I have a Beanstalk App which has a app_name.elasticbeanstalk.com domain name by default.
I want a domain name like www.app_name.com that can access by bowser, and take following steps.
Register the domain name app_name.com
Set www.app_name.com as a CNAME of the ELB's public DNS.
In this way, I can access the www.app_name.com by the browser.
But, once the browser is loaded, the URL suddenly changes to app_name.elasticbeanstalk.com
I do not want to show the app_name.elasticbeanstalk.com to anyone. Can I just use the www.app_name.com? How?
Help me please.
You can do this by using Route53 and CloudFormation. To do this you would use the Elastic Beanstalk resource inside the CloudFormation template to create your Elastic Beanstalk stack. You would also use the Route53 resource to create your desired domain name. Then inside your Route53 resource you would create an alias that maps to your Elastic Beanstalk endpoint.
This might look something like:
"Resources" : {
"DNS" : {
"Type" : "AWS::Route53::RecordSetGroup",
"Properties" : {
"HostedZoneName" : "example.com",
"Comment" : "CNAME alias targeted to Elastic Beanstalk endpoint.",
"RecordSets" : [
{
"Name" : "example.example.com",
"Type" : "CNAME",
"TTL" : "900",
"ResourceRecords" : [{ "Fn::GetAtt" : ["sampleEnvironment","EndpointURL"] }]
}]
}
},
"sampleApplication" : {
"Type" : "AWS::ElasticBeanstalk::Application",
"Properties" : {
"Description" : "AWS Elastic Beanstalk Ruby Sample Application",
"ApplicationVersions" : [{
"VersionLabel" : "Initial Version",
"Description" : "Version 1.0",
"SourceBundle" : {
"S3Bucket" : { "Fn::Join" : ["-", ["elasticbeanstalk-samples", { "Ref" : "AWS::Region" }]]},
"S3Key" : "ruby-sample.zip"
}
}],
"ConfigurationTemplates" : [{
"TemplateName" : "DefaultConfiguration",
"Description" : "Default Configuration Version 1.0 - with SSH access",
"SolutionStackName" : "64bit Amazon Linux running Ruby 1.9.3",
"OptionSettings" : [{
"Namespace" : "aws:autoscaling:launchconfiguration",
"OptionName" : "EC2KeyName",
"Value" : { "Ref" : "KeyName" }
}]
}]
}
},
"sampleEnvironment" : {
"Type" : "AWS::ElasticBeanstalk::Environment",
"Properties" : {
"ApplicationName" : { "Ref" : "sampleApplication" },
"Description" : "AWS Elastic Beanstalk Environment running Ruby Sample Application",
"TemplateName" : "DefaultConfiguration",
"VersionLabel" : "Initial Version"
}
}
},
More information on using CloudFormation resources can be found here and sample templates can be found here
CloudFormation enables interacting with resources dynamically extremely easy and clean... no to mention completely scripted :)
Related
I have a front-end and back-end separation project I want to redirect to cas from backend, But I got the cross domain problem like this enter image description here.
And I have try fixed it by the user guide: https://apereo.github.io/cas/6.5.x/services/Configuring-Service-Http-Security-Headers.html
Througth it, I have config the follow propertise, but it does not work.
# global config
cas.http-web-request.cors.enabled=true;
cas.http-web-request.header.enabled=true
# client config
"properties" : {
"#class" : "java.util.HashMap",
"corsAllowedOrigins" : {
"#class" : "org.apereo.cas.services.DefaultRegisteredServiceProperty",
"values" : [ "java.util.HashSet", [ "Access-Control-Allow-Origin" ] ]
},
"corsAllowedHeaders" : {
"#class" : "org.apereo.cas.services.DefaultRegisteredServiceProperty",
"values" : [ "java.util.HashSet", [ "Access-Control-Allow-Origin" ] ]
}
}
I'm working on CloudFormation template which includes RDS Database and I wanted to attach security group to RDS. There is a resource AWS::RDS::DBSecurityGroup where I would like to write my own Ingress Rules which allows MySQL traffic from the front end instances by attaching this resource AWS::RDS::DBSecurityGroupIngress but, it doesn't show any properties like "FromPort" , "ToPort" , "Protocol" , etc..
I'm unsure whether the above listed properties will support or not.
From Working with DB Security Groups:
A DB security group controls network access to a DB instance that is not inside a VPC.
If you are using a VPC (which should always be the case unless you systems setup many years ago), you should use an AWS::EC2::SecurityGroup to control security. It does the properties you desire, eg:
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Allow http to client host",
"VpcId" : {"Ref" : "myVPC"},
"SecurityGroupIngress" : [{
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp" : "0.0.0.0/0"
}],
"SecurityGroupEgress" : [{
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp" : "0.0.0.0/0"
}]
}
}
I'm trying to create an EC2 instance, that will use autoscaling, attached to a load balancer.
Unfortunately, I'm getting the error
The availability zones of the specified subnets and the AutoScalingGroup do not match
However, this is my current Cloudformation script:
"ApiAutoScaling" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"VPCZoneIdentifier" : [ "subnet-5ff05206", "subnet-b1109fc6", "subnet-948ce5f1" ],
"InstanceId" : {
"Ref" : "ApiEC2"
},
"MaxSize" : 3,
"MinSize" : 1,
"LoadBalancerNames" : [ "Api" ]
}
},
"ApiLoadBalancer" : {
"Type" : "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties" : {
"LoadBalancerName" : "Api",
"Listeners" : [
{
"InstancePort" : "80",
"InstanceProtocol" : "HTTP",
"LoadBalancerPort" : "80",
"Protocol" : "HTTP"
},
{
"InstancePort" : "80",
"InstanceProtocol" : "HTTP",
"LoadBalancerPort" : "443",
"Protocol" : "HTTPS",
"SSLCertificateId" : "arn:aws:iam::xxx"
}
],
"SecurityGroups" : [ "sg-a88444cc" ],
"Subnets" : [ "subnet-5ff05206", "subnet-b1109fc6", "subnet-948ce5f1" ]
}
}
As you can see, my subnet list is the same for both my autoscaling group and my load balancer. Clearly I've misunderstood how this is supposed to work, but I can't work it out.
Try specifying the AvailabilityZones property for the auto scaling group. The default is for it to use all of them, so if your subnets only use a subnet of the zones, you would get this error message.
(As pointed out in the comments, "AvailabilityZones" : { "Fn::GetAZs" : "" } should do the trick.)
I know that it is possible to set the path manually for a CloudFront distribution to point to a subfolder of an S3 bucket.
How do I set the path property using the CloudFormation JSON configuration?
"CloudFrontDistribution" : {
"Type" : "AWS::CloudFront::Distribution",
"Properties" : {
"DistributionConfig" : {
"Origins" : [ {
"DomainName": { "Fn::GetAtt" : [ "DataBucket", "DomainName" ] },
"Id" : "S3Origin",
"S3OriginConfig" : {}
}],
...
I've checked the CloudFormation docs about CloudFront distributions[1], but they don't mention anything about a path property.
I see that path as origin was released (relatively) recently, last December - see this forum post: https://forums.aws.amazon.com/ann.jspa?annID=2806.
Probably CloudFormation didn't pick up this update. Might be worth contacting their support to see when this will be available.
I have three machine running on amazon cloud. I set the first primary set as follows
{
"_id" : "rs0",
"version" : 270805,
"members" : [
{
"_id" : 0,
"host" : "xxx.xxx.xxx.xxx:27017",
"priority" : 2
},
{
"_id" : 1,
"host" : "xxx.xxx.xxx.xxx:27017"
},
{
"_id" : 2,
"host" : "xxx.xxx.xxx.xxx:27017"
}
]
}
then the second machine will auto sync the config. however, the third machine will not synced the config.and all becomes [secondary]. when I set up the third machine rs conf using re.reconfig(conf, {force: true}). it will not set and throw error something like has a
config version >= to the new cfg version; cannot change config