Posts tagged aws
Error: The maximum number of rules per security group has been reached
- 06 January 2023
- World
- English
- Technology
How to deal with the error: “The maximum number of rules per security group has been reached.”
Pagerduty Cloudwatch integration
- 09 January 2022
- World
- English
- Technology
It is possible to send your own custom payload to the Pagerduty Cloudwatch integration from a Lambda (instead of via a Cloudwatch alarm). Pagerduty does not document the internals but if you publish a custom message to the SNS topic that you have a HTTPS subscription to Pager duty following these simple rules you will see the event in Pagerduty.
Demystifying AWS IAM Policies: Unraveling De Morgan’s Laws and S3 Buckets Policy
- 12 September 2021
- World
- English
- Technology
As of September 2021 You will now get error messages that detail the source of a IAM access block for the following policy types:
Trust on Cloud AWS S3 Threat Model
Trust on Cloud have open sourced their AWS S3 threat model, this release is a great tool to make sense of the “shared responsibility model” and what “responsibility” means for AWS customers.
Monitoring VPN / Direct Connect Connectivity
In an on premise network it is typical to do some type of topology discovery via the MIB-II SNMP tables of all your network gear and then use ICMP to ping each of the discovered routers or switches respective management interfaces to validate connectivity and contribute to intelligence when parts of the network go dark and speed up root cause analysis.
Running Amazon Linux 2 on prem on VMware
There is no default ec2-user or root password set for the Amazon Linux 2 ova. You must use cloud-init via it’s nocloud datasource
AWS Sagegemaker Jupyter Notebook
I wanted to upgrade the version of pandas that comes with AWS Sagemaker Notebook to > 1.1 because this simplify handling of group by with null or NaN values.
Logstash ingestion of AWS billing customer usage reports
To get the CUR reports into elastic search:
Enterprise tips for AWS Workspaces and AWS Managed AD
- 08 November 2020
- World
- English
- Technology
fjleon of Reddit has pointed out that today many of the limitations I have written about have been solved. see the discussion on Reddit Or check the documentation for the latest.
AWS Boto KeyError endpoint_resolver in session.py when using multithreading
- 14 January 2020
- World
- English
- Technology
When using multithreading in Python with AWS boto to get a session I was randomly hitting this error:
CloudTrail and VPC Endpoints Logging
- 10 January 2020
- World
- English
- Technology
Today I learnt that AWS CloudTrail does not log requests that are denied by VPC endpoint policy. The reason for this is that it would allow an attacker to exfiltrate data via CloudTrail and the VPC endpoint outside of the VPC! (For example by sending lots of requests with data you want to extract in the request fields)
Cloudwatch Loginsights handy queries
- 26 November 2018
- World
- English
- Technology
Find all requests matching URL
Cloudformation: Provided Load Balancers may not be valid. Please ensure they exist and try again
Spent too much time troubleshooting the following error but I happy to find the solution for this error:
Introducing X-ENI or Cross Account ENI
- 24 October 2017
- World
- English
- Technology
Stumbled on an interesting new feature based on a commit in the AWS .net SDK which may have been released early.