I have installed the AWS SDK for PHP, I have created an IAM user on my AWS account with access keys and I a have downloaded and installed NoSQL Workbench for DynamoDb. I have configured my local access keys. I have also created a table in NoSQL Workbench called smash. When I run the following command in my terminal:
aws dynamodb list-tables --endpoint-url http://localhost:8000
I get the following:
{
"TableNames": []
}
Which doesn't look right? What steps do I need to take to install and use dynamodb locally?
I am running my project in a Laravel 9 site within Laravel Homestead.
It is difficult to say for sure just from the details in the question, but my intuition is that what you did is you’ve created the table called ‘smash’ in your AWS account and not in you local DynamoDB instance.
DynamoDB local doesn’t have anything to do at all with your AWS account. You can download and run that locally even if you don’t have an AWS account at all.
If it is local development that you’re trying to do, focus on that aspect.
Related
I have a general question for the rds feature within aws credentials manager. When I get the secret, it looks like this:
Does this mean that these credentials directly will work or is the password encrypted? Like if I wanted to sign into my database with a connection what credentials do I use and do these credentials auto rotate with the cycling feature?
I assume you mean the RDSDataClient to access a database such as a Serverless Amazon Aurora instance.
To successfully connect to the database using the RdsDataClient object, you must setup an AWS Secrets Manager secret that is used for authentication. For information, see Rotate Amazon RDS database credentials automatically with AWS Secrets Manager.
To see an AWS tutorial that shows this concept and the corresponding code, see this example that uses the AWS SDK for Kotlin. You will need these values to make a successful connection:
private val secretArnVal = "<Enter the secret manager ARN>"
private val resourceArnVal = "<Enter the database ARN>" ;
See the full example here:
Creating the Serverless Amazon Aurora item tracker application using the Kotlin RdsDataClient API
I just tested this again (been a while since it was developed), and it works perfectly.
We will port this example to use other supported programming languages too - like AWS SDK for Java.
UPDATE
You only need to use Secret Manager when using the RDSDataClient. As mentioned in that tutorial, the RdsDataClient object is only supported for an Aurora Serverless DB cluster or an Aurora PostgreSQL. If you are using MySQL RDS, you cannot use the the RdsDataClient object. You would use a supported JDBC API.
We were planning to migrate from local Oracle database to AWS Aurora(Posgres) in my customer's AWS account with AWS DMS, but my customer told us they don't know whether AWS DMS is allowed to use or not in their AWS account(due to their company rule).
So, we are planning to do follow action in case of AWS DMS is impossible.
First: Migrate from local Oracle database to AWS Aurora(Posgres) in our AWS account with AWS DMS.
Second: Migrate from AWS Aurora(Posgres) in our AWS account to AWS Aurora(Posgres) in my customer's AWS account.
I tried searching how to migrate, but could't find the answer.
Does anyone know the idea?
Your architecture works.
I believe that you won't have any problem with the first step.
But for the second one, you have the following options:
If your AWS account can connect to your customer AWS Aurora, you can use DMS in your account to migrate your database.
If your AWS account can't connect to your customer AWS Aurora, you can create a dump file, send it to your customer and restore the dump in their account.
I have gone through the documents and couldn't find a solution for this..
I have two accounts dev and prod. my amplify app exist in dev but code-commit exist prod. Is there any way to connect them?
I have configured assume-role and have also tried using temporary credentials in a different profile and connecting it with:
aws amplify create-app --name app-name-in-dev --repository repo-in-prod
aws amplify create-app --name app-name-in-dev --repository repo-in-prod --iam-service-role-arn arn:aws:sts::prod:assumed-role/CrossAccountRepositoryContributorRole/cross-account
The problem remains the same. It seems impossible to connect amplify with code-commit until, repository and amplify-app exist in the same account.
Is there anyway to achieve this or is it really not configurable?
references:
https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html
https://docs.aws.amazon.com/cli/latest/reference/sts/assume-role.html
https://forums.aws.amazon.com/thread.jspa?threadID=300224
Incase Anyone comes looking for same:
After creating a ticket with AWS, I have received back a response that it is not currently possible as Amplify is still a newer service and only allow repository from same account.
I have tried setting this up at my end and observed the same. I was able to connect to the repositories only in the same account. I did further research on this and could confirm that currently, we cannot integrated with a cross account CodeCommit repository for Amplify applications.
I have some DynamoDB tables hosted on AWS. I would like to query these tables from my development machine for analysis. However, I cannot find a connection string (or any connection information for that matter) in the AWS web console.
How do I connect to DynamoDB on AWS from my own machine?
DynamoDB does not have a connection string.
Instead, you use one of the various AWS SDKs (in the language of your choice) along with your AWS IAM user access key and secret pair.
The SDKs include the methods to query your DynamoDB tables.
I have deployed the django application on aws . I want that application should be deployed by team as well. What is procedure to do this? I have searched a lot and almost spent couple of hours . Anyone has any answer or tutorial?
Can we share these keys ?
aws_access_key_id
aws_secret_access_key
No, the AWS access keys should be kept secret and not even stored under version control.
For deployment (i.e. the credentials needed to actually release the code - used by EB), you should use an aws profile. Add a ~/.aws/credentials file with
[myprofile]
aws_access_key_id=...
aws_secret_access_key=...
and then, on all eb commands use --profile. e.g.
eb create --profile myprofile
If your application requires other AWS services (e.g. RDS, S3, SQS), then you can use the same local profile for development (although I would recommend not requiring any other AWS for testing) by using then environment variable export AWS_PROFILE=myprofile. And then rely on AWS roles and policies for the production environment.
If you feel you need the secret keys as django settings, then consider using https://django-environ.readthedocs.org where you can keep all those secrets on a .env file that gets loaded by django. But again, this file should not be under version control.
You should also create IAM users for every person in your team, so each person has its own credentials, and you can more easily monitor or if needed, revoke credentials.