How to disable AWS Global Accelerator Flow Logs - amazon-web-services

I recently enabled flow logs for global accelerator to troubleshoot an issue. below is the AWS CLI command i ran to enable flowlogs for global accelerator as per aws article.
aws globalaccelerator update-accelerator-attributes
--accelerator-arn arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh
--region us-west-2
--flow-logs-enabled
--flow-logs-s3-bucket s3-bucket-name
--flow-logs-s3-prefix s3-bucket-prefix
My S3 bucket is getting huge with the GA flow logs and I no longer need these logs, I would like to disable the flow logs for global accelerator and I don't find a working aws cli command to disable the flow logs for global accelerator. --flow-logs-disabled doesnt exist.

The option you are looking for is:
--no-flow-logs-enabled
So your commandline would become:
aws globalaccelerator update-accelerator-attributes
--accelerator-arn arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh
--region us-west-2
--no-flow-logs-enabled
See the documentation for details: https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/update-accelerator-attributes.html

Related

How to change the cloudwatch agent logging region?

I have successfully installed cloudwatch agent in amazon linux instance and configured the awslogs.conf file as below.But unfortunately the loggroup is created in us-east-1 instead of configured region us-east-2.Any idea what mistake i'm doing?
Please check your AWS profile region. This must be because of the current default region is selected as us-east-2. Try run aws configure command and change your region to the desired one.

How to know EC2 instance stopped time?

I really need to know about the stopped time of AWS EC2 instances. I have checked with AWS cloudtrail, but its not easy to find the exact stopped EC2 instance. Is possible to see exact time of stopped EC2 instances by aws-cli commands or any boto3 script?
You can get this info from StateTransitionReason in describe-instances AWS CLI when you search for stopped instances:
aws ec2 describe-instances --filter Name=instance-state-name,Values=stopped --query 'Reservations[].Instances[*].StateTransitionReason' --output text
Example output:
User initiated (2020-12-03 07:16:35 GMT)
AWS Config keeps track of the state of resources as they change over time.
From What Is AWS Config? - AWS Config:
AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.
Thus, you could look back through the configuration history of the Amazon EC2 instance and extract times for when the instance changed to a Stopped state.
Sometimes time is missing from StateTransitionReason, you can use CloudTrail and search for Resource Name = instance ID to find out StopInstance(s) API calls.
By default you can track back 90 days, or indefinitely if you create your own trail.

AWS CLI unable to run commands because of connection error

I ventured asking this question because I am getting the following error when I try to run any command in aws cli
Could not connect to the endpoint URL: "https://mturk-requester.us-west-1.amazonaws.com/"
I am in norhtern California and my config file reads:
region = us-west-1
output = table
Therefore I am not experiencing the 1a error described in the questions already answered here and there.
I am also able to communicate with the server using all the steps described here.
The commands I've been attempting to run are:
aws mturk get-account-balance
aws mturk list-hits
I believe this is because mturk is only available in us-east-1 which is also considered the AWS global region, this is mentioned in the documentation for the SDK and the only region mentioned on the endpoints page.
Configure the AWS SDK to use the ‘us-east-1’ region. This is the region in which the MTurk API is available.
If you specify the --region flag and set the value to us-east-1 it should be able to connect to the mechanical turk endpoint.

installing Neo4j on AWS (instructions fail)

I recently spun up a t2.micro image and I want to install neo4j on it. I started with the instructions at https://neo4j.com/developer/neo4j-cloud-aws-ec2-ami/. But I got to the step for creating a security group and I received an error that a region needed to be supplied. Here is the command I used:
aws ec2 create-security-group \
--group-name $GROUP \
--description "Neo4j security group"
The error message was
You must specify a region. You can also configure your region by running "aws configure".
When I run this command I get prompted by a lot of stuff that don't seem related to region? Not only am I prompted for values that I don't know where/how to get them, when I am prompted for the region I am not sure the format to enter the region. So my question is how to I configure a security group so I can move on to installing neo4j on this instance?
There are still several steps to follow to install neo4j, but I seem to be tripped up on this step.
The commands expect a default region under ~/.aws/config
[default]
region=us-west-2
output=json
On the link that you have shared, there is a step to "Configure the AWS CLI with Your Credentials". This step allows you setup aws profile(s) and as part of those profiles, you can set a region.
Follow this link to understand how you can setup your aws profile with credentials and region details
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
Hope it helps

Try to get details from AWS beanstalk configration files

I am adding SNS to applications on AWS Beanstalk. I want to know which SNS topics the application/environment is attaching to. I tried
aws --region us-east-1 elasticbeanstalk describe-environments
It only gets a very vague file telling me the app is associated with one sns but no name no arn. Also, my ARM role has no access to the AWS Configuration.
Any thoughts?
My mistake. The command actually shows the detailed configuration info.