Questions tagged [amazon-vpc]

1

votes
0

answer
299

Views

Why AWS lambda functions In a VPC sometimes timeout and sometimes work fine?

I have some lambda functions in a VPC, some of them need Internet to work so I added a NAT instance (t2.micro) and the problem is that I have some functions sometimes work and sometimes timeout. For example a function that call FB API 80% of the time work and 20% timeout. Another function is using...
Bacem Mehri
1

votes
2

answer
104

Views

How to auto create a Classic Link for AWS EB Instances to VPC

I have a Classic app on EB that needs to connect to RDS in a VPC. I can manually configure the EB instances to allow a Classic Link to the VPC by going into EC2 - Instance - Actions - ClassicLink - Link to VPC. Once I do this all is fine BUT this won't auto-link new instances without manual interve...
fleaheap
1

votes
1

answer
243

Views

Whitelist private API GW api to be accessible from a VPC from another account

I have a Private API in Amazon API Gateway that I want to be consumed from another account, by a lambda with VPC support. I modified the API ResourcePolicy to allow private API traffic based on source VPC as specified here, in the last example. This is how my ResourcePolicy looks like: { 'Version':...
user2534830
1

votes
1

answer
34

Views

Can't connect to RDS Postgres locally after setting up NAT instance

I am working on a Django project that uses Zappa to host a serverless app on Lambda. It uses a Postgres database on the back and I've been able to use it flawlessly for some time. Recently I needed to use urllib, and so I needed a NAT instance (EC2 micro instance) to allow Lambda to access the int...
user3787031
1

votes
1

answer
548

Views

AWS RDS “pg_hba.conf rejects connection for host”

I am working on setting up a Postgres instance on AWS through RDS. It has been placed into a VPC with a private subnet where the subnet CIDRs are: ['10.0.21.0/24', '10.0.22.0/24', '10.0.23.0/24']. I have a public subnet and have successfully connected to postgres through a bastion node from public t...
daswolle
1

votes
1

answer
51

Views

Exposing Kong Admin API to internal network

We have a Kong Gateway running within a VPC in AWS. Currently, the Admin API for the Kong Gateway is restricted to only localhost traffic using export KONG_ADMIN_LISTEN='127.0.0.1:8001' export KONG_ADMIN_LISTEN_SSL='127.0.0.1:8444' We'd like to allow microservices within the same VPC to register th...
Brian
1

votes
0

answer
33

Views

How to use a single EIP with Serverless framework?

I have a script to deploy a serverless based project. I'm currently using serverless-vpc-plugin for setting up AZ, but when using the useNatGateway flag - it creates an EIP per zone. I need to force all outgoing traffic to use a single EIP (I'm accessing a 3rd party provider which has an IP restrict...
Gilad Novik
1

votes
1

answer
206

Views

Connecting to Aurora Serverless via intra-region VPC Peering

I have two AWS accounts, which I will call prod and dev. prod has an Aurora Serverless cluster (not instance!), perfectly connectable within its own VPC in the prod account. To save time and money, I would like to use this cluster in dev (obviously with read-only permissions, etc) instead of spinni...
slaughtr
1

votes
1

answer
39

Views

What are the various ways in which an institution can connect their AWS VPC to the Internet?

What are the various way the institutions can connect their AWS VPC to the Internet? I searched on AWS documentation about VPC but could not figure out
nkashyap
1

votes
0

answer
88

Views

Unable to Telnet on AWS-EC2 instance in private Subnet VPC VPN

I have a VPN tunnel setup between Local Infrastructure and EC2 instances. I am able to ssh on Ec2 Instance. Also I can do SSH from EC2 to some other Local System. I have installed a service which connects on port 8440 and 8441 and few other port. The issue I am facing is, I am not able to telnet...
Jeetendra J
1

votes
0

answer
15

Views

Does direct private-to-private IP routing within a shared VPC go through NATs and is it necessarily faster than going through a public proxy?

Assume we have two instances in two different regions under a shared VPC with no public IPs (i.e. within two private clusters). How exactly does routing from one instance to the other work, assuming private addresses used? Does it necessitate the use of NATs (which I always assumed were for internal...
Leeren
1

votes
0

answer
55

Views

How to create a VPC endpoint for autoscaling

We have our VPCs not directly connected to internet. So we need CLI --endpoint-url option to send commands to the custom VPC endpoints instead of standard AWS service endpoints e.g. aws sns publish --message $MESSAGE --target-arn $SNSTARGET --region $REGION --endpoint-url 'https://vpce-xxxx-xxxxx.s...
HumayunM
1

votes
0

answer
26

Views

Route53 over VPN IPSec and Openvpn

I have got vpn connection: (aws vpn ipsec bgp)linux strongswan to vpc subnet:10.215.0.0/16. In linux machine I have got Openvpn as server whitch push route to 10.215.0.0/16. Now my Desktop PC over Opnevpn can connect to aws vpc 10.215.0.0/16.e.g: (aws vpn ipsec bgp)linux strongswan to vpc subnet:10....
debek
1

votes
1

answer
51

Views

Connecting AWS RDS in VPC with Google Cloud Composer

I am trying to build a google cloud composer connecting to AWS RDS to do schedule ELT jobs. However, the RDS is in private subnet of VPC, and the connection is allowed by a white listing IP in Security Group. I have tried to create a NAT gateway for google kubernetes engine, but I couldn't find any...
Wai Yin Li
1

votes
0

answer
28

Views

EC2 could not resolve private API Gateway

The current set up is: EC2 instance deployed in a VPC in subnet A. VPC Endpoint for execute-api in the same VPC in the same subnet (A) Private API Gateway with a resource policy to Allow both the VPC and VPC Endpoint to invoke the API VPC has all its DNS settings enabled. DNS Hostnames & DNS resolut...
oasisofthestar
1

votes
1

answer
42

Views

User Data is not running on EC2 instance in Private VPC subnet

This is the user data used: #!/bin/bash yum install httpd -y yum update -y aws s3 cp s3://YOURBUCKETNAMEHERE/index.html /var/www/html/ service httpd start chkconfig httpd on NAT gateway is configured for the private EC2 instance and also s3fullaccess permissions are given. Please help me troubleshoo...
SAMRUDDHI MODI
1

votes
0

answer
54

Views

Create AWS VPC Endpoint for SQS

I have a couple of Lambda functions that require access to other services I have in AWS inside a VPC. So I have added these Lambda functions to the same VPC which makes them lose internet access. One of the service I need access to is a SQS queue, which is not in the VPC as it doesn't support it. I...
Ivo Udelsmann
1

votes
1

answer
23

Views

Route traffic of a Client VPN VPC to an instance in the same VPC

I have a use-case where a remote device (ie. Laptop) is connected to the AWS Client VPN endpoint. Client VPN endpoint has a VPC/subnet associated and I want to see the traffic generated on different ports of my laptop in my VPC. The client (i.e. laptop) is able to connect to the VPN server and I see...
instanceOfObject
1

votes
1

answer
1.1k

Views

Uploading to S3 from within an EC2 VPC

If we're uploading files to S3 from within our AWS VPC, do we have to do anything special other than initiate an upload through the S3 API on the standard URL? We're planning on using the aws-s3 Ruby gem to do the transfer and just trying to figure out if there are changes we need to make in order t...
Jeremy Baker
1

votes
1

answer
872

Views

Is the role of router in AWS-VPC played by a virtual machine?

I am wondering is the role of router in AWS-VPC played by a virtual machine ? This vm may have several nics. If not, then how is the router in vpc designed ? Thanks a lot.
user3332490
1

votes
1

answer
1k

Views

How can I attach a private IP from a different subnet to an EC2 instance?

First of all, I know enough about VPN setup just to be dangerous, so hopefully I can explain my problem clear enough. We have a server in our AWS VPC that a client will need to access via a VPN connection. The client wants to access the server as though it's a specific IP address on their internal n...
Jeff French
1

votes
3

answer
1.8k

Views

AWS VPC outbound traffic

I have a VPC in AWS with a public and a private subnet. I added an OpenVPN server to it and as long as I'm logged into the VPN I can access everything just fine. I now need to set it up so that a server in the VPC can access an external REST API. My current ACL rules are completely open. Both inboun...
Jason Neumann
1

votes
1

answer
1.2k

Views

How to find out if an AWS VPC Subnet is a “public subnet”?

I want to find out if a given AWS VPC subnet is a 'public subnet' i.e. if it has direct access to the internet. As I understand it, for this I need to check if the route table associated with that subnet is associated with an internet gateway i.e. it has an entry with 'destination_cidr_block'='0.0.0...
Rohit Agarwal
1

votes
2

answer
777

Views

How to add inbound rule to AWS security group with my default VPC?

I want to add inbound rule to security group with my default VPC. I removed default VPC from a zone and added a default VPC. But I get fault below : '[AmazonServiceException: Status Code: 400, AWS Service: AmazonEC2, AWS Request ID: c99a21bb-c798-4938-994f-ef8b89c64a72, AWS Error Code: VPCIdNotSpeci...
Ozturk
1

votes
1

answer
613

Views

Kibana cannot talk to Elasticsearch cluster in VPC

I have setup Elasticsearch and Kibana in Amazon VPC, where two Elasticsearch instances (forming a cluster) stay in the private subnet and other node having Kibana/nginx sitting in public subnet. I can check the cluster health and it is good - { 'cluster_name' : 'es-cluster', 'status' : 'green', 'tim...
theharshest
1

votes
2

answer
1.7k

Views

EC2 instance in VPC public DNS name

I have an VPC instance created on AWS. But it doesn't have a public DNS value as opposed to my other instance which is a straight EC2 instance. eg ec2-45-55-79-ap-southeast-1.compute.amazonaws.com Is there a way to assign a 'Public DNS' value like the one above for my VPC instance? Cheers to anyone...
Andrew Duffy
1

votes
1

answer
121

Views

AWS: conditional route to EC2 depending on content

I want to build a cluster of EC2 'worker' instances where each EC2 should handle particular shard of users, lets say: EC2-1 handles users-1-2-3 EC2-2 handles users-4-5-6 EC2-3 handles users-7-8-9 So that when user-3 tries to login and execute other requests in my service, each request from that use...
blackdigger
1

votes
1

answer
1k

Views

CIDR Block Overlapping in AWS VPC

Can someone please explain Subnet Overlapping with an example ? I'm preparing for AWS CSA and I came across this term. I tried few resources but it's not 100 % clear to me. Thanks a lot in advance.
ANT
1

votes
1

answer
1.3k

Views

Heroku and amazon VPC

Do Heroku apps run on default VPC or do they run on custom VPC? (I assume by now everyone is using VPC and not the older EC2-Classic) Does anyone one have information about the VPC id of Heroku (if they are using a custom VPC)? Earlier they used the AWS account number: 098166147350 as per AWS Forum...
phoenix
1

votes
1

answer
66

Views

Moving Service with API to private subnet in Amazon VPC

Our API was public. We'd access it from api.domain.com. The service has moved to a private subnet with an Amazon VPC. The web app is hosted on a public instance which communicates via API to the private instance. How do we create an endpoint to access the API hosted on the private instance? I...
csi
1

votes
1

answer
463

Views

Amazon default VPC, auto scaling and best practice

Im building a dev and production environment in amazon and wanted to separate them by having separate VPC, however I noticed that when i have created new VPC's these cannot be used in auto scaling groups and only the default VPC can be used. Should I create separate AWS accounts for each environment...
James
1

votes
1

answer
407

Views

Accessing ECS instances from AWS Lambda running in VPC

I am running a Lambda function in a VPS and have been able to connect to my S3 and RDS resources. However I cannot connect to containers I have running in the VPC through ECS (These containers are exposed to the internet via ELB). I am aware that accessing the internet via a Lambda function in a VPC...
Erik
1

votes
1

answer
946

Views

Not able to Launch AMIs into EC2-Classic in AWS

Earlier we could launch our AMIs into EC2-Classic now it is forcing us to launch into vpc only. Why this restriction? Step 3: Configure Instance Details Network : The dropdown value for Launch into EC2 Classic is disabled. How can I enable ?
Cork Kochi
1

votes
1

answer
544

Views

Connect Lambda to Redshift in Different Availability Zones

Our Redshift cluster resides in Zone A. When our Lambda function uses a Zone A subnet, it can connect to Redshift. When our Lambda function uses a subnet other than Zone A, it times out. The work around, where we ALLOW connections for Redshift on port 5439 from 0.0.0.0/0, is not desired. We have ou...
Matt Beckman
1

votes
1

answer
383

Views

AWS EC2 goes to stopped state when creating it

I am creating an AWS EC2 instance in a VPC with internet access using cloudformation. I am able to create the EC2 as expected based on the JSON. But it seems like the instance state goes to stopped soon after creating the EC2. I was expecting the EC2 to be up and in running state as soon as created....
Drishya MS
1

votes
1

answer
704

Views

Can spinnaker deploy into a non-default AWS VPC?

I currently have spinnaker deployed into my default VPC. However I'd like to setup my production and staging environments into two separate VPCs. Spinnaker appears to only deploy into the default VPC. Is it possible to deploy into another VPC other than the VPC spinnaker is deployed?
Tosin Ogunrinde
1

votes
1

answer
110

Views

Kubernetes on AWS dedicated host - Can I use kubectl on an existing cluster?

I have an app with several containers running just fine using kubernetes on AWS however now I need to port this to a AWS Dedicated Host VPC where the cluster has previously been created NOT using Kubernetes so I am not able to execute kube-up.sh or its kops equivalent Is it possible to orchestrate m...
Scott Stensland
1

votes
1

answer
37

Views

Does a AWS RDS instance update itself if it is setup in a private VPC?

If I launch a RDS instance in one of my private VPCs, will that be able to update itself provided that I have enabled Auto Minor Version Upgrade?
captainblack
1

votes
1

answer
685

Views

How to enable aws lambda to access ec2 mongo instance in the same aws account

I have an EC2 instance for mongoDB and i created a lambda function to query this DB , used mongoClient for connection, This connection is successfull and i can query the DB when my mongo security group set as anywhere but i need some security for my DB so i changed it to custom IP and port, then i c...
Sabreena
1

votes
1

answer
277

Views

Tunnel from Office to Internet through AWS VPC

I gonna create a secure tunnel from my Office (Static IP) to AWS VPC and then Internet Gateway. I have a VPC, private and public subnets. Office connects to private subnet via VPN tunnel. How can i route all private (VPN) traffic to public and Internet gateway? Office Private subnet Public subnet...
AHHP

View additional questions