amazon-vpc

问题 I want to set up a VPC for my Elastic Beanstalk web app and RDS postgres db . I tried creating a VPC but ran into problems: I went to VPC on AWS -> Launch VPC Wizard -> VPC with Public and Private Subnets . I am not sure what configurations to use. For example, what should I set Elastic IP Allocation ID ? Do I need to set the VPC name? After I create this, am I ready to just add it in EBS and RDS, or is there something else I need to do? Thanks! 回答1: Do I need to set the VPC name? Its

问题 Hi I am working on aws cdk. I am trying to get existing non-default vpc. I tried below options. vpc = ec2.Vpc.from_lookup(self, id = "VPC", vpc_id='vpcid', vpc_name='vpc-dev') This results in below error [Error at /LocationCdkStack-cdkstack] Request has expired. [Warning at /LocationCdkStack-cdkstack/TaskDef/mw-service] Proper policies need to be attached before pulling from ECR repository, or use 'fromEcrRepository'. Found errors Other method I tried is vpc = ec2.Vpc.from_vpc_attributes(self

问题 Hi I am working on aws cdk. I am trying to get existing non-default vpc. I tried below options. vpc = ec2.Vpc.from_lookup(self, id = "VPC", vpc_id='vpcid', vpc_name='vpc-dev') This results in below error [Error at /LocationCdkStack-cdkstack] Request has expired. [Warning at /LocationCdkStack-cdkstack/TaskDef/mw-service] Proper policies need to be attached before pulling from ECR repository, or use 'fromEcrRepository'. Found errors Other method I tried is vpc = ec2.Vpc.from_vpc_attributes(self

问题 I am able to create an Elastic Beanstalk environment with a VPC using this command with eb-cli : eb create --vpc This asks me to configure several options: Enter an RDS DB username (default is "ebroot"): ... Enter an RDS DB master password: ... Retype password to confirm: ... Enter the VPC ID: ... Do you want to associate a public IP address? (Y/n): ... Enter a comma-separated list of Amazon EC2 subnets: ... Enter a comma-separated list of Amazon ELB subnets: ... Do you want the load balancer

问题 So if I have two lambdas, one inside a private VPC, and one not on a VPC, calling the private lambda from inside the public lambda works but I cant call the public from the private lambda. There's no NAT setup. Why is this? It seems that I should not be able to call the private from the public theoretically. 回答1: In order to trigger a Lambda function, all that's required is for the caller to have outbound access to the Invoke AWS API. It is not necessary for the invoked Lambda function to

问题 I made a Django app and deployed it on Elastic Beanstalk . I made a Postgres DB with RDS as well. I want to add both of these to a VPC . I created the VPC using the VPC wizard (VPC with Public and Private Subnets): which created, as the name suggests, one public and one private VPC . I was told here that I need to add a second private subnet for RDS. Now I have: 1 public subnet (10.0.0.0/24) 2 private subnets (10.0.1.0/24 and 10.0.10.0/24) I also know that from here that I needed to "modify

问题 Assuming I have two VPCs VPC-A (non shared, peered with VPC-B ) VPC-B (a shared VPC which is configured with direct connect with on prem network) If I have a VPC endpoint/interface for API Gateway Private RestAPI within VPC-A , can an on-prem network communicate with that private VPC endpoint if VPC-A is peered with VPC-B , since VPC-B is connected to on prem via direct connect? Assuming this is for environment with ~50 Accounts. Besides VPC-B being peered with VPC-A , what other

问题 I have the following VPC setup with AWS Elastic Beanstalk: Web App Public Load Balancer pointed to by my domain (proxied through cloudflare) with EC2 instances in private subnet. Private internal API Load Balancer with inbound access granted to EC2 instances above via Security Group Database within the private subnet, accessible by EC2 instances behind the API Load Balancer. I would like to enable end to end HTTPS, AWS has good documentation here (https://docs.aws.amazon.com/elasticbeanstalk

问题 I have a Lambda function from which I need to make an external API call. I have added the Lambda function to a security group, a VPC, and 2 subnets, and it gives me this text: When you enable VPC, your Lambda function will lose default internet access. If you require external internet access for your function, ensure that your security group allows outbound connections and that your VPC has a NAT gateway. I go into VPC, create a NAT gateway (I let AWS create a EIP), attach it to one of the

问题 I am trying to use my company's mailhost for sending email to internal mail groups but I am unable to send an email. It throws exception as below: "javax.mail.MessagingException: 501 5.0.0 HELO requires domain address at com.sun.mail.smtp.SMTPTransport.issueCommand(SMTPTransport.java:1363)" Is it a limitation or I need to use SES only for sending emails? Is there any configuration that I need to do and I might have missed? Anything to check in VPC if the ports are open? Should I use port