amazon web services – How to restrict user to access particular ec2 machines?

With this link, I can restrict user only to poweron/off a machine and terminate option is removed.

But, I want to restrict user to access only few machines assigned to the user and not show other machines.

With only the Owner or any custom tag we can filter.

How to do that?

sql – DÚVIDA – AMAZON REDSHIFT

Estou com uma dúvida que não consigo resolver.
Tenho uma query que classifica clientes como ativo e inativo a cada mês.
Gostaria de atribuir uma classificação para aquele que foi classificado como ativo pela primeira vez, assim eu deveria acessar o histórico dessas classificações anteriores.
Tinha pensado em criar uma procedure no redshift com um cursor que fizesse loop de for e contasse 1 para cada status ativo que o cliente já teve.
No entanto, deu alguns erros e me disseram aqui que o cursor no redshift serve para outro propósito, que eu deveria fazer por temp table. Alguém pode me explicar como ficaria? Tenho a query do cursor que não funcionou com os loops for prontos, só preciso mesmo saber como faria por temp table ou se existe de fato uma forma de fazer isso por cursor.
Obrigada!!!

amazon web services – EKS node not responding and not exposing container ports

So I’ve been struggling with the fact that I’m unable to expose any deployment in my eks cluster.

I got down to this:

  1. My LoadBalancer service public IP never responds
  2. Went to the load balancer section in my aws console
  3. Load balancer is no working because my cluster node is not passing the heath checks
  4. SSHd to my cluster node and found out that containers do not have ports associated to them:

enter image description here

This makes the cluster node fail the health checks, so no traffic is forwarded that way.

enter image description here

I tried running a simple nginx container manually, without kubectl directly in my cluster node:

docker run -p 80:80 nginx

and using the node public IP in my browser. No luck:

enter image description here

then I tried curling to the nginx container directly from the cluster node via ssh:

 curl localhost

And I’m getting this response: “curl: (7) Failed to connect to localhost port 80: Connection refused”

  1. Why are containers in the cluster node not showing ports?
  2. How can I make the cluster node pass the load balancer health checks?
  3. Could it have something to do with the fact that I created a single node cluster with eksctl?
  4. What other options do I have to easily run a kubernetes cluster in AWS?

Not showing amazon echo dot as output or input device in ubuntu sound setting after connecting through bluetooth

Though bluetooth pairing is successfull with Amazon Echo dot 3rd gen from Ubuntu 18.04.4 LTS( Echo says Now connected to <my machine's name>), The device is not listed in the sound setting as input/output device, So the problem is ,sound is coming from the inbuilt speaker and not from the echo device.

Things that I’ve already tried

  • connecting/disconnecting device multiple times
  • bluetooth pairing while laptop is playing some music(on youtube)

not really sure which command / logs to be checked for this issue. Please suggest.

amazon web services – AWS EC2 access attempts on blocked ports

I have recently installed OSSEC on a RHEL 8 server being hosted on AWS EC2. Since then I have been receiving brute force attempts and other attempts on ports that are not open in my security group.

How are users able to get to my server at all when these ports are not open in the security group for the EC2 instance, and how do I stop them from reaching the server at all?

Example report:

OSSEC HIDS Notification. 2020 Oct 18 20:45:33

Received From: shared->/var/log/secure Rule: 5712 fired (level 10) ->
“SSHD brute force trying to get access to the system.” Src IP:
46.101.209.127 Portion of the log(s):

Oct 18 20:45:32 shared sshd(3097608): Disconnected from invalid user
pi 46.101.209.127 port 49568 (preauth) Oct 18 20:45:32 shared
sshd(3097608): Invalid user pi from 46.101.209.127 port 49568 Oct 18
20:45:12 shared sshd(3097603): Disconnected from invalid user admin
46.101.209.127 port 58720 (preauth) Oct 18 20:45:12 shared sshd(3097603): Invalid user admin from 46.101.209.127 port 58720 Oct
18 20:44:51 shared sshd(3097591): Disconnected from invalid user admin
46.101.209.127 port 39802 (preauth) Oct 18 20:44:50 shared sshd(3097591): Invalid user admin from 46.101.209.127 port 39802 Oct
18 20:44:30 shared sshd(3097582): Disconnected from invalid user admin
46.101.209.127 port 49134 (preauth) Oct 18 20:44:30 shared sshd(3097582): Invalid user admin from 46.101.209.127 port 49134

–END OF NOTIFICATION

Can i rank my keyword on Amazon Search engine ?

Hello everyone,

how can i rank my keyword on Amazon Search engine

amazon web services – EC2 Instance cannot connect to ECS Cluster

Helo,
I have empty AWS ECS Cluster but I am unable to put instances into it.
I wanted to use Launch templates and Autoscaling Group, but I am unable to assign created EC2 Instance.

The issue is in shown in ecs-agent.log

level=error time=2020-10-17T23:23:37Z msg="Unable to register as a container instance with ECS: RequestError: send request failedncaused by: Post "https://ecs.eu-central-1.amazonaws.com/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" module=client.go
level=error time=2020-10-17T23:23:37Z msg="Error registering: RequestError: send request failedncaused by: Post "https://ecs.eu-central-1.amazonaws.com/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" module=agent.go

Notes:

  • Using AMI ami-0eff571a24849e852
  • Cluster name: debug
  • Region is eu-central-1
  • Instance has no public IP
  • Instance is in 10.10.100.0/24 subnet (10.10.100.14) and VPN subnet is 10.10.0.0/16
  • Instance can reach the internet through NAT Instance:
(ec2-user@ip-10-10-100-14 ecs)$ ping google.com
PING google.com (216.58.212.142) 56(84) bytes of data.
64 bytes from ams15s21-in-f14.1e100.net (216.58.212.142): icmp_seq=1 ttl=109 time=50.1 ms
64 bytes from ams15s21-in-f142.1e100.net (216.58.212.142): icmp_seq=2 ttl=109 time=40.1 ms
  • DNS to outside is resolving fine
(ec2-user@ip-10-10-100-14 ecs)$ nslookup google.com
Server:     10.10.0.2
Address:    10.10.0.2#53

Non-authoritative answer:
Name:   google.com
Address: 216.58.212.142
  • Just to be sure, I have created Endpoints from VPC and Subnet where Instance is to ECS
  • I have attached the security group with no restrictions for test
  • ecs.config:
ECS_CLUSTER=debug
ECS_BACKEND_HOST=
(ec2-user@ip-10-10-100-14 ecs)$ nslookup ecs.eu-central-1.amazonaws.com
Server:     10.10.0.2
Address:    10.10.0.2#53

Non-authoritative answer:
Name:   ecs.eu-central-1.amazonaws.com
Address: 10.10.100.219

Does anyone have any suggestions?

amazon web services – Cannot sign in to aws console

I’m having problems getting to the signin page of aws in Ubuntu 20.04 with latest updates. As I suspect this to be a network problem, I’ve tried accessing with curl and openssl. Sometimes (randomly) following commands doesn’t fail and I get successful responses, but most of the time I’m getting following responses:

~ curl -vvv https://signin.aws.amazon.com
*   Trying 176.32.98.146:443...
* TCP_NODELAY set
* Connected to signin.aws.amazon.com (176.32.98.146) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to signin.aws.amazon.com:443 
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to signin.aws.amazon.com:443
openssl s_client -connect signin.aws.amazon.com:443 
CONNECTED(00000003)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 313 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Some observations:

  • signing.aws.amazon.com resolves to different ip addresses and I’ve checked I’m getting both successful and error responses from same ip addresses.
  • When I get a successful response, usually next few calls are also successful if I keep trying.
  • If I connect to a VPN, these calls never fail
  • I have two ubuntu machines at home both of the have the same problem. I’ve installed curl to a windows machine and it never had the problem.
  • Successful sessions are using TLSv1.2 as expected
  • I have a very stable 100 Mbit connection with very low ping times and this problem doesn’t happen with any other domain
  • Both commands fail after 23 seconds. However when they’re successful, it takes ~400ms.
  • I tried to replace my router, but got the same results.
  • My ISP changed my IP address, but that didn’t help. As the calls are sometimes working I don’t think it’s a black-listing problem.
  • I cannot connect to site with browsers or other cli tools neither.

What else can I try to find the cause of this issue?

Use existing on-demand instance in a spot fleet request for Amazon

I’m trying to reduce my expenses and want to start using AWS’s spot pricing service. I’m completely new to it, but as I understand I can have instances running for certain amounts of time based on the price that will eventually stop running based on certain conditions. That’s fine, I’m also aware you can have spot fleets, and in these fleets you can have an On-Demand instance for when the spot instance is interrupted.

I currently have a an On-Demand instance that hosts an ElasticBeanStalk application (it’s an API), is there a way to use this instance inside the spot fleet so that when there’s an available spot-instance it’s servicing my EBS application then when the spot-instance is interrupted it just goes back to using my current On-Demand instance until another spot-instance is available?

Thank you in advance.

Selling – cPanel survey & Amazon EC2 For WHMCS v1.3.0 are here to steal your attention! | Proxies123.com

1. 60-Second Survey For cPanel Users

The recent decision of cPanel to introduce yet another price increase has evoked mixed feelings across the web hosting community, to say the least. Would you call it a change for the better?

Devote just 60 seconds to answering a few simple questions, and by doing so give us better understanding of how we can help with what your business goes through due to the controversial cPanel pricing policies. We will be happy to compensate for your time with an exclusive 10% promo code on the entire range of ModulesGarden software gear! Sounds appealing enough?

Share your cPanel experience with us!

2. Buzzworthy Reveal Into WHMCS V8.0

If you are with us for a while, you already know that we often like to spice things up. This time we have chosen to add some extra thrill to the ongoing WHMCS V8.0 vogue by sharing our very personal viewpoint on the novelties packed into this major update.

Curious to find out what we really think about its all-new features, and how much they will contribute to transforming our WHMCS offer?

Sneak a look at our latest Blog publication for some straight talk!

3. Proxmox Reselling Revolution – 50% OFF!

If you are toying with the idea of reselling your Proxmox servers directly through WHMCS or any other platform of your choice – there is no time like the present!

With the outstanding promotion we have just put in motion, you can join the powers of your Proxmox VPS For WHMCS with our newly developed Products Reseller For WHMCS module at a colossal 50% discount, equal to $100!

Worried that such a huge deal will slip you by because you are not into Proxmox offerings? Cheer up, Products Reseller For WHMCS has got you covered on all fronts, as it allows you to resell products and services of other types as well – and you can still indulge your business with an appealing cost-cutting offer!

Ready to brainstorm this concept some further?

4. Amazon EC2 For WHMCS v1.3.0

We are pleased to announce that recent efforts of our Product Development team have led into the quality update of Amazon EC2 For WHMCS. There are several new implements that the module’s 1.3.0 version bears to make the provisioning of Amazon EC2 instances nothing short of a pleasure:

  • Clients are now able to inject their SSH keys for the already existing machines
  • The SSH key will be from now on auto-generated, and accessible in the client area, in case it was not provided by the user during the ordering proces
  • The subnet into which the instance will be launched can be currently chosen in the product configuration

Be sure to have a taste of other improvements this noteworthy release has been powered with!

Learn more exciting details about Amazon EC2 For WHMCS v1.3.0!

Need Custom Software Development For Your Business?

Specially for you we will adapt an application and its design to your own needs, create a new module or even a completely new system built from scratch!