Questions tagged with AWS Account Management
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Can't start Lightsail server under root account
Hi, I'm unable to start my Lightsail server using root account. Yesterday I tried to restart it and currently it showing as "Stopped". When I'm using root account and click "Start", then I receive an error: ![Enter image description here](/media/postImages/original/IMVWkr-UHEQuu97f-LpQuJ5g) I created a support ticket and they told me that it's an internal issue and some team will work on it (request xxxxxxxxxxx) Do you have any idea what else can I do to start the server ? This is very important for me because it's a production server and my company loosing money Edit: Removed case ID — Zack M.
Managing Route53 at scale
We have about 30 AWS accounts at this point (application, development, devops, shared services, sandboxes) and we are using AWS Control Towers tied into AWS SSO. We have recently created a designated networking account where we host the STNO solution and have decided this will be our centralized network traffic solution for all of our business needs. We are trying to figure out what the best practices are for managing DNS, private DNS zones in particular at scale. With using a central networking account, we can see the appeal of having all private zones in a single account so that we can get a complete picture of and monitor/manage the entire organization, but is this the current best practice? Will centralizing our private zones create problems for individual teams? For example, we want to give our Devs the ability to manage their private zone (dev.company.com) without allowing them to edit other zones. Is this possible with cross-account, centralized, private zones? Should we even allow our dev teams to manage their own private zone? If not, what is the current best practice for managing private zones within an org? Just hoping to get an idea of how other companies are managing this, what worked for previous clients, what didn't.
How are Access Keys more secure than a username and password?
I'm preparing to sit the Cloud Practitioner certification. I have a CCNA and some experience in Network Administration however I do not have a computer science qualification. I'm confused as to how Access Keys add to the security of access AWS resources. The documentation reads: > When you use AWS programmatically, you provide your AWS access keys so that AWS can verify your identity in programmatic calls. Your access keys consist of an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). How is a human or non-human user passing Access Keys more secure than passing Username and Password to access resources? It appears (in my ignorance) to add an unnecessary layer of complexity. Surely there is a logical reason, but I can't seem to identify it.
Charged services on my account
Hello, I'm user 9003412 (account ID XXXXXXXXXXX): my question is the following. I don't understand why I'm still charged every month whereas I don't have any instance (EC2, RDS) or service running any longer. Could you check this out ? And tell me what I gotta do to be not charged anymore going forward. Thanks. Best, Frederic *edited removed account number — Ria B.
Problems with verification
I received an email stating "We were unable to validate important details about your Amazon Web Services (AWS) account so your account has been placed on hold pending additional verification. At this time, we need you to confirm your address information so we can remove the hold." I have uploaded a copy of a utility bill with my address on it, but my account is still suspended. I'm not even generating much activity on the account. I'm using it for training purposes for the AWS Architect Certification. The problems seem to start when I did the Control Tower training at which I was flagged. I would really like to continue my training. I don't care if you delete everything and I start over again, I just want to keep going in the training sessions.
is it possible to creating Control Tower OUs programmatically with selected guardrails?
Hi im am not very familiar with AWS CLI or any iac code there but im looking for an option to create OUs in Control Tower programmatically with a bundle of selected Guardrails. Because the Guardrails based on AWS Config Rules are not put automatically on new created OUs :/. Highly appreciated if there would be a way to iac this creation. We do not want to do this with account factory customization if there it would be possible. We just need the OUs created.
Is it possible to get paused in SES for reasons outside of the account?
Basically, I have an account that was paused this morning...the account health dashboard looks phenomenal (0.34% bounce rate, zero complaints for the account). We seem to be following best practices regarding emails only going to users who have requested them, offering opt out of email notifications, etc. I am struggling to find the reason behind us being paused and AWS support will give no information other than "Do some things, tell us you did some things". How am I supposed to know how to remediate the issue if I have no idea what the issue is and cannot seem to find any flaws in our current system? With such a great health, how can we be paused?
Irregular activity in your AWS account - Suspicious Billing with SageMaker
Hi, I have been charged for almost 2400€ for AWS SageMaker that i didn't use or had activated in my account. I use a password with a combination of Letters, Numbers and special characters and also use MFA authentication to my AWS account . Checking the Event History without any login from my side or using my credentials i see all the following events done in my account : | Event name| | --- | | Data |GetRole ListPolicies AttachRolePolicy CreatePolicy CreateRole CreateEndpoint CreateEndpointConfig CreateModel DescribeRepositories GetAuthorizationToken CreateRepository ListEndpoints GetServiceQuota On those events are the creation and activation of the SageMaker , how can it be possible to someone activate roles\services or anything on a "secure" account without the user login credentials and MFA authentication code !!! I've followed all the steps that AWS support had sent to remove all the active services that i didn't activate, also i have a ticket open for 14 days to be refunded for the value that was charged to my card, talked several times in the support chat and the answer is that "I've checked in with the service team and there's no update as yet" ... How can we trust and be safe if is possible to activate services on our account without our credentials and MFA authentication code ????
Wordpress website hosted on AWS downs frequently
Hi, I hosted a Wordpress website on AWS (1 GB RAM, 1 vCPU, 40 GB SSD), but the website always goes down - the frequency ranges from daily to weekly and each time it goes down for 1-2 hours. The max traffic of my website is ~ 2,000 visits and well below the sustainable zone. And the website resumes after I reboot the instance, and sometimes it resumes itself. Do you know if there is a way to determine where the problem might be? Should I upgrade my bandwidth? Thank you.