Newbe Dev Stack

Answer : You should make use of the IN operator. It is also easier to use Placeholders for attribute names and attribute values. I would, however, advise against using a Scan in this case . It sounds like you already have the hash key attribute values that you want to find, so it would make more sense to use BatchGetItem . Anyways, here is how you would do it in Java: ScanSpec scanSpec = new ScanSpec() .withFilterExpression("#idname in (:val1, :val2, :val3)") .withNameMap(ImmutableMap.of("#idname", "ID")) .withValueMap(ImmutableMap.of(":val1", "123", ":val2", "456", ":val23", "789")); ItemCollection<ScanOutcome> = table.scan(scanSpec); I would imagine using the Javascript SDK it would be something like this: var scanParams = { "TableName":"myAwsTable", "AttributesToGet": ['ID','COMMENTS','DATE'], "Filte...

Answer : An IPv4 address consists of 32 bits. 1) /32 in CIDR x.x.x.x/32 means use all 32 bits to form a range of addresses. In this case just one IP address is possible. 2) /24 in CIDR x.x.x.0/24 means fix the first 24 bits and use last 8 bits to form a range of addresses. In this case, there can be 2^8 IP addresses i.e. from x.x.x.0 to x.x.x.255. 3) /16 in CIDR x.x.0.0/16 means fix the first 16 bits and use the last 16 bits to form a range of addresses. In this case, there can be 2^16 IP addresses i.e. from x.x.0.0 to x.x.255.255. 4) /8 in CIDR x.0.0.0/8 means fix the first 8 bits and use the last 24 bits to form a range of addresses. In this case, there can be 2^24 IP addresses i.e. from x.0.0.0 to x.255.255.255. 5) /0 in CIDR 0.0.0.0/0 means fix the first 0 bits and use the last 32 bits to form a range of addresses. In this case, all the possible IP addresses are included in the range. Hope it helps you in understanding your problem that first 16 bits needs to be...

Answer : I had the same issue, here is how I fixed it on my development environment I created an AWS profile using the AWS extension for Visual studio Once the profile is set up the credentials are passed using the profile and it worked fine for me Point to note here, the user profile accessing the key manager should have a valid security group assigned for the Secrets manager. Try it out let me know, how it went. Same issue and resolved by deleting $HOME/.aws/config and credentials files and recreating with AWS CLI. In my case I was switching laptops from Windows to a new MBP. I had setup my new environment by copying the .aws directory files and confirmed that AWS CLI worked correctly. Confusingly the dotnet SDK failed with same errors.

Answer : It's 2017 and I run into the same problem, happy to report there is now a way to get redshift to load csv files with the odd " in the data. The trick is to use the ESCAPE keyword, and also to NOT use the CSV keyword. I don't know why, but having the CSV and ESCAPE keywords together in a copy command resulted in failure with the error message "CSV is not compatible with ESCAPE;" However with no change to the loaded data I was able to successfully load once I removed the CSV keyword from the COPY command. You can also refer to this documentation for help: http://docs.aws.amazon.com/redshift/latest/dg/copy-parameters-data-conversion.html#copy-escape Unfortunately, there is no way to fix this. You will need to pre-process the file before loading it into Amazon Redshift. The closest options you have are CSV [ QUOTE [AS] 'quote_character' ] to wrap fields in an alternative quote character, and ESCAPE if the quote character is preceded by...

Answer : To allow user ec2-user (Amazon AWS) write access to the public web directory (/var/www/html), enter this command via Putty or Terminal, as the root user sudo : chown -R ec2-user /var/www/html Make sure permissions on that entire folder were correct: chmod -R 755 /var/www/html Doc's: Setting up amazon ec2-instances Connect to Amazon EC2 file directory using Filezilla and SFTP (Video) Understanding and Using File Permissions if you are using centOs then use sudo chown -R centos:centos /var/www/html sudo chmod -R 755 /var/www/html For Ubuntu sudo chown -R ubuntu:ubuntu /var/www/html sudo chmod -R 755 /var/www/html For Amazon ami sudo chown -R ec2-user:ec2-user /var/www/html sudo chmod -R 755 /var/www/html In my case the /var/www/html in not a directory but a symbolic link to the /var/app/current, so you should change the real directoy ie /var/app/current: sudo chown -R ec2-user /var/app/current sudo chmod -R 755 /var/app/current I hope th...

Answer : Yes, The DependsOn attribute can take a single string or list of strings . http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html Syntax: "DependsOn" : [ String, ... ] This answer comes up first in Google, so I will include how to do multiple dependson attributes in YAML, which I found in this answer. AnotherProductionResource: Type: AWS::CloudFormation::Stack Condition: ISProduction DependsOn: - AResource - MyProductionResource Properties: [...] Yes, "DependsOn" can take multiple strings. I have listed an example below: "DependsOn": [ "S3BucketAppElbLogs", "ElbLogAppBucketPolicy" ]

Answer : One word answer: MONEY :D 1 GB to store in US-East-1: (Updated at 2016.dec.20) Glacier: $0.004/Month (Note: Major price cut in 2016) S3: $0.023/Month S3-IA (announced in 2015.09): 0.0125 / M o n t h ( + 0.0125/Month (+ 0.0125/ M o n t h ( + 0.01/gig retrieval charge) EBS: $0.045-0.1/Month (depends on speed - SSD or not) + IOPS costs EFS: $0.3/Month Further storage options, which may be used for temporary storing data while/before processing it: SNS SQS Kinesis stream DynamoDB, SimpleDB The costs above are just samples. There can be differences by region, and it can change at any point. Also there are extra costs for data transfer (out to the internet). However they show a ratio between the prices of the services . There are a lot more differences between these services: EFS is: Generally Available (out of preview), but may not yet be available in your region Network filesystem (that means it may have bigger latency but it c...

Answer : Lambda is standalone service that doesn't need to be integrated with API Gateway. queryStringParameters , body , body mapping templates , all of this is specific not to Lambda, but to Lambda - API Gateway integration. If you are using Lambda with other services then the data is usually passed directly via event object and there is not much of a reason to pass it in some other way. For example, you can subscribe Lambda function to S3 bucket and use it to programatically process events such as file being uploaded to your bucket. In this case, information such as bucket name, object key, object data, metadata, ... will be passed directly via event object. And, when using Lambda with API Gateway, why would you want to use body mapping templates to pass data to your Lambda function directly via event object? Because you can reuse that function much easier for other purposes (if viable in your scenario), because your Lambda function will have much simpler interface,...

Answer : As noted by Michael , this is the error message you will see when you reach the documented default " safety " limit of 100 concurrent invocations : " AWS Lambda has a default safety throttle of 100 concurrent executions per account per region. If you wish to submit a request to increase the throttle of 100 concurrent executions you can visit our Support Center ..." The solution was to open a support ticket providing the following info: Limit increase request 1 Service: Lambda Region: EU (Ireland) Limit name: concurrent requests (average duration * average TPS) New limit value: 2000 And then in the body of the ticket/request try to estimate your usage pattern: Expected average requests per second: 200 Expected peak requests per second: 2000 Expected function duration: 2 seconds Function memory size: 1000mb Invocation Type: Request-response Event Source: Api Gateway & Lambda<->Lambda It can take a while to get a res...

Answer : Yes, EMR does work out to be cheaper than Glue, and this is because Glue is meant to be serverless and fully managed by AWS, so the user doesn't have to worry about the infrastructure running behind the scenes, but EMR requires a whole lot of configuration to set up. So it's a trade off between user friendliness and cost, and for more technical users EMR can be the better option. @user2889316 - Did you check my question wherein I had provided a comparison numbers? Also please note Glue is roughly about 0.44 per hour / DPU for a job. I don't think you will have any AWS Glue JOB that is expected to running throughout the day? Are you talking about the Glue Dev end point or the Job? A AWS Glue job requires a minimum of 2 DPUs to run, which means 0.88 per hour, which I think roughly about $21 per day? This is only for the GLUE job and there are additional charges such as S3, and any database / connection charges / crawler charges, etc. Corresponding inst...

Answer : When using IAM service with AWS, you must sign your requests. curl doesn't support signed requests (which consists of hashing the request and adding a parameter to the header of the request). You can use one of their SDK's that has the signing algorithm built in, and then submit that request. See: http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/what-is-amazon-elasticsearch-service.html#signing-requests You can find the SDKs for popular languages here: http://aws.amazon.com/tools/ First, you said you can't login to an EC2 instance to curl the ES instance? You can't login? Or you can't curl it from EC2? I have my Elasticsearch (Service) instance open to the world (with nothing on it) and am able to curl it just fine, without signing. I changed the access policy to test, but unfortunately it takes forever to come back up after changing it... My policy looks like this: { "Version": "2012-10-17", ...

Answer : Short answer - you shouldn't worry about FreeableMemory unless it is became really low (about 100-200 Mb) or significant swapping occur (see RDS SwapUsage metric). FreeableMemory is not a MySQL metric, but OS metric. It is hard to give precise definition, but you can treat it as memory which OS will be able to allocate to anyone who request it (in your case it likely will be MySQL). MySQL have a set of settings which are restricting it's overall memory usage to some cap(you can use something like this to actually calculate it). It's unlikely that your instance will ever hit this limit, due to the fact that in general you never reach max number of connections, but this is still possible. Now going back to "decline" in FreeableMemory metric. For the MySQL most of the memory consume by InnoDB buffer pool (see here for details). RDS instances in there config by default have size for this buffer set to 75% of hosts physical memory - which in your case i...

Answer : To assist with your question, I recreated the situation via: Created an Amazon S3 bucket with no Bucket Policy Uploaded public.jpg and make it public via "Make Public" Uploaded private.jpg and kept it private Created an Amazon CloudFront web distribution : Origin Domain Name: Selected my S3 bucket from the list Restrict Bucket Access: Yes Origin Access Identity: Create a New Identity Grant Read Permissions on Bucket: Yes, Update Bucket Policy I checked the bucket, and CloudFront had added a Bucket Policy similar to yours. The distribution was marked as In Progress for a while. Once it said Enabled , I accessed the files via the xxx.cloudfront.net URL: xxx.cloudfront.net/public.jpg redirected me to the S3 URL http://bucketname.s3.amazonaws.com/public.jpg . Yes, I could see the file, but it should not use a redirect. xxx.cloudfront.net/private.jpg redirected me also, but I then received Access Denied because it is a private file in...

Answer : Finally, a colleague shared with me this awesome snippet that gets the work done in one go: eval $(aws sts assume-role --role-arn arn:aws:iam::123456789123:role/myAwesomeRole --role-session-name test | jq -r '.Credentials | "export AWS_ACCESS_KEY_ID=\(.AccessKeyId)\nexport AWS_SECRET_ACCESS_KEY=\(.SecretAccessKey)\nexport AWS_SESSION_TOKEN=\(.SessionToken)\n"') Apart from the AWS CLI, it only requires jq which is usually installed in any Linux Desktop. You can store an IAM Role as a profile in the AWS CLI and it will automatically assume the role for you. Here is an example from Using an IAM role in the AWS CLI - AWS Command Line Interface: [profile marketingadmin] role_arn = arn:aws:iam::123456789012:role/marketingadminrole source_profile = user1 This is saying: If a user specifies --profile marketingadmin Then use the credentials of profile user1 To call AssumeRole on the specified role This means you can simply call a command like this and...

Answer : Create a credentials file at any path where you can access this path from web service application e.g. C:\awsfile\credentials but remember don't give any extension this file File should contains following data. [default] aws_access_key_id=[your_access_key] aws_secret_access_key=[your_secret_key] After this you need to set the path in appsetting tag in the Web.config file: <appSettings> <add key="AWSProfilesLocation" value="C:\awsfile\credentials" /> <add key="AWSRegion" value="us-east-1" /> </appSettings> In AWS Explorer for Visual Studio you can create user profiles that give you different permissions on AWS, then you can choose which profile you want to use in AWS Explorer. These profiles are available only to your Windows user account, if anyone else uses your computer then they will have to create their own profiles. Any software that you run under your user account can also use these profiles. ...

Answer : Another option might be running the following commands: In order to install java 11: sudo amazon-linux-extras install java-openjdk11 For java 8 you can try: sudo yum install java-1.8.0-openjdk Finally, if you want to switch between java versions run: sudo alternatives --config java Use one of the OpenJDK distributions: https://docs.aws.amazon.com/corretto/latest/corretto-11-ug/downloads-list.html or https://adoptopenjdk.net/?variant=openjdk11&jvmVariant=hotspot

Answer : There are different ways to troubleshoot this problem. This is something addressed in the Developer Forum of AWS. Please go through the following steps to troubleshoot this problem. These could be basic steps, but I am pointing out the most general steps required. Try sending an SMS from the AWS Console. If this works, there is no issue with the spending limit or delivery rate. (So you have mentioned that this is not working too) Now check whether your Mobile number (which is receiving SMS) is subscribed to the topic. Under some conditions, the recipient can opt out from the topic. Where required by local laws and regulations (such as the US and Canada), SMS recipients can opt out, which means that they choose to stop receiving SMS messages from your AWS account. Check the Account Spending Limit which you have set for your calendar month. This could be limiting your SMS delivery. If you haven't set this, the default is 1 USD per month. For Accou...

Answer : I think the problem is about security groups of your instance. To the best of my knowledge you need to allow the traffic on the security group associated to your EC2 instance. If you are using memcached the port is 11211 if redis the port is 6379 Try to have a look to the AWS official documentation. http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/GettingStarted.AuthorizeAccess.html I hope this helps somehow. First, check the instance security group and check port 6379 is allowed in Inbound. After that, check your default VPC security group and add inbound rule Custom TCP Rule-6379-Anywhere and save. I hope this will fix the issue. Actually solution is to add security group to elasticache cluster, and this security group should allow 6379 port.

Answer : You can either use AmazonS3ClientBuilder or AwsClientBuilder as alternatives. For S3, simplest would be with AmazonS3ClientBuilder, BasicAWSCredentials creds = new BasicAWSCredentials("access_key", "secret_key"); AmazonS3 s3Client = AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(creds)).build(); Use the code listed below to create an S3 client without credentials: AmazonS3 s3Client = AmazonS3ClientBuilder.standard().build(); An usage example would be a lambda function calling S3. You need to pass the region information through the com.amazonaws.regions.Region object. Use AmazonS3Client(credentials, Region.getRegion(Regions.REPLACE_WITH_YOUR_REGION))

Answer : Usually, when you see Malformed Lambda proxy response , it means your response from your Lambda function doesn't match the format API Gateway is expecting, like this { "isBase64Encoded": true|false, "statusCode": httpStatusCode, "headers": { "headerName": "headerValue", ... }, "body": "..." } If you are not using Lambda proxy integration, you can login to API Gateway console and uncheck the Lambda proxy integration checkbox. Also, if you are seeing intermittent Malformed Lambda proxy response , it might mean the request to your Lambda function has been throttled by Lambda, and you need to request a concurrent execution limit increase on the Lambda function. If lambda is used as a proxy then the response format should be { "isBase64Encoded": true|false, "statusCode": httpStatusCode, "headers": { "headerName": "headerValue", ......