I'm getting error when creating ec2 instance from my ami:
aws ec2 run-instances --image-id ami-3e21ed44 --count 1 --instance-type t2.medium --key-name sssoft --security-groups launch-wizard-4
Isn't this example same as in here?
It is giving this error:
An error occurred (InvalidParameterValue) when calling the RunInstances operation: Value () for parameter groupId is invalid. The value cannot be empty
What is wrong?
The error means the security group launch-wizard-4 does not exist in your account.
If that security group does exist in your account, check the AWS CLI profile you're using. It uses default by default. But if you need to use a different profile, just add --profile my-profile-name to the command.
For more information on profiles: AWS CLI Named Profiles
Silly mistake. In the command line the default zone was different from that of the AMI
Related
2 days back everything was working. but now it started giving this error. i am able to reproduce same error in dev environment. for testing i created a s3 without encryption and new kms key. but i am getting same error there.
aws ec2 import-image --description "123" --encrypted --kms-key-id arn:aws:kms:us-east-1:123456789:key/abc-efg-hij-klm-nop-xyz --disk-containers Format=ova,UserBucket="{S3Bucket=,S3Key=}"
An error occurred (InvalidParameterValue) when calling the ImportImage operation: The specified KMS key is not accessible. If this is a default EBS CMK, please retry your request without specifying the key explicitly
any help?
can you help me?
I'm doing a continuous deployment with circle.ci...
The unity tests, build and push is working.
But when i try update the ecs task, i'm getting the error:
ERROR: Could not connect to the endpoint URL: https://ecs.********.amazonws.com/
in the circle.ci i'm using the orbs
aws-ecs: circleci/aws-ecs#2.2.1
Any idea what is happen?
I don't know what to think/search anymore..
Update:
I tried run the command
aws ecs update-service --service ng-prod-service --cluster ng-cluster --force-new-deployment
And to my surprise i get the same error..
But my aws login works..
aws ecr get-login-password --region sa-east-1 | docker login --username AWS --password-stdin 119120169187.dkr.ecr.sa-east-1.amazonaws.com
i think the problem is with my credentials...
So i made new credentials with new iam rules and registerd on circle.ci and then it works...
It was probably the iam rules or iam credentials...
I have configured specific Lambda alias (Please note this) as Cognito trigger using CLI as there is no provision in web console to do so. Now I am getting PreSignUp invocation failed due to the error AccessDeniedException while signing up. I am not sure about it but this might be happening as I have configured trigger using CLI. I tried to locate Cognito specific role in IAM but I didn't find such role.
So how can I update missing permissions in IAM?
I used the following CLI command to update the permissions.
aws lambda add-permission --function-name <ARN of the lambda alias> --source-arn <user-pool-arn> --action lambda:InvokeFunction --principal cognito-idp.amazonaws.com
When I try to deploy my application on AWS, I get the following error :
An error occurred while provisioning your stack: HelloLambdaFunction -
Lambda was unable to configure your environment variables because the
environment variables you have provided contains reserved keys that
are currently not supported for modification. Reserved keys used in
this request: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY.
My AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY are stored in env.yml and I access them using process.env.AWS_ACCESS_KEY_ID
How can I fix this error ?
I would try removing those keys from the config and see what happens.
aws ec2 revoke-security-group-egress --group-id sg-xxxxxxx --protocol
tcp --port 443 --cidr 175.41.128.0/18
Error:
A client error (InvalidPermission.NotFound) occurred when calling the
RevokeSecurityGroupEgress operation: The specified rule does not exist
in this security group.
I have tried with --ip-permissions
aws ec2 revoke-security-group-egress --group-id sg-wwwwwwww
--ip-permissions '[{"IpProtocol": "tcp", "FromPort": 443, "ToPort": 443, "IpRanges": [{"CidrIp": "175.41.128.0/18"}]}]'
Error:
A client error (InvalidPermission.NotFound) occurred when calling the
RevokeSecurityGroupEgress operation: The specified rule does not exist
in this security group.
Suppose you set AWS access key properly. when run aws cli command, always remember to add region, if not on default region.
--region eu-central-1
If you can set boto, and run below commands, what did you get?
import boto.ec2
conn = boto.ec2.connect_to_region('<REPLACE_IT>')
conn.get_all_security_groups()
The response means that the rule you're trying to remove is not present within the security group. Maybe it was already removed. I see you pasted the full error message in the comment above:
The specified rule does not exist in this security group.
So try adding the rule, run the command to remove it, and see if you still get the same error.
Amazon's response error code is definitely confusing in this case, since it contains both "InvalidPermission" (which makes you think you're doing something wrong) and "NotFound". In this case, the "NotFound" is the important part.