Is it possible to use the AWS CLI tool to list the Kafka MSK topics and describe the configuration of them?
The AWS documentation defines the topic's arn as this: arn:aws:kafka:region:account-id:topic/cluster-name/cluster-uuid/topic-name
I tried to execute the following command (some parts of the id is replaced wit X and the topic name with Y):
aws --profile dev --region eu-central-1 kafka describe-configuration --arn 'arn:aws:kafka:eu-central-1:XXXXXXXXXXX:topic/sre-dev-central-km-msk/0c4e35a9-XXXX-4d32-XXXX-76aa15890225-8/YYYYYYY
But I get the following error:
An error occurred (BadRequestException) when calling the DescribeConfiguration operation: One or more of the parameters are not valid.
You are using topic ARN. But you should be using ARN of MSK configuration:
The Amazon Resource Name (ARN) that uniquely identifies an MSK configuration and all of its revisions.
You can use list-configurations to find ARN of configurations.
Related
I am trying to view and add tags on my web acls using aws wafv2 cli command.
Other command seems to be working properly but I am getting the following error when using ARN in tagging.
The command:
aws wafv2 list-tags-for-resource \
--resource-arn arn:aws:wafv2:us-east-1:<account_id>:global/webacl/<acl_name>/<acl_id>
Output:
An error occurred (WAFInvalidParameterException) when calling the TagResource operation:
Error reason: The ARN isn't valid. A valid ARN begins with arn: and includes other
information separated by colons or slashes., field: RESOURCE_ARN, parameter: <arn>
Any idea on why this is happening? I understand that the old version aws waf uses a different format. But I am using wafv2 now so I think I am using the correct URL format already.
Just confirmed the fix. As the comment above indicated, I just need to add the --region parameter and it needs to match the region indicated in the ARN.
Though I am not sure why this is happening as the region in my ~/.aws/config is default to us-east-1 already.
I am new to AWS and I am following this link. I couldn't find the difference between ECS_SERVICE_ROLE_ARN and ECS_TASK_ROLE_ARN. Also I wanted to know how I could find them. I used this command
aws sts get-caller-identity
But this gives common field "arn". But I don't know which one is this.
The service role Arn is the Arn of the role that is interacting with the ECS service. The task role Arn is the role under which the individual task is executing.
To find the service role Arn, you should be able to look in IAM Roles for the ECS service role.
To find a task role Arn for a given task, you should be able to use:
aws ecs describe-tasks
You could find the ExecutionRoleArn and TaskRoleArn in the json file 'cloudformation-core-output.json', which is generated at the "Step 1 Deploy CloudFormation Templates" after you executed a link:
aws cloudformation describe-stacks --stack-name MythicalMysfitsCoreStack > ~/environment/cloudformation-core-output.json
I am trying to follow this otherwise excellent post to deploy a Java-based AWS lambda app. I'm scripting it out as instructed in that post. I receive the following error when calling aws apigateway put-integration:
An error occurred (BadRequestException) when calling the
PutIntegration operation: Lambda function ARN must be in same account
I'm trying to script the creation of an API gateway to a lambda function. Here's the full deploy.sh script. I have on my local machine the requisite AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_ACCOUNT_ID environment variables.
I don't know enough to understand what that error is telling me. AFAIK, the access secret and id and account ID are all from the same IAM user.
My AWS CLI Script
aws apigateway put-integration --region ap-south-1 --rest-api-id xxttj6inea --resource-id bgncc0 --http-method GET --type AWS --integration-http-method POST --uri arn:aws:apigateway:ap-south-1:lambda:path/2019-09-20/functions/arn:arn:aws:lambda:ap-south-1:***********:function:Hello/invocations
Thank you very much in advance for any ideas/help.
This error can happen because of two reasons:
Your AWS CLI settings are incorrect. I'll implore you to check the AWS CLI configuration file, and run test API calls for the same to verify if everything is set up appropriately.
Your Lambda function belongs in one account, and your REST API in API GW belongs in another account.
I am trying to create an Event Subscription for RDS via AWS CLI
I have successfully created an SNS and can confirm it in AWS Console.
I am also able to create Event Subscription via AWS Console but not through AWS CLI
The command that I am running :
aws rds create-event-subscription --subscription-name rds-replica-events-subscription --sns-topic-arn arn:aws:sns:us-east-2:XXXXXXXX:RDS-replication-alarms --enabled
The error message :
An error occurred (SNSInvalidTopic) when calling the CreateEventSubscription operation: Failed to create Subscription because of Topic arn:aws:sns:us-east-2:XXXXXXXX:RDS-replication-alarms ARN Name Invalid.
Fixed. I had to add region.
aws rds create-event-subscription --region us-east-2--subscription-name rds-replica-events-subscription --sns-topic-arn arn:aws:sns:us-east-2:XXXXXXXX:RDS-replication-alarms --enabled
I'm using aws cli 1.11.102 on Windows. The following two commands give me different results:
aws sqs create-queue --cli-input-json "{\"QueueName\":\"JustANormal_name\",\"Attributes\":{\"FifoQueue\":\"false\"}}"
This gives me an error:
An error occurred (InvalidAttributeName) when calling the CreateQueue operation: Unknown Attribute FifoQueue.
However I'm able to create a Fifo queue using
aws sqs create-queue --queue-name "Something.fifo" --attributes "{\"FifoQueue\":\"true\"}"
I've tried passing in other attributes in JSON format and the following line works.
aws sqs create-queue --cli-input-json "{\"QueueName\":\"my_team-std_queue-2\",\"Attributes\":{\"DelaySeconds\":\"10\"}}"
I've also verified I'm using N.Virginia for all the commands above. So I don't think the region is the problem.
--- Edit ---
Follow up with comment of John, putting FifoQueue="true" works fine. This has been added to the bug report and follow-ups go here:
AWS bug report