I want to create an AWS EC2 instance with an IP address specific to a region. For example if it is Jackson, Mississippi, I want the instance to have an IP which belongs to that same region. If I use that IP as Proxy and go to whatismyip, it should always show Jackson, Mississippi area.
You cannot. An EC2 instance is created in a region, and AWS has 12 regions as of now. See more about regions and endpoints here:
http://docs.aws.amazon.com/general/latest/gr/rande.html
The closest region to Jackson, Mississippi is probably Ohio (us-east-2) or us-east-1, where you could provision your instances.
You can use AWS DirectConnect to link your data center to AWS and can probably achieve what you want, but I believe you don't wish to get there.
Related
I have an EC2 instance running in the N. Virginia region. The "Platform details" is shown as "Linux/UNIX". Now I am trying to purchase a reserved instance after selecting the same platform in the search field. But it is showing:
Now when I search by the same options on a different region (eg: Oregon or N. California) the purchase options are coming through. Why?
Besides that, I have noticed another thing in N. Virginia. There are options coming with "Amazon VPC". What does that mean? How can launch an EC2 with a Platform like "Linux/UNIX (Amazon VPC)"?
Thanks in advance.
Now when I search by the same options on a different region (eg: Oregon or N. California) the purchase options are coming through. Why?
Amazon may not always have enough capacity for all platforms in all regions - this is why you're seeing different results.
There are options with "Amazon VPC" appended. What does that mean?
As per docs:
With EC2-Classic, your instances run in a single, flat network that you share with other customers. With Amazon VPC, your instances run in a virtual private cloud (VPC) that's logically isolated to your AWS account.
Use Linux/UNIX (Amazon VPC) - nobody should be creating new instances using the EC2-Classic platform & is will be retired very soon.
I am trying to clean up my AWS configuration and I want to know if particular subnets are actually used/have any resources in them.
I'm aware you can filter a list of a particular resource type (e.g. EC2 instances) by subnet id, through the AWS web interface, but I am not yet aware of all of the different resource types that may be used - so I am concerned I may miss something.
I have tried inspecting the subnet via the AWS CLI, but I can't see anything that clearly differentiates subnets that are in use and those that are not:
aws ec2 describe-subnets
This question deals with enumerating all IP addresses within a particular subnet's CIDR block, but it doesn't reveal how to show only active IP addresses (which I could presumably use to find the attached AWS resources and confirm a subnet is indeed in use).
This seems like it would be a common task, but I can find no AWS documentation or SO posts on how to do this. Perhaps there is something flawed in my approach.
aws ec2 describe-network-interfaces --filters Name=subnet-id,Values=subnet-id-here | grep Description (replace subnet-id-here with the subnet id in mind)
The above command will give you the names of resources in that subnet.
Take a look at aws ec2 describe-network-interfaces.
This returns a list of Elastic Network Interfaces (ENIs) and supports a subnet-id filter. EC2 instances aren't the only thing that can be on a subnet -- RDS instances, Elastic Load Balancers, Lambda functions, Elastic File System mount targets, NAT Gateways, and other resources consume IP addresses on a subnet, but in each case I can think of, they do this by allocating ENIs. In some cases, like load balancers (ALB and Classic), the number of addresses grows and shrinks as the balancer scales up and down in capacity. In the case of Lambda, a lack of allocated ENIs may only mean that no Lambda container hosts are currently using the subnet, due to a lack of traffic... so if you have VPC Lambda functions, bear that in mind.
You can also see ENIs in the EC2 console, under "Network Interfaces" in the left hand navigation pane.
Thank you for the responses - they were both helpful and indeed did help me identify whether particular subnets were in use or not.
The thing I found most useful to understanding what was in each subnet, however, was the open source Python visualisation tool, CloudMapper (I'm in no way affiliated - I discovered it after asking my question and scrolling through commercial visualisers).
The AWS CLI is a great tool but, if you're just trying to see what's in each subnet, AWS added a Network Interfaces section to the EC2 console. From there, you can filter by subnetID
AWS CLI filter and query switches
In the --filters switch Values argument, replace <<Subnet ID>> with your Subnet ID.
aws ec2 describe-network-interfaces \
--filters Name=subnet-id,Values=<<Subnet ID>> \
--query 'NetworkInterfaces[*].Description'
My ec2 instance is getting charged for data transfer from almost every available AWS region (Tokyo, Seoul, Singapore, Paris, London, Germany, Ireland, Ohio, Oregon, Sydney, Canada Central, Sao Paulo, Cloud Front, INCLUDING AWS GovCloud (US)). our 99.99% users are from India. As per recommendations of AWS representative have checked no other script are running on our instance and have changed rules for security group inbound rule having only SSH connection on port 22 to static IP. But still, there is data transfer of almost 600GB+. And the documentation for security group doesn't help much is there any other way to stop this data transfer?
Please note that EC2 instance runs the php code and java api tomcat7 service & RDS is on other instance.
First, your question looks like you mention data transfer to other EC2 instances in another region. Perhaps you meant traffic to internet users in other regions?
Second, according to pricing you'll be billed for Data Transfer OUT From Amazon EC2 To Internet whichever region you are and regardless whether the endpoint is in internet or AWS region. So, even if you have users in Mumbai you'll be billed for outbound traffic anyway.
Third, if you want to block transfer on country basis use CDN with proper capability, e.g. CloudFlare.
Please elaborate your question if you meant something else.
Our current server of web application is deployed in Singapore region but as we're going to launch our services in Europe so we want to replicate our ec2 instance in London region so any traffic coming from that region will be served from that instance which will give us low latency. How we can achieve that?
You should address this using AWS Route 53 routing policies.
Route 53 has 5 different routing policies and you can use one of following two policies in this case.
Geolocation routing policy – Use when you want to route traffic based on the location of your users.
Latency routing policy – Use when you have resources in multiple locations and you want to route traffic to the resource that provides the best latency.
Since you are looking at a latency based traffic allocation, as the name suggest, you should use Latency routing policy.
For more information about routing policies please refer this link.
To replicate the EC2 instance to a different region,
Create a snapshot of your EBS volume.
Copy the EBS Snapshot to a London Region
If you are using a custom AMI, you will have to copy the AMI to London region as well
Launch a new EC2 Instance using the copied snapshot in the London region.
I have one VPC with an RDS instance in it. They are both located in the same region.
I want to use the RDS instance in another VPC, that is in another region on another AWS account (we have multiple AWS accounts). If that's not complicated enough the 2nd VPC comes up via CloudFormation (i.e. dynamic). Whenever I am bringing up a CloudFormation stack I want to attach the RDS instance automatically.
I have looked at:
exposing the RDS instance on the public internet :(
an ELB w/ TCP transport to put the database instance behind
VPC peering but the different regions and the approval workflow in the AWS console make little sense in the case we are using CloudFormation
All of these seem suboptimal to me and was wondering if somebody already did this before. If yes, please share what you did and what the though process behind it was.
Use a VPN tunnel from one VPC to the other. You could build your own or look at Vyatta. Ideally the two VPCs do not have overlapping CIDRs. Note that you cannot use VPC peering inter-region.
For anyone who stumbles around here, it looks like AWS VPC Peering can now be done cross region: https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html