- 개요 ARN은 AWS resource의 고유 정보로 많은 CLI에서 유용하게 사용되나, S3 bucket ARN은 CLI를 통해 추출이 불가하다. - S3 bucket ARN 추출하는 법 aws s3 ls | awk '{print $3}' | sed 's/^/arn:aws:s3:::/' - ChatGPT (X)

- User-defined cost allocation tags 개인 생성한 Tag를 Cost allocation tags로 사용하기 - 방법 AWS Billing Console Cost allocation tags User-defined cost allocation tags에서 원하는 Tag 선택 (사전에 미리 생성해놔야함) Activate - 참고 tag active되는데 최대 24시간 소요 active 된 이후 비용부터 확인 가능 - reference https://docs.aws.amazon.com/ko_kr/awsaccountbilling/latest/aboutv2/activate-built-in-tags.html https://docs.aws.amazon.com/awsaccountbilling..

- CLI aws cloudtrail lookup-events --lookup-attributes AttributeKey=,AttributeValue= - attribute AccessKeyId EventId EventName EventSource ReadOnly ResourceName ResourceType Username - delete ECS service event (example) aws cloudtrail lookup-events --lookup-attributes AttributeKey=EventName,AttributeValue=DeleteService --query Events[].Resources[].ResourceName - reference https://docs.aws.amazon..

- 개요 AWS console에서 ECS관련 리소스 생성할 경우 cloudformation에 동일한 stack이 생성된다. ECS-Console-V2-Service-xxxxxxxx ECS-Console-V2-TaskDefinition-xxxxxxxx - Document AWS CloudFormation stacks The following behavior applies to task definitions created in the new console before January 12, 2023. When you create a task definition, the Amazon ECS console automatically creates a CloudFormation stack that has a name..

- 상황 lambda 실행 - 에러 [ERROR] [1674721589583] LAMBDA_RUNTIME Failed to post handler success response. Http response code: 413. - 원인 too large payload 6 MB each for request and response (synchronous) 256 KB (asynchronous) - reference https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html

- 방법1 dummy로 key pair생성하면서 tag를 생성하여 해당 tag key 사용 - 방법2 Actions에서 Manage tags

- Good for Security (Zero Trust) and save traffic costDo not use root user for commom case.Use individual IAM user.Use MFA for Every IAM user include root account.Use Role not accesskey.Separate VPC for ENV such as dev, staing, production.Separate private and public subnets on VPC.Use individual routing tables for private and public subnets on VPC. (NAT Gateway, Internet Gateway)Internet traffic..

- 개요 domain을 다른 AWS Account로 이관하는 방법은 아래 순서로 진행을 해야 한다 - 1. 기존 account >> aws sts get-caller-identity --query "Account" --output text 1234567890 root@ ~ >> aws route53domains list-domains --region us-east-1 { "Domains": [ { "DomainName": "example.com", "AutoRenew": true, "TransferLock": true, "Expiry": "2055-04-05T16:39:07+09:00" } ] } root@ ~ >> aws route53domains transfer-domain-to-another-aws..

- 개요 cloudwatch loggroup의 log를 filter에서 slack으로 알려주는 app 구성 방법 - 방법 (1) Slack App 생성 및 Webhook URL 획득 https://api.slack.com/apps >> create new app >> Add features and functionality >> Active Incoming Webhooks >> Webhook URL Copy - 방법 (2) AWS SAR 에서 App 생성 https://serverlessrepo.aws.amazon.com/applications/us-east-1/289559741701/cw-logs-to-slack https://github.com/keetonian/cw-logs-to-slack - 방법 ..

- 개요 credentials 파일이나 특정 파일에서 aws access key 또는 aws secret key 추출 하는 방법 - 방법 (access key 추출) cat ~/.aws/credentials | grep aws_access_key_id | awk '{print $3}' cat ~/.aws/credentials | grep aws_access_key_id | awk -F = '{print $2}' | tr -d ' ' grep -RP '(?