re:Invent is over and as usual it was full of announcements about new services or improvements. Let’s try to recap the most significant focusing on architecture and server-side.
One of the biggest-long-awaited announcement: Finally it is possible to track down calls to AWS APIs made using AWS Console, AWS CLI, SDKs, our Applications and third-party software. Logs from multiple accounts can be aggregated and published, in JSON format, to S3 buckets. SNS notifications are available to get notified every time a log file is uploaded. » Read more: AWS re:Invent Recap
SSH access to Amazon’s EC2 Linux instances is protected by a key pair system. It’s a handy tool that permits, for example, to maintain a repository of keys, share or revoke them easily. But what happens when we lose one of those keys? Thankfully not everything is lost, let’s see how we can solve this problem.
First thing to consider is that this method implies stopping our instance. That means we must be sure that after a restart everything will still work as before. Then we have to accept a stoppage of our services for a few minutes.
Let’s start from an EBS-backed instance we’ve lost its key pair (in order to perform this operation we need the instance’s root volume to be an EBS, as we need to move it between instances and that’s not possible with the ephemeral storage). First thing we need is to start a second instance and assign to it a key pair we can access or a newly created one. This new instance must be created in the same AZ of the original one. In order to optimize costs we’ll choose the smaller EBS-Backed instance: a t1.micro.
AWS has recently introduced new metrics for the ELB Service in order to help people measuring applications’ health and performance. In this article we’ll dissect the new metrics and the new CloudWatch console layout that offers the opportunity to browse metrics.
These are the new metrics available:
Backend Connection Errors: represents the number of unsuccessfully established connections between the load balancer and instances;
Surge Queue Length: represents the total number of request pending submission to the instances, queued by the load balancer;
Spillovers: the number of request rejected because the previous queue is full.
Early in September Amazon released its new Command Line Interface (CLI) which now provides a single command as interface to (almost all) AWS services. Not interested enough? What about json formatted output and the ability to delete non-empty S3 buckets?
We know these options are for CLI lovers only but sometimes command lines saves us from wasting time clicking around in the AWS Console when the same thing can be done with one command…
The Getting Set Up page guides us through the process of setting up the AWS CLI in Linux, Mac OS X and Windows. We suggest, as a basic security measure, to create an IAM user to run all this command line stuff. Following the privilege separation principle it is advisable to “Never use the root account in AWS” except for administrative task as checking the bill. Just create an account with Administrator access and then a user for each project or task.