CodeDeploy cannot find appspec.yml in deployment folder

I have placed my appspec.yml as opt/<MY_APP_NAME>/deployment/appspec.yml i-e in my project root directory but codedeploy is trying to find appspec.yml in opt/<MY_APP_NAME>deployment/<DEPLOYMENT_FOLDER>/<HASH_FOLDER>/deployment_archive>/.

How can I provide appspec.yml to codedeploy ? As the deployment_folder is being created dynamically. Thanks.

This is what codedeploy logs show.
codedeploy logs
I am using ec2 instance with CentOS.

Go to Source
Author: Danish Ahmad

Sending HTTP requests to private EC2 DNS from other EC2 host works, but not from container on EC2 host

I want to make a container hosted on one EC2 host communicate with another container hosted on another EC2 host.

Currently, if I send an HTTP request from host A to host B using host B’s private DNS and the exposed container port, I receive a response correctly.
However, if I try the same thing within the container on host B, I get a “Host is unreachable” error.
To me, this would indicate it is not a host networking issue, which is configured in AWS, so I won’t enter into detail on it.

What puzzles me is that I have done the exact same thing in our pre-production environment and it works perfectly.

What could be the issue / where do you think I should look to troubleshoot this? Please keep in mind I’m a noob 🙂

Go to Source
Author: Konrad

Best way to create temporary windows ec2 instances with pre installed apps?

I use windows ec2 instances and I need 2-3 tools which I need to install. I ocassionally need 20-40gb hard disk for processing and I always know what HDD size I want before lauching the instance and I always want the tools when I lauch the instance.

Problem is, I need to use it for like 1-2 hours only. Maybe 3 times a month.

What is the best way to tackle this with less price so that I can lauch with the pre installed apps as fast as possible with cost effective way?
(processor and ram could be any)

Go to Source
Author: LotusORB

Terraform duplicates the security groups, how do I stop it?

I’m using terraform to create two instances and a security group. Here is how I did it:

# bastion host
resource "aws_instance" "bastion_1a" {
  ami                         =
  availability_zone           = var.az_1a
  instance_type               = var.instance_type
  key_name                    = var.bastion_key_name
  subnet_id                   =
  vpc_security_group_ids      = []

resource "aws_instance" "bastion_1b" {
  ami                         =
  availability_zone           = var.az_1b
  instance_type               = var.instance_type
  key_name                    = var.bastion_key_name
  subnet_id                   =
  vpc_security_group_ids      = []    

resource "aws_security_group" "bastion_sg" {
  name        = var.name_bastion_sg
  description = var.bastion_sg_description  
  vpc_id      = module.vpc.vpc_id

  ingress {
    description = var.ssh_ingress_description
    from_port   = var.port_ssh
    to_port     = var.port_ssh
    protocol    = var.protocol_tcp
    cidr_blocks = local.ips_allowed_ssh

the problem: after the resources have been created, I checked the console and found that two security groups were created one for bastion_1a and another one for bastion_1b. However, as you can see in my terraform I only specified one security group.

I would like to use terraform to create one security group for both instances.Please can someone explain to me why terraform is creating two security groups.

What do I need to do so that terraform only creates one security group.

Go to Source
Author: davidonstack

Old LetsEncrypt SSL certificate still being served by EC2 instance

I’m working on renewing the SSL certificate for my websites. They are all running on the same EC2 instance with the same Apache server. Two of my domains recently expired so I also tried to remove them from the certificate.

I think I renewed the certificate correctly because when I run the following, it appears to suggest the certificate is up-to-date:

$ /usr/local/bin/certbot-auto certonly --webroot -w /var/www/html -d -d -d -d -d -d -d -d -d -d -d -d
Requesting to rerun /usr/local/bin/certbot-auto with root privileges...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/

What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal; no action taken.

Then I restart Apache with sudo systemctl restart httpd, which produces no output.

But when I navigate to my website at, I see there is still an SSL error saying the certificate is expired. What could be happening?

I’m running Apache 2.4:

$ yum info httpd
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
236 packages excluded due to repository priority protections
Installed Packages
Name        : httpd
Arch        : x86_64
Version     : 2.4.43
Release     : 1.amzn2
Size        : 4.0 M
Repo        : installed
From repo   : amzn2-core
Summary     : Apache HTTP Server
URL         :
License     : ASL 2.0
Description : The Apache HTTP Server is a powerful, efficient, and extensible
            : web server.

Go to Source
Author: Neel