Questions tagged with .NET on AWS
Content language: English
Sort by most recent
Hi All. I have had multiple emails recently from AWS with subject line “[ACTION REQUIRED] - Update your TLS connections to 1.2 to maintain AWS endpoint connectivity [AWS Account: 090759423501]”. The key part of the email seems to be
.....................
Please see the following for further details on the TLS 1.0 or TLS 1.1 connections detected from your account between February 25, 2023 and March 13, 2023 (the UserAgent may be truncated due to a limit in the number of characters that can be displayed):
Region | Endpoint | API Event Name | TLS Version | Connection Count | UserAgent
eu-west-1 | dynamodb.eu-west-1.amazonaws.com | DescribeTable | TLSv1 | 324 | aws-sdk-dotnet-45/3.3.1.0 aws-sdk-dotnet-core/3.3.5.0 .NET_Runtime/4.0 .NET_Framework/4.0 OS/Microsoft_Windows_NT_10.0.14393.0 ClientSync Docu
............................
However, my reading of that is that it is a system call from a .net runtime and I’m not really sure what I can do about this.
Your assistance would be appreciated. I typically use AWS resources in two ways:
a) scheduled or triggered Lambda calls built directly in the AWS interface or
b) calls from c# .net programs coded in Visual Studio
I followed some links to literature that the AWS account manager gave me which suggested
1) Use the Cloud Trail section of CloudWatch to find log entries where TLS 1.0 or 1.1 was used - I tried this but could find no matching records when I ran the query
2) Check the general account health dashboard - I did this but no problems are reported there.
Can anyone suggest a course of action here?
Thanks
Richard Abbott
Hi,
I am new to AWS and tried following a tutorial that allows me to deploy my blazor wasm app by using Amplify:
https://aws.amazon.com/de/blogs/devops/deploy-net-blazor-webassembly-application-to-aws-amplify/
When I configure and start my web app in Amplify all looks fine. The authorization process for github seems fine.
However, when it comes to building the application, Amplify runs into an error. It states, that there was a problem with establishing a connection to the repository provider. It prompts to reset the connection in the settings, but when I do it first states that the connection is set up correctly but fails during build with the same message anyway. Within github the permisions seem to be set correctly as well.
What can I do?
Hi,
I am trying to use attributes to control the contact flow for a chat session. But I am unable to get JWT working to pass attributes.
The documentation on how to pass token is sparse. Here are a few questions:
1. Should the JWT token be in the bearer or in the html body?
2. What should be the mandatory parameters in the claims? I did follow the example and created sub, iat, exp, typ, alg and attributes.
3. The documentation also says attributes should be string-string key value pairs but should
they be enclosed in brackets (like a json formatted object?).
I am getting 401 error always.
Thank you.
Error:
[Instance: i-0031f3decb3972a8f ConfigSet: Infra-WriteRuntimeConfig, Infra-EmbeddedPreBuild, Hook-PreAppDeploy, Infra-EmbeddedPostBuild, Hook-EnactAppDeploy, Hook-PostAppDeploy] Command failed on instance. Return code: 1 Output: null. Error occurred during build: Command hooks failed Error during deployment: Unable to find appBundle ./EpfSignPfa.zip
I have a .net windows application (exe) which I would like to run on my windows ec2 instance.
I can run it on my computer at home but it doesnt even load (no error or any message) when I try to run it.
The application connects to a remote api and database. (it has no publisher credentials)
I am new to this. What are the general /most common settings I am missing here to get it to work? Both aws and windows firewall settings for example.
hi,
We are trying to use Porting Assistant for .Net within a restricted network where access to nuget.org feed to package manager is blocked. Instead we are required to use an alternate internal Nuget feed. Currently, when I run the assessment, I am unable to get proper results due to this disconnect. Is there a way to configure Porting Assistant for .Net to use alternate Nuget feed?
Thanks!
I develop a NET 6 Web REST API service (->RDS PostgreSQL) deployed as Lambda.
I develop it in VS 2022 on Local Windows machine and use local PGSQL. When deploy it to Lambda it works with RDS. It is ok.
Now I need to add Authentication and Authorization methods to use RBAC. My question is: In AWS I should use Cognito Identity Provider. What to use during development as Cognito in local environment?
hi team,
I have used same account details to login to the GCP cloud in the gcp account i had faced issue with the billing issue.
in the meanwhile i checked my aws account the, and for this aws account facing issue like aws account blocked.
did this issue solved within a 3 hours, because I need to submit project to manager
We are trying to build and deploy dotnet application on windows platform in elastic beanstalk environment but deployment is getting failed with an error "Deployment completed, but with errors: During an aborted deployment, some instances may have deployed the new application version. To ensure all instances are running the same version, re-deploy the appropriate application version. Failed to deploy application. Unsuccessful command execution on instance id(s) 'i-0031f3decb3972a8f'. Aborting the operation. [Instance: i-0031f3decb3972a8f ConfigSet: Infra-WriteRuntimeConfig, Infra-EmbeddedPreBuild, Hook-PreAppDeploy, Infra-EmbeddedPostBuild, Hook-EnactAppDeploy, Hook-PostAppDeploy] Command failed on instance. Return code: 1 Output: null. Deployment Failed: Unexpected Exception Error occurred during build: Command hooks failed"
When I access the service (http://www.marineparts.us/) it tells me 500 Server Error
Hi folks,
I'm strugling to get rid of nginx proxy in front of our application (which is a YARP proxy in itself, thus doesn't need another reverse proxy).
I've set the aws:elasticbeanstalk:environment:proxy ProxyServer option to "none" and I can see from the eb-engine log that the nignx indeed gets disabled. In it's place, eb-engine adds two routes to nat iptable for redirecting port 80 to 5000 (default .NET core http port).
I've ssh'd to the instance and confirmed that I can call the app both via localhost(:80) and localhost:5000. Unfortunately, the app doesn't seem to get exposed outside of the instance - ELB healthchecks fail, I can't call it using the instance IP directly (Failed to connect to 10.0.x.y port 80: Connection refused).
It works fine with nginx enabled so I would rule out any vpc networking issues. Any ideas what required linux configuration might be missing that prevents the app from getting exposed on the instance?
Thanks,
Piotr
******J**ust got the following message from AWS. Not sure what to do. As per this notice it says " ChangeResourceRecordSets" in route 53 affects this change. How and and where to upgrade TLS version for it? ********
AWS is updating the TLS configuration for all AWS API endpoints to a minimum of version TLS 1.2. In preparation for this update, we have identified TLS 1.0 or TLS 1.1 connections to AWS APIs from your account that must be updated to maintain AWS connectivity. Please update your client software as soon as possible to use TLS 1.2 or higher to avoid the risk of an availability impact.
We are making this change so our customers can benefit from the enforcement and simplification of only modern TLS encryption protocols. This update will remove the ability to use TLS versions 1.0 and 1.1 with all AWS APIs in all AWS Regions by June 28, 2023. Therefore, we recommend considering the time needed to verify your changes in a staging environment before introducing them into production.
How can I determine the client(s) I need to update?
We have provided the connection details following this messaging to help you pinpoint your client software that is responsible for using TLS 1.0 or TLS 1.1, so you can update it accordingly. Additionally, our related AWS Security blog post [1] provides information on how you can use TLS information in the CloudTrail tlsDetails field.
Please see the following for further details on the TLS 1.0 or TLS 1.1 connections detected from your account between February 25, 2023 and March 13, 2023 (the UserAgent may be truncated due to a limit in the number of characters that can be displayed):
Region | Endpoint | API Event Name | TLS Version | Connection Count | UserAgent
us-east-1 | route53.amazonaws.com | ChangeResourceRecordSets | TLSv1 | 1 | AWSPowerShell/3.1.36.1 .NET_Runtime/4.0 .NET_Framework/4.0 OS/Microsoft_Windows_NT_10.0.14393.0 WindowsPowerShell/5.0 ClientSync
us-east-1 | route53.amazonaws.com | ListResourceRecordSets | TLSv1 | 1 | AWSPowerShell/3.1.36.1 .NET_Runtime/4.0 .NET_Framework/4.0 OS/Microsoft_Windows_NT_10.0.14393.0 WindowsPowerShell/5.0 ClientSync