Questions tagged with AWS Cloud Map
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
403 CORS Error ONLY on work Laptop and not personal
Hi All, I am getting a 403 CORS error from an API Gateway endpoint ONLY when i use my work laptop. **On my personal laptop everything works fine. ** I checked the with the local IT team and they said there is no firewall policy or anything that prevents CORS. Also i tried installing and enabling chrome extension for CORS on my work laptop. It did not work. Here is the error `Access to fetch at 'xyz' from origin 'abc' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.` In response header i see ``` x-amzn-errortype: ForbiddenException access-control-allow-origin: * access-control-allow-methods: PUT, GET, HEAD, POST, DELETE, OPTIONS content-type: application/json x-amzn-apigw-id: 12344.. ``` The surprising thing is it happens only on work laptop, Has anyone faced this issue before?
How to make the log of "DeleteUser" "responseElements" to have the value of "UserId"
The "DeleteUser" log has a "null" value on "responseElements" filed. Is there any flag I can raise so that the delete_user action will return the "userId" in the response? The scenario is: create then delete in loop users with the same name. I should determine the correlation between creating and deleting logs in real time. I can determine what "create" action is related to what "delete" action since they all have the same name.
APPMESH + ECS_FARGATE - When starting task in ECS Fargate integrated with AWS appmesh, cloudmap service discovery instance is not getting registered (when checked Target group throws 503 error)
When running java microservice in ECS Fargate, application starts and running smoothly. While try integrating AWS appmesh with ECS Fargate, ecs task is running for few minutes and after that task getting restarted continuously. Have found the following line cloudwatch logs for **`envoy container`** > **level=error msg="Couldn't determine the AZ ID due to: unable to fetch placement/availability-zone-id from IMDSv1, Get \"http://169.254.169.254/latest/meta-data/placement/availability-zone-id\": dial tcp 169.254.169.254:80: connect: invalid argument"** Adding this information for reference: **Envoy_Container health status is `HEALTHY` & Application_Container health status is `UNKNOWN`** *Not sure where I'm currently getting stuck any solution for getting out of this issue and start using ECS Fargate service with AWS Appmesh Integrated?*
HTTP API GW + API VPC Link + Cloudmap + Fargate - How does it load balance
I am using an infrastructure setup as described in the title. This setup is also somewhat shown in this picture: https://d2908q01vomqb2.cloudfront.net/1b6453892473a467d07372d45eb05abc2031647a/2021/02/04/5-CloudMap-example.png In the official AWS blog here: https://aws.amazon.com/blogs/compute/configuring-private-integrations-with-amazon-api-gateway-http-apis/ the following is stated about using such setup: > As AWS Cloud Map provides client-side service discovery, you can replace the load balancer with a service registry. Now, connections are routed directly to backend resources, instead of being proxied. This involves fewer components, making deployments safer and with less management, and reducing complexity. My question is simple: What load balancing algorithm does HTTP API GW use when distributing traffic to resources (the Fargate tasks) registered in a service registry? Is it round-robin just as it is with ALB? Only thing I was able to find is this: > For integrations with AWS Cloud Map, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. The registered resources' attributes must include IP addresses and ports. API Gateway distributes requests across healthy resources that are returned from DiscoverInstances. https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-private.html#http-api-develop-integrations-private-Cloud-Map
failed to invoke EFS utils commands to set up EFS volumes: stderr: Failed to resolve "fs-03ec98cf2f1d81580.efs.us-east-1.amazonaws.com"
Hi, I'm following the APPLICATION MODERNIZATION WITH AWS AND DOCKER workshop steps as mentioned and in module 2, Step 1 - Section: ***Deploy to Amazon ECS***, really got stuck when deploying application to AWS ECS. When I execute the "*docker compose up*" command as mentioned, it starts deploying resources and The Docker Compose CLI first concatenates the compose files passed through and generates an opinionated AWS CloudFormation template and deploys it to create the AWS resources defined in our compose file. After few mins , its shows in cloudformation "DELETE_IN_PROGRESS" and when all the resources get decommissioned it throws an error message saying "*DbService TaskFailedToStart: ResourceInitializationError: failed to invoke EFS utils commands to set up EFS volumes: stderr: Failed to resolve '*fs-03ec98cf2f1d81580.efs.us-east-1.amazonaws.com*' - check that your file system ID is correct.*" When I checked in the EFS console, the EFS was created successfully. Not sure why is this causing an issue? **GitHub Repo:** https://github.com/spawar1991/docker-compose-ecs-sample ------------------------------------------------------------------------- Workshop URL: https://docker.awsworkshop.io/31_docker_ecs_integration/10_migrate_to_ecs.html Can someone know how to mitigate this error and why is it causing an issue? Thanks in advance.
Shared account App Mesh and Cloudmap - What's the service discovery behaviour?
My customer is looking at implementing a multi-account/multi-VPC microservice architecture by sharing their App Mesh across accounts. They want to use Cloud Map as a service discovery mechanism and what's not clear to me is how service discovery works in a multi-account scenario. For example, Team X has an account where they deploy their services in ECS and the CloudMap namespace is managed there. How can services in other accounts (in the same mesh) discover services if the namespace is in another account?