How to change the cloudwatch agent logging region? - amazon-web-services

I have successfully installed cloudwatch agent in amazon linux instance and configured the awslogs.conf file as below.But unfortunately the loggroup is created in us-east-1 instead of configured region us-east-2.Any idea what mistake i'm doing?

Please check your AWS profile region. This must be because of the current default region is selected as us-east-2. Try run aws configure command and change your region to the desired one.

Related

Region being overridden by managed credentials when configuring bash script to deploy resources to specified AWS region,

I have a bash script that I run on an AWS EC2 instance (that runs Cloud9 as a development environment), to bootstrap AWS resources for the environment (in this case, my sandbox). I'm configuring the region I'd like to deploy to like this:
aws configure set region "ap-southeast-1"
REGION=$(aws configure get region)
echo $REGION
This isn't correctly setting the $REGION variable. Using set region ... correctly sets the region in ~/.aws/config file on the EC2 instance. My EC2 instance uses AWS managed credentials, which means that my own local AWS region is being stored in the ~/.aws/credentials file on the EC2 instance, which overrides the config file, so aws configure get region returns the region specified in the credentials file. Is there a way of setting and getting the region in an AWS EC2 instance when using managed credentials?
Please view the order of precedence for setting AWS credentials. Note that running aws configure just creates the credentials file, which is the the 3rd item in the precedence list. I suggest using environment variables, the 2nd precedence item.

How to disable AWS Global Accelerator Flow Logs

I recently enabled flow logs for global accelerator to troubleshoot an issue. below is the AWS CLI command i ran to enable flowlogs for global accelerator as per aws article.
aws globalaccelerator update-accelerator-attributes
--accelerator-arn arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh
--region us-west-2
--flow-logs-enabled
--flow-logs-s3-bucket s3-bucket-name
--flow-logs-s3-prefix s3-bucket-prefix
My S3 bucket is getting huge with the GA flow logs and I no longer need these logs, I would like to disable the flow logs for global accelerator and I don't find a working aws cli command to disable the flow logs for global accelerator. --flow-logs-disabled doesnt exist.
The option you are looking for is:
--no-flow-logs-enabled
So your commandline would become:
aws globalaccelerator update-accelerator-attributes
--accelerator-arn arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh
--region us-west-2
--no-flow-logs-enabled
See the documentation for details: https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/update-accelerator-attributes.html

How to know EC2 instance stopped time?

I really need to know about the stopped time of AWS EC2 instances. I have checked with AWS cloudtrail, but its not easy to find the exact stopped EC2 instance. Is possible to see exact time of stopped EC2 instances by aws-cli commands or any boto3 script?
You can get this info from StateTransitionReason in describe-instances AWS CLI when you search for stopped instances:
aws ec2 describe-instances --filter Name=instance-state-name,Values=stopped --query 'Reservations[].Instances[*].StateTransitionReason' --output text
Example output:
User initiated (2020-12-03 07:16:35 GMT)
AWS Config keeps track of the state of resources as they change over time.
From What Is AWS Config? - AWS Config:
AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.
Thus, you could look back through the configuration history of the Amazon EC2 instance and extract times for when the instance changed to a Stopped state.
Sometimes time is missing from StateTransitionReason, you can use CloudTrail and search for Resource Name = instance ID to find out StopInstance(s) API calls.
By default you can track back 90 days, or indefinitely if you create your own trail.

installing Neo4j on AWS (instructions fail)

I recently spun up a t2.micro image and I want to install neo4j on it. I started with the instructions at https://neo4j.com/developer/neo4j-cloud-aws-ec2-ami/. But I got to the step for creating a security group and I received an error that a region needed to be supplied. Here is the command I used:
aws ec2 create-security-group \
--group-name $GROUP \
--description "Neo4j security group"
The error message was
You must specify a region. You can also configure your region by running "aws configure".
When I run this command I get prompted by a lot of stuff that don't seem related to region? Not only am I prompted for values that I don't know where/how to get them, when I am prompted for the region I am not sure the format to enter the region. So my question is how to I configure a security group so I can move on to installing neo4j on this instance?
There are still several steps to follow to install neo4j, but I seem to be tripped up on this step.
The commands expect a default region under ~/.aws/config
[default]
region=us-west-2
output=json
On the link that you have shared, there is a step to "Configure the AWS CLI with Your Credentials". This step allows you setup aws profile(s) and as part of those profiles, you can set a region.
Follow this link to understand how you can setup your aws profile with credentials and region details
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
Hope it helps

Try to get details from AWS beanstalk configration files

I am adding SNS to applications on AWS Beanstalk. I want to know which SNS topics the application/environment is attaching to. I tried
aws --region us-east-1 elasticbeanstalk describe-environments
It only gets a very vague file telling me the app is associated with one sns but no name no arn. Also, my ARM role has no access to the AWS Configuration.
Any thoughts?
My mistake. The command actually shows the detailed configuration info.