added API_KEY as additional broke the old routes
I have a working AWS Appsync application that uses OPENID_CONNECT as authorization, when I added API_KEY as additional broke the old routes. For some reason in the appsync schema it had in all routes ...
Advice
1
vote
2
replies
71
views
AWS How to identify/recommend the instance type for an RDS?
I am currently working on recommendation for aws rds instance type recommendation. We have identified the instances which are underutilised.
I want to know how to recommend a better version of rds ...
- 29
1
vote
2
answers
102
views
AWS CloudFormation deploy template stored in an S3 bucket [closed]
Trying to deploy a CloudFormation template that is stored in an S3 bucket as the template size is larger than 51kb so cant be done direct (from what I am led to believe and have seen when trying)
...
- 1,091
-3
votes
0
answers
79
views
How to use the built-in request validators instead of creating new resource?
In order to enforce query params validation, we have to assign Request validator in the method request. In my case I want to enforce required validation to startDate and endDate query params (Validate ...
- 2,974
Best practices
0
votes
3
replies
103
views
Best way to structure solution on AWS
Let's say there's a VM on AWS that is being used to host multiple instances of the same web app.
The web app has a React front end and an ASP.NET Core backend, and the VM runs IIS.
Each instance of ...
- 535
0
votes
0
answers
46
views
Application running in Docker containers the application restarted using Amazon RDS Aurora MySQL for the database and experiencing out-of-memory issue
UncaughtException: Out of memory; check if mysqld or some other process uses all available memory; if not, you may have to use 'ulimit' to allow mysqld to use more memory or you can add more swap ...
-1
votes
1
answer
73
views
Intermittent 500 Internal Server Error in AWS Lambda API (Different endpoints fail randomly)
I’m facing an issue with my React frontend and AWS Lambda backend setup.
When my app makes multiple API calls at the same time, some of them randomly return a 500 Internal Server Error, while others ...
- 142
Tooling
0
votes
0
replies
22
views
Open resty kubernetes frontend
User-->Load abalancer-Frontend VPC-Openresty Nginx --->Router-->Priv LB -->Kubernetes
I want to ask about Openresty in Kubernetes. I am using it now as reverse Proxy as Tasks in AWS and ...
- 11