#aws (2024-03)
Discussion related to Amazon Web Services (AWS)
Discussion related to Amazon Web Services (AWS)
Archive: https://archive.sweetops.com/aws/
2024-03-01
I was kinda surprised to see that there wasn’t a #mysql channel, so I guess I’ll ask in here. With the upgrade to MySQL 8.0, the float/double syntax Double(M,D) is being replaced just Double. Since it doesn’t allow you to specify precision anymore, we’ve noticed some problems with this change. Does this mean the app code should handle precision now?
@Dan Miller (Cloud Posse)
I’m not the person to ask about this, sorry
All good y’all, thank you for taking a look
We’re trying to support 5.7 and 8.0 at the same time during the transition, but it doesn’t look like that’s possible
2024-03-08
What do you think of AWS/GCP certifications? Is there ANY meaning for experienced staff?
there is no right answer for this. some people find structured learning essential to grow their skillset. in regards to career growth/opportunities; it’s going to come down to the org/hiring manager and their biases. orgs that value them will require them to hold higher level positions.
2024-03-09
2024-03-10
Q regarding shared resources, eg a transit gateway. I see that the shared resources gets listed in the right place, but that names/tags are not available. besides looking at the owner is, is there a way to provide at least a name (may be different from the original) ?
@Dan Miller (Cloud Posse) @Ben Smith (Cloud Posse)
I kept hoping that AWS would fix this, but eventually gave up and ending up writing a small utility service that replicates tags, it’s purpose built so not OSS available but it was only a few days of investment…heck there probably is something out there that does this
I’ve seen this issue too. It’s quite annoying to not have the name and tags associated with the shared TGW attachment
Based on the responses in this issue, we might be able to use aws_ec2_tag to tag the resource in the second account after-the-fact. I haven’t tried it yet, and this (closed) issue claims it doesnt work. But that’s a few years old. Might be worth trying out
if that does work, I can imagine it wouldn’t be too difficult to pass module.this.tags to new shared resource in the same transit gateway module (for cloud posse terraform use cases for example)
ohh man if that works I’ll be 80% relieved, 20% angry — going to add that to my TODO list. thanks
np! if it does work lmk too please! That’d be a great QoL addition to our module
I’m not holding my breath though, the issue was closed due to age not explicitly because it was no longer needed.
1
looks quite interesting!
2024-03-11
I’ve run into an issue creating a autoscaling group with a launch template that has an ami in another account. I’ve setup permission and tried creatigng a grant for the service account, and can create an instance from the launch template but the autoscaler always fails with
Status Reason: Instance became unhealthy while waiting for instance to be in InService state. Termination Reason: Client.InvalidKMSKey.InvalidState: The KMS key provided is in an incorrect state
where is the kms key? the asg account or the ami account? is the kms key active? what is the kms key being used for?
ami account and yes its active to encrypt EBS volumes
ok, have you created a resource policy for the kms key to allow the asg account to use it? I also think you need to create a kms grant for the autoscaling service linnked role to use the kms key
I tried that but still kept getting the same error
Hello im using elastic beanstalk and my loadbalancer is application load balancer, is there a possible way to have a static/elast IP of application balancer?
You can’t assign a static IP address to an Application Load Balancer. If your Application Load Balancer requires a static IP address, then it’s a best practice to register it behind a Network Load Balancer. The static IP address that’s assigned to a Network Load Balancer doesn’t change and provides a fixed entry point for your Application Load Balancer.
another option could be https://docs.aws.amazon.com/global-accelerator/latest/dg/about-accelerators.alb-accelerator.html
possibly helpful whitepaper:
With Application Load Balancer (ALB) as target of NLB, you can now combine ALB advanced routing capabilities with AWS PrivateLink
https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/aws-privatelink.html
2024-03-12
2024-03-14
Hello, we encounter an issue with the CloudPosse AWS backup vault module. During the destruction of a backup vault, the process trying to remove the backup vault before the recovery points, and due to this sequence, the deployment failed. Do we need to update the module to be able to remove the recovery points before the backup vault ? Thanks in advance for your help Rgds
Regarding the Cloudposse aws backup module, could we add a lifecycle in this one ? I would like adding a lifecycle depends_on a null_resource who delete the recovery points before the backup vault
@Ben Smith (Cloud Posse)
Yeah based on the other threads, I agree with Jeremy, that we should have a force_destroy flag that will destroy backups on destroy.
Is this option implemented in the module ?
not yet, but I think that’s the appropriate place for this
ok
@bessey not sure how fast I’ll be able to get to this, is this something you could open a PR for?
What’s PR ?
Pull Request
2024-03-19
Hello Fellow DevOps, I want a insights about BigQuery.
I’m using AWS RDS Serverless V2 and I’m planning to migrate/clone the data to BigQuery because all reports we are using is in google. now do you have any idea/insights for that? Thank you.
I tried in aws export in s3 but it seems not sync or it will be a duplicate data if I do it again.. what you think?
@Jeremy White (Cloud Posse) @Dan Miller (Cloud Posse)
2024-03-20
2024-03-21
If anyone notices AWS VPN Client suddenly not connecting (with SAML/SSO authentication), let me save you a support ticket. It’s likely related to Chrome v123. Apparently it’s breaking SAML SSO workflow. (At least temporarily) set Firefox as your default browser. AWS says they’re working on a VPN Client update that works with Chome again, but for now…Firefox.
It’s been reported internally that safari is also suitable. It’d be appreciated if you could confirm the same
@Erik Osterman (Cloud Posse) can you add me to that Slack group please?
2024-03-22
Hello Every one can any one help me out by providing AWS Solutions Architect Associate SAA C03 exam dumps please
2024-03-25
If my ec2 instances are truly ephemeral and I have no expectations of disk persistence across even a reboot, is there any reason to use EBS volumes over instance store?
• if you have any performance requirements
• encryption requirements
• you want to share volumes
1
what kind of performance requirements are you thinking of? Are there cases where an EBS volume might outperform instance storage?
instance store verifies by class, so you might want to use EBS to have consistent performance if that’s something you need
sorry my bullet point was unclear
ah, makes sense, thanks
Yes so as Darren alludes to, we have multiple times run into this that instance store volumes are too slow. Other times we needed a lot of scratch space.
it’s a little hard to believe that a local SSD would ever be slower than something over the network, but I guess if anyone could crack that nut, it’d be AWS…
instance store volumes should be encrypted as well: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-rest
you cannot provide your own encryption key
The encryption keys are destroyed when the instance is stopped or terminated and cannot be recovered
Doesn’t really make a difference as the data is ephemeral and you delegate trust to AWS anyway.
to some orgs, very much
I’m not petitioning either way, I’m just calling out what factors you’d consider when choosing EBS vs instance
2024-03-26
2024-03-27
Hello Everyone, I’m new to this group and just joined this channel online. As I’m a beginner in Aws and my goal is to become a cloud engineer so as a beginner I want to take a cloud practitioner exam any advice on that ?
@Erik Osterman (Cloud Posse) please confirm https://aws.amazon.com/certification/certified-cloud-practitioner/?gclid=CjwKCAjwh4-wBhB3EiwAeJsppNFY-yL9SFCiCO10NS-3zaXE3aFEN0hNiw_b1ShxA2ZZUb_GY49SJhoCFcQQAvD_BwE&trk=0c2b5279-1e50-459b-b9b5-6b0861ac160e&sc_channel=ps&ef_id=CjwKCAjwh4-wBhB3EiwAeJsppNFY-yL9SFCiCO10NS-3zaXE3aFEN0hNiw_b1ShxA2ZZUb_GY49SJhoCFcQQAvD_BwE<i class="em em-G"https://aws.amazon.com/certification/certified-cloud-practitioner/?gclid=CjwKCAjwh4-[…]302!e!!g!!aws%20cloud%20practitioner!19919601960!149404860884 is Cloud Posse’s recommendation
Thank you @Gabriela Campana (Cloud Posse) for sharing this with me :)
Do I need to take any further course on YouTube or udemy to pass this exam? Or shall I just follow along with Aws official website?
I think you can follow along with AWS website: https://aws.amazon.com/certification/certification-prep/?ch=cta&cta=header&p=2
@Dan Miller (Cloud Posse) @Ben Smith (Cloud Posse) please confirm
The cloud practitioner exam is a great starting point. That will give you a general idea of how AWS works, but from there I’d recommending getting an Associate certificate as well. For example, the Solutions Architect exam
When I was learning AWS originally, I liked the courses on ACloudGuru and Linux Academy. Ultimately it’s up-to-you whichever you prefer. They will all be good
Here’s AWS’s recommended certificate paths: https://d1.awsstatic.com/training-and-certification/docs/AWS_certification_paths.pdf
Thank you guys, this helped me to choose a path that I want to go for. I will deffo prepare for the associate level as well the sooner I complete my cloud practitioner.
12024-03-28
Hello everyone I am trying to pay the exam fee of SAA-C03 in Pearson Vue, but failing to pay its showing “the credit card payment option is not available for this order” how can I pay the exam fee
This is not a question we can answer. You need to contact Pearson Vue.