i have delete bucket name and want to re-use name but I can't. how long to re use bucket name?

Hi, I am trying to open port 5060 in EC2 security group But even if I add it it's still closed Custom UDP UDP 5060 0.0.0.0/0 – – IPv4 Custom UDP UDP 5160 - 5161 0.0.0.0/0 – – IPv4 Custom UDP UDP 1194 0.0.0.0/0 – – IPv4 Custom UDP UDP 10000 - 20000 0.0.0.0/0 – – IPv4 Custom UDP UDP 5060 - 5061

**Source Link:** https://github.com/aws-samples/amazon-transcribe-comprehend-podcast **Steps:** 1. Deployed the stack using the lanch stack button in the sources README. Used default configurations 2. Followed the README to start execution in RSS Step Functions State Machine with the example input JSON file. **Errors:** 1. The step function failed with the message `Fail state executed in step: Processing Error` When I investigated amazon transcribe, I found out that a `Custom vocabulary` job failure occurred. And the failure explanation is `Failure reason The vocabulary that you’re trying to create contains invalid characters or incorrectly formatted terms. See the developer guide for more information.` It's not clear what to do now. Wondering how to go about diagnosing the specific issue with the transcribe job.

I need a multi-user version of Quickbooks for Desktop. It is too expensive for the cloud version, and I lose the functions I get on the Desktop. Also, adding users to work simultaneously, I need a server. Is AppStream suitable for that function?

Is there a way to configure an account that can manage all tenants in an organization?

We are happy to announce that we just launched two enhancements to define how the Application Load Balancer (ALB) will process *Host* header and *X-Forwarded-For* header. These options provide additional flexibility in handling HTTP/HTTPS requests and allow customers to migrate their workloads to ALB. *Background:* AWS customers had asked for flexibility in specifying how ALB would handle Host and X-Forwarded-For headers in HTTP/HTTP Requests. The enhancements are as follows: *Host Header Enhancement:* * Currently, ALB modifies Host header in the incoming HTTP/HTTPS Request, and appends listener port before sending it to targets. For example, the Host: www.amazon.com header in the HTTP Request is modified to Host: www.amazon.com:8443 before ALB sends it to targets. This will remain the default behavior for backward compatibility. * With this enhancement, when enabled using a new attribute, ALB will send the Host header without any modification to the target. For example, the Host: www.amazon.com header in the HTTP Request will not be modified and sent to target as is. *X-Forwarded-For Header Enhancement:* * Currently, ALB appends IP address of the previous hop to the X-Forwarded-For header before forwarding it to targets. This will remain the default behavior for backward compatibility. * With this enhancement, customers can now specify whether the ALB should preserve or delete the X-Forwarded-For header before sending it to the targets. *Launch Details:* * Both enhancements do not change the default behavior and existing ALBs are not affected. * The enhancements are available using API and AWS Console. * The enhancements are available in all commercial, GovCloud, and China regions. These will be deployed in ADC regions at a later date based on demand. *Launch Materials:* * Documentation for Host header enhancement - https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#host-header-preservation * Documentation for X-Forwarded-For header enhancement - https://docs.aws.amazon.com/elasticloadbalancing/latest/application/x-forwarded-headers.html#x-forwarded-for Please give these a try and also let the customers know. Thank you.

I normally input new data into my app through a backend website that I have used for years and safari is saying that it cannot find server. All of My AWS accounts are paid.

Currently I'm using the [VM Import/Export](https://docs.aws.amazon.com/vm-import/latest/userguide/what-is-vmimport.html) to manually stand up EC2 instances from VMDKs stored on an S3 bucket. While this is great for small scale use cases, I'd ideally like the ability to cram this into a CloudFormation template so I can scale/automate the process. My Google-Fu isn't strong enough for me to find the correct way of doing this, or if it's even possible so I'm hoping the folks that browse Re:Post might have some experience. The ideal workflow would be having an S3 bucket full of VMDKs. Then uploading a CFT stack that would build the VPC, route table, subnets, yadda, yadda, yadda, then spin up instances based on the VMDKs. Any and all help is appreciated. Thanks!

We have an existing userpool with standard Cognito users. At some point we enable a external SAML identity provider for a group of users. When the existing users go to login a new user is created by Cognito and linking the external identity provider. We want to keep using the same Cognito user so we update the external provider on the original Cognito user record. But since there is a matching one on this new Cognito user we still get the new user rather than the original. I have tried using the AdminDisableProviderForUser api call with both ProviderAttributeName=Cognito_Subject and ProviderAttributeName=Cognito. But they both indicate that the Account is not linked to anyone. Is the ProviderAttributeName different for the linking that Cognito automatically creates for users? I think I can just disable that new user to solve this but I would rather not introduce code that would allow disabling of users.

I created a Web ACL rule that allows traffic to two exact URI paths and blocks everything else. I am able to manually associate it to my Application Load Balancer, but when I terminate my Elastic Beanstalk environment (which the Application Load Balancer is a part of) and recreate the Elastic Beanstalk environment the rule is not associated with the new Application Load Balancer that is created. Is there a way to configure it so that my Web ACL rule is associated with the Application Load Balancer with the Elastic Beanstalk environment is created?

If I have a lambda acting as an AppSync client does it leave the network to do a DNS lookup of the AppSync url provided? I am guessing that if I use an ApolloClient it would need to but what about if you use the aws-sdk AppSyncClient? Trying to speed up calls that pass through a BFF and would love any input!

I need to pre-process some data on S3 before the Glue Crawler crawls the data. For this I created an S3 Object Lambda to do the pre-processing. If I test the Object Lambda using the CLI, it provides the correct (processed) file. I then tried to use the ARN of the Object Lambda as the data store. However the Include Path prompt will only accept a value starting with 's3://'. I also tried to use an Access Point alias, but I do not see the alias for a Object Lambda Access Point. (If I use the alias for the supporting access point, I get the un-processed data from the S3 bucket.) As a last resort, I also tried to use terraform to set the data store. This did work, but when I run the crawler I get an error. I assume this is also because the crawler is expecting a path starting with 's3://' and not an ARN. Is there a different way to use an Object Lambda as the Data Store for a Glue Crawler?

Hello, I have been approved for the AWS SES production environment. I need to add DKIM records to my domain, but the DKIM records I download from my AWS SES dashboard are incomplete according to my web host. Specifically one of the records i missing the "value". Please can you provide me the the 'value' for the DNS records below. The records below are the only records I was able to view/download from my AWS SES dashboard. Type,Name,Value TXT,_amazonses.team@info.domain.com, TXT,team@info.domain.com,amazonses:

Hi, I use CloudWatch to monitor the stats of a simple EC2 instance and an RDS instance. About two hours ago I have a whole in the graph for the RDS instance. There is no CPUCreditBalance no CPUUtilization and no CPUCreditUsage for 14 minutes. During this time the service was working and I've had no down time. After that time I have stats for CPUUtilization but CPUCreditBalance and CPUCreditUsage are still missing from the graph.

First off I am very new to AWS cloudformation, been working on templates for a couple months trying to create a cloudformation template that creates an SFTP transfer service and adds a custom hostname. I was able to create the route 53 hostname and it all works fine with the exception the AWS Transfer Family dashboard does not show the Hostname for the server. I suspect it has to do with tags as I found this [doc](https://docs.aws.amazon.com/transfer/latest/userguide/requirements-dns.html#requirements-use-r53). I am using a parameter to get the HostedZoneId and use it via HostedZoneId: !Ref HostedZoneIdParam in the SFTPServerDNSRecord resource. is there a way to use t hat same parameter in a key/value as in Key: aws:transfer:route53HostedZoneId Value: /hostedzone/!Ref HostedZoneIdParam Any assistance or guidance would be appreciated

We have some Beanstalk environments that are scheduled for retirement this week (6/30/2022). We have been working to get these migrated to Fargate but will not make it by the retirement date. The documentation is somewhat vague on what "retirement" means. Our current working assumption is that the environments will continue to work but will not be supported in any way. This is fine for our purposes as we expect to be off them by next week. Will patching and things like auto scaling continue to work properly? The documentation says retired platforms are not available to either new or existing customers. Does this mean we will be unable to deploy our applications after 6/30? There is other information that indicates we have a 90 day grace period as an existing customer so trying to get clarification. Any guidance would be appreciated. https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/platforms-support-policy.html

I'm trying to copy files from windows 11 to EC2, I have used PPK and followed https://docs.aws.amazon.com/transfer/latest/userguide/transfer-file.html#winscp but I keep getting "Permission Denied" anybody can help?

I know that the snapshot ids are unique for a resource, but I'm wondering how far that uniqueness goes. Is it just for that resource, an account, regional, global throughout AWS or something else?

Hello, Quick question regarding AWS SF: Can you have an SF with type Express and then use it as both Synchronous and Asynchronous? For example, we want it to be Synchronous if triggered by APIGW, but Asynchronous if triggered by a lambda (that is connected to an SQS)

I created a DMS task: Source - MongoDB Target - RDS Postgres I have **successfully working pipelines with full load + Ongoing replication working.** But for some **collections** in my source mongo when I create Full load or Full load + Ongoing replication, **Task shows successfully completed and starts ongoing replication.** But Full load doesn't happens only schema gets created in postgres with 0 rows, and Ongoing replication starts. CloudWatch shows no error even after detailed debug.

Hi! I just deployed a solution to recover the abandoned calls from the queue and when no one answers the phone, however I'm not really sure how the billing works for this specific solution since I know it uses Kinesis Stream and Lambda, also I'm trying to see the phone numbers or information about the callers that abandoned the queue, but it's not showing anywhere. I used this article for reference: https://aws.amazon.com/es/blogs/contact-center/recovering-abandoned-calls-with-amazon-connect/ and I'm being billed this: AWS Step Functions USE1-StateTransition$14.44 $0 for first 4,000 state transitions4,000.000 StateTransitions$0.00 $0.000025 per state transition577,422.000 StateTransitions$14.44 Can someone help me?

Hi I set up my new website on AWS (www.knowyoursubject.com) and thought I had set up CloudFront OK but the distribution domain name given by CloudFront d2p0nm63829vgn.cloudfront.net brings up strange message.

We are monitoring a water meter that constantly increments the total gallons of water that have passed through the meter, thus we don't need to look at all the data in order to figure out what the total gallons are at points in between (though if data is missing we'd want to interpolate). We're trying to write a query that will provide us with the total gallons used at the end of each day. Here's an example: ``` SELECT BIN(time, 1d) as binned_timestamp, devEui, ROUND(MAX(totalGallons), 2) as max_totalGallons FROM "SensorData"."ApplicationData" WHERE time between ago(30d) and now() and devEui = 'A840419E8182DCBF' GROUP BY devEui, BIN(time,1d) ORDER BY binned_timestamp ASC ``` However, this queries all the data, where all we really need to look at is the last data point for each day. Thoughts?

We plan to use Lambda invoced by SNS to read json data from S3, process it and save in csv fromat to another bucket. Current approach to create temporary file, then use `boto3` `upload_file`. ``` df.to_csv('/tmp/csv_file.csv', index=False, encoding='utf-8') s3.upload_file('/tmp/csv_file.csv', OUTPUT_BUCKET, + key) ``` But I wonder would it create collisions if I will have several concurrent invocations of the lambda, both trying to write to the same `/tmp/csv_file.csv`? Or `/tmp/..` will be different for each Lambda invocation?

We are looking into iot device management solutions and are analyzing the AWS iot core and greengrass among other products. Our iot devices can be of different types and we will also have zebra devices on android. The AWS iot documents mention that greengrass is supported on Linux and windows. Can we effectively use it for Android devices also? Also we are looking at fleet provisioning of the iot devices. Is this supported for Android devices? Thank you.

Hi everybody, I wanna ask you about AWS Transcribe Analytics Call. API is well with AWS Transcribe but I need also sentiment Analysis, so I try to use AWS Transcribe Analytics. There is my code : ``` from __future__ import print_function import time import boto3 transcribe = boto3.client('transcribe', 'us-east-1') job_name = "my-first-call-analytics-job" job_uri = "PATH_S3_TO_WAV_WHO_HAD_WORD_FOR_AWS_TRANSCRIBE" output_location = "PATH_TO_CREATED_FOLDER" data_access_role = "arn:aws:s3:::MY_BUCKET_NAME_WHERE_WAV_FILES" transcribe.start_call_analytics_job( CallAnalyticsJobName = job_name, Media = { 'MediaFileUri': job_uri }, DataAccessRoleArn = data_access_role, OutputLocation = output_location, ChannelDefinitions = [ { 'ChannelId': 0, 'ParticipantRole': 'AGENT' }, { 'ChannelId': 1, 'ParticipantRole': 'CUSTOMER' } ] ) while True: status = transcribe.get_call_analytics_job(CallAnalyticsJobName = job_name) if status['CallAnalyticsJob']['CallAnalyticsJobStatus'] in ['COMPLETED', 'FAILED']: break print("Not ready yet...") time.sleep(5) print(status) ``` I had done aws configure and I use a IAM user who have AdministratorAccess. > **botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the StartCallAnalyticsJob operation: User: MY_ARN_USER is not authorized to access this resource** Any help please ? Thank you very much!

Currently trying to get started with IoT Core for my business, and all the documentation tells me how easy it is to add a LoRaWAN gateway via the Console, and how I can just click "Get Started" followed by "Add Gateway". However, there is simply no "Add Gateway" option. I have sifted through every single link there is on the sidebar - with and without the "New Console Experience" option checked - and every single piece of documentation that I can lay my hands on, to try and find where this option is. What can I possibly be missing? The closest thing that I can find - Add a Device - keeps asking whether my device is running Linux or Windows and which SDK I would like to download. Surely there is no need for all that just for the sake of adding a gateway that's in my hand as we speak?

I have built the below ml pipeline in sklearn. I need to replicate the same in the Sagemaker instance as well. 1. Separate dataset based on X attribute, say we have base separated dataset into 3 **segments**. 2. For each **segment**, Run PCA and Clustering and save the processed output. Assume we got 3 micro-segments for each **segment** above, then we have 9 micro segments (3 x 3). 3. Then I need to run the classification algorithm on every 9 micro-segments. Thank you and appreciate your support!

AWS Lambda function triggered by Amazon MQ: RabbitMQ event source. It works fine and consumes messages from the queue, but It does not scale with respect to the queue load. - Lambda function uses Unreserved account concurrency and it is 1000 but concurrency is usually around 2 or 1. - Batch_Size and Batch_window parameters do not affect the consumption speed much. Is there any configuration need to be considered to make the lambda function adapt its queue consumption speed to queue load?

Uni project: Create a V1 Lex bot using lambda function for validation and fulfillment. Works great in AWS - need to integrate with my website using python. Number of us hunted on google and AWS sites cannot find relevant info:( Any advice?

Hello, I have problem with "Replication Agent" installation for "AWS Elastic Disaster Recovery" (DRS) on linux: Error: ./aws-replication-installer-64bit: error while loading shared libraries: libz.so.1: failed to map segment from shared object I used following commands: [ec2-user@ip-xxx ~]$ curl https://aws-elastic-disaster-recovery-eu-central-1.s3.eu-central-1.amazonaws.com/latest/linux/aws-replication-installer-init.py -o aws-replication-installer-init.py [ec2-user@ip-xxx ~]$ sudo python3 aws-replication-installer-init.py The installation of the AWS Replication Agent has started. AWS Region Name: eu-central-1 ./aws-replication-installer-64bit: error while loading shared libraries: libz.so.1: failed to map segment from shared object My environment: [ec2-user]$ uname -a Linux xxx 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 8 13:30:15 EST 2021 x86_64 x86_64 x86_64 GNU/Linux [ec2-user]$ cat /etc/os-release NAME="Red Hat Enterprise Linux" VERSION="8.5 (Ootpa)" Does anybody have similar problem? Thanks, Adrian Hollay

Hello, i made accidentialy an invitation to AWS Organizatons (instead of IAM Account XD) I asked the owner many time, to finish the registration, so that i could delete these wrong account. He does not finish it and i think he won't to it. The Owner of the wrong invited Organisation ist NOT Member of our Company. so: How can i remove this account from our company? The support is just telling me, i shall advise the owner of the mail adress, to complete the process. But i think, he won't do this. The invitation was accidental and I do not want to accept any costs or liability for what the owner of the email address is doing, as the invitation was not intended. Please help me to delete this organization. Without their help, the registration process will not be completed and without their help I will not be able to delete the organization. What can i do? :(

Hi all, Since Jupyterlab 3.0 was finally released on SM Studio, we have been super happy with it, however, for reasons unknown to us, the jupterlab interface works very poorly with SM resources, the following phenomenon have been observes: 1. It takes FOREVER to load the page for SM pipelines, and half the time it reports error ("Error listing pipeline executions: Rate exceeded") 2. Changing instance type and size for a notebook is now super laggy, and do not work half the time Anyone knows if this is merely a lack of optimisation on the service team's part or is there something I can do to stop this behaviour? it's making our work very slow and unbearable, we don't want to revert back to 1.0 so any help would be greatly appreciated! Best, RUoy

Hi, We have a (maybe) unique situation. Our company setup Amazon SES to send customer notifications, etc. This appears to be quite reliable! However, we have a potential issue that we hope we can resolve. We configured an MX record as required by Amazon. It is pretty simple to explain. We initially setup the MX records as required... mail.example.com (priority 5) And also: feedback-smtp.us-east-2.amazonses.com (priority 10) This exposes a potential issue: If we are receiving an email, and the server is rebooting for an update, or there is a temporary connection issue at the hosting provider, the server sending us the mail will then fall back to feedback-smtp.us-east-2.amazonses.com. But because there are a number of mailboxes in the company, there is no way we can receive mail at feedback-smtp.us-east-2.amazonses.com. We need it to not accept any connection, so the SMPT server that sent the mail will re-queue it and try to send it to us again. I deleted the MX Record to prevent this, then I got the message below from Amazon. "IMPORTANT: If Amazon SES cannot detect the required MX record in 3 days, you will no longer be able to use "example.com" as a MAIL FROM domain. Consequently, any verified identities that are configured to use this MAIL FROM domain will not be able to send emails unless they are configured to fall back to the Amazon SES default MAIL FROM domain." Is there any way to prevent feedback-smtp.us-east-2.amazonses.com from accepting any connection for incoming mail for our company, so it will not generate a permanent error? Yesterday there was an issue at our host with receiving connections from different regions (it appears). This caused Gmail to detect feedback-smtp.us-east-2.amazonses.com as our main server even though it was sent from mail.example.com, and it was bounced saying "The IP address sending this message does not have a 550-5.7.25 PTR record setup". In summary, is there a workaround to prevent Amazon from receiving mail should our regular server be rebooting or have a temporary connection issue. Hope this makes sense. Thanks, Steve

Is Aurora HIPAA eligible in a Babelfish configuration? Where can I find information?

I am a beginner in using AWS. I was able to make use of the AWS documentation for setting up EC2 and RDS for deploying my personal website using the Free Tier quota. After I was done using the service I stopped both the instances. Towards the end of the month, even after I stopped both the instances, I was sent an alert regarding the 85% usage of my Free Tier quota. So I checked the AWS Billing (screenshot added below) and tried finding where the RDS was taking up over 17GB of data out of max limit of 20GB. To me this is not making sense as I had already terminated the RDS instance. Also, I did not opt for snapshots. If you can spot what I'm doing wrong here— thank you! Link for screenshot: https://i.stack.imgur.com/m53BU.png

At certain point of time, all java threads which abort the redshift db connections get blocked in the service. Thread dump: ``` thread-2" #377 prio=5 os_prio=0 cpu=23073.41ms elapsed=1738215.53s tid=0x00007fd1c413a000 nid=0x5a1f waiting for monitor entry [0x00007fd193dfe000] java.lang.Thread.State: BLOCKED (on object monitor) at com.amazon.jdbc.common.SStatement.close(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) - waiting to lock <0x00000006086ac800> (a com.amazon.redshift.core.jdbc42.PGJDBC42Statement) at com.amazon.jdbc.common.SConnection.closeChildStatements(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.common.SConnection.closeChildObjects(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.common.SConnection.abortInternal(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) - locked <0x0000000607941af8> (a com.amazon.redshift.core.jdbc42.S42NotifiedConnection) at com.amazon.jdbc.jdbc41.S41Connection.access$000(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.jdbc41.S41Connection$1.run(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(java.base@11.0.9.1/ThreadPoolExecutor.java:1128) at java.util.concurrent.ThreadPoolExecutor$Worker.run(java.base@11.0.9.1/ThreadPoolExecutor.java:628) at java.lang.Thread.run(java.base@11.0.9.1/Thread.java:829) ``` These are blocked on the threads which are still running statement on these connections. ``` thread-366" #23081 daemon prio=5 os_prio=0 cpu=972668.98ms elapsed=1553882.44s tid=0x00007fd1642b3000 nid=0x73ff waiting on condition [0x00007fd1920ac000] java.lang.Thread.State: TIMED_WAITING (parking) at jdk.internal.misc.Unsafe.park(java.base@11.0.9.1/Native Method) - parking to wait for <0x00000006086ae350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject) at java.util.concurrent.locks.LockSupport.parkNanos(java.base@11.0.9.1/LockSupport.java:234) at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(java.base@11.0.9.1/AbstractQueuedSynchronizer.java:2123) at java.util.concurrent.ArrayBlockingQueue.poll(java.base@11.0.9.1/ArrayBlockingQueue.java:432) at com.amazon.jdbc.communications.InboundMessagesPipeline.validateCurrentContainer(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.communications.InboundMessagesPipeline.getNextMessageOfClass(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.redshift.client.PGMessagingContext.doMoveToNextClass(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.redshift.client.PGMessagingContext.getReadyForQuery(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.redshift.client.PGMessagingContext.closeOperation(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.redshift.dataengine.PGAbstractQueryExecutor.close(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.common.SStatement.replaceQueryExecutor(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.common.SStatement.executeNoParams(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) at com.amazon.jdbc.common.SStatement.execute(com.foo.drivers.redshift@1.2.43.1067/Unknown Source) - locked <0x00000006086ac800> (a com.amazon.redshift.core.jdbc42.PGJDBC42Statement) ``` Statement executed in these threads : `statement.execute(“SHOW SEARCH_PATH”);` Once the java service is restarted, it works fine. But after a few days, this issue comes up again. Q1 a. Why a close connection thread is blocked even if its child statement is in a queued state? Q1 b. Is there a way to force close the connection? Q2 Why are the child statement in the waiting state?

Can't find a solution to this online. It's been happening once every few weeks. Thanks for any help.

Hello, I am having trouble to properly handle query with tumbling window. My application sends 15 sensor data messages per second to Kinesis Data Stream, which is used as an input stream for Kinesis Analytics application. I am trying to run an aggregation query using a GROUP BY clause to process rows in a tumbling window by 60 second interval. The output stream then sends data to a lambda function. I expect that the messages should arrive at lambda every 60 seconds but instead, they arrive much faster, almost every second, and the aggregations don't work as expected. Here is the CloudFormation template that I am using: ApplicationCode: CREATE OR REPLACE STREAM "SENSORCALC_STREAM" ( "name" VARCHAR(16), "facilityId" INTEGER, "processId" BIGINT, "sensorId" INTEGER NOT NULL, "min_value" REAL, "max_value" REAL, "stddev_value" REAL); CREATE OR REPLACE PUMP "SENSORCALC_STREAM_PUMP" AS INSERT INTO "SENSORCALC_STREAM" SELECT STREAM "name", "facilityId", "processId", "sensorId", MIN("sensorData") AS "min_value", MAX("sensorData") AS "max_value", STDDEV_SAMP("sensorData") AS "stddev_value" FROM "SOURCE_SQL_STREAM_001" GROUP BY "facilityId","processId", "sensorId", "name", STEP("SOURCE_SQL_STREAM_001".ROWTIME BY INTERVAL '60' SECOND); KinesisAnalyticsSensorApplicationOutput: Type: "AWS::KinesisAnalytics::ApplicationOutput" DependsOn: KinesisAnalyticsSensorApplication Properties: ApplicationName: !Ref KinesisAnalyticsSensorApplication Output: Name: "SENSORCALC_STREAM" LambdaOutput: ResourceARN: !GetAtt SensorStatsFunction.Arn RoleARN: !GetAtt KinesisAnalyticsSensorRole.Arn DestinationSchema: RecordFormatType: "JSON" I would really appreciate your help in pointing what I am missing. Thank you, Serge

Hello, I'm using Hudi connector in Glue, first, I bulk inserted the initial dataset to Hudi table, I'm adding a daily incremental records and I can query them using Athena, what I'm trying to do is to get the newly added, updated or deleted records in a separate parquet file. I've tried different approaches and configurations using both copy on write and merge on read tables but still can get the updates in a separate file. I used these configurations in different combinations: 'className' : 'org.apache.hudi', 'hoodie.datasource.hive_sync.use_jdbc': 'false', 'hoodie.datasource.write.precombine.field': 'ts', 'hoodie.datasource.write.recordkey.field': 'uuid', 'hoodie.payload.event.time.field': 'ts', 'hoodie.table.name': 'table_name', 'hoodie.datasource.hive_sync.database': 'hudi_db', 'hoodie.datasource.hive_sync.table': 'table_name', 'hoodie.datasource.hive_sync.enable': 'false', # 'hoodie.datasource.write.partitionpath.field': 'date:SIMPLE', 'hoodie.datasource.write.hive_style_partitioning': 'true', 'hoodie.meta.sync.client.tool.class': 'org.apache.hudi.aws.sync.AwsGlueCatalogSyncTool', 'hoodie.datasource.write.table.type': 'COPY_ON_WRITE', 'path': 's3://path/to/output/', # 'hoodie.datasource.write.operation': 'bulk_insert', 'hoodie.datasource.write.operation': 'upsert', # 'hoodie.datasource.hive_sync.partition_extractor_class': 'org.apache.hudi.hive.NonPartitionedExtractor', # 'hoodie.datasource.hive_sync.partition_extractor_class': 'org.apache.hudi.hive.MultiPartKeysValueExtractor', 'hoodie.datasource.write.keygenerator.class': 'org.apache.hudi.keygen.NonpartitionedKeyGenerator', # 'hoodie.compaction.payload.class': 'org.apache.hudi.common.model.OverwriteWithLatestAvroPayload', # 'hoodie.cleaner.policy': 'KEEP_LATEST_COMMITS', 'hoodie.cleaner.delete.bootstrap.base.file': 'true', "hoodie.index.type": "GLOBAL_BLOOM", 'hoodie.file.index.enable': 'true', 'hoodie.bloom.index.update.partition.path': 'true', 'hoodie.bulkinsert.shuffle.parallelism': 1, # 'hoodie.datasource.write.keygenerator.class': 'org.apache.hudi.keygen.CustomKeyGenerator' Thank you.

I trying to deploy with the serverless framework and get this error for an S3 bucket where I want to enable S3 Transfer Acceleration. ``` API s3:setBucketAccelerateConfiguration Access Denied ``` My user and cli has `AdministratorAccess ` policy. Best, Arthur

AWS Transfer Family support AIX platform

The AWS RUM dashboard doesn't seem to provide a Google Analytics Page Views style report (e.g. I want to see the number of page loads for each discrete page over a certain time period) Is it possible to get this information from RUM?

This is just a repost from stackowerflow. **Cognito team seems to be unwilling to fix this serious bug.** https://stackoverflow.com/questions/47815161/cognito-auth-flow-fails-with-already-found-an-entry-for-username-facebook-10155 The goal is to implement a social provider auth flow as described in User Pools App Integration and Federation. One important thing that I want to satisfy, is to merge user pool accounts that have the same email address. I am accomplishing that by calling adminLinkProviderForUser within the PreSignUp_ExternalProvider cognito lambda trigger. So with this, everything works. The new social provided user is being registered and linked with the already existing Cognito (user+pass) user. However, the authentication flow, from user's perspective doesn't complete. It fails at the last step where the callback uri (defined in cognito user pool) is being called: ``` error: invalid_request error_description: Already found an entry for username Facebook_10155611263152353 ``` But then, if the user retries the social auth flow, everything works, and would get session tokens that represent the original Cognito User Pool user (the one that already had that email). Note that I'm testing the auth flow on an empty User Pool, zero user accounts.

Instance i-029a3458f152ffc6e; EC2 reports healthy. There was an issue ten days ago that led to a restart and the server was working before that. Deployed new image, rebooted, restarted, server still reports as being under maintenance.

Are there any plans to support .com.mt for domains as we would like to transfer our domain over. Thanks for you time!

We are trying to deploy Organization Conformance Packs via CloudFormation. But the deployment always fails with the below exception: `NoAvailableConfigurationRecorderException in 1 account(s)` AWS Config recorder ist configured in the Management Account and we have completed the [Prerequisites](https://docs.aws.amazon.com/config/latest/developerguide/cpack-prerequisites.html#cpack-prerequisites-organizationcpack) for Organization Conformance Packs. Trusted service access for AWS Config is enabled in our Organization by [creating a multi-account aggregator and adding the organization](https://docs.aws.amazon.com/organizations/latest/userguide/services-that-can-integrate-config.html#integrate-enable-ta-config). Our Cloud Landing Zone is created using Control Tower. Also we've followed [this](https://aws.amazon.com/blogs/mt/deploy-aws-config-rules-and-conformance-packs-using-a-delegated-admin/) blog post to try the same with a delegated Administrator account. Last but not least we've given the config recorder role admin access and excluded all account except the Management Account in our template. Still no luck. Anyone having an idea how to solve this issue?

``` An error occurred (BadRequestException) when calling the GetExport operation: Cannot deserialize value of type `io.swagger.v3.oas.models.media.ObjectSchema` from Array value (token `JsonToken.START_ARRAY`) at [Source: UNKNOWN; line: -1, column: -1] (through reference chain: io.swagger.v3.oas.models.media.ArraySchema["items"]) (through reference chain: io.swagger.v3.oas.models.media.ObjectSchema["properties"]->java.util.LinkedHashMap["data"]) Action failed: see logs above for details ```

I there a way to add another attribute to the customer profile that appears in the CCP ? I see in the examples of the schema there is an Attribute object for holding misc values but cannot see where these can be set. I am using the CTR model and S3

The "DeleteUser" log has a "null" value on "responseElements" filed. Is there any flag I can raise so that the delete_user action will return the "userId" in the response? The scenario is: create then delete in loop users with the same name. I should determine the correlation between creating and deleting logs in real time. I can determine what "create" action is related to what "delete" action since they all have the same name.

My WordPress website is showing This site can’t be reached error on the browser. I have hosted my website on AWS lightsail instance. https://www.smartstudyabroad.com/ I have checked the error log and it is showing errors like the below given. [Mon Jun 27 00:00:04.782197 2022] [mpm_event:error] [pid 23858:tid 139898567034176] AH03490: scoreboard is full, not at MaxRequestWorkers.Increase ServerLimit. Please help to resolve the issue.

Team, I wanted to know if you have any data reduction technologies like compression, Dedup, etc available as a part of the EBS/EFS/S3 Storage options? Or Does the customer need to use any 3rd party SW from the marketplace to do this?

Hi, I have created a Nodejs Lambda, which require header parameters. Lambda deployed by the 'serverless.yml' file and corresponding API Gateway created for all APIs with lambda proxy integration. When I execute those APIs with headers parameters it throws CORS error like this, Request header field 'abc' is not allowed by Access-Control-Allow-Headers in preflight response I have given 'Allow Headers' in entry component. app.use(function (req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT,DELETE"); res.header("Access-Control-Allow-Headers", "Content-Type"); next(); }); Is there any solution to pass headers ?

We are using AWS EMR hadoop cluster, where prestodb is running. willing secure prestodb. Need complete step by step implementation guide on apache ranger (open source) or via ldap. Application version information EMR emr-6.1.0 Hadoop 3.2.1 Hive 3.1.2 Hue 4.7.1 Presto 0.232 Spark 3.0.0 Thanks in advance.

I am using S3 Lifecycle policy to delete objects which are greater than 7 days but my folders are also being deleted along with the objects. Isn't there any way where my objects only are deleted and not folders. I know that S3 follows a flat file structure but there must be a way. Can someone help me in this ?

I have deploy 3 fargate tasks in 3 different regions and each of them are in different url. Now, if there is a user wanted to connect to the service, I'll need to help user to select the AWS region for them, as latency/geolocation is just one of the criteria. Is there anyway that I can have a latency data for references when I wanted to do the match-making?

I searched in athena and uploaded the searched content to s3. I used the select statement about 10 times and uploaded a small query log to s3. However, looking at the charges charged, there were hundreds of thousands of requests. It is unknown what caused this number of requests. Why is there such a large number of requests?

I tried to do a select query on Athena using aws sdk. In the sample, using resultconfiguration, it was stored in s3 and then queried. However, it seems that the console showed the select result without saving the query result. So I skipped resultconfiguration and ran aws sdk, and the following error occurred. ``` An output location is required either through the Workgroup result configuration setting or as an API input. ``` So I think that to query athena from aws sdk, the result must be saved in s3. Is this correct? If not, please tell me how should I configure the aws sdk.

Why can't I find the Amazon associate page?

I require support for preserving traces from different teams in Xray with the following attributes. The XRay backend used to store all traces will be provisioned in a single centralized account. Note that applications are integrated with OpenTelemetry libraries and will be submitting traces to XRay using ADOT collector. * maintain separate keys, one per team, for encryption of trace data at rest * separate IAM roles to provision access of keys and trace data such a team cannot access traces from other teams. * maintain separate configurations for sampling rates, rate limits, quotas, etc. A feasible option for implementing these requirements seems to be using tracing groups. Groups can be created using filter expressions based on certain pre-defined attributes in a trace such as service prefix, unique per team. However, XRay lacks configuring multiple keys for encrypting traces and IAM policies to control read access to traces and service graphs don't support resource level permissions or condition filters. There is also a limit of 25 groups per account. Due to these limitations, we cannot use groups. Are there alternate approaches for implementing my aforementioned requirements?

I got this error on CLI: `An error occurred (Unsupported) when calling the RunInstances operation: Your requested instance type (c5.2xlarge) is not supported in your requested Availability Zone (us-east-1e). Please retry your request by not specifying an Availability Zone or choosing us-east-1a, us-east-1b, us-east-1c, us-east-1d, us-east-1f.` This looks very reasonable. But how do I do not specify an Availability Zone? The command I ran which gave the above error just used `us-east-1`, not `us-east-1e`. Where's it getting us-east-1e? I did not specify that. Here's the full command I ran: `aws --output json ec2 run-instances --region=us-east-1 --client-token=some-client-token --image-id=ami-someimage-id --instance-type=c5.2xlarge --associate-public-ip-address --subnet-id=subnet-id --placement=GroupName=my-group-name` Associated support article also does not give an example of how to not specify an Availability Zone: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-instance-type-not-supported-az-error/

I'm creating a stack for CW alarm for mem_percent_used disk utilization metrics. It worked when I tried creating an alarm manually. It doesn't work after I created an alarm using CF. I have noticed that ami id, device, and fstype are missing in my CF script. How do I supply these values? Also, if I have 50 instances can I have single alarm to monitor the disk usage metrics?

I am trying to control which event-bus an AWS Tracker goes onto. I looked at the API Docs and I did not see anything like an "event-bus" as part of it's parameters. In my testing it seems that the Event Bus rule uses the "default" bus every time for an "ENTER" or "EXIT" event. We use various event-bus' per environment. Is there any way I can configure my API call to point to a specific event-bus? Here is a sample snippet I am currently using: ``` var paramsUpdateTracker = { TrackerName: 'test-tracker', Updates: [ { DeviceId: 'fake-device-number', Position: [-90.22222,41.888888], SampleTime: new Date, } ] }; location.batchUpdateDevicePosition(paramsUpdateTracker, function(err: any, data: any) { if (err) { console.log(err, err.stack); } else { console.log(data); } }); ```

I have an App Runner service that was created successfully, but fails to update if I change the ECR access role. Nothing about the role changed other than the name. It takes 40min for the update to eventually fail, and the only error messages I receive are: ``` 06-27-2022 03:50:43 PM [AppRunner] Service status is set to RUNNING. 06-27-2022 03:50:42 PM [AppRunner] Service update failed. For details, see service logs. 06-27-2022 03:11:04 PM [AppRunner] Service status is set to OPERATION_IN_PROGRESS. 06-27-2022 03:11:04 PM [AppRunner] Service update started. ``` Is this a known issue?

Hello! We have an IoT Core Rule which is fired when a MQTT message is published to certain topic. The message structure is: ``` { "triggers": ["door"], "datetime": "2022-06-01T00:00:00Z", "errCodes": [100], "strength": 107, "net": "GMS", "eco": 0, "light": 0, "def": 0, "fan": 0, "defrost": 1, "Mdef": 0, "comp": 0, "door": 0, "Tcond": 38.1, "Tevap": 1, "Tint": 3.8, "topic": "abc/ar/data/NVC1/test-vscode-3" } ``` We have a requirement where data buffered in remote devices could be sent to IoT Core, so we need to send a "datetime" field (the second one) in the payload. The Iot Core Rule fires a AWS Lambda function, which generates a multi-measure record to be finally sent to Timestream: ``` { "Dimensions":[ { "Name":"hw_model", "Value":"NVC1" }, { "Name":"serial_device", "Value":"test-vscode-3" } ], "MeasureName":"multimeasuredata", "MeasureValueType":"MULTI", "MeasureValues":[ { "Name":"Tint", "Value":"3.8", "Type":"DOUBLE" }, { "Name":"Tevap", "Value":"1", "Type":"DOUBLE" } ], "Time":"1654041600000" } ``` The Timestream table retention periods are: Memory store retention: 45 days Magnetic store retention: 180 days Magnetic store writes: ENABLED The exception thrown is: ``` { "errorType":"RejectedRecordsException", "errorMessage":"One or more records have been rejected. See RejectedRecords for details.", "name":"RejectedRecordsException", "$fault":"client", "$metadata":{ "httpStatusCode":419, "requestId":"VKL72WIIMCBGQNWMMSQLK7CAAQ", "attempts":1, "totalRetryDelay":0 }, "RejectedRecords":[ { "Reason":"The record timestamp is outside the time range [2022-06-17T15:21:13.756Z, 2022-06-27T22:51:04.174Z) of the data ingestion window.", "RecordIndex":0 } ], "__type":"com.amazonaws.timestream.v20181101#RejectedRecordsException", "message":"One or more records have been rejected. See RejectedRecords for details.", "stack":[ "RejectedRecordsException: One or more records have been rejected. See RejectedRecords for details.", " at deserializeAws_json1_0RejectedRecordsExceptionResponse (/var/task/node_modules/@aws-sdk/client-timestream-write/dist-cjs/protocols/Aws_json1_0.js:947:23)", " at deserializeAws_json1_0WriteRecordsCommandError (/var/task/node_modules/@aws-sdk/client-timestream-write/dist-cjs/protocols/Aws_json1_0.js:888:25)", " at processTicksAndRejections (node:internal/process/task_queues:96:5)", " at async /var/task/node_modules/@aws-sdk/middleware-serde/dist-cjs/deserializerMiddleware.js:7:24", " at async /var/task/node_modules/@aws-sdk/middleware-signing/dist-cjs/middleware.js:11:20", " at async StandardRetryStrategy.retry (/var/task/node_modules/@aws-sdk/middleware-retry/dist-cjs/StandardRetryStrategy.js:51:46)", " at async /var/task/node_modules/@aws-sdk/middleware-logger/dist-cjs/loggerMiddleware.js:6:22", " at async Runtime.exports.handler (/var/task/lambda.js:58:20)" ] } ``` We are not falling out the memory retention period (45 days) in this example (27 days), but the range returned in the exception is (IDK why) [2022-06-17T15:21:13.756Z, 2022-06-27T22:51:04.174Z) Do you have any ideas of why this is the range and hence why the record cannot be inserted? Thanks !

I am using two api destinations with same connection for 0Auth. I checked the dlqueue and saw that the response is 403 which makes me think that the token in the connection is not getting refreshed. Anyone know what I need to do here. Tried search through internet but couldn't find any answers.

Hey all. I'm looking for guidance on using the AWS CLI to scan a batch of images on an S3 bucket with Rekognition. I've been able to successfully 'detect-labels' on a single image stored on my bucket. The goal is to identify images in adult content and move them into a separate folder to moderate manually. I've not seen anywhere in the docs how to scan a folder, only a single image, and it can't possibly be that I should need to use yet another AWS service to do the same exact operation on a folder instead of a single file? Thanks for reading.

I can't seem to get an instance in a public subnet to connect via session manager. The subnet that the instance ends up deploying to has `0.0.0.0/0` set to an internet gateway. The security group has no inbound rules and an outbound rule of `Allow` `0.0.0.0/0`. The instance profile has the `AmazonSSMManagedInstanceCore` managed policy, the instance is on a public subnet with an internet gateway and a security group that allows all outbound requests, and it’s running AmazonLinux 2, so the SSM agent should be installed. I even added a userData command to install the latest again, but that didn’t change anything. From the console, I see the following error message: > **We weren't able to connect to your instance. Common reasons for this include:** > * SSM Agent isn't installed on the instance. You can install the agent on both [Windows instances](https://docs.aws.amazon.com/en_us/console/systems-manager/agent-windows) and [Linux instances](https://docs.aws.amazon.com/en_us/console/systems-manager/agent-linux). > * The required [IAM instance profile](https://docs.aws.amazon.com/en_us/console/systems-manager/qs-instance-profile) isn't attached to the instance. You can attach a profile using [AWS Systems Manager Quick Setup](https://docs.aws.amazon.com/en_us/console/systems-manager/qs-quick-setup). > * Session Manager setup is incomplete. For more information, see [Session Manager Prerequisites.](https://docs.aws.amazon.com/en_us/console/systems-manager/session-manager-prerequisites) Here's a sample of CDK code that replicates the problem: ```typescript const region = 'us-east-2' const myInstanceRole = new Role(this, 'MyRole', { assumedBy: new ServicePrincipal('ec2.amazonaws.com'), }) myInstanceRole.addManagedPolicy( ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore') ) const myUserData = UserData.forLinux() myUserData.addCommands( `sudo yum install -y https://s3.${region}.amazonaws.com/amazon-ssm-${region}/latest/linux_amd64/amazon-ssm-agent.rpm`, 'sudo systemctl restart amazon-ssm-agent', ) const myInstance = new Instance(this, 'MyInstance', { instanceType: InstanceType.of(InstanceClass.C6I, InstanceSize.LARGE), machineImage: MachineImage.latestAmazonLinux({ generation: AmazonLinuxGeneration.AMAZON_LINUX_2, cpuType: AmazonLinuxCpuType.X86_64, }), vpc: Vpc.fromLookup(this, 'ControlTowerVPC', { vpcName: 'aws-controltower-VPC', }), vpcSubnets: { subnetType: SubnetType.PUBLIC, }, blockDevices: [ { deviceName: '/dev/xvda', volume: BlockDeviceVolume.ebs(30, { volumeType: EbsDeviceVolumeType.GP2, encrypted: true, }), }, ], userData: myUserData, role: myInstanceRole, detailedMonitoring: true, }) ```

Hello there, How can I update PHP to 7.4 version or upper?

When launching an EC2 instance, I can successfully connect to it for 7 minutes at a time. Then, it disconnects me and I have to stop and start the instance to allow connections again. I've tried both Linux and MSWindows instances.I've tried SSM, SSH, and RDP (where appropriate)If I setup a cron job, pinging www.google.com, it still pings successfully, even though I get disconnected. I have tried this from several machines and networks, to see if somehow my personal network is a problem. it doesn't seem to matter. 7 minutes after boot, I get disconnected and can't reconnect. It doesn't matter if I have a lot of network traffic or a little. Cloudtrail doesn't show anything in the timeframe. I can also connect to other EC2 instances on other AWS accounts and stay connected for hours and hours. Any idea on what could be causing my disconnects after 7 minutes?

I have successfully used the Textract "Analyze Document" demo (https://us-west-2.console.aws.amazon.com/textract) in the past, but all interactions with the demo - be it a document upload, or even resetting the demo - now return a nondescript error: **"Textract encountered an error while processing this document."** The documents I've used are all an accepted format (JPEG or PDF) and are well under the 5MB / 11 pg limit. The documents successfully upload and can be previewed in the demo tool, but no results are displayed; I see the error message instead. Is the Textract demo tool broken? Is there additional account configuration that I need to be aware of?

hi, i need to migrate from aws to a different provider. where do i find the following info: SSH hostname: SSH username: SSH port number: SSH private key: SSH key passphrase: Thanks

I'm trying to create an isolated Python virtual environment to package Python libraries necessary for a Pyspark job. I was successful to make it work by simply following these steps https://github.com/aws-samples/emr-serverless-samples/tree/main/examples/pyspark/dependencies However, there is one Python library dependency (SWIG) failing to install because it requires additional libs to be installed such as gcc gcc-c++ python3-devel. LIB: https://github.com/51Degrees/Device-Detection/tree/master/python So I added RUN yum install -y gcc gcc-c++ python3-devel to the Dockerfile image https://github.com/aws-samples/emr-serverless-samples/blob/main/examples/pyspark/dependencies/Dockerfile and it installed sucessfully and then I packaged the virtual env. However, the emr job fails with that lib python modules not being found, which makes me think that python3-devel is not present in EMR Serverless 6.6.0 Since I don't have control over the serverless environment, is any way around this? Or am I missing something?

Can anyone help with possible challenges we may face while migrating from AWS Landing Zone to AWS Control Tower. The AVM has been customized, hence wondering if anyone has been in similar situation.

We have noticed that the pre-checks for the upgrade of MySQL 5.7 to MySQL 8 are having issues with character combinations that "resemble" depreciated words. For example, the depreciated "Group By ... DESC" is one of those constructs "[https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.MySQL.html#USER_UpgradeDBInstance.MySQL.57to80Prechecks]()" "There must be no queries and stored program definitions from MySQL 8.0.12 or lower that use ASC or DESC qualifiers for GROUP BY clauses." While our stored procedures use Group by's, there is no associated "DESC" word with them. However, the character sequence does appear in the stored procedure in various forms: * There is a call to another stored procedure called "update_fc**desc**ription();". It has the characters "desc" within the name * There are columns in the queries (table columns) with the name "blah**Desc**riptionblah" * There is a block comment that has the word "**Desc**ription:" that describes the stored procedure (documentation) However, there are no "DESC" words associated with the "Group by". For testing, * I deleted the comments word, and that issue no longer appeared as an error * I renamed the call to the other stored procedure update_fc**desc**ription(); to update_fc**dxexscxrixp**tion();, and that issue no longer appeared as an error * The columns that have the characters "desc" I couldn't work around without a lot of changing to the stored procedure It seems that there is a Stackoverflow question outlining this behavior too: [https://stackoverflow.com/questions/71412470/aws-mysql-aurora-major-version-2-3-upgrade-pre-checks-obsolete-procedure]() Also, a "re:Post" question too: [https://repost.aws/questions/QUWJzlcpitRoGM0woZVOylBQ/aurora-2-to-3-mysql-5-7-to-8-0-upgrade-pre-check-incorrect-validation-on-store-procedure]() This is clearly a bug in the pre-check process and is limiting our upgrade from MySQL 5.7 to 8. Any updates on this being fixed/addressed? Thank you.

I'm using cloud trail to trigger an event bridge rule, and every time new deployment takes place duplicate s3 buckets are being created for cloud trail logs, how do I prevent this through CDK?

In our Java app we have what is basically boilerplate S3 V2 code for creating a multipart upload of a file to S3. We absolutely need the ability to cancel the upload, and recover all resources used by the upload process, INCLUDING the CPU and network bandwidth. Initially we tried simply cancelling the completionFuture on the FileUpload, but that doesn't work. I can watch the network traffic continue to send data to S3, until the entire file is uploaded. Cancelling the completionFuture seems to stop S3 from reconstructing the file, but that's not sufficient. In most cases we need to cancel the upload because we need the network bandwidth for other things, like streaming video. I found the function shutdownNow() in the TransferManager class, and that seemed promising, but it looks like it's not available in the V2 SDK (I found it in the V1 sources). I've seen a function getSubTransfers() in the V1 MultipleFileUpload class that returns a list of Uploads, and the Upload class has an abort() function, but again, we need to use V2 for other reasons. I've also found and implemented code that calls listMultipartUploads, looks for the upload we want to cancel, creates an abortMultipartUploadRequest, issues it and the threads keep on rolling, and rolling, and rolling.... Is there a "correct" way of terminating a multipart upload, including the threads processing the upload?

we host exclusive content on our platform. only specific users that meet certain criteria are intended to have access to the content. we authenticate the users. we would like to know how we can ensure that authenticated users are unable to share the link generated to give them access to the content stored in s3 bucket. any suggestions or documentation we can study on how to prevent users from sharing the link?

I am using AppSync as my API for my application. I would like a few basic features to be available to users who haven't signed in yet. I'm aware that it is possible to use IAM authentication and to create a temporary AssumeRole call to an unprivileged role and use that with IAM authorization, but I'd really much prefer to be able to designate certain resolvers are not requiring any authentication. Is this possible? If not, why not?

In the [documentation](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-libraries.html) I can see that we can add additional modules from pip using the following command %additional_python_modules nameOfModule However, I would like to be using a later version of pandas and pyarrow than the ones currently installed, 1.0.4 and 0.16.0 respectively. I have tried adding this at the top of the script in a notebook: ``` %additional_python_modules pandas==1.4.2, pyarrow==8.0.0 ``` As well as passing these as parameters when doing a manual run, however, I still see the version numbers remaining as the standard out of the box versions, is this possible to do?

I am able to connect CodeBuild with CodeCommit via NAT gateway in public subnet -> Internet Gateway. As both CodeCommit & CodeBuild are on AWS, I am trying to avoid using Internet Gateway. Here's what I have done so far - Created endpoint for CodeCommit - Attached it to private subnet - Configured CodeBuild to use the same subnet I am curious on what can be done here to avoid using Internet Gateway.

Hello I would like to ask when we can expect to post the update KB5014669 in AWS-InstallWindowsUpdates command document? Can we check somewhere what KBs are currently in the AWS-InstallWindowsUpdates command document? I would appreciate any help on this topic. Best regards

Hello, Currently I am trying to read csv files in my s3 bucket with the following format: ``` header 1, header 2, header 3 value 1, value 2, value 3 header 1, header 2, header 3, header 4 value 1, value 2, value 3, value 4 ``` as you can see I have two header rows. But I only care about the second header row and everything below. Is there a way to ignore the first two lines with glue and use the second header row as a starting point to create a table?

Hi, I have an Windows EC2 instance on which runs an graphical heavy load application so i created an AMI from the Windows instance and launched new W-EC2 from that AMI and attached the Elastic Graphical card(GPU) . I was trying to figure it out how to Autoscale that. I created a launch template/configuration but i don't have a field to introduce the Elastic Graphical Card. I know that the process of adding EGC is that you can only add it at launch, then you have to login , download EGC software and restart the EC2 in order to get the GPU added to the Windows EC2. My questions are: How can i automate this process? How can i achieve autoscaling for my application? Any answer, blog or documentation to read regarding this will be helpful. Thanks in advance!

Hi Team, I am not able to stop or terminate my AWS instance. As it shows the error Modify it's 'disableApiStop' instance attribute and try again. I am not able to complete the action. Today i got a abbusive alert for that instance on my mail and tried to terminate the instance and getting the same error might be the server as been accquired by hackers, i don't have any issues in terminating it as it's test server and doesn't as any critical data. Can somer suggest me on how get resolved from this issue. Regards, Jagadish

We are considering support for Security Hub. In order to clear the check of S3.9, I prepared a bucket for access log output and set it to output access log there. However, the check cannot be cleared because the access log output setting of the access log output bucket has not been set. How can I clear this check? If possible, I would like to solve it in a way that does not ignore it. [S3.9] This control checks if an Amazon S3 Bucket has server access logging enabled to a chosen target bucket.

Hello, As stated in the [alb docs](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html) the "Target Groups per Application Load Balancer" is set to 100 hard limit. I have a customer who is using `ALB` with `ECS` to implement their microservices and are up to 75 `target groups` and will at some point hit the 100 `target group limit`. Just wondering what or if their is a recommend way to over come this limit ? Best I can come up with is to have a small chain of `ALBs`. So have an `entry ALB` will route traffic based on some rules to say 3 other `ALBs` downstream that in turn point to the `target groups` that have the `ECS` services but not convince this is the best solution. Is there are alternative solutions then please let me know thanks alexis

Hello, Is there any way to forward AWS CCP Streams logs to cloudwatch. Currently we can only get logs from client's machine. They have to download and send them to us. We want to forward logs from client side to cloudwatch so we dont need client downloaded logs. Thank you.

Hi, I am working on creating an Platform application which is mainly for employees of that organization. Internal in organization, they are using Microsoft AD for authentication purpose. So till now we decided to use AWS Cognito with federated identity. But they are using AWS SSO also. From some of blogs it seems like we can also utilize that AWS SSO for authentication purpose in our application. Is it the write understanding Please confirm, if so here are some more confusion : - 1. If we go on AWS SSO approach, do in that we need Cognito pool or not ?? 2. If we go on AWS SSO approach, do that aws sso return some JWT token that we can utilize on API Gateway layer for authenticating all APIs ?? Looking for quick response. If possible please share some relevant blogs/article ? Regards, Abhishek

Hi, I ran AWSSupport-MigrateEC2ClassicToVPC to migrate my EC2 Classic to VPC. I ran Test first then Cutover. It started to run successfully but stopped on step 3 checkIfVirtualizationTypeIsHVM and that step and all others are Pending. It looks as if I must have done something wrong in setting up VPC and it can't receive the migration, but this is all 100% new to me and I don't know what to change.