CloudWatch Event trigger on HTTP requests - amazon-cloudwatch

I have an EC2 instance that runs some very occasionally needed services. The application that uses the services will keep retrying until it finds the server so I was wondering if I can set up a CloudWatch Event Rule that will trigger a Lambda that starts my EC2 when HTTP traffic is directed at the EC2. Any ideas on whether this is possible?

No, but its possible with API Gateway to accept HTTP request and trigger Lambda.
Inside the lambda code your can write logic to start EC2 using AWS SDK.
AWS Guide: https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/ec2-example-managing-instances.html
Example code : https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/javav2/example_code/ec2/src/main/java/com/example/ec2/StartStopInstance.java

Related

Cloudflare Worker fetch to same domain endpoint does not execute

I have a worker that’s under the worker.example.co. Within the worker, there’s a fetch request to gql.example.co. DNS for the domain is handled by Cloudflare. The worker is obviously hosted there, but the external endpoint is an A record pointing to an external API (i.e. someapi.fly.dev).
No matter what I do, that request never fires. Not fails; it just never happens. Using the original endpoint for the API (someapi.fly.dev) works just fine. And using that API as gql.example.co works just fine outside the Worker.
The problem is specifically within the Worker; making a request from the same domain endpoint. Is there something I need to do on Cloudflare to make this work or is it simply not possible?
Routing for the Worker: worker.example.co/*
Repo with in question.

HTTP health check using AWS CloudWatch

I have an AWS environment that seems to lose connectivity to a server we are connected to via a static route. I want to be able to monitor the situation by sending an HTTP GET request to this remote server. Is this possible using CloudWatch? I am new to AWS and I have not found anything on this topic. My guess is that I am using the wrong lingo. Any guidance would be appreciated.
You can do it using Route53 health check on HTTP or TCP, you don't need to use Route53 as DNS service, you can simply use Health check service and trigger lambda/Cloudwatch/SNS etc.
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/health-checks-types.html

socket.io 400 bad request cloudfront

I am working on a web-app which uses socket.io for real time chat purpose.
web-app is developed in MEAN stack.
my front End build is hosted on S3 and powered by cloudfront.
and the back end is on EC2.
Now everything works fine,my APIs are redirected to the EC2 properly as cloudfront cannot handle them.
but I get 400 error for my socket.io
I have searched a lot but couldn't find a solution.
cloudfront has ssl certificate attached but my server still runs on 80.
I haven't used nginx or any server on my ec2 instance.
Also I don't have any ALB initialised.
I know cloudfront doesn't support websockets but what steps I have to take to make it work?

Amazon Cognito throwing 500 internal server error on authentication

So I have an application that I am deploying through a docker container in ECS service. And I am using Amazon Cognito through application load balancer for authenticating into the application.
When I configured this with internet-facing Application Load Balancer(ALB), everything worked fine. But now when I changed my ALB to internal, it is throwing an error 500 Internal Server Error.
Has anyone seen similar scenario?
The way I solved this problem was by adding a rule on Load balancer listener - On Unauthenticated - allow

API gateway works with only publicly open EC2

I have created a HelloWorld SpringBoot app and deployed it on a EC2 instance. I can invoke it through my HTTP browser with http://<My EC2 instance IPv4 address>/tax after I add the following inbound rules
CustomTCP TCP 8080 <my laptop Ip>
SSH TCP 22 <my laptop Ip>
I went ahead to create a API Gateway with GET method with Integration Type as HTTP and with the above URL. But when I test the GET method, I get
"message": "Network error communicating with endpoint".
I tried giving various inbound rules but no success. Finally after creating a open inbound rule of All Traffic for everyone the API worked fine.
Clearly I cannot go ahead with this open inbound rule, what specific inbound rule should I create for my API to work? What IP should I use in the inbound rule? Does API even have an IP?
From what I understand, your application needs to be publicly accessible to be used by API Gateway.
However, you can use SSL certificates to restrict access to your HTTP backend only to API Gateway. This documentation shows how to do that.
See this for a related discussion on AWS forum.