amazon-vpc

问题 I know that custom domain names are not supported for private APIs. Also, similar question was answered here. Unlike the problem of ugly url as in question above, my problem is with format of private dns, which is as follows: https://{restapi-id}.execute-api.{region}.amazonaws.com/{stage} The problem is that hostname is dynamic - RestapiId can change whenever CloudFormation stack is recreated. This recreation is done when CF stack is in rollback_complete state and can not be updated. Then I

问题 I know that custom domain names are not supported for private APIs. Also, similar question was answered here. Unlike the problem of ugly url as in question above, my problem is with format of private dns, which is as follows: https://{restapi-id}.execute-api.{region}.amazonaws.com/{stage} The problem is that hostname is dynamic - RestapiId can change whenever CloudFormation stack is recreated. This recreation is done when CF stack is in rollback_complete state and can not be updated. Then I

问题 I have a lambda function which needs to access ec2 through ssh and load files and save it to s3. So,for that I have kept ec2 and lambda both in default VPCs and same subnet. Now the problem is that I am able to connect the function to ec2 but not to s3. Its killing me since morning as when I remove the vpc settings it uploads the files to s3 ,but then connection to ec2 is lost. I tried to add a NAT gateway to default VPC(although I am not sure I did it correctly or not because I am new to

问题 Good morning, Could you please help us with next problem: I have an API Gateway + Java Lambda Handler. this Lambda uses httpconnection to get some Internet REST API. when we use this Lambda without VPC it works fine. but when we are using VPC with configured internet access - sometimes Lambda fails with timeout errors. it fails in 20% of all requests (80% requests works fine) with next errors at log. REPORT RequestId: 16214561-b09a-11e6-a762-7546f12e61bd Duration: 15000.26 ms Billed Duration:

问题 I have set up a redshift cluster in a private subnet. I can successfully connect to my redshift cluster and do basic SQL queries through DBeaver. I need to upload some file from s3 to redshift as well, so I set up a s3 gateway in my private subnet and updated the route table for my private subnet to add the required route as follow: Destination Target Status Propagated 192.168.0.0/16 local active No pl-7ba54012 (com.amazonaws.us-east-2.s3, 52.219.80.0/20, 3.5.128.0/21, 52.219.96.0/20, 52.92

问题 I have a VPC set up in AWS and have a security group that allows inbound connections from the VPC's CIDR block and have assigned it to my instances. SSH and TCP work fine while using the private IP addresses. However when using public ip addresses on an instance, connection fails. Why is that so? Why doesn't the security group know the connection is coming from within VPC even if it's addressed to the public IP? 回答1: When you use the public IP the traffic exits the VPC and enters back into

问题 Using Amazon Kinesis Data Firehose with AWS PrivateLink tells Firehose VPC endpoint keeps the traffic between VPC and Firehose within AWS. You can use an interface VPC endpoint to keep traffic between your Amazon VPC and Kinesis Data Firehose from leaving the Amazon network. When API Gateway invokes PutRecord API of Firehose via the AWS integration, does the traffic goes through the Firehose VPC endpoint or goes to the Internet? Updates The Introducing Amazon API Gateway Private Endpoints

问题 Using Amazon Kinesis Data Firehose with AWS PrivateLink tells Firehose VPC endpoint keeps the traffic between VPC and Firehose within AWS. You can use an interface VPC endpoint to keep traffic between your Amazon VPC and Kinesis Data Firehose from leaving the Amazon network. When API Gateway invokes PutRecord API of Firehose via the AWS integration, does the traffic goes through the Firehose VPC endpoint or goes to the Internet? Updates The Introducing Amazon API Gateway Private Endpoints

问题 I'm currently trying so setup a replication from RDS (MySQL) to Redshift via DMS. The endpoint to RDS is working, but the one to Redshift is not. Here is my setup: VPC RDS, DMS, and Redshift are running in the same VPC and share the same subnets. Roles I implemented the required roles for DMS ( dms-vpc-role , dms-cloudwatch-logs-role ) and the specific one for Redshift ( dms-access-for-endpoint ) according to the AWS documentation. Security groups The security group setup is the same as well.

问题 I have a Lambda that needs to be on a VPC to talk to protected resources like RDS and AWSDocumentDB. It also needs to be able to see the outside world for some calls to 3rd party APIs. To do this I used the VPC wizard to create a VPC that had both public and private subnets. The wizard also created and attached an Internet Gateway. After this I attached my Lambda, RDS instance and DocumentDb cluster to the VPC. Since then, however I have been unable to talk to my SQS queues from within my