To automatically generate a "Sign-in URL" to a newly added Control Tower account, you will need the following: create a Lambda function on the master account (the region must be us-east-1 – Virginia, so we will use CloudTrail as a trigger); create a policy that allows you to assign a role and attach it to …
Continue reading " AWS Organization – Automatic adding Sign-in URL for new accounts"
In order to allow read access from the S3 Bucket for all members included in the organization, the following policy must be applied to the S3 Bucket: Where "stackset-lambdas" is the S3 Bucket name and "o-xxxxxxxxxx" is your Organization ID.
This Python script gets a list of all regions, finds EC2 instances, RDS instances and ASG in them, and if there is no "prevent_stop" tag equal to "true" on the resource, then it stops this resource, and in the case of ASG it scaledown it to 0. main.py: List of required permissions to run …
Continue reading "Lambda – For stopping EC2 instances, RDS instances and ASG downscale in all regions"
This Python script creates events in PagerDuty using APIv2. The following script was taken as a basis. First you need to create a "Routing Key", aka "Integration Key", not to be confused with "API Access Key", which can be used for any API calls, we only need a key from a specific service. Go to …
Continue reading "PagerDuty – Python script for creating events"
AWS Transfer supports 3 protocols: SFTP, FTP, and FTPS. And only SFTP can have a public endpoint, FTP/FTPS can only be run inside a VPC. Also for login/password authorization, you must use a custom provider, you can find more information about this here. Goal: Create an AWS Transfer server for the FTP protocol, the service …
Continue reading "AWS Transfer – Public FTP"
When creating an RDS by specifying an incorrect value for the "ParameterGroupFamily" parameter, a similar error may occur: Error creating DB Parameter Group: InvalidParameterValue: ParameterGroupFamily default.mariadb10.2 is not a valid parameter group family To see a list of all possible values for the "ParameterGroupFamily" parameter, you can use the following command:
At the time of writing, EKS Fargate does not support a driver log for recording to CloudWatch. The only option is to use Sidecar Let’s create a ConfigMap, in which we indicate the name of the EKS cluster, region and namespace: Next, let’s create a service account and a ConfigMap with a configuration file …
Continue reading "AWS – EKS Fargate – Fluentd CloudWatch"
Key "–environment" AWS Cli utility replaces all the variables, those that you specify as an argument. To change the value of only one variable without erasing the others, or without listing them all, you can use the following BASH script: aws_lambda_update_env.sh: This script requires jq utility The script reads all current variables, changes …
Continue reading "AWS Cli – Lambda: Update single variable value"
An example of how you can create entities in Kubernetes using AWS Lambda. The function will be in Python3, so we will use Kubernetes Python Client More usage examples can be found here. Since AWS Lambda does not support this package, we will pack the "kubernetes" and "boto3" modules in our function. "boto3" is needed …
Continue reading "AWS – Lambda: kubectl"
When trying to execute the Lambda Python function, the following error occurs: { "errorMessage": "main() takes 0 positional arguments but 2 were given", "errorType": "TypeError", "stackTrace": [ " File \"/var/runtime/bootstrap.py\", line 131, in handle_event_request\n response = request_handler(event, lambda_context)\n" ] } Solution: From the message, we see that we use the "main" function as a …
Continue reading "FIX ERROR – AWS Lambda Python: "main() takes 0 positional arguments but 2 were given""