I am new to AWS and,
Here's the drill:
- Logged in to AWS with root admin credentials.
- I created few security groups in AWS.
- Terminated all the EC2 instances that I had.
- Deleted ELB successfully.
- Deleted RDS successfully.
- Using default VPC and no Elastic IPs.
Now, when I am trying to delete security groups, one group says its being referenced by another. When I try to delete the referenced one, it says that the security group is being referenced by a Network Interface.
We get two options here- Associate with another group or Delete that Network Interface.
Trying first makes no sense as I want to get rid of all the Security Groups except the default (Like it was in the beginning). Still I tried that option and got the error "You do not have permission to access the specified resource" and it did not let me associate that Network Interface (Status-In Use) with any Security Group.
Tried deleting/detaching(force) that Network Interface and got an error message "You do not have permission to access the specified resource."
A similar issue can be found below without any known solution:
https://forums.aws.amazon.com/thread.jspa?threadID=99189&start=0&tstart=0
Unresolved Stackoverflow link: issue in deleting VPC and network interface
I would really appreciate if someone hits me with a hammer of facts :)
Thanks, in advance!
I had the same issue, after having removed load balancers, auto-scaling groups, the memcached cluster and so on, I couldn't delete the VPC.
I had the feeling that there was some vicious circle between two network interfaces that I couldn't detach or modify and the security group itself that I couldn't remove as long as it was attached to the interfaces.
I ran the aws elasticache describe-instances command (I saw a reference to elasticache in a network interface description) to see if it would show something I missed.
And indeed, there was some redis cluster remaining, that I didn't see in the mess of the UI, which was some remnant of a long forgotten test. After having removed this cluster, I could delete the VPC.
So I'd say that kind of issue: unauthorized access, even for admins is mainly related to a component managed by AWS, and to the fact that the UI is far from friendly when it comes to know from where an error comes.
https://forums.aws.amazon.com/thread.jspa?threadID=168376
It looks like sg-72bd411a does in fact reference itself. You'll need to go into it and remove the reference before you can delete it.
Related
I'm trying to "delete VCP" from within AWS.
When doing so it shows me all the resources that need to be removed. After removing them I'm left with a network interface which seems to be connected to RDS as its description is "RDSNetworkInterface". So when attempting to delete/detach it states: "Network interface is currently in use."
Just can't work out how to remove the association it has with RDS, so I can remove it then finally delete the VCP?
Is the RDSNetworkInterface being used in anyway or attached to any existing resource? Try to describe it and you might get some idea.
Once it is deleted, you should be able to delete vpc as well.
See also: AWS not able to delete network interface
So I am helping out on a project in Google cloud and recently it has come to my attention that in the "activity" tab, right next to the dashboard on the home page there is a set of logs. My problem is that I am getting a series of logs on repeat with the following order:
1.Create VM
2.Add instances to instance group
3.Remove instances from instance group
4.Delete VM
Also, the actions are being done by a service account.
This project had people working before in it, so I am not aware of everything that has been done in the past. That being said, I am tasked with finding out where this is coming from.
In my search I came up with things like there might have been an managed instance group with load balancer and autoscaler enabled which could be causing the automatic recreation of instances. However, when searching on this section there is nothing on instance groups, load balancers or anything of the like. There aren't even VMs on compute engine.
Any idea on what could be causing it or how I can begin to search for this?
I am following the AWS tutorial to create a Webapp here: http://docs.aws.amazon.com/gettingstarted/latest/wah-linux/getting-started-create-rds.html
I am stuck at the part 'Create a Security Group for Your DB Instance'.
The tutorial instructs you to start writing 'WebserverSG' into the IP source, and to select an option. However, even after completely typing 'WebserverSG', no such option is presented and I am unable to create the security group.
Is there a way to know the source without selecting it from the options? Alternatively, have I done something wrong for the option to not be presented?
This is my first time dealing with AWS; I don't have a concrete understanding of the purpose of security groups - so please bear this in mind!
Thanks in advance for any answers.
Are you going through the VPC area of the console or trying to edit it from within RDS? If I remember correctly you can only enter another Security Group as a source from within the VPC area.
This was fixed by: remaking the web server security group with the exact name WebServerSG, then making the database security group by starting typing the inbound IP with 'sg-...' instead of 'WebSe...'. Assigning the new security group to a similar instance has everything working.
Issue in a nutshell:
Simple-singular-practice ec2 instances are unexpectedly just falling off the grid even though they are still running, and I have to keep recreating them ,and if not, ssh accessing or online public DNS accessing will result in a "Timeout".
Little More Details Outside the Nutshell :)
I've followed the setting up a LAMP server instructions to the "T" and successfully have served up basic HTML pages.
Everything initially works fine:
I can ssh into the instance no problem
When accessing the public DNS online - the expected html pages render just fine.
Problem:
But then, quiet randomly, I can no longer access the instance through ssh and even online, the public DNS is inaccessible.
In both cases they just "Timeout"
Config:
Basic Free Tier
Amazon Linux AMI 2015.09.1 (HVM), SSD Volume Type
t2.micro
Number of Instances - 1
Auto-assign Public IP(Enabled)
Ports - 22(My IP),80(0.0.0.0),443(0.0.0.0)
Using a key pair
Question:
What typically causes instances freezing up like this?
LAMP stacks on EC2 are extremely common, and the guide you're following is extremely popular and has been used for years so it's likely you've gone wrong somewhere or the problem is something more sinister.
If you can't access the instance by any means, it would sound like it has become overloaded. Unless you've accidentally changed a firewall rule on the AWS side (eg. Security Groups, NACLS) or something on the instance level (eg. IP Tables).
Open up ICMP on your security group and try pinging the instance and see if you get a response.
After you've verified all your firewalls and you've tried to connect to it through every means, check out the logs, they're your friend.
To check the logs, start at the AWS level. CloudWatch records lots of data about your instance - CPU Utilization, Network In & Out and more. Check all of these through the AWS Console ensuring you select the "Maximum" statistic and not "Average". Also, take a look at the "StatusCheckFailed_System" (Hardware problem) and "StatusCheckFailed_Instance" (Instance not responding to health check probes) metrics to see if they have any story to tell. See the docs here and here for more info.
Next, reboot the instance and try stop starting and reconnect via SSH. Check you application logs (if any) and check your Apache Logs and Linux Logs to see what happened.
But to answer your question, what typically causes a instance to freeze up like this:
Bad Application code that sucks up all the CPU overloading the instance
Too much traffic overloading the instance
Running too many services on the instance that it's unable to handle
AWS Hardware problem - Uncommon
I am trying out the tutorial for amazon VPC - Virtual private cloud.
http://docs.amazonwebservices.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html#Case2_Launch_NAT
I have followed these steps....
Navigate to https://console.aws.amazon.com/vpc
Create a VPC.
Create security groups as outlined by the article.
I have created the NATSG security group as required by the article.
When I try to change the security group of the instance to run under the NATSG group it gives me an error - saying it encountered an error without any description.
Any pointers would be appreciated.
I am not facing the issue any longer - it appeared to be an ongoing issue at the time, I can currently switch security groups properly.
The one change I have made over the past 2 years is switch all my manual interactions with AWS to be programmatic using boto3 or cloudformation, which has eliminated a lot of errors.