I am using terraform to create an aws sftp server and trying to use IP whitelisting to secure my server.
Terraform aws_transfer_server command supports only endpoint_types such as PUBLIC or VPC_ENDPOINT at this time. So I am using null_resource to execute an aws command to update the sftp server after it was created. The terraform snippet is below:
resource "null_resource" "update_sftp_server" {
provisioner "local-exec" {
command = <<EOF
aws transfer update-server --server-id ${aws_transfer_server.sftp.id} --endpoint-type VPC --endpoint-details SubnetIds="${join("\", \"", var.subnet_ids)}", AddressAllocationIds="${join("\", \"", toset(aws_eip.nlb.*.id))}", VPCEndpointID="${aws_vpc_endpoint.transfer.id}", VpcId="${var.vpc_id}"
EOF
}
depends_on = [aws_transfer_server.sftp, aws_vpc_endpoint.transfer]
}
This executes the below aws command
aws transfer update-server --server-id s-######## --endpoint-type VPC --endpoint-details SubnetIds="subnet-#####", "subnet-#####", AddressAllocationIds="eipalloc-######", "eipalloc-######", VPCEndpointID="vpce-#######", VpcId="vpc-#####"
But I am getting an error as below:
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
Unknown options: AddressAllocationIds=eipalloc-######, eipalloc-######, VPCEndpointID=vpce-######, VpcId=vpc-######, subnet-######
Can someone help me to know why this error is thrown? My environment details are below:
Terraform v0.12.28
provider.aws v3.0.0
provider.null v2.1.2
aws-cli/2.0.33 Python/3.7.7 Windows/10 botocore/2.0.0dev37
Have you tried building your argument list without spaces? So that it looks like SubnetIds="subnet-#####","subnet-#####",AddressAllocationIds="eipalloc-######","eipalloc-######",VPCEndpointID="vpce-#######",VpcId="vpc-#####" ?
Otherwise when the commandline is broken up into tokens, most of those bits will not be parsed as part of the --endpoint-details argument.
Related
My credentials file of aws looks this way.
vagrant#vagrant:~/.aws$ cat credentials
[default]
aws_access_key_id = *****************
aws_secret_access_key = ***************
[mysubaccount1]
role_arn = arn:aws:iam::**********:role/OrganizationAccountAccessRole
source_profile = default
[mysubaccount2]
role_arn = arn:aws:iam::**********:role/OrganizationAccountAccessRole
source_profile = default
Need to see any options to update that here.
I tried below command to list the existing profiles to frame any condition, but it is giving error as syntax invalid.
vagrant#vagrant:~/.aws$ aws configure list-profiles
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
aws: error: argument subcommand: Invalid choice, valid choices are:
list | get
set | add-model
Any aws config commands or any bash script you can suggest to update the details coming from terraform output when we create the account from there to update or add a new profile like mysubaccount3.
The command is
aws configure list
not
aws configure list-profiles
Also, you can easily edit the .aws/credentials files with any text editor and add/remove/update any entry there.
I tried to create an access point for my efs file system using following command:
aws efs create-access-point --file-system-id fs-0163391d24d0b14b5 --posix-user Uid=1001,Gid=1001 --root-directory Path="/mnt/",CreationInfo={OwnerUid=1001,OwnerGid=1001,Permissions="0755"}
This command is not working and giving following message:
"usage: aws [options] [ ...] [parameters]
To see help text, you can run:
aws help
aws help
aws help
Unknown options: Path=/mnt/,CreationInfo=Permissions=0755, Path=/mnt/,CreationInfo=OwnerGid=1001"
Please tell me what is wrong with this command ? I am using this command after referring to aws cli guide docs only.
You have too many ". It should be:
aws efs create-access-point --file-system-id fs-0163391d24d0b14b5 --posix-user Uid=1001,Gid=1001 --root-directory Path='/mnt,CreationInfo={OwnerUid=1001,OwnerGid=1001,Permissions=0755}'
When EMR Cluster has been provisioned, I want to get the "AWS CLI Export" output using aws cli command.
Please let me know if someone has an idea to get aws cli export output through aws cli command
It says in the EC2 userguide that you can change the t2/t3/t3a default-credit-specification for your AWS account Link Here.
When I run the command aws ec2 modify-default-credit-specification --region us-east-1 --instance-family t2 —-cpu-credits unlimited, it says Invalid choice: 'modify-default-credit-specification'. How do I change the default specification of t2/t3/t3a instances
Try updating your aws cli to the latest version.
$ aws --version
aws-cli/1.14.44 Python/3.6.8 Linux/4.15.0-72-generic botocore/1.8.48
$ aws ec2 modify-default-credit-specification
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: argument operation: Invalid choice, valid choices are:
...
but
$ ~/.local/bin/aws --version
aws-cli/1.16.309 Python/3.6.8 Linux/4.15.0-72-generic botocore/1.13.45
$ ~/.local/bin/aws ec2 modify-default-credit-specification
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: the following arguments are required: --instance-family, --cpu-credits
This command will work in AWS CLI version 2.
Link to download/install -> https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html'
Command to check default CPU Level credits:-
aws ec2 --region us-west-2 get-default-credit-specification --instance-family t3
Command to disable at account level for Oregon Region:
aws ec2 modify-default-credit-specification --region us-west-2 --instance-family t3 --cpu-credits standard
Downloaded Kubernetes 1.1.8 from:
https://github.com/kubernetes/kubernetes/releases/download/v1.1.8/kubernetes.tar.gz
Followed the instructions at:
https://github.com/kubernetes/kubernetes/blob/master/docs/getting-started-guides/aws.md
And got the following error:
kubernetes-1.1.8 > ./kubernetes/cluster/kube-up.sh
... Starting cluster using provider: aws
... calling verify-prereqs
... calling kube-up
Starting cluster using os distro: vivid
Uploading to Amazon S3
Creating kubernetes-staging-0eaf81fbc51209dd47c13b6d8b424149
make_bucket: s3://kubernetes-staging-0eaf81fbc51209dd47c13b6d8b424149/
A client error (NoSuchBucket) occurred when calling the GetBucketLocation operation: The specified bucket does not exist
+++ Staging server tars to S3 Storage: kubernetes-staging-0eaf81fbc51209dd47c13b6d8b424149/devel
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: argument --region: expected one argument
AWS Console showed that the bucket was created but was empty.
It's probably a region issue; I'm guessing that the bucket is created in another region than Kubernetes tries to access.
Looks like the aws cmdline tool is confused about the region:
aws: error: argument --region: expected one argument
When it can't determine the region, it defaults to one of the us regions.
EDIT: the S3 sync is triggered by script cluster/aws/util.sh.
The command executed is aws s3 sync --region ${s3_bucket_location} --exact-timestamps ${local_dir} "s3://${AWS_S3_BUCKET}/${staging_path}/".
You can add an echo ${s3_bucket_location} before the line above. It should give you more information on what the region is set to.