Category: Amazon Web Services (AWS)

Lambda RDS connection timed out - How to Troubleshoot and fix it ?

This article covers how we troubleshoot and resolve Lambda RDS connection timed out issues for our customers.

Not authorized to perform iam:PassRole error - Tips to fix it ?

This article covers ways to resolve AWS AccessDeniedException – I Can't Assume a Role error which happens when you try to create an Auto Scaling group without the PassRole permission. In fact, To pass a role (and its permissions) to an AWS service, a user must have permissions to pass the role to the service. This helps administrators ensure that only approved users can configure a service with a role that grants permissions. To allow a user to pass a role to an AWS service, you must grant the PassRole permission to the user's IAM user, role, or group.

Cause of AWS AccessDeniedException – I Can't Assume a Role error:

There are two possible causes for this AccessDenied error: the user in your development account doesn't have permission to call sts:AssumeRole, or the trust relationship in the production account is not configured correctly.

To create a role for Amazon RDS enhanced monitoring:

  • Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
  • Choose Roles, and then choose Create role.
  • Choose the AWS Service role type, and then choose the Amazon RDS Role for Enhanced Monitoring service. Then choose Next: Permissions.
  • Choose the AmazonRDSEnhancedMonitoringRole, permissions policy.
  • Choose Next: Tags.
  • (Optional) Add metadata to the user by attaching tags as key-value pairs. For more information about using tags in IAM.
  • Choose Next: Review.
  • For Role name, type a role name that helps you identify the purpose of this role. Role names must be unique within your AWS account. They are not distinguished by case. For example, you cannot create roles named both PRODROLE and prodrole. Because various entities might reference the role, you cannot edit the name of the role after it has been created.
  • (Optional) For Role description, type a description for the new role.
  • Review the role and then choose Create role.

Connect Amazon EC2 using putty - Follow these steps

This article covers the step you should follow to connect Amazon EC2 using putty.

How to Generate a PuTTY Private Key (.ppk) File ?

  • Download and install PuTTY.
  • Open the folder that PuTTY was installed to (default path is C: > Program Files > PuTTY).
  • Double-click on the file puttygen.exe.
  • In PuTTY Key Generator, click the Load button and navigate to the folder that contains the private key file (.pem) created during the EC2 configuration process.
  • Click on the PuTTY Private Key Files button in the lower-right corner of the window and select All Files (*.*).
  • Select your private key file (.pem) and click Open.
  • Click OK to close the PuTTYgen Notice pop-up window.
  • In PuTTY Key Generator, make sure Type of key to generate value is set to RSA.
  • Click Save private key and then Yes to close the PuTTYgen Warning pop-up.
  • Navigate to the location you want to store your PuTTY Private Key file (.ppk) and give it a name.
  • Click Save.
  • Close the PuTTY Key Generator window.

What is Amazon EC2 Instance?

1. Amazon EC2 instance is the varying combinations of CPU, memory, storage, and networking capacity that allow you to run your websites.

2. The best part of the Amazon EC2 instance is that it will allow you to scale your resources to the requirements of your target workload.

AWS EC2 docker permission denied

This article covers methods to resolve AWS EC2 docker permission denied error.

To give docker user enough permission, do the following:

You can try adding prod-user to group Docker:

$ sudo usermod -a -G docker $USER

usermod is a command that modifies the system configuration for a specific user.

-a is a shortcut for --append: It means append the group to the list of groups the user belongs to.

-G is a shortcut for --groups: It tells usermod that the next argument is a group.

docker is the group we want to add $USER to.

$USER is the user that we want to modify.

If this alone doesn't resolve the issue then try below :

$ chmod 664 /var/run/docker.sock ## First try this.
$ chmod 777 /var/run/docker.sock ## Then this. Not recommended though due to full permission.

Install SSM Agent on EC2 instance and Configure it

This article covers what Amazon SSM is about and methods to install SSM Agent on EC2 Linux instances. In fact, AWS Systems Manager Agent (SSM Agent) processes Systems Manager requests and configures your machine as specified in the request. 

EC2 "UnauthorizedOperation" Error - Best fixes ?

This article cover methods to resolve EC2 "UnauthorizedOperation" Error when trying to launch an EC2 instance.