Difference between revisions of "Short Notes on AWS"

From PaskvilWiki
Jump to: navigation, search
(AWS Lambda (Py) Notes)
(AWS Lambda (Py) Notes)
Line 46: Line 46:
 
* path parameters in <tt>event["pathParameters"]</tt>
 
* path parameters in <tt>event["pathParameters"]</tt>
 
* POST/PUT body in <tt>event["body"]</tt>
 
* POST/PUT body in <tt>event["body"]</tt>
 +
** ''note'': stored as string, you have to <tt>json.loads()</tt> or similar

Revision as of 10:06, 5 November 2019

Can't connect to EC2 instance

The obvious 2 problems with incoming requests, that are outside of AWS's scope:

  • check the instance's firewall
  • check that the app is listening to all incoming (0.0.0.0/0 or your IP, not just 127.0.0.1)

On the AWS side, check the following:

  • make sure the Elastic IP is associated with the instance
    • find the instance in the EC2 > Instances
    • look under Description tab, Elastic IP
    • if it's not, go to EC2 > Elastic IPs
    • choose Elastic IP from the list (or, allocate new on) that is not associated with any instance
    • choose Actions > Associate address, and associate it with the instance
  • make sure Security group permissions allow the connection
    • go to EC2 > Security Groups
    • select the security group (you can find which security group instance is in in the list on EC2 > Instances page, last column)
    • on the Inbound tab, check that your protocol is enabled for Source 0.0.0.0/0 (or from your IP)
  • make sure your Internet Gateway is connected to your VPC
    • make sure the Internet Gateway is attached to your VPC, under VPC > Internet Gateways > Summary tab
    • go to VPC > Route Tables, select route table for your VPC
    • under Routes tab, make sure that route with destination 0.0.0.0/0, with Target being your internet gateway, exists and is Active

Authorization header being removed by ElasticBeanstalk

By default, AWS ElasticBeanstalk's WSGI server strips Authorization header from requests.

To get these back, just plug your wsgi config file through .ebextensions, adding a wsgi.authorization.config file, with the following content:

files:
    "/etc/httpd/conf.d/wsgiauth.conf":
        mode: "000644"
        owner: root
        group: root
        content: |
            WSGIPassAuthorization On

IAM Notes

  • you need policy AmazonRDSReadOnlyAccess for your IAM to be able to list RDS instances

AWS Lambda (Py) Notes

For handler(event, context) function, parameters are in:

  • GET parameters in event["multiValueQueryStringParameters"]
    • note: parameters are stored in arrays, the lambda's parser correctly presumes that there may be multiple values; e.g. event["multiValueQueryStringParameters"] = {"param": ["value"]}
  • path parameters in event["pathParameters"]
  • POST/PUT body in event["body"]
    • note: stored as string, you have to json.loads() or similar