- repost.aws
Sign in to continue
- repost.aws
Amazon Quick: How to disable per-action Allow/Deny prompts for connector Write actions (M365)?

- Sentimentrepost.aws
[Urgent few days case hanging] Free tier case - 177722871100602
A user on Re:Post (AWS community forum) reported their Free Tier credits were revoked after a two-week inactivity period, despite updating account details. AWS support directed them to their existing …

- Featurerepost.aws
How do I launch Appstream Desktop Application 2.0 after JumpCloud completes login to Appstream Web?
AWS AppStream 2.0 now supports redirecting streaming sessions from a web browser to the native AppStream client (WorkSpaces Applications client) using a 'amazonappstream:' prefixed URL after JumpCloud…

- repost.aws
Secrets Store CSI Driver failing with Pod Identity on EKS Auto Mode

- repost.aws
My support case stays in "Unassigned" status
A user reported a six-day delay in their AWS support case remaining unassigned, citing urgent email access issues tied to their corporate domain. AWS support staff acknowledged the frustration and adv…

- repost.aws
Not able to connect from OnPrem/Local machine to EC2 instance.

- Featurerepost.aws
Orchestrating ECS Task with Step function state macheine
AWS community clarifies how to pass tags to ECS tasks when orchestrating with Step Functions state machines. The correct method uses the Parameters field in the Task state definition, including a Tags…

- repost.aws
Amazon QuickSight Access Error
- repost.aws
- Sentimentrepost.aws
Alternative factors not working
A user on AWS’s Re:Post forum reported that alternative MFA factors (e.g., email/phone verification) are not functioning as expected when signing in as a root user, with the prompt reappearing repeate…

- Technicalrepost.aws
AWS DMS (DB2 LUW source and S3 as target): Full load data appears to be “replaced” by CDC even with Target table preparation mode = DO_NOTHING
AWS DMS users report that full load data in S3 targets appears replaced by CDC changes even when TargetTablePrepMode is set to DO_NOTHING. AWS clarifies this is expected behavior due to S3's file-base…

- repost.aws
How do you get out of the SES sandbox to send registration emails with Cognito

- repost.aws
A user on Re:Post AWS reported a support case remaining unassigned for six days due to urgent corporate email access issues. AWS support advised verifying the support plan, checking case severity, and

- repost.aws
Inconsistent k-NN result counts between primary and replica shards in Amazon OpenSearch Service. Are there any mitigations besides segment replication?
Amazon OpenSearch Service users report inconsistent k-NN vector search result counts between primary and replica shards due to non-deterministic HNSW graph construction. Segment replication is the onl…

- repost.aws
S3 bucket on ME-South-1

- Sentimentrepost.aws
Urgent billing dispute case unassigned for over a week, how can it be escalated?
A user on AWS’s Re:Post forum reported an unassigned billing dispute case (ID 177681062200855) lingering for 8 days with no response, risking overdue charges. Guidance suggests escalating via Support …

- Technicalrepost.aws
AWS IoT MQTT-over-WebSockets handshake returns 403 ForbiddenException for valid SigV4 with Admin IAM (us-east-2)
A user reported persistent 403 ForbiddenException errors during the WebSocket handshake for AWS IoT MQTT-over-WebSockets, despite valid SigV4 signatures and IAM permissions. REST-based IoT publishing …

- repost.aws
Misleading error during 90-day password rotation: "old password incorrect" when new password fails policy
A user reported a misleading error message during AWS IAM password rotation where the system incorrectly blames an 'old password' failure when the new password violates policy requirements. The issue …

- Contentrepost.aws
Best Practices for AWS WAF Rate Limiting with Mixed User Networks (Corporate + Public)
AWS re:Post published best practices for designing rate-limiting strategies in AWS WAF when users access applications from both corporate (shared IPs) and public networks. It recommends multi-layered …

- Communityrepost.aws
Amplify Auth not handling authorization code from Entra redirect (manual token exchange required)
Users integrating Entra ID with AWS Cognito via Amplify Auth report that authorization codes from Entra-initiated SSO flows are not automatically handled, requiring manual token exchange. AWS confirms…

- repost.aws
AWS DMS (DB2 LUW source and S3 as target): Full load data appears to be “replaced” by CDC even with Target table preparation mode = DO_NOTHING

- Technicalrepost.aws
Inconsistency between named device shadow document in cloud and in device
A user reported a persistent inconsistency between named device shadow documents in AWS IoT Greengrass, where updating a shadow value from 'false' to 'true' in the cloud fails to propagate to the devi…

- repost.aws
Inconsistency between named device shadow document in cloud and in device

- repost.aws
A user reported an outage in AWS ME-South-1 preventing S3 bucket access, with AWS re:Post recommending DataSync, S3 Replication, or CLI for data migration to other regions. The response notes versioni

- repost.aws
Urgent billing dispute case unassigned for over a week, how can it be escalated?

- repost.aws
AWS IoT MQTT-over-WebSockets handshake returns 403 ForbiddenException for valid SigV4 with Admin IAM (us-east-2)

- repost.aws
Misleading error during 90-day password rotation: "old password incorrect" when new password fails policy

- repost.aws
Best Practices for AWS WAF Rate Limiting with Mixed User Networks (Corporate + Public)

- Featurerepost.aws
A user reported that Amplify Auth does not automatically process authorization codes from Entra ID redirects, requiring manual token exchange via Axios calls. AWS support clarified that Amplify is des

- repost.aws
AWS Backup Restore Testing for EC2 always fails with "Restore metadata is invalid." due to NetworkInterfaces field
AWS Backup Restore Testing for EC2 consistently fails with 'Restore metadata is invalid' due to the NetworkInterfaces field in recovery point metadata. The field contains instance-specific values that…

- repost.aws
AWS Step function state machine with ECS TASK

- Technicalrepost.aws
Users report inconsistent k-NN vector search result counts between primary and replica shards in Amazon OpenSearch Service due to non-deterministic HNSW graph construction. Segment replication is the

- repost.aws
AWS Backup Restore Testing for EC2 resources consistently fails with 'Restore metadata is invalid' due to the NetworkInterfaces field in recovery point metadata. The field contains instance-specific v

- Technicalrepost.aws
Amazon Connect – Does queue delay on a higher priority queue block lower priority queues?
A user on AWS re:Post clarified that Amazon Connect’s queue delay mechanism does not block lower priority queues from being routed, even when higher-priority contacts are in delay. Contacts must first…

- repost.aws
Assistance with AWS Lambda Node.js 20.x end-of-life for AWS-supported static website stack
A user reported receiving AWS Health Events about the Node.js 20.x runtime end-of-life for a Lambda function deployed via the AWS-supported static website stack (CDK-based). The issue requires updatin…

- repost.aws
RestoreMetadataOverrides of my Cloudformation Template don't work
A user reported an issue with AWS Backup's RestoreMetadataOverrides in a CloudFormation template, causing restore testing to fail with an 'invalid metadata' error. Community responses suggested fixing…

- repost.aws
cross account s3 access

- repost.aws
s3 cross account access

- repost.aws
OpenSearch service software update stuck in "Applying changes" for more than 6 months
A customer reports an OpenSearch Service domain stuck in 'UpdatingServiceSoftware' for months after a mandatory service-initiated update. The blue/green deployment halted at stage 4, leaving old and n…

- Featurerepost.aws
Users integrating Entra ID with AWS Cognito via Amplify Auth report that authorization codes from Entra ID redirects are not automatically handled, requiring manual token exchange. AWS confirms Amplif

- repost.aws
A user asked whether a higher-priority queue with a delay blocks lower-priority queues in Amazon Connect. Official documentation confirms that contacts in delay periods are not eligible for routing an

- repost.aws
RestoreMetadataOverrides of my Cloudformation Template don't work

- Sunsetrepost.aws
A user reported receiving AWS Health Events about the Node.js 20.x runtime end-of-life for a Lambda function deployed via the AWS-supported static website stack. The issue stems from a deprecated runt

- repost.aws
A user reported that a mandatory OpenSearch Service software update has been stuck in the 'Applying changes' state for over six months, with the blue/green deployment halting at stage 4. The cluster r

- Technicalrepost.aws
A user reported receiving AWS Health Events about the Node.js 20.x runtime end-of-life for a Lambda function deployed via the AWS-supported static website stack sample. The issue requires updating the

- Technicalrepost.aws
A customer’s AWS OpenSearch Service domain has been stuck in an 'UpdatingServiceSoftware' state for over six months during a blue/green deployment. The deployment froze at stage 4, leaving both old an

- repost.aws
AWS WAF: Safe Handling of Legit User IPs Without Blind Allowlisting

- repost.aws
ECS express gateway deployment

- Technicalrepost.aws
SSM Distributor installing amazon-guardduty-agent 1.15.0 with non-idempotent postinst, breaks apt?
A user reported that Amazon GuardDuty agent version 1.15.0, distributed via SSM, includes a non-idempotent postinst script that modifies systemd service files. The script fails on subsequent runs if p…

- repost.aws
A non-idempotent postinst script in AmazonGuardDuty-RuntimeMonitoringSsmPlugin 1.15.0 causes apt to fail by leaving dpkg in a broken state. The script modifies systemd service files but fails on subse

- repost.aws
Urgent: Used AWS for learning purposes but recieved unexpected charges on my account and already opened a case ID but no response.

- repost.aws
Request to Reinstate Promotional Credits

- repost.aws
AWS DMS Serverless full load OOM (full load + CDC):best practices to reduce failures with cost constraints

- repost.aws
Denied AWS Certification Exam Due to Name Mismatch – Test Center Raised Case – Request for Free Reschedule

- repost.aws
CodeCommit shows "Complete your account setup" even though account is ACTIVE and fully verified
- repost.aws
Amplify Custom Domain Stuck in AWAITING_APP_CNAME — SSL Certificate Verification Failing Despite Correct DNS

- repost.aws
Transform and Marketplace - How do they relate, and who controls the available tools?

- repost.aws
Amazon Connect AI Agent Designer not showing associated AgentCore Gateway MCP tool namespace
Users report that custom MCP tools from Bedrock AgentCore Gateway, such as lookup_policy, are not appearing in Amazon Connect AI Agent Designer despite successful integration setup. The issue stems fr…

- Technicalrepost.aws
Lambda CloudWatch log group not created when used existing role of other lambda
Users discovered that reusing an AWS Lambda execution role across multiple functions can prevent automatic CloudWatch log group creation for new functions. Logs may incorrectly route to an existing lo…

- Technicalrepost.aws
A user on AWS re:Post describes frequent out-of-memory (OOM) errors during AWS DMS Serverless full load migrations despite low DCU settings. Best practices recommended include splitting large migratio

- repost.aws
A user reported that custom MCP tools from a Bedrock AgentCore Gateway Lambda target were not appearing in Amazon Connect AI Agent Designer despite successful integration association. The root cause w

- repost.aws
CodeArtifact is unable to host @mui/icons-material 9.0.0
AWS re:Post users report CodeArtifact cannot host @mui/icons-material 9.0.0 because its package.json exceeds CodeArtifact’s 1MB metadata limit for npm publishes. The 1.37MB package.json triggers a har…

- repost.aws
AWS re:Post users report CodeArtifact cannot host @mui/icons-material 9.0.0 because its package.json exceeds CodeArtifact's 1MB metadata size limit for npm publishing. The 1.37MB package.json triggers

- repost.aws
Install Certbot on Amazon Linux 2023 (AL2023)

- Featurerepost.aws
Best Practices for Aurora MySQL Advanced Auditing with Amazon RDS Proxy
AWS advises replacing fragile init_connect stored procedures with Aurora MySQL Advanced Auditing for compliance logging when using RDS Proxy. The new engine-level auditing eliminates dependency on rds…

- Featurerepost.aws
Can I decrease the EBS volume size on my Amazon OpenSearch Service domain?
Amazon OpenSearch Service now permits reducing EBS volume size through a blue/green deployment, replacing the cluster with a smaller-volume version without downtime. This bypasses the standard EBS con…

- Technicalrepost.aws
EKS kubernetes service and inter-AZ traffic
The article clarifies how Kubernetes service, Endpoints, and EndpointSlice objects work in EKS, particularly for the default 'kubernetes' service. It reveals that these objects are managed by the upst…

- repost.aws
Accelerating Incident Detection and Response onboarding with the Incident Detection and Response CLI
AWS introduced the Incident Detection and Response CLI (awsidr), a Python-based tool that automates workload registration, alarm creation, and APM integration for Incident Detection and Response. The …
- Contentrepost.aws
Optimizing AWS DMS Replication Task Performance: Best Practices & Sample Configurations
AWS published a comprehensive guide to optimize AWS Database Migration Service (DMS) replication task performance, addressing common issues like slow full loads, CDC latency, and replication lag. The …

- repost.aws
AWS Customer Guide: Leveraging global child safety partnerships for CSEA prevention

- Integrationrepost.aws
How do I automatically trigger AWS DevOps Agent investigations from CloudWatch Alarms and EventBridge rules for ECS tasks?
AWS published a guide enabling automatic triggering of DevOps Agent investigations via CloudWatch Alarms and EventBridge rules for ECS tasks. The integration uses Lambda functions with HMAC-authentica…
- repost.aws
Integrating PagerDuty with Incident Detection and Response to improve critical workload monitoring
AWS announced an integration between its Incident Detection and Response service and PagerDuty to unify incident management for critical AWS workloads. The setup uses EventBridge and Lambda to route P…
- Featurerepost.aws
How to Use a Dedicated IAM Role with the EFS CSI Driver Node Component in Amazon EKS Using Pod Identity
AWS detailed how to configure a dedicated IAM role for the EFS CSI driver node component in Amazon EKS using Pod Identity, enabling least-privilege access to EFS file systems. The article covers nativ…

- repost.aws
Users report that custom MCP tools from Bedrock AgentCore Gateway Lambda targets are not appearing in Amazon Connect AI Agent Designer despite successful integration setup. The root cause is a misconf

- repost.aws
AWS re:Post users report CodeArtifact cannot host @mui/icons-material 9.0.0 because its package.json exceeds CodeArtifact's 1MB metadata size limit for npm publishing. The issue stems from MUI's large

- repost.aws
Applied for Toll-Free 15 business days ago still with no decision.

- Technicalrepost.aws
Ping status: Offline, Session Manager connection status: DisConnected for EC2 session manager connection
Users report EC2 Session Manager connection failures with errors indicating SSM Agent cannot acquire credentials or connect to AWS endpoints. Root causes include IMDSv2 hop limit restrictions, missing…

- repost.aws
vSphere FT support on AWS EVS

- repost.aws
TPM-WMI Event ID 1801 error on EC2 instance
A user reported a TPM-WMI Event ID 1801 error on Windows EC2 instances after March 2024 updates, related to Secure Boot DBX revocation list certificates not being applied to firmware. AWS support conf…

- repost.aws
AWS re:Post users report CodeArtifact cannot host @mui/icons-material 9.0.0 because its package.json exceeds a 1MB metadata size limit for npm publishing. The 2GB total request limit cannot be raised,

- Technicalrepost.aws
Users report SSM Agent failures on AL2023 EC2 instances, showing 'Ping status: Offline' and 'Session Manager connection status: Disconnected' errors. Root causes include IMDSv2 hop limit restrictions,

- repost.aws
A user reported a TPM-WMI Event ID 1801 error on multiple EC2 Windows instances following March 2024 Windows updates, related to Secure Boot DBX revocation list updates. AWS support clarified this is

- repost.aws
Ubuntu Pro licensing for Lightsail instances — what's the supported path?

- repost.aws
Can't receive inbound SMS via End User Messaging
Users on AWS re:Post report persistent failures receiving inbound SMS replies despite correct SNS topic and IAM configurations. Troubleshooting guidance highlights missing Pinpoint service principal i…

- Technicalrepost.aws
AWS CodeArtifact cannot host @mui/icons-material 9.0.0 because its package.json exceeds the 1MB metadata size limit for npm publishing. The 1.37MB package.json file triggers a hard constraint, despite

- Technicalrepost.aws
Users report Session Manager connection failures for AL2023 EC2 instances due to SSM Agent credential acquisition errors and network connectivity issues. Common causes include IMDSv2 hop limit restric

- Sentimentrepost.aws
A user reported a TPM-WMI Event ID 1801 error on Windows EC2 instances following March 2024 Windows updates, related to Secure Boot DBX revocation list updates. AWS support confirmed it is a cosmetic

- repost.aws
AWS re:Post clarifies that Lightsail instances cannot use Ubuntu Pro licensing, including for ESM Apps like ImageMagick patching. Users must migrate to EC2 for such needs, as Lightsail only supports i

- repost.aws
Can't receive inbound SMS via End User Messaging

- repost.aws
AWS support wait time to provision Bedrock quota

- repost.aws
A user on AWS re:Post reports that Ubuntu Pro cannot be attached to Lightsail instances due to licensing restrictions, as Lightsail only supports its own bundles. The AWS response confirms this limita

- repost.aws
A user reported failing to receive inbound SMS replies via AWS End User Messaging despite correct SNS topic and IAM configurations. AWS support suggested verifying sender country, topic policies, and

- repost.aws
createRequestOriginGroup with originOverrides.hostHeader always causes 502 "invalid value for origin rewrite" regardless of value
A user reports that using originOverrides.hostHeader in CloudFront Functions' createRequestOriginGroup() with an Origin Group (S3 primary, ALB secondary) always triggers a 502 error, regardless of the…

- Technicalrepost.aws
"Curl error (27): Out of memory " after I update "dnf upgrade --releasever=2023.10.20260325"
Users on Amazon Linux 2023 EC2 instances encountered a 'curl error 27: out of memory' after running 'dnf upgrade' with a release version update. The issue stemmed from SSL/TLS configuration problems t…

- repost.aws
301 redirect in lightsail

- Technicalrepost.aws
Users report a TPM-WMI Event ID 1801 error on EC2 Windows instances after applying updates, indicating unapplied Secure Boot certificates. The issue affects multiple instance types and requires manual

- repost.aws
'Invalid principal in policy' error

- repost.aws
AWS account suspended - Support not able to help
A user on AWS re:Post describes being unable to resolve an account suspension due to an expired credit card, citing broken support workflows, redirect loops, and unhelpful agents. They eventually foun…
- repost.aws
A user reported that using originOverrides.hostHeader in CloudFront Functions' createRequestOriginGroup() with an Origin Group (S3 primary, ALB secondary) triggers a 502 error regardless of the hostHe

- Technicalrepost.aws
Users on Amazon Linux 2023 EC2 instances encountered a 'curl error (27): out of memory' after running 'dnf upgrade' with a releasever update. The error stemmed from SSL/TLS configuration conflicts, sp

- repost.aws
A user on AWS re:Post describes being unable to resolve an account suspension due to an expired credit card, citing broken support workflows, redirect loops, and unresponsive agents. The issue was tem
- repost.aws
I noticed a new rule in my WAF configuration, but I cannot identify the cause of its creation
A user on AWS re:Post discovered an automatically generated WAF rule named 'CreatedByCloudFrontForDistribution[ID]-Geo-BlockRule' in their CloudFront distribution's Web ACL. AWS confirmed this occurs …

- repost.aws
Formatting on comments on pull requests: CloudFormation Git Sync (Bitbucket)
A user reported that CloudFormation’s Git Sync feature splits change summaries into multiple Bitbucket comments, breaking Markdown table formatting in subsequent comments due to Bitbucket’s character …
- Technicalrepost.aws
A user reported failing to receive inbound SMS replies via AWS End User Messaging despite correct SNS topic and subscription setup. AWS support suggested verifying IAM roles, SNS topic policies, and e

- Technicalrepost.aws
A user reported that using originOverrides.hostHeader in CloudFront Functions' createRequestOriginGroup() with an Origin Group (S3 primary, ALB secondary) always triggers a 502 error, regardless of th

- repost.aws
"Curl error (27): Out of memory " after I update "dnf upgrade --releasever=2023.10.20260325"

- repost.aws
A user on AWS re:Post describes being unable to resolve an account suspension due to an expired credit card, citing broken support workflows where agents repeatedly redirect them to the console despit
- repost.aws
CloudFront automatically generates a WAF rule named 'CreatedByCloudFrontForDistribution[ID]-Geo-BlockRule' when geographic restrictions are enabled via the CloudFront console, even without manual WAF

- repost.aws
Formatting on comments on pull requests: CloudFormation Git Sync (Bitbucket)
- repost.aws
AWS Support Case for Billing Unassigned for more than 1 month
A user reported a billing support case opened on AWS re:Post in March 2026 remained unassigned for 15 days despite multiple follow-ups. Similar cases were resolved elsewhere, but this user's cases sta…

- Featurerepost.aws
AWS re:Post published a comprehensive guide to optimize AWS Database Migration Service (DMS) replication task performance, addressing common issues like slow full loads, CDC latency, and task failures

- Featurerepost.aws
AWS introduced a method to automatically trigger DevOps Agent investigations when CloudWatch Alarms enter ALARM state or EventBridge detects ECS task failures. The solution uses Lambda functions and H
- repost.aws
AWS announced an integration between its Incident Detection and Response service and PagerDuty to unify incident management for critical workloads. The setup uses EventBridge and Lambda to route Pager
- Integrationrepost.aws
Getting Started with Kiro and MCP Servers: Connect Your AI IDE to Real-World Tools
AWS re:Post published a guide on integrating MCP servers with Kiro, an AI-powered IDE, to unlock advanced workflow automation. The article details installation, configuration, and verification steps f…

- Featurerepost.aws
Meeting Cyber Essentials Patch Requirements for Amazon WorkSpaces Personal with AWS Systems Manager
AWS published a technical guide to automate patching for Amazon WorkSpaces in AUTO_STOP mode to meet the UK Cyber Essentials 14-day patching requirement. The solution uses AWS Systems Manager to orche…

- repost.aws
Amazon Bedrock Inference Cost granularity based on IAM
Amazon Bedrock now captures IAM principal ARNs on every inference request, enabling per-caller cost attribution in CUR 2.0 billing exports. This eliminates manual workarounds like separate AWS account…

- repost.aws
AWS DevOps Agent: A Technical Deep Dive into Autonomous Incident Response
AWS DevOps Agent is an automated incident response tool that reduces mean time to resolution (MTTR) from hours to minutes by performing root cause analysis during incidents. It operates through Agent …
- Featurerepost.aws
AWS introduced the Incident Detection and Response CLI (awsidr), a Python-based tool that automates workload registration, alarm creation, and APM integration for its Incident Detection and Response s
- Sentimentrepost.aws
A user on AWS re:Post describes a months-long struggle to resolve an AWS account suspension due to an expired credit card, citing unresponsive support, weeks-long case response times, and technical ba
- repost.aws
A user discovered an undocumented CloudFront behavior where enabling geographic restrictions automatically creates a managed WAF rule named 'CreatedByCloudFrontForDistribution[ID]-Geo-BlockRule' in as

- repost.aws
A user reported a billing support case opened on AWS re:Post in March 2026 remained unassigned for 15 days, with follow-up attempts also unassigned. Testing with a root-user case showed the same issue

- repost.aws
We’ve had incorrect VAT charged for ~2 years despite verified VAT. Two support cases, 2 weeks, no response. How do we get this assigned to AWS tax team?
An EU VAT-registered company reported being incorrectly charged local VAT on AWS invoices for two years despite verified VAT registration. Multiple support cases over two weeks received no human respo…

- Communityrepost.aws
RME Monitron Sensor pairing issues
Users on AWS re:Post report inability to pair new RME Monitron sensors due to 'No NFC Scanner' errors, with some noting the issue stems from iOS app limitations. Commissioning sensors typically requir…

- Technicalrepost.aws
Users on AWS re:Post report a 'curl error (27): out of memory' after upgrading Amazon Linux 2023 instances using dnf. The error stems from SSL/TLS configuration issues tied to crypto-policies, not act

- repost.aws
AWS account suspended - Support not able to help
- repost.aws
CloudFront automatically generates a WAF rule named CreatedByCloudFrontForDistribution[ID]-Geo-BlockRule when geographic restrictions are enabled via the CloudFront console, even without manual WAF da

- repost.aws
AWS Support Case for Billing Unassigned for more than 1 month

- repost.aws
An EU VAT-registered company claims AWS incorrectly charged local VAT for two years despite verified registration. Multiple support cases went unanswered for over two weeks, with no human response des

- repost.aws
Users on AWS re:Post report inability to pair new RME Monitron sensors due to 'No NFC Scanner' errors, with some noting the issue stems from lack of NFC access in the iOS app. Commissioning sensors ty

- repost.aws
Creating a Textract Dataset, are Queries only used?

- Sentimentrepost.aws
A user on AWS re:Post describes a months-long struggle to resolve an AWS account suspension due to an expired credit card, citing unresponsive support, redirect loops, and login failures. They eventua
- Technicalrepost.aws
CloudFront automatically generates a WAF rule named 'CreatedByCloudFrontForDistribution[ID]-Geo-BlockRule' when geographic restrictions are enabled in the CloudFront console, even without manual WAF d

- Technicalrepost.aws
A user reported that CloudFormation’s Git Sync feature splits pull request comments across multiple messages in Bitbucket, breaking formatting in the second comment due to Bitbucket’s character limit.
- repost.aws
Users on AWS re:Post report inability to pair new RME Monitron sensors due to 'No NFC Scanner' errors, with some noting the issue stems from lack of NFC scanner access in iOS apps. Commissioning senso

- Securityrepost.aws
AWS Support: Bedrock Kimi K2 / K2.5 Service Regression
AWS Bedrock users report a high-severity regression in us-east-1 where Moonshot AI's kimi-k2.5 and kimi-k2-thinking models return only padding characters (!!!!) via the Converse API, exhausting token …
- repost.aws
AWS Bedrock’s Moonshot AI models (kimi-k2.5 and kimi-k2-thinking) in us-east-1 began returning all-padding output (!!!!) via the Converse API on 2026-04-23, exhausting token budgets without producing
- Technicalrepost.aws
Amazon Bedrock’s Kimi K2.5 and Kimi K2 Thinking models in us-east-1 began returning only padding characters (!!!!) instead of valid responses via the Converse API on 2026-04-23, exhausting token budge

- Technicalrepost.aws
Amazon Bedrock’s Kimi K2 and K2.5 models in us-east-1 began returning only padding characters (!!!...) via the Converse API on 2026-04-23, exhausting token budgets without producing usable output. The

- repost.aws
AWS Bedrock’s Kimi K2 and K2.5 models in us-east-1 began returning only padding characters (!!!...) via the Converse API on 2026-04-23, exhausting token budgets without producing usable text. The issu
- Sentimentrepost.aws
Users on AWS re:Post report being unable to pair new RME Monitron sensors due to 'No NFC Scanner' errors, with some noting the issue stems from iOS app limitations. Commissioning sensors typically req

- Sentimentrepost.aws
An EU VAT-registered company claims AWS incorrectly charged local VAT for two years despite verified VAT registration. Multiple support cases over two weeks received no human response, and the issue r

- repost.aws
Do Bedrock invoke commands support MiniMax models?
AWS confirmed that Bedrock's InvokeModel and InvokeModelWithResponseStream commands support MiniMax models (M2, M2.1, M2.5), including streaming via InvokeModelWithResponseStream. Additionally, the ne…

- Legalrepost.aws
Amazon Bedrock "Operation not allowed" for ALL models despite full IAM permissions
Users report being unable to invoke any Amazon Bedrock models in us-east-1 due to a 'ValidationException: Operation not allowed' error, despite full IAM permissions. AWS support suggests the issue ste…

- Featurerepost.aws
AWS CloudFront automatically generates a WAF rule named 'CreatedByCloudFrontForDistribution[ID]-Geo-BlockRule' when geographic restrictions are enabled via the CloudFront console, even without manual

- repost.aws
An EU VAT-registered company claims AWS incorrectly charged local VAT for two years despite verified VAT registration. Multiple support cases over two weeks received no human response, and escalation

- Communityrepost.aws
Users on AWS re:Post report being unable to pair new RME Monitron sensors due to 'No NFC Scanner' errors, with some noting the issue stems from limited iOS app functionality. Commissioning sensors typ

- repost.aws
A user on AWS re:Post asks whether Textract dataset creation is solely for training queries or also for form fields. An answer clarifies that datasets are for training adapters to improve query respon

- Featurerepost.aws
A user on AWS re:Post asked whether Bedrock's Invoke commands support MiniMax models, noting a lack of explicit documentation. An answer confirmed MiniMax models (M2, M2.1, M2.5) are supported via Inv

- repost.aws
Amazon Bedrock "Operation not allowed" for ALL models despite full IAM permissions

- repost.aws
Does Chime support sharing audio during screen sharing?

- repost.aws
Does Opus 4.7 support batch inference?

- Featurerepost.aws
Best practices for customizing Bedrock Data Automation for multiple clients and utilizing multiple blueprints
A user on AWS re:Post describes scaling challenges with Amazon Bedrock Data Automation, noting hard limits of 40 blueprints per project and 350 total per account when creating client-specific blueprin…

- repost.aws
A user reported three AWS billing support cases remaining unassigned for over a month despite follow-ups, with no resolution. AWS acknowledged the frustration and provided troubleshooting steps, inclu

- Featurerepost.aws
Kiro, an AI-powered IDE, now supports MCP (Model Context Protocol) servers to connect with external tools and services, transforming it from a code editor into a workflow automation platform. The guid

- Featurerepost.aws
AWS published a guide to automate patching for Amazon WorkSpaces in AUTO_STOP mode to comply with the UK Cyber Essentials scheme’s 14-day patching requirement. The solution uses AWS Systems Manager to

- repost.aws
Amazon Bedrock now captures IAM principal ARNs on inference requests, enabling per-caller cost attribution in billing reports. This eliminates manual workarounds like separate accounts or custom loggi

- repost.aws
AWS DevOps Agent is an AI-powered tool that reduces mean time to resolution (MTTR) from hours to minutes by autonomously performing root cause analysis during incidents. It uses Agent Spaces for scope
- Technicalrepost.aws
Enhancing resilience in AWS Management Console authentication: A disaster recovery guide for IAM Identity Center with IAM Federation SAML 2.0 and Microsoft Entra ID
AWS re:Post published a technical guide demonstrating how to configure a fallback authentication mechanism for the AWS Management Console using SAML 2.0 federation between Microsoft Entra ID and indiv…
- repost.aws
How to Configure AWS IAM SAML 2.0 Federation with Microsoft Entra ID for Single-Account Access

- repost.aws
Elevate mission-critical data streaming with AWS Unified Operations
AWS introduced Unified Operations, its highest-tier support plan, to help organizations reduce troubleshooting time and proactively optimize mission-critical data streaming workloads. The plan provide…
- repost.aws
Agents Skills for resolving GitLab pipeline failures

- repost.aws
How to set up a deny list in Amazon Connect using Data Tables.
AWS re:Post published a guide demonstrating how to create a deny list in Amazon Connect using native Data Tables, eliminating the need for DynamoDB, IAM, or Lambda functions. The solution allows agent…
- repost.aws
RME Monitron Sensor pairing issues

- Communityrepost.aws
A user on AWS re:Post asked whether Textract dataset creation is solely for training queries or also for form fields. AWS clarified that datasets are designed to train adapters for query responses, no

- Communityrepost.aws
AWS Bedrock now explicitly supports MiniMax models (M2, M2.1, M2.5) via InvokeModel and InvokeModelWithResponseStream commands, with streaming marked in documentation. Additionally, the new Converse A

- Sentimentrepost.aws
Users in AWS re:Post report being unable to invoke any Amazon Bedrock models in us-east-1 due to a 'ValidationException: Operation not allowed' error, despite having full IAM permissions. The issue ap

- repost.aws
A user reported that the Amazon Chime SDK for Android does not support sharing system audio during screen sharing, only video. AWS confirmed that while the SDK supports content audio sharing (up to 48

- repost.aws
Best practices for customizing Bedrock Data Automation for multiple clients and utilizing multiple blueprints

- Featurerepost.aws
Amazon Bedrock now provides granular inference cost attribution by capturing IAM principal ARNs and associated tags in billing data. Previously, Bedrock costs were aggregated by model, region, and tok

- Launchrepost.aws
AWS introduced AWS DevOps Agent, an autonomous incident response tool that reduces mean time to resolution (MTTR) from hours to minutes by performing root cause analysis during incidents. The tool ope
- Technicalrepost.aws
AWS published a step-by-step guide on configuring SAML 2.0 federation between Microsoft Entra ID (formerly Azure AD) and AWS IAM for single-account console access. The guide details creating an enterp

- Featurerepost.aws
AWS published a disaster recovery guide demonstrating how to configure Microsoft Entra ID (formerly Azure AD) to federate directly with individual AWS accounts via SAML 2.0 as a fallback to IAM Identi
- Launchrepost.aws
AWS introduced Unified Operations, its highest-tier AWS Support plan, to help organizations manage mission-critical data streaming workloads with expert guidance and advanced monitoring. The service p
- Featurerepost.aws
AWS introduced agent skills to streamline GitLab CI/CD pipeline troubleshooting for enterprise customers. The feature reduces context usage by progressively loading only the necessary tools (e.g., 15

- Featurerepost.aws
AWS published a guide demonstrating how to set up a real-time deny list in Amazon Connect using native Data Tables, eliminating the need for DynamoDB, IAM, or Lambda functions. The solution allows age
- Contentrepost.aws
Building a Sales Intelligence Agent with Brave Search API and AWS Bedrock AgentCore
AWS published a guide demonstrating how to build a sales intelligence agent using the Brave Search API and AWS Bedrock AgentCore. The agent automates prospect research by performing three targeted sea…

- Integrationrepost.aws
Building a Market Research Agent with Brave Search MCP and AWS Bedrock AgentCore
AWS published a guide demonstrating how to build a market research agent using the Brave Search MCP Server deployed on AWS Bedrock AgentCore. The solution replaces manual search and synthesis tasks wi…

- Featurerepost.aws
AWS published a guide to help UK organizations meet Cyber Essentials patch requirements for Amazon WorkSpaces Personal in AUTO_STOP mode. The built-in monthly maintenance window fails to meet the 14-d

- Technicalrepost.aws
A user on AWS re:Post reports that all Amazon Bedrock models (Nova, Claude, Llama, Gemma) in us-east-1 are returning a 'ValidationException: Operation not allowed' error despite having full IAM permis

- Communityrepost.aws
A user on AWS re:Post reported that the Amazon Chime SDK for Android does not support sharing system or application audio during screen sharing, only video. AWS confirmed that while the Chime SDK supp

- repost.aws
A user on AWS re:Post asked whether Claude Opus 4.7 supports batch inference, noting that AWS documentation confirms support for Opus 4.6 but does not yet mention Opus 4.7. The response indicates that

- repost.aws
A user on AWS re:Post describes scaling challenges with Amazon Bedrock Data Automation, where creating client-specific blueprints for Purchase Order PDFs risks hitting limits of 40 blueprints per proj

- repost.aws
Control Tower setup - Insufficient privileges to create a backup vault. Creating a backup vault requires backup-storage and KMS permissions.
A user on AWS re:Post reported an error when setting up AWS Control Tower, stating they lacked sufficient privileges to create a backup vault due to missing backup-storage and KMS permissions. The iss…
- repost.aws
Editing the wp-config.php file in Non-Bitnami Lightsail Wordpress blueeprint
A user on AWS re:Post asked how to locate and edit the wp-config.php file for a Non-Bitnami WordPress Lightsail blueprint, as it is not in the standard WordPress HTML folder. The response clarified th…

- Featurerepost.aws
AWS confirmed that Bedrock invoke commands (InvokeModel and InvokeModelWithResponseStream) support MiniMax models (M2, M2.1, M2.5), including streaming via InvokeModelWithResponseStream. Additionally,

- repost.aws
A user on AWS re:Post asked whether Claude Opus 4.7 supports batch inference, noting that Opus 4.6 is currently supported per AWS documentation but no confirmation exists for 4.7. AWS typically does n

- repost.aws
A user on AWS re:Post reported an error when setting up AWS Control Tower, stating they lacked sufficient privileges to create a backup vault due to missing backup-storage and KMS permissions. Respond
- repost.aws
A user on AWS re:Post asked how to locate and edit the wp-config.php file in a Non-Bitnami Lightsail WordPress blueprint, as it is not found in the standard WordPress HTML folder. Respondents clarifie

- repost.aws
Severe UX Degradation in the New AWS Access Portal (IAM Identity Center)
A user on AWS re:Post criticized the new UI of the AWS Access Portal (IAM Identity Center) for severe usability degradation, citing microscopic click targets, poor ergonomics, and workflow friction. T…

- repost.aws
Cannot complete security steps - Account restricted by SCP
A user on AWS re:Post reported being unable to complete security remediation steps due to an account restricted by a Service Control Policy (SCP), which overrides IAM permissions. The user received a …

- Sentimentrepost.aws
Amazon Nova Sonic 2 — Infinite tool calling loop with multiple tools
Users report Amazon Nova Sonic 2 enters an infinite tool-calling loop when multiple tools are invoked sequentially with toolChoice: auto and temperature: 0. The model repeatedly re-invokes tools even …

- repost.aws
Tool XML Text Leak in Nova Sonic 2
A user on AWS re:Post reported a 'Tool XML Text Leak' issue in Nova Sonic 2, where a voice-based conversational agent occasionally outputs XML-formatted tool calls (e.g., <__ function=opensearchSummar…

- Featurerepost.aws
A user on AWS re:Post asked if Amazon Chime SDK supports sharing audio during screen sharing when using the Android client library. The response clarified that while Chime SDK supports content audio s

- repost.aws
A user on AWS re:Post asked how to locate and edit the wp-config.php file for a Non-Bitnami WordPress Lightsail blueprint, as it isn’t in the standard WordPress HTML folder. A responder clarified that

- Technicalrepost.aws
A user on AWS re:Post reported being unable to complete AWS security remediation steps due to an account restricted by a Service Control Policy (SCP). The notice requires actions like checking CloudTr

- repost.aws
Users report Amazon Nova Sonic 2 enters infinite tool-calling loops when multiple tools are invoked sequentially with toolChoice: auto and temperature: 0. The model repeatedly re-invokes tools after r

- repost.aws
A user reported an issue with a voice-based conversational agent using the Nova Sonic 2 model, where XML tool-calling output (e.g., <__ function=opensearchSummaryTool>) leaks into logs and is spoken a

- Sentimentrepost.aws
New AWS India account - EC2 vCPU quota too low to launch even t3.micro - how to increase?
A new AWS India account user reported an EC2 vCPU quota of only 1 vCPU, preventing even a t3.micro instance launch. AWS Support explained that new accounts often have lower default quotas, which may i…

- Featurerepost.aws
Do AWS Bedrock Application Inference Profile support ALL bedrock models ?
AWS confirmed that Application Inference Profiles (AIPs) support all Amazon Bedrock models but are only creatable in specific AWS Regions, not all regions where Bedrock operates. Supported regions inc…
- repost.aws
A user on AWS re:Post asked whether Claude Opus 4.7 supports batch inference, referencing AWS documentation that confirms support for Opus 4.6 but not 4.7. The thread notes AWS typically does not anno

- Technicalrepost.aws
A user on AWS re:Post reported an error during AWS Control Tower setup where the AWSControlTowerExecution role lacked permissions to create a backup vault due to missing backup-storage and KMS permiss

- repost.aws
A user on AWS re:Post asked how to locate and edit the wp-config.php file in a Non-Bitnami Lightsail WordPress blueprint, as it is not found in the standard WordPress HTML folder. The response clarifi

- Technicalrepost.aws
A user on AWS re:Post reported severe usability degradation in the new AWS Access Portal (IAM Identity Center) UI, citing microscopic click targets, poor ergonomics, and workflow friction. The redesig

- repost.aws
Users report Amazon Nova Sonic 2 enters infinite tool-calling loops when multiple tools are invoked sequentially with toolChoice: auto and temperature: 0. The model repeatedly re-invokes tools even af

- repost.aws
A user reported an issue with a voice-based conversational agent using the Nova Sonic 2 model, where XML tool-calling output (e.g., <__ function=opensearchSummaryTool>) leaks into logs and audio respo

- repost.aws
A new AWS account in India encountered a vCPU quota of 1 for EC2, preventing the launch of even a t3.micro instance. AWS support advised requesting a quota increase via the Service Quotas console, AWS

- Technicalrepost.aws
AWS confirmed that Application Inference Profiles (AIPs) in Amazon Bedrock support all models but are only creatable in specific regions, not all Bedrock-supported regions. While AIPs can track usage
- Technicalrepost.aws
AWS re:Post discusses scaling challenges with Amazon Bedrock Data Automation when customizing Purchase Order PDF extraction for hundreds of clients. The current approach of creating client-specific bl

- Technicalrepost.aws
A user on AWS re:Post reports being unable to complete AWS security remediation steps due to an account restricted by a Service Control Policy (SCP). The notice requires actions like checking CloudTra

- repost.aws
Users report Amazon Nova Sonic 2 enters an infinite tool-calling loop when multiple tools are triggered sequentially, even after receiving valid results. The issue occurs with toolChoice: auto and tem

- Communityrepost.aws
A user on AWS re:Post reported an issue with Nova Sonic 2, a voice-based conversational agent, where XML-formatted tool-calling output (e.g., <__ function=opensearchSummaryTool>) leaks into the bot's

- repost.aws
A new AWS account in India encountered a vCPU quota limit of 1 vCPU, preventing the launch of even a t3.micro EC2 instance. AWS support advised requesting a quota increase via the Service Quotas conso

- repost.aws
AWS confirmed that Application Inference Profiles (AIPs) support all Amazon Bedrock models but are only available in specific AWS Regions, not all regions where Bedrock operates. Supported regions inc
- Sentimentrepost.aws
AWS India account "not authorized" when submitting Anthropic FTU form on Amazon Bedrock - support ticket open 2 days with no resolution
An AWS India user reported being unable to access Anthropic Claude models via Amazon Bedrock due to an 'account not authorized' error when submitting the First Time Use (FTU) form. The issue persists …

- repost.aws
New registered Kiro pro users can only see partial models available
AWS re:Post users report that newly registered Kiro Pro users can only access partial models (e.g., GLM-5 open-weight models) via the Kiro CLI, while older users see all models. The issue does not occ…

- repost.aws
Failed to create Kiro subscription for IAM Identity Center user in us-east-1
A user reported a consistent failure when attempting to create a Kiro (Amazon Q Developer Pro) subscription for an IAM Identity Center user in the us-east-1 region. The error occurs during the final a…

- Technicalrepost.aws
A user reported a 'Tool XML Text Leak' issue with Nova Sonic 2, a voice-based conversational agent using AWS tools. The bot occasionally outputs XML tags in logs (e.g., `<__ function=opensearchSummary

- Technicalrepost.aws
A new AWS India account user reported being unable to launch even a t3.micro EC2 instance due to a default vCPU quota of just 1 vCPU. AWS support explained that new accounts often start with lower def

- Sentimentrepost.aws
An Indian AWS user reported being unable to access Anthropic Claude models via Amazon Bedrock due to an 'account not authorized' error when submitting the First Time Use (FTU) form. The issue persists

- Sentimentrepost.aws
AWS re:Post users report that newly registered Kiro Pro users can only access partial models (e.g., GLM-5 open-weight models) in the kiro-cli interface, while older users see all models. The issue doe

- repost.aws
DynamoDB import process completed successfully but newly created table is empty!
A user reported that a DynamoDB import from S3 completed successfully but the newly created table showed zero records. AWS support clarified that the DynamoDB console and DescribeTable API only refres…

- Technicalrepost.aws
Users report Amazon Nova Sonic 2 enters an infinite tool-calling loop when multiple tools are triggered sequentially, even after receiving valid results. The issue occurs with bidirectional streaming

- Technicalrepost.aws
RDS instance randomly crashing 3 times per day
A user reported an Amazon RDS instance crashing three times daily, with restarts occurring at consistent intervals. Root causes suggested include the OOM Killer terminating the database process due to…

- Technicalrepost.aws
A user reported an Amazon RDS instance crashing three times daily with recovery cycles lasting 4-5 minutes, despite no errors in CloudWatch logs. The crashes occur at consistent times (3:21 AM, 6:59 A

- Technicalrepost.aws
An AWS user reported that an RDS instance is crashing three times daily, with restarts occurring at consistent times (3:21 AM, 6:59 AM, and 11:29 PM UTC-5). The crashes trigger automated recovery proc

- repost.aws
A user reported an RDS instance crashing three times daily, with restarts occurring at consistent intervals. Root causes likely include MyISAM table instability, out-of-memory (OOM) events, hidden app

- Featurerepost.aws
AWS re:Post users report that newly registered Kiro Pro users can only access partial models (starting with GLM-5 open-weight models) in the kiro-cli interface, while older users see all models. The i

- Sentimentrepost.aws
A user reported that a DynamoDB import from S3 completed successfully but the new table showed zero records. AWS clarified that the UI and DescribeTable API may not reflect real-time counts, advising

- repost.aws
New AWS account has 0 Amazon Bedrock quotas in all regions
New AWS accounts face 0 Amazon Bedrock quotas across all regions by default, requiring users to explicitly request model access before usage. This is a deliberate onboarding measure, not an error, and…
- repost.aws
MWAA Airflow 3.0.6 worker memory leak: 600+ orphaned watchtower _dequeue_batch threads accumulate in ForkPoolWorker when using deferrable KubernetesPodOperator, eventually causing OOM
A user reported a memory leak in AWS Managed Workflows for Apache Airflow (MWAA) 3.0.6 when using the deferrable KubernetesPodOperator. The issue involves 600+ orphaned watchtower _dequeue_batch threa…

- Communityrepost.aws
Need help with adding SSH port, missing `sshd.service` and rebooting EC2 instance.
A user on AWS re:Post reported issues applying SSH port changes to Ubuntu EC2 instances via Terraform. The problem stems from Ubuntu 24-based instances using `ssh.socket` instead of `sshd.service`, wh…

- repost.aws
Amazon Q Developer Kiro subscription failing with CScoreAccessDenied - "Your account is not authorized to make this call"
Users report being unable to subscribe to Amazon Q Developer Kiro in AWS Organizations due to a CScoreAccessDenied error, despite having valid startup credits and root-level permissions. Troubleshooti…

- repost.aws
Billing support not responding after 3 days
A user on AWS re:Post reported a billing issue where a $67k Savings Plan purchase was accidentally made with 'ALL upfront' instead of 'NO upfront,' leading to a blocked Amex transaction and payment pe…

- Technicalrepost.aws
A user reported that a DynamoDB import from S3 completed successfully but the newly created table showed zero records. AWS clarified that the UI and DescribeTable API may take up to 6 hours to refresh

- Technicalrepost.aws
New AWS accounts face 0 Amazon Bedrock quotas across all regions by default, requiring explicit model access requests. Users must navigate the Amazon Bedrock console to request access to specific foun
- repost.aws
A user on AWS re:Post reported issues applying SSH port changes to Ubuntu EC2 instances via Terraform. The user modified `/etc/ssh/sshd_config` using `user_data`, but changes weren’t activating until

- Sentimentrepost.aws
Users report being unable to subscribe to Amazon Q Developer Kiro in their AWS Organization management account due to a CScoreAccessDenied error, despite having startup credits and root-level permissi

- repost.aws
A user on AWS re:Post reported a billing issue where a $67k Savings Plan purchase was accidentally made with 'ALL upfront' instead of 'NO upfront,' leading to an Amex block and payment pending status.

- Technicalrepost.aws
g6e.2xlarge InsufficientInstanceCapacity in eu-central-1 – alternatives?
A user on AWS re:Post reported persistent 'InsufficientInstanceCapacity' errors when launching g6e.2xlarge instances in eu-central-1 (Frankfurt) for an AI inference pipeline requiring ~48 GB GPU VRAM.…

- repost.aws
Editing php.ini file
A user on AWS re:Post asked how to edit the `max_upload_size` in the `php.ini` file for a WordPress installation on AWS Lightsail (non-Bitnami). The response clarified that the correct file to edit is…

- Communityrepost.aws
A user on AWS re:Post reported that Terraform-based EC2 instance provisioning with custom SSH ports stopped working after Ubuntu 24-based AMIs changed SSH service management from `sshd.service` to `ss

- repost.aws
Users report being unable to subscribe to Amazon Q Developer Kiro in their AWS Organization management account due to a CScoreAccessDenied error, despite having Kiro startup credits and root-level per

- repost.aws
Users report persistent 'InsufficientInstanceCapacity' errors when launching g6e.2xlarge instances in AWS’s eu-central-1 (Frankfurt) region for AI inference workloads requiring ~48 GB GPU VRAM (L40S).

- repost.aws
AWS re:Post explains how to edit the php.ini file for a WordPress site on Amazon Lightsail (non-Bitnami). The correct file to modify is /etc/php/8.2/apache2/php.ini, as this is the configuration used

- Technicalrepost.aws
A user reported that a DynamoDB import from S3 completed successfully but the new table showed zero records. AWS support clarified that the DynamoDB console and DescribeTable API only refresh counts e

- Technicalrepost.aws
A user on AWS re:Post reported that Terraform-based EC2 instance provisioning with custom SSH ports stopped working after Ubuntu 24.04 updates. The issue stems from Ubuntu 24.04 replacing the traditio

- Sentimentrepost.aws
Users report persistent 'InsufficientInstanceCapacity' errors when launching g6e.2xlarge instances in AWS eu-central-1 (Frankfurt) for AI inference workloads requiring ~48 GB GPU VRAM. The issue stems

- repost.aws
AWS re:Post explains how to edit the php.ini file for a WordPress site on Amazon Lightsail (non-Bitnami). The correct file to modify is /etc/php/8.2/apache2/php.ini, as it controls PHP settings for th

- repost.aws
Billing case unassigned for 2+ weeks (RDS Extended Support) – is this expected?
A user on AWS re:Post reported a billing case for unexpected RDS Extended Support charges (~$134) remaining unassigned for over two weeks under the Basic support plan. AWS support clarified that Basic…

- Featurerepost.aws
New AWS accounts start with 0 Amazon Bedrock quotas across all regions as a default protective measure. Users must explicitly request access to specific foundation models via the Amazon Bedrock consol

- Technicalrepost.aws
A user on AWS re:Post reported issues with applying SSH port changes to Ubuntu EC2 instances via Terraform. The problem stems from Ubuntu 24-based instances using `ssh.socket` instead of `sshd.service

- repost.aws
Users report being unable to subscribe to Amazon Q Developer Kiro in AWS Organizations due to a CScoreAccessDenied error, despite having startup credits and root-level permissions. The issue persists

- repost.aws
Users report persistent 'InsufficientInstanceCapacity' errors when launching g6e.2xlarge instances in AWS's eu-central-1 (Frankfurt) region for AI inference workloads requiring ~48 GB GPU VRAM. The is

- repost.aws
SOA-C03 preparation, what kind of operational scenarios show up in the exam?
A user on AWS re:Post asks about operational scenarios in the AWS Certified CloudOps Engineer Associate (SOA-C03) exam, seeking insights from recent test-takers. The response emphasizes hands-on exper…

- Technicalrepost.aws
A user on AWS re:Post reports that subscription to Amazon Q Developer Kiro fails with a CScoreAccessDenied error, indicating unauthorized access despite root-level permissions and verified infrastruct

- Communityrepost.aws
AWS re:Post explains how to edit the php.ini file for a WordPress site on Amazon Lightsail (non-Bitnami). Users should modify /etc/php/8.2/apache2/php.ini, not the CLI version, as Apache uses the form

- repost.aws
Bedrock Anthropic Claude models return 429 “Too many tokens per day” (quasi-zero quota) — request AWS Support escalation
Users report persistent HTTP 429 errors ('Too many tokens per day') when invoking Amazon Bedrock Anthropic Claude models, even on first or low-usage attempts across multiple regions (eu-west-2, us-eas…

- repost.aws
Unable to release Elastic IP stuck with "ServiceManaged: rds" – No active RDS resources found
A user reported being unable to release an Elastic IP (EIP) in AWS's us-east-2 region due to a permission error, despite having AdministratorAccess. The EIP is tagged with 'ServiceManaged: rds,' indic…

- Technicalrepost.aws
Unable to purchase an "AWS Skill Builder" subscription.
Users report being unable to purchase AWS Skill Builder subscriptions due to an error message stating 'Error occurred while saving to your AWS account.' Troubleshooting steps include verifying payment…

- repost.aws
Hardening AWS-managed EKS Cluster Security Group: Alternatives to the default "All All Self" rule?
A user on AWS re:Post detailed their efforts to harden security groups for Amazon EKS clusters by replacing overly permissive 'All traffic, All ports, Self' rules with specific, least-privilege rules.…

- Technicalrepost.aws
A user on AWS re:Post detailed their efforts to harden security groups for Amazon EKS clusters by removing overly permissive 'All traffic, All ports, Self' rules. They confirmed that the default eks-c

- Technicalrepost.aws
AWS re:Post addressed a user question about editing the php.ini file for a WordPress site on Amazon Lightsail. The correct file to modify is /etc/php/8.2/apache2/php.ini, as it controls PHP settings f

- repost.aws
AWS confirmed that the default 'All traffic, All ports, Self' rule in Amazon EKS Cluster Security Groups cannot be removed or restricted due to a reconciliation loop in the EKS control plane, which re

- repost.aws
A user on AWS re:Post reported a billing case for unexpected RDS Extended Support charges (~$134) remaining unassigned for over 2 weeks under the Basic support plan. The case involves a follow-up inqu

- Sentimentrepost.aws
A user reported being unable to release an Elastic IP (EIP) in AWS us-east-2 due to a 'ServiceManaged: rds' tag, despite no visible RDS resources. The error suggests the EIP is still associated with h

- repost.aws
A user reported an error preventing the purchase of an AWS Skill Builder subscription, receiving the message 'Error occurred while saving to your AWS account.' The issue appears tied to account integr

- repost.aws
Route53 registration issues
A user on AWS re:Post reported a persistent Route53 domain registration failure lasting over five days, with AWS Support directing them to open a case for manual review. Despite following AWS’s guidan…

- repost.aws
High CloudFront data transfer from US (Ohio) with low request count
A user reported unusually high CloudFront data transfer (2,068 GB) from Ohio with only ~315,000 requests between April 1–17, compared to Michigan’s 2.1M requests for 145 GB. The high GB-per-request ra…

- Featurerepost.aws
S3File python example
AWS re:Post explains how to use the newly launched Amazon S3 Files feature with AWS Lambda in Python. The feature allows Lambda functions to access S3 objects as files via a local mount path using sta…

- Technicalrepost.aws
A user on AWS re:Post reported repeated 'InsufficientInstanceCapacity' errors when attempting to launch a g6e.2xlarge instance in the eu-central-1 (Frankfurt) region for an AI inference pipeline requi

- repost.aws
A user on AWS re:Post reported a billing case for unexpected RDS Extended Support charges (~$134) remaining unassigned for over 2 weeks under the Basic support plan. The case involves a follow-up with

- Technicalrepost.aws
Users report persistent HTTP 429 errors ('Too many tokens per day') when invoking Amazon Bedrock Anthropic Claude models, even on first attempts or low-usage scenarios. The issue spans multiple region

- Technicalrepost.aws
A user reported being unable to release an Elastic IP (EIP) in AWS's us-east-2 region due to a 'ServiceManaged: rds' tag, despite no active RDS databases or other visible resources. The error suggests

- repost.aws
A user reported persistent Route 53 domain registration failures on AWS re:Post, citing a five-day delay with the error 'We can't finish registering your domain.' AWS Support directed the user to open

- repost.aws
A user reported unusually high CloudFront data transfer (2,068 GB) from Ohio with low request volume (315,000 requests) compared to Michigan (145 GB for 2.11M requests). The high GB-to-request ratio s

- repost.aws
AWS re:Post explains how to use the newly launched Amazon S3 Files feature with Python Lambda functions. The feature allows Lambda to access S3 objects as local files via a mounted file system, elimin

- repost.aws
CNAME www.darshrb.in still associated with deleted AWS account CloudFront distribution
A user reported that a CNAME (www.darshrb.in) previously associated with a deleted AWS CloudFront distribution in an old AWS account still triggers a conflict error when attempting to reuse it in a ne…

- Technicalrepost.aws
Cannot RDC into my instance
A user on AWS re:Post reported being locked out of their EC2 Windows instance after attempting to resolve RDP connection issues. The error indicates a Remote Desktop licensing problem (error code 0x10…

- Technicalrepost.aws
AWS re:Post explains that the default 'All traffic, All ports, Self' rule in Amazon EKS Cluster Security Groups cannot be removed or restricted due to a reconciliation loop in the EKS control plane, w

- Technicalrepost.aws
A user reported being unable to release an Elastic IP (EIP) in AWS us-east-2 due to a 'ServiceManaged: rds' tag, despite no active RDS databases or other visible resources holding the IP. The error su

- repost.aws
A user reported an error preventing the purchase of an AWS Skill Builder subscription, receiving the message 'Error occurred while saving to your AWS account.' AWS support suggested verifying payment

- repost.aws
A user on AWS re:Post reported a persistent Route 53 domain registration failure lasting over four days, citing an error message directing them to contact AWS Support. AWS Support responded by advisin

- repost.aws
A user on AWS re:Post reported unusually high CloudFront data transfer (2,068 GB) from Ohio with only ~315,000 requests between April 1–17, compared to Michigan’s 2.1M requests for 145 GB. The high GB

- repost.aws
A user reported that deleting an AWS account did not immediately release the CNAME www.darshrb.in from a CloudFront distribution, causing a conflict when attempting to reuse the CNAME in a new AWS acc

- repost.aws
A user on AWS re:Post reported losing Remote Desktop (RDC) access to their EC2 Windows instance after attempting to resolve a licensing limit issue. The error indicates no license servers were availab

- repost.aws
Unable to recover AWS Builder ID MFA for email/password login, but console access still works
A user on AWS re:Post reported being unable to recover their AWS Builder ID MFA for email/password login despite still having console access. The issue stems from an old MFA device or recovery path ti…

- repost.aws
Repeated Rejections of AWS Activate even though we satisfy all criteria
A user on AWS re:Post reported repeated rejections of their AWS Activate application through the NVIDIA Inception program despite spending $33K on NVIDIA GPUs and AWS credits. The user provided proof …
- Technicalrepost.aws
Users report persistent HTTP 429 errors ('Too many tokens per day') when invoking Amazon Bedrock Anthropic Claude models, even with minimal usage. The issue affects all Claude variants (Haiku, Sonnet,

- repost.aws
A user reported persistent Route 53 domain registration failures on AWS re:Post, citing a four-day delay and an error message directing them to contact AWS Support. AWS Support responded by advising t

- Featurerepost.aws
AWS re:Post highlights the launch of Amazon S3 Files, a new feature enabling Lambda functions to access S3 objects as local files without using boto3. Users can mount S3 buckets as file systems via th

- Technicalrepost.aws
A user reported that deleting an AWS account did not immediately release the CNAME www.darshrb.in from a CloudFront distribution, preventing its reuse in a new AWS account. AWS Support confirmed that

- Technicalrepost.aws
A user on AWS re:Post reported losing RDP access to their EC2 Windows instance after attempting to troubleshoot connection issues. The error indicates a Remote Desktop licensing problem (no license se

- repost.aws
A user reported being unable to recover their AWS Builder ID MFA for email/password login due to an old MFA device or recovery path no longer being accessible, despite still having console access. The

- repost.aws
A user reported repeated rejections of their AWS Activate application through the NVIDIA Inception program despite spending $33K on NVIDIA GPUs (including $20K via AWS credits) and demonstrating GPU u
- Sentimentrepost.aws
AMG: Your account is not allowed to perform the requested action. Please reach out to AWS support.
Users report being unable to create an Amazon Managed Grafana (AMG) workspace due to an error stating their account is not allowed to perform the requested action. The issue stems from account-level r…

- repost.aws
A user reported an error preventing the purchase of an AWS Skill Builder subscription, receiving the message 'Error occurred while saving to your AWS account.' Troubleshooting steps suggested include

- Technicalrepost.aws
A user reported unusually high CloudFront data transfer (2,068 GB) from Ohio with only ~315,000 requests between April 1–17, compared to Michigan’s 145 GB for 2.1M requests. The discrepancy suggests l

- repost.aws
A user reported that deleting an AWS account with a CloudFront distribution still leaves the CNAME www.darshrb.in associated with the deleted resource, preventing reuse in a new account. AWS Support c

- Sentimentrepost.aws
A user reported being locked out of their EC2 Windows instance after attempting to resolve RDP connection issues using Amazon Q. The error indicates a Remote Desktop licensing problem (error code 0x10

- repost.aws
A user reported being unable to recover their AWS Builder ID MFA for email/password login due to an old MFA device or recovery path no longer accessible, despite still having console access. The issue

- repost.aws
A user on AWS re:Post reported repeated rejections of their AWS Activate application through the NVIDIA Inception program despite spending $33K on NVIDIA GPUs (including $20K in AWS credits) and demon
- Communityrepost.aws
Users report being unable to create an Amazon Managed Grafana (AMG) workspace due to an error stating their account is not allowed to perform the requested action. The issue stems from account restric

- repost.aws
Nested virtualization support for m8id instance types
AWS users discovered that nested virtualization, previously thought to be unsupported on M8id instance types, can be enabled by explicitly configuring CPU options during launch or modification. The fe…

- repost.aws
A user on AWS re:Post reported persistent Route 53 domain registration failures after a four-day delay, receiving an error message directing them to contact AWS Support. AWS Support responded by advis

- Technicalrepost.aws
A user reported that the CNAME 'www.darshrb.in' remains associated with a deleted AWS account's CloudFront distribution, preventing its reuse in a new AWS account. AWS Support explained that CNAME ass

- Communityrepost.aws
A user reported being locked out of their EC2 Windows instance after attempting to resolve RDP connection issues, receiving a license server error (0x101). The problem stems from Remote Desktop licens

- repost.aws
A user reported being unable to recover their AWS Builder ID MFA for email/password login despite still having console access. The issue stems from an old MFA device or recovery path tied to the accou

- repost.aws
A user on AWS re:Post reports repeated rejections of their AWS Activate application through the NVIDIA Inception program despite spending $33K on NVIDIA GPUs (including $20K via AWS credits) and demon
- Sentimentrepost.aws
Users report being unable to create an Amazon Managed Grafana (AMG) workspace due to an error stating their account lacks permission to perform the requested action. The issue persists despite using r

- repost.aws
URGENT – Bahrain production outage, request escalation path
A user reported a month-long production outage in AWS's Bahrain region (me-south-1) affecting EC2, EBS, and S3 resources, with no paid support plan. AWS re:Post moderators directed the user to activat…

- repost.aws
[Feature request] DMS CDC - Improve handling of schema changing on source database
A user submitted a feature request to AWS re:Post for AWS Database Migration Service (DMS) Change Data Capture (CDC) to automatically handle VARCHAR/NVARCHAR length changes from Aurora PostgreSQL to A…

- Featurerepost.aws
AWS re:Post discusses the new Amazon S3 Files feature, enabling Lambda functions to access S3 objects as files via standard file system operations. Users must configure an S3 file system with mount ta

- repost.aws
A user on AWS re:Post reports being unable to recover their AWS Builder ID MFA for email/password login despite still having console access. The issue stems from an old MFA device or recovery path tie

- repost.aws
A user reported repeated rejections of their AWS Activate application through the NVIDIA Inception program despite spending $33K on NVIDIA GPUs and AWS credits. The rejection cited insufficient demons
- Technicalrepost.aws
Users report being unable to create an Amazon Managed Grafana (AMG) workspace due to an error stating their account lacks permission to perform the action. The issue stems from account-level restricti

- repost.aws
AWS confirmed that nested virtualization is supported on M8id instance types, despite not being explicitly listed in documentation. Users must enable it during launch or via instance attribute modific

- repost.aws
A user submitted a feature request to AWS re:Post for AWS Database Migration Service (DMS) CDC to improve handling of schema changes, specifically VARCHAR/NVARCHAR length changes in Aurora PostgreSQL

- repost.aws
Track Pulse F1 access for master student
A master's student in data science inquired on AWS re:Post about accessing the Track Pulse F1 webapp, which provides Formula 1 insights like predictions and race positions. A respondent clarified that…

- repost.aws
AWS Account Suspended - Unable to Pay Outstanding Invoices - Support not responding
A user reported that their AWS account was suspended due to unpaid invoices, with the AWS Console failing to process payments and support cases remaining unassigned. The issue blocked critical busines…

- repost.aws
unfortunately S3 bucket deleted
A user reported an unauthorized deletion of an S3 bucket via an unknown IP address in the US region, discovered through CloudTrail logs. CloudTrail event details (userIdentity, sourceIPAddress, eventT…

- Technicalrepost.aws
A user reported being locked out of their EC2 Windows instance after attempting to resolve RDP connection issues using Amazon Q. The error 'no license servers were available' (code 0x101) suggests a R

- repost.aws
AWS users discovered that nested virtualization, previously thought to be unsupported on M8id instance types, can be enabled by explicitly configuring CPU options during launch or modification. The un

- Technicalrepost.aws
A user reported a month-long production outage in AWS’s me-south-1 (Bahrain) region affecting EC2, EBS, and S3 resources, with no paid support plan in place. AWS re:Post moderators directed the user t

- repost.aws
A user submitted a feature request to AWS re:Post for AWS Database Migration Service (DMS) Change Data Capture (CDC) to improve handling of schema changes, specifically VARCHAR/NVARCHAR length changes

- Securityrepost.aws
A user reported an AWS account suspension due to unpaid invoices, with no response from AWS Support despite multiple cases opened. The issue blocks payment processing, threatening critical infrastruct

- repost.aws
A user reported an unauthorized deletion of an S3 bucket via an unknown IP address in the US region, discovered through CloudTrail logs. CloudTrail can trace the action if enabled, but data recovery i

- repost.aws
Insight On Combining AWS Global Accelerator, Palo Alto NGFW, and SD-WAN on AWS
AWS re:Post discusses integrating AWS Global Accelerator (GA) with Palo Alto VM-Series NGFW and SD-WAN on AWS. GA can front public endpoints like ALB, NLB, or EC2 but is not suitable for IPSec/SD-WAN …

- repost.aws
A user reported repeated rejections of their AWS Activate application through the NVIDIA Inception program despite claiming to meet all criteria, including spending $33K on NVIDIA GPUs and AWS credits
- repost.aws
A user reported AWS account suspension due to unpaid invoices, with no response from AWS Support despite multiple cases opened. The issue blocks payment processing, disrupting critical infrastructure

- repost.aws
A user reported an unauthorized deletion of an S3 bucket via an unknown IP address, discovered through CloudTrail logs. CloudTrail can trace the delete action if enabled, but data recovery is only pos

- repost.aws
AWS re:Post discusses integrating AWS Global Accelerator (GA) with Palo Alto VM-Series NGFW and SD-WAN on AWS. GA can front public endpoints like ALB/EC2 for north-south traffic but is not suitable fo

- repost.aws
Wrong invoices after rectifications
A user reported duplicate charges after using AWS’s self-service invoice correction feature to update invoice details (e.g., name and address) for December 2025 to March 2026 invoices. AWS Support cla…
- Technicalrepost.aws
Users attempting to create an Amazon Managed Grafana (AMG) workspace are encountering an error stating their account lacks permission to perform the action, despite using an account with Administrator

- Technicalrepost.aws
A user reported a month-long production outage in AWS’s Bahrain region (me-south-1) affecting EC2, EBS, and S3 resources, with no paid support plan in place. AWS re:Post moderators directed the user t

- Featurerepost.aws
A user requested an AWS Database Migration Service (DMS) CDC feature to automatically handle VARCHAR/NVARCHAR length changes from Aurora PostgreSQL to Redshift during replication. Currently, DMS detec

- repost.aws
A master’s student in data science inquired on AWS re:Post about accessing the Track Pulse F1 webapp, which provides Formula 1 insights like predictions and race positions. A respondent clarified that

- repost.aws
A user on AWS re:Post reported their AWS account was suspended due to unpaid invoices, with the inability to pay through the console or receive support responses. The issue blocked critical infrastruc

- Sentimentrepost.aws
A user reported an unauthorized deletion of an S3 bucket via an unknown IP address in the US region, discovered through CloudTrail logs. CloudTrail was used to trace the delete action, but recovery wa

- Communityrepost.aws
AWS re:Post discusses integrating AWS Global Accelerator (GA) with Palo Alto VM-Series for SD-WAN and NGFW via Transit Gateway. The post clarifies that GA is not suitable for IPSec/SD-WAN tunnels or d

- repost.aws
A user reported duplicate charges on AWS invoices after correcting billing details (e.g., name and address) using AWS's self-service invoice correction feature. AWS clarified that invoice corrections
- Sentimentrepost.aws
AWS Free Tier credits expiration after joining AWS Organization
A user on AWS re:Post reported that Free Tier credits expire immediately upon joining an AWS Organization with no prior warning, confirmation dialog, or email notification. AWS support confirmed this …
- repost.aws
All Bedrock model quotas stuck at 0 tokens/day
Users report Amazon Bedrock model quotas stuck at 0 tokens/day, preventing API and Playground usage despite AWS default quotas being in the billions. Affected models include Claude Haiku 4.5, Nova Lit…

- repost.aws
A user reported that their AWS account was suspended due to unpaid invoices, with no response from AWS Support despite multiple cases opened. The suspension is blocking critical infrastructure operati

- repost.aws
S3 bucket delete activity
A user on AWS re:Post asked if others had experienced S3 bucket deletions due to unauthorized or hacker activity. A response advised checking for compromised IAM resources via CloudTrail if an AWS acc…

- Securityrepost.aws
A user on AWS re:Post reported an unauthorized deletion of an S3 bucket, traced to an unknown IP address via CloudTrail logs. The incident highlights risks of compromised credentials or unauthorized a

- repost.aws
A user reported duplicate charges after correcting AWS invoices to update their name and address. AWS Support clarified that the self-service invoice correction feature updates invoice attributes with
- Communityrepost.aws
A user reported that AWS Free Tier credits expire immediately upon joining an AWS Organization with no warning, confirmation dialog, or email notification. AWS support confirmed this is expected behav
- repost.aws
Users report Amazon Bedrock model quotas stuck at 0 tokens/day, preventing API and Playground usage despite AWS default quotas in the billions. Affected models include Claude Haiku 4.5, Nova Lite, and

- Featurerepost.aws
A user submitted a feature request to AWS re:Post for AWS Database Migration Service (DMS) Change Data Capture (CDC) to improve handling of schema changes, specifically VARCHAR/NVARCHAR length modific

- Securityrepost.aws
A user reported an unauthorized deletion of an S3 bucket via an unknown IP address, discovered through CloudTrail logs. The incident highlights risks of compromised credentials or unauthorized access.

- Technicalrepost.aws
AWS re:Post discusses integrating AWS Global Accelerator (GA) with Palo Alto VM-Series NGFW and SD-WAN on AWS. GA can front public-facing traffic (e.g., ALB, EC2) for north-south inspection but is not

- Technicalrepost.aws
A user reported duplicate charges after correcting four AWS invoices (Dec 2025–Mar 2026) to update their name, claiming AWS charged them again despite payments being made. AWS Support clarified that t
- Sentimentrepost.aws
A user reported that AWS Free Tier credits expire immediately upon joining an AWS Organization with no prior warning, confirmation dialog, or email notification. AWS support confirmed this is expected

- repost.aws
AWS Support keeps rejecting my requests to get out of the sandbox for SES
A user on AWS re:Post reports repeated rejections by AWS Support when attempting to exit the Amazon SES sandbox, despite providing all required information and infrastructure details. AWS Support ackn…

- repost.aws
Is there a propagation gap between AssociateVPCWithHostedZone and DNS resolution for pre-existing records?
A user on AWS re:Post asked whether there is a propagation gap between associating a VPC with a private hosted zone and DNS resolution for pre-existing records. The discussion confirms that a small pr…

- repost.aws
SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:354
A user reported an SSL error on AWS ACM when accessing https://www.dreambigwithbannerbank.com, receiving the error 'SSL routines:ssl3_get_record:wrong version number' during OpenSSL verification. The …

- repost.aws
An AWS re:Post user asked if others have experienced unauthorized or hacker-driven deletion of S3 buckets. The post seeks community input on recent incidents and mitigation strategies.

- Technicalrepost.aws
How to Decide Whether to Reduce r7g.4xlarge Instance Size or Scale Down a 12-Node OpenSearch Cluster to Save Costs
AWS re:Post published guidance on cost-optimizing a 12-node Amazon OpenSearch Service cluster running r7g.4xlarge.search instances by choosing between vertical scaling (smaller instances) or horizonta…

- Featurerepost.aws
AWS Data & AI Stories #01: Multimodal AI
AWS highlights the growing importance of multimodal AI, enabling systems to process and combine text, images, audio, and video for richer context. Amazon Bedrock Knowledge Bases now supports multimoda…

- Technicalrepost.aws
Why don't AWS invoice service charges match AWS Cost Explorer or AWS Cost and Usage Report charges?
AWS explains why invoice service charges often don’t match AWS Cost Explorer or the Cost and Usage Report (CUR). The discrepancy occurs because Data Transfer charges appear as a separate line item on …
- Featurerepost.aws
Accelerating agentic AI innovation with Unified Operations - Part 2
AWS introduced Unified Operations, a premium support tier designed to bridge the gap between experimentation and production-grade agentic AI workloads. The service provides designated Domain Specialis…
- Technicalrepost.aws
Accelerating agentic AI innovation with Unified Operations - Part 1
AWS argues that traditional cloud operations are inadequate for agentic AI systems, which now operate autonomously in production environments with persistent context, external tool dependencies, and d…
- Technicalrepost.aws
How to decide whether to use a 1:1, 3:1, or 6:1 sharding strategy for a OpenSearch cluster of 3 data nodes?
AWS re:Post published a guide on selecting sharding strategies (1:1, 3:1, or 6:1) for Amazon OpenSearch Service clusters with 3 data nodes. The article emphasizes fault tolerance, shard size (20–50 GB…

- repost.aws
Accelerate ACSC ISM compliance coverage in the AWS Cloud with AWS Support
AWS announced new guidance and support solutions to help organizations accelerate compliance with the Australian Cyber Security Centre’s Information Security Manual (ACSC ISM) framework in the AWS Clo…
- repost.aws
Alarming on DDoS Events with the AWS WAF Anti-DDoS Rule Group
AWS introduced a new capability to alarm on DDoS events using the AWS WAF Anti-DDoS Rule Group, enabling all customers—not just Shield Advanced subscribers—to monitor layer 7 DDoS attacks via the DDoS…

- Technicalrepost.aws
ALTER SORTKEY vs CTAS: Choosing the Right Approach for Redshift Table Reorganization
AWS explains the trade-offs between ALTER TABLE and CTAS for reorganizing Amazon Redshift tables. ALTER TABLE applies metadata changes instantly with minimal lock duration but requires AccessExclusive…

- Communityrepost.aws
A user on AWS re:Post asked whether there is a propagation delay between associating a VPC with a private hosted zone in Route 53 and DNS resolution for pre-existing records. The discussion confirms a

- Sentimentrepost.aws
Delivery Error to Microsoft Domains
Users report Microsoft blocking emails from AWS-managed dedicated IPs with a 550 5.7.1 error (S3150 code), preventing delivery to Hotmail/Outlook domains. Microsoft attributes the block to IP reputati…

- repost.aws
ConverseStream returns garbled/truncated tool input JSON for openai.* models (ConverseCommand works correctly)
A bug in AWS Bedrock’s ConverseStream API causes garbled or truncated tool input JSON when using openai.gpt-oss-120b-1:0 models, while the non-streaming Converse API works correctly. The issue emerged…

- repost.aws
AWS IAM Identity Center w/ multiple of the same external IdP's - Architecture Advice
AWS IAM Identity Center does not support multiple external SAML Identity Providers (IdPs) simultaneously, requiring a 1:1 connection per AWS Organization. For users needing to integrate multiple exter…
- repost.aws
How can I get my $200 in credits
A user on AWS re:Post asked how to transfer $200 in AWS credits to a new account after their original Gmail account was compromised and they created multiple new accounts. AWS Support responded that t…

- repost.aws
Unable to access the New OpenSearch UI (Dashboards)
A user reported a 403 Forbidden error when accessing the new OpenSearch UI (Dashboards) in AWS, despite having documented permissions. AWS support responded by highlighting potential causes: missing s…

- Featurerepost.aws
A user on AWS re:Post reported that Free Tier credits expire immediately upon joining an AWS Organization with no warning, confirmation dialog, or email notification. AWS support confirmed this is exp

- repost.aws
A user on AWS re:Post reports repeated rejections by AWS Support when attempting to exit the Amazon SES sandbox, despite providing required infrastructure details for bounce/complaint handling. AWS Su

- Sentimentrepost.aws
Users report Microsoft domains (Hotmail/Outlook) blocking automated emails from AWS-managed dedicated IPs with a 550 5.7.1 error (S3150 code), indicating the IP is on Microsoft's block list. The issue

- repost.aws
A critical bug in AWS Bedrock's ConverseStream API causes garbled or truncated tool input JSON when using openai.gpt-oss-120b-1:0 models, while the non-streaming Converse API works correctly. The issu

- repost.aws
A user on AWS re:Post reported losing access to $200 in AWS credits after switching email addresses due to a compromised Gmail account. AWS clarified that the $200 credits are a one-time offer tied to

- repost.aws
A user reported a 403 Forbidden error when accessing the new OpenSearch UI (Dashboards) in AWS, despite having documented permissions. AWS support responded by highlighting potential causes: misconfig

- repost.aws
How to create a Route 53 private hosted zone without causing NXDOMAIN for existing public subdomain records?
AWS re:Post clarifies that creating a Route 53 private hosted zone without causing NXDOMAIN errors for existing public subdomain records requires pre-populating all DNS records before associating the …

- Technicalrepost.aws
Users report Amazon Bedrock model quotas stuck at 0 tokens/day, preventing API and Playground access despite AWS default quotas being in the billions. Affected models include Claude Haiku 4.5, Nova Li

- Technicalrepost.aws
A user reported an SSL error on a website using an ACM certificate, receiving the error 'SSL routines:ssl3_get_record:wrong version number' when connecting via OpenSSL. The issue stems from a protocol

- Technicalrepost.aws
Microsoft is blocking emails from a user's AWS-managed dedicated IP address (S3150 error) when sent to Hotmail or Outlook domains, despite no intentional policy violations. The issue stems from Micros

- Technicalrepost.aws
AWS IAM Identity Center does not support multiple external SAML Identity Providers (IdPs) simultaneously, allowing only one external IdP per AWS Organization. For users needing to connect multiple ext
- repost.aws
A user on AWS re:Post reported losing access to $200 AWS credits after switching email addresses due to a compromised Gmail account. AWS clarified that the credits are tied to the first AWS account an

- Technicalrepost.aws
A user on AWS re:Post describes a propagation gap between the AssociateVPCWithHostedZone API call and DNS resolution for pre-existing records in a private hosted zone. The issue arises when migrating

- repost.aws
Billing support ticket is still unassigned after 13 days
A user on AWS re:Post reported a billing support ticket remaining unassigned for 13 days, expressing frustration over the delay. AWS support staff responded by outlining escalation steps, including co…

- repost.aws
Windows 11 24H2 BYOL WorkSpaces Image — Protected Staged AppX Packages Blocking Image Checker — Cannot Remove
A user on AWS re:Post reports that Windows 11 24H2 BYOL WorkSpaces images fail Image Checker validation due to staged AppX packages (SecHealthUI, DesktopAppInstaller, WindowsAppRuntime) that cannot be…

- Technicalrepost.aws
AWS Cost Anomaly Detection - How to Monitor Total Account Spending Instead of Per-Service?
A user on AWS re:Post asked how to monitor total account spending (aggregate of all services) using AWS Cost Anomaly Detection for a standalone account. AWS re:Post contributors clarified that the fea…

- Technicalrepost.aws
MediaConvert SubscriptionRequiredException - Account needs activation
A user on AWS re:Post reported a SubscriptionRequiredException error when attempting to use AWS Elemental MediaConvert in the us-east-2 region, indicating the service was not activated for their accou…

- Technicalrepost.aws
EKS Auto Mode — NodeClass and NodePool revert to system defaults. How can I migrate to new subnets?
Users migrating Amazon EKS Auto Mode clusters from old /25 private subnets to new /23 subnets face issues where the default NodeClass and built-in NodePools (general-purpose and system) revert to old …

- repost.aws
Designing Secure Multi-Region Access Using Single VPN
AWS re:Post discusses a secure multi-region access architecture using a single VPN entry point. The recommended solution is a Hub-Spoke model with AWS Transit Gateway and inter-region peering, termina…

- repost.aws
CMAF DASH Manifest References Non-Existent WebVTT Subtitle File - .mpd BaseURL Does Not Match Actual Output Filename
A user reported a bug in AWS Elemental MediaConvert where CMAF DASH manifests incorrectly reference WebVTT subtitle files as 'media.cmft' while the actual output file is named 'media.000000.cmft'. Thi…

- Technicalrepost.aws
We couldn't be more harmless and serious, but SES keeps denying production access
An animal welfare NGO in Great Britain reports repeated denials of AWS SES production access despite providing detailed documentation of their legitimate, opt-in email practices (2,000 emails/month). …

- Technicalrepost.aws
A user reported a 403 Forbidden error when accessing the new OpenSearch UI (Dashboards) in AWS, despite having documented permissions. AWS re:Post support clarified that the issue stems from missing s

- Featurerepost.aws
AWS has introduced guidance and tools to help organizations accelerate compliance with the Australian Cyber Security Centre’s (ACSC) Information Security Manual (ISM) framework in the AWS Cloud. The I
- repost.aws
AWS introduced a new capability to alarm on layer 7 DDoS events using the AWS WAF Anti-DDoS Rule Group, enabling all customers—not just Shield Advanced subscribers—to monitor and respond to attacks vi

- repost.aws
Undoing Changes in S3 Files
AWS introduced the Rollback Tool for Amazon S3, an open-source solution that enables rapid and scalable recovery of S3 datasets by leveraging S3 Versioning. The tool reverses changes such as accidenta…

- repost.aws
Local Lambda Testing with MiniStack, SAM CLI, and Finch
AWS published a guide on setting up a local Lambda testing environment using MiniStack, SAM CLI, and Finch to emulate AWS services like DynamoDB and SQS without incurring AWS costs. The article detail…

- Contentrepost.aws
How do I resolve "context deadline exceeded" timeout errors when using JMX exporter with Prometheus on Amazon MSK?
AWS re:Post explains how to resolve 'context deadline exceeded' timeout errors when using JMX exporter with Prometheus on Amazon MSK. The issue arises when Prometheus fails to scrape metrics from the …

- repost.aws
How to Identify the Real Client IP on ALB When Using CloudFront as a Front End
AWS explains how to identify the real client IP when using an Application Load Balancer (ALB) as a CloudFront origin. The ALB typically sees CloudFront edge server IPs instead of the viewer's actual I…

- repost.aws
Bulk Loading S3 Vectors: Why Multiprocessing Beats Multithreading
Amazon S3 Vectors bulk-loading throughput in Python is constrained by Python's Global Interpreter Lock (GIL) when using multithreading, capping performance at ~490 vectors/sec regardless of thread cou…

- repost.aws
Rapid game server iteration on Amazon GameLift Servers with Multi-build Container Fleets
Amazon GameLift Servers introduced Multi-build Container Fleets, a new solution enabling developers to run multiple game server build versions simultaneously on a single container fleet. Game server b…

- Technicalrepost.aws
AWS published a guide on choosing sharding strategies (1:1, 3:1, or 6:1) for Amazon OpenSearch Service clusters with 3 data nodes. The article emphasizes that fault tolerance requires at least one rep

- Technicalrepost.aws
A user on AWS re:Post reported a billing support ticket remaining unassigned for 13 days, expressing frustration over the delay. AWS Support responded by outlining escalation steps, including contacti

- Technicalrepost.aws
Windows 11 24H2 BYOL WorkSpaces images are failing Image Checker validation due to protected staged AppX packages (SecHealthUI, DesktopAppInstaller, WindowsAppRuntime) that cannot be removed. The issu

- Featurerepost.aws
AWS Cost Anomaly Detection currently lacks native support for monitoring total account spending (aggregate costs across all services) for standalone accounts, forcing users to rely on per-service moni

- Sunsetrepost.aws
AWS Elemental MediaConvert users in the us-east-2 region are encountering a SubscriptionRequiredException error, indicating the service must be activated for their account. The error occurs when attem

- repost.aws
AWS EKS Auto Mode’s default NodeClass and built-in NodePools (general-purpose and system) automatically revert to old subnet configurations, overriding manual changes even when using Helm ownership la

- repost.aws
AWS explains how organizations can securely access resources across seven AWS regions using a single VPN connection via a Hub-Spoke model with AWS Transit Gateway and inter-region peering. The recomme

- repost.aws
A user reported a bug in AWS Elemental MediaConvert where the DASH manifest (.mpd) incorrectly references a WebVTT subtitle file as 'media.cmft', while the actual output file is named 'media.000000.cm

- repost.aws
An animal welfare NGO in Great Britain, operating for 14 years with a verified website since 2016, is unable to obtain AWS SES production access despite multiple attempts. The NGO seeks to migrate fro

- repost.aws
EKS Auto Mode’s default NodeClass and built-in NodePools (general-purpose and system) automatically revert to old subnet configurations, overriding manual patches or Helm ownership labels. This occurs

- repost.aws
AWS recommends a Hub-Spoke model using AWS Transit Gateway with inter-region peering as the most secure, centralized, and cost-effective way to access resources across seven AWS regions via a single V

- repost.aws
A user reported a bug in AWS Elemental MediaConvert where the DASH manifest (.mpd) for CMAF output incorrectly references a WebVTT subtitle file as 'media.cmft', while the actual output file is named

- repost.aws
An animal welfare NGO in Great Britain, operating since 2010 and with a verified website in eu-west-1 since 2016, is unable to obtain AWS SES production access despite repeated attempts. The NGO, whic

- repost.aws
Please add a noindex option for Cognito Hosted UI / Managed Login
A user has requested that AWS add a noindex option for Amazon Cognito Hosted UI and Managed Login pages to prevent search engine indexing. The request highlights that authentication endpoints under cu…

- repost.aws
redshift serverless query editor
AWS has confirmed that Amazon Redshift Serverless Query Editor V2 cannot be configured directly via AWS CDK. The tool is a browser-based console application accessed through the AWS Management Console…

- repost.aws
Which is the Best Replacement for AWS WorkMail?
AWS WorkMail is being discontinued, prompting organizations to migrate their email infrastructure. Users are evaluating alternatives like Microsoft 365, Google Workspace, Zoho Mail, Kopano Cloud, and …

- repost.aws
My account is capped at 3008 MB for Lambda function memory. When I attempt to set memory above 3008 MB, I receive this error:
AWS has confirmed that new accounts are temporarily capped at 3008 MB for AWS Lambda function memory, below the standard 10,240 MB limit. Users attempting to exceed this cap receive an error, though t…

- Technicalrepost.aws
AWS AppConfig limit
AWS AppConfig is increasing its service limits for configuration profiles, with the maximum size per profile now raised to 4 MB (up from an unspecified lower limit) and the number of profiles per appl…

- Featurerepost.aws
AWS Elemental MediaConvert users are encountering a SubscriptionRequiredException error in the us-east-2 region, indicating the service must be activated for their account. The error occurs because Me

- repost.aws
AWS recommends a Hub-Spoke model using AWS Transit Gateway with inter-region peering as the most secure, centralized, and cost-effective way to access resources across seven AWS regions via a single S

- Sentimentrepost.aws
An animal welfare NGO in Great Britain, operating since 2010 and with a verified website in eu-west-1 since 2016, is repeatedly denied production access to AWS SES despite a clean, opt-in mailing list

- repost.aws
A user requested that AWS add a noindex option for Amazon Cognito Hosted UI and Managed Login pages to prevent search engine indexing of authentication endpoints. The request highlights that custom au

- repost.aws
AWS WorkMail is being discontinued, prompting organizations to migrate their email infrastructure. Users are evaluating alternatives like Microsoft 365, Google Workspace, Kopano Cloud, Zoho Mail, and

- Communityrepost.aws
AWS has clarified that Amazon Redshift Serverless Query Editor V2 cannot be configured directly via AWS CDK. The tool is a browser-based console application accessed through the AWS Management Console

- Sentimentrepost.aws
AWS has confirmed that some new accounts are capped at 3008 MB for AWS Lambda function memory, preventing users from allocating more memory even though the standard limit is 10,240 MB. This restrictio

- repost.aws
AWS AppConfig is increasing its configuration profile size limit to 4 MB per profile, up from the previous unspecified maximum, allowing larger client configurations to be stored. The change also clar

- repost.aws
AWS MGN cli initialize runs successfully, but it doesn't set up right or admit to being initialized
AWS Application Migration Service (AWS MGN) CLI commands like `initialize-service` may return a success status without actually initializing the service, leading to an `UninitializedAccountException` …

- Technicalrepost.aws
AWS EKS Auto Mode’s default NodeClass and built-in NodePools (general-purpose and system) automatically revert to system defaults, overriding manual changes to subnet configurations. Users migrating E

- Technicalrepost.aws
AWS Elemental MediaConvert has a bug where DASH manifests (.mpd) for CMAF output groups incorrectly reference WebVTT subtitle files as 'media.cmft' while the actual output file is named 'media.000000.

- Sunsetrepost.aws
An animal welfare NGO in Great Britain, operating since 2010 and with a verified website in eu-west-1 since 2016, is unable to obtain AWS SES production access despite multiple attempts. The NGO, whic

- repost.aws
A user requested that AWS add a noindex option for Amazon Cognito Hosted UI and Managed Login pages to prevent search engine indexing of authentication endpoints. The request highlights that custom do

- Featurerepost.aws
AWS has clarified that Amazon Redshift Serverless Query Editor V2 cannot be configured directly via AWS CDK. The Query Editor V2 is a browser-based tool accessed through the AWS Management Console, wi

- repost.aws
AWS AppConfig is increasing transparency around its service limits for configuration profiles. The maximum size per configuration profile is now explicitly stated as 4 MB, up from previous unspecified

- Sunsetrepost.aws
AWS WorkMail is being discontinued, prompting users to migrate to alternative email platforms. The post highlights key criteria for replacement: reliability and uptime, ease of migration (with concern

- Technicalrepost.aws
AWS has clarified that Amazon Redshift Serverless Query Editor V2 cannot be configured directly via AWS CDK. The tool is a browser-based console feature accessed through the AWS Management Console, wi

- Technicalrepost.aws
AWS has confirmed that new accounts are temporarily capped at 3008 MB for AWS Lambda function memory, despite the standard limit being 10,240 MB. A user running a U2-Net machine learning model in a co

- repost.aws
AWS AppConfig is increasing its service limits for configuration profiles, allowing a maximum size of 4 MB per profile (up from a previously unspecified limit) and permitting quota increases via AWS S

- repost.aws
AWS Billing Cost Explorer
AWS clarified that discrepancies between billing invoices and Cost Explorer for data transfer charges stem from different grouping and presentation methods. Billing consolidates data transfer under a …
- Featurerepost.aws
Why does the Javascript v3 API not support the Bedrock converse CachePointBlock ttl attribute?
The JavaScript v3 SDK for AWS Bedrock Runtime does not currently support the CachePointBlock's ttl attribute in its TypeScript definitions, despite documentation indicating it should. Users attempting…

- repost.aws
CloudFront Usage Discounts not being considere in Cost Explorer
A user reported that CloudFront usage discounts (specifically the CloudFront Flat-Rate Free Plan bundle discount) are not visible in AWS Cost Explorer, leading to discrepancies between Cost Explorer r…

- Featurerepost.aws
A user requested AWS to add a noindex option for Amazon Cognito Hosted UI and Managed Login pages to prevent search engine indexing of authentication endpoints. The request highlights that custom doma

- Featurerepost.aws
AWS introduced the Rollback Tool for Amazon S3, an open-source solution that enables rapid and scalable recovery of S3 datasets by leveraging S3 Versioning. The tool deploys via CloudFormation, uses A

- Technicalrepost.aws
Users monitoring Amazon MSK clusters with JMX exporter and Prometheus may encounter 'context deadline exceeded' timeout errors on port 11001 due to excessive partition counts per broker. The issue ari

- Featurerepost.aws
AWS explains how to identify the real client IP when using an Application Load Balancer (ALB) as a CloudFront origin, as CloudFront edge server IPs mask the original viewer IP. The article details thr

- Technicalrepost.aws
AWS demonstrates that bulk-loading high-dimensional vectors into Amazon S3 Vectors using Python’s multithreading is bottlenecked by Python’s Global Interpreter Lock (GIL), capping throughput at ~490 v

- Featurerepost.aws
Amazon GameLift Servers introduced a new solution called Multi-build Container Fleets, enabling developers to run multiple game server build versions simultaneously on a single container fleet. Game s

- Featurerepost.aws
Active/Standby Centralized Inspection Using VPC Route Server and Transit Gateway
AWS published a technical guide demonstrating how to implement a centralized multi-VPC inspection architecture using AWS Transit Gateway and Amazon VPC Route Server, enabling automatic active/standby …
- Featurerepost.aws
Enabling LDAP Connectivity with Amazon MQ Using Private SSL Certificates
Amazon MQ now supports LDAP connectivity for ActiveMQ brokers using private or self-signed SSL certificates through a workaround involving an internal Network Load Balancer (NLB) with an ACM-issued pu…
- Featurerepost.aws
Benchmarking Instance Types for Amazon OpenSearch Workloads
AWS published a benchmarking analysis comparing Amazon OpenSearch’s specialized OM2 instances against the newer general-purpose M7g instances, revealing distinct performance trade-offs that directly i…
- Featurerepost.aws
AWS introduced a new capability to alarm on layer 7 DDoS events using the AWS WAF Anti-DDoS Rule Group, enabling all customers—not just Shield Advanced subscribers—to monitor and mitigate attacks via

- Technicalrepost.aws
AWS AppConfig is increasing its configuration profile size limit to 4 MB per profile, up from the previous unspecified maximum, allowing larger client configurations to be stored. The change affects u

- Technicalrepost.aws
AWS Application Migration Service (AWS MGN) CLI commands like `initialize-service` may return success but fail to actually initialize the service, leading to an `UninitializedAccountException` when at

- Contentrepost.aws
The AWS re:Post discussion clarifies discrepancies between AWS Billing and Cost Explorer for data transfer charges. The key change is that Cost Explorer groups data transfer costs across multiple AWS
- repost.aws
The JavaScript v3 SDK for AWS Bedrock Runtime does not currently support the `ttl` attribute in the `CachePointBlock` interface, despite documentation indicating it should. Users report TypeScript err

- repost.aws
A user reported that CloudFront usage discounts tied to S3 bundled pricing are not visible in AWS Cost Explorer, creating discrepancies between Cost Explorer reports and the Bills tab. The issue stems

- Sentimentrepost.aws
New account stuck at 0 TPM / 0 RPM for all Anthropic models in eu-central-1 - provisioning issue
A newly created AWS account in eu-central-1 (Frankfurt) is experiencing a provisioning issue where all Anthropic Claude models (Opus 4.6, Sonnet 4.6, Haiku 4.5) show 0 requests per minute (RPM) and 0 …

- Communityrepost.aws
Step by step guide - to connect to (VPN over DirectConnect) - AWS to OCI
A user on AWS re:Post requested a step-by-step guide to configure VPN over DirectConnect between AWS and Oracle Cloud Infrastructure (OCI) via a partner like Equinix Fabric for compliance reasons. A r…

- Sentimentrepost.aws
Certificate not visible in console but charged monthly
A user on AWS re:Post reported being charged approximately $430 USD monthly for a service not visible in the AWS console. The response clarified that public SSL/TLS certificates from AWS Certificate M…

- Sunsetrepost.aws
Cancel certficate costs
AWS clarified that deleting an unused AWS Certificate Manager (ACM) public SSL/TLS certificate does not reduce AWS bills, as these certificates are free. The confusion arises from AWS Private Certific…

- Sunsetrepost.aws
AWS has confirmed that some new accounts face a temporary 3008 MB memory cap for AWS Lambda functions, which is lower than the standard 10,240 MB limit. This restriction prevents users from allocating

- Technicalrepost.aws
AWS Application Migration Service (AWS MGN) CLI commands may return a success status for initialization while failing to actually initialize the service, leading to an 'Account not initialized' error

- Sentimentrepost.aws
AWS has clarified discrepancies between billing data and Cost Explorer for data transfer charges, explaining that Cost Explorer groups costs across multiple services (e.g., EC2, S3, CloudFront) rather
- Sentimentrepost.aws
AWS users report that CloudFront usage discounts tied to S3 bundled pricing are not visible in Cost Explorer, creating discrepancies between billing statements and cost reports. The issue stems from C

- repost.aws
A newly created AWS account in eu-central-1 (Frankfurt) is experiencing a provisioning issue where all Anthropic Claude models (Opus 4.6, Sonnet 4.6, Haiku 4.5) show 0 RPM and 0 TPM quotas in Amazon B

- repost.aws
A user on AWS re:Post requests a step-by-step guide to configure VPN over DirectConnect between AWS and Oracle Cloud Infrastructure (OCI) using a partner like Equinix Fabric for direct connectivity. A

- Sunsetrepost.aws
AWS clarified that ACM public SSL/TLS certificates are free, but AWS Private Certificate Authority (CA) incurs a $400/month charge even when unused. Users mistakenly billed for Private CA certificates

- Featurerepost.aws
AWS AppConfig is increasing its configuration profile size limit to 4 MB per profile, up from the previous unspecified maximum, allowing larger client configurations to be stored directly in the servi

- Technicalrepost.aws
AWS clarified that discrepancies between billing invoices and Cost Explorer for data transfer charges stem from differences in how costs are grouped and presented. Billing data consolidates data trans
- repost.aws
AWS users report that CloudFront usage discounts (e.g., S3 Bundle Discounts) are not visible in Cost Explorer, creating discrepancies between Cost Explorer reports and the Bills tab. The issue stems f

- Contentrepost.aws
A user on AWS re:Post requested a step-by-step guide to configure VPN over DirectConnect between AWS and Oracle Cloud Infrastructure (OCI) using a partner like Equinix Fabric for direct connectivity.

- Technicalrepost.aws
A user on AWS re:Post reports being charged approximately $430 USD monthly for AWS services that are not visible in the console. The response advises checking AWS Cost Explorer, reviewing detailed bil

- Communityrepost.aws
AWS re:Post clarified that AWS Certificate Manager (ACM) public SSL/TLS certificates are free, but AWS Private Certificate Authority (CA) incurs a $400 monthly fee even when unused. Users mistakenly b

- repost.aws
Single IP generating massive CloudFront/WAF costs - Please block upstream!
A user on AWS re:Post reports a single external IP generating tens of thousands of requests per minute to their CloudFront-backed application, resulting in significant ongoing costs despite traffic be…

- Technicalrepost.aws
AWS Application Migration Service (AWS MGN) CLI commands like 'initialize-service' may return success without actually initializing the service, leading to errors like 'Account not initialized' when c

- Integrationrepost.aws
A user on AWS re:Post requests a step-by-step guide to configure VPN over DirectConnect between AWS and Oracle Cloud Infrastructure (OCI) via a partner like Equinix Fabric for compliance reasons. A re

- Technicalrepost.aws
A user on AWS re:Post reports being charged approximately $430 USD monthly for AWS services that are not visible in the console. The AWS response explains how to identify these charges using tools lik

- Contentrepost.aws
AWS re:Post clarified that deleting an unused AWS Certificate Manager (ACM) public SSL/TLS certificate does not reduce AWS bills, as these certificates are free. The confusion arises from AWS Private

- repost.aws
postgres update from 12.22-rds.20251114 to 16.13 stuck
AWS re:Post user reports a PostgreSQL major version upgrade from 12.22 to 16.13 on Amazon RDS is stuck, with no resolution provided in the thread. The post includes guidance for troubleshooting, such …

- Featurerepost.aws
Can Cloudtrail support KMS code signing transparency logs (e.g. by logging signatures)?
AWS CloudTrail intentionally does not log the message digest or signature details when KMS code signing operations are performed, providing only basic metadata like key ID and timestamp. This limitati…

- repost.aws
AWS Console showing URL encoded name (Love%20Rajput) in header instead of decoded value
The AWS Management Console is displaying account names in a URL-encoded format (e.g., 'Love%20Rajput') instead of the decoded readable text ('Love Rajput') in the top-right header across multiple serv…

- repost.aws
AWS Amplify Deployments Stuck in Provisioning Phase
AWS Amplify Hosting deployments for Next.js SSR applications in US East 1 (N. Virginia) are consistently failing during the 'Provisioning' phase of the BUILD step, with deployments stuck for 5-9 minut…

- Featurerepost.aws
A user reported that CloudFront usage discounts tied to S3 bundled pricing are not visible in AWS Cost Explorer, creating discrepancies between billing data and cost reports. AWS support clarified tha

- Featurerepost.aws
AWS re:Post clarified that ACM public certificates are free, but AWS Private Certificate Authority (CA) incurs a $400/month charge regardless of usage. Users mistakenly billing for unused certificates

- Technicalrepost.aws
A user on AWS re:Post reports a single external IP generating tens of thousands of requests per minute to their CloudFront-backed application, resulting in massive, uncontrollable CloudFront and WAF r

- Communityrepost.aws
AWS has provided troubleshooting guidance for users experiencing a stuck PostgreSQL major version upgrade from 12.22 to 16.13 on Amazon RDS. The issue affects users attempting to upgrade their RDS Pos

- repost.aws
AWS CloudTrail intentionally does not log the message digest or signature details when KMS code signing operations are performed, limiting transparency for auditing purposes. A user inquired about cap

- repost.aws
The AWS Management Console is displaying account names in URL-encoded format (e.g., 'Love%20Rajput') in the header instead of the expected readable text ('Love Rajput'). This issue affects the global

- Technicalrepost.aws
AWS Amplify Hosting deployments in US East 1 (N. Virginia) are consistently failing during the 'Provisioning' phase of the build process, with deployments stuck for 5-9 minutes before timing out. This

- repost.aws
Does a CloudFront HTTP request with a spoofed Host header bypass my WAF and CloudFront Function and get routed to another AWS customer's distribution?
AWS confirmed that CloudFront routes HTTP requests based on the spoofed Host header, potentially redirecting traffic to another AWS customer’s distribution and returning a 200 OK response from their o…

- Technicalrepost.aws
A user on AWS re:Post reports being charged approximately $430 USD monthly for AWS services they cannot see in the console, specifically questioning whether they are paying for unused certificates. Th

- repost.aws
AWS Well-Architected Framework
AWS re:Post Knowledge Center has introduced a feedback survey to improve its content, including the AWS Well-Architected Framework. Recent discussions and articles focus on critical operational challe…

- Technicalrepost.aws
AWS has provided troubleshooting guidance for users experiencing a stuck PostgreSQL upgrade from version 12.22 to 16.13 on Amazon RDS. The issue affects users attempting major version upgrades, which

- Featurerepost.aws
A user on AWS re:Post asks whether AWS CloudTrail can log detailed KMS code signing transparency logs, including message digests and signatures, for assurance purposes. AWS confirms that CloudTrail in

- Technicalrepost.aws
The AWS Management Console is displaying account names in URL-encoded format (e.g., 'Love%20Rajput') in the header instead of decoded readable text (e.g., 'Love Rajput'). This issue affects the top-ri

- Technicalrepost.aws
Security, Identity, & Compliance
AWS re:Post Knowledge Center has released a feedback survey to improve its Security, Identity, & Compliance content, highlighting recent user-reported issues and knowledge base articles. Key changes i…

- Technicalrepost.aws
A user on AWS re:Post reported that sending an HTTP request with a spoofed Host header to a CloudFront distribution could route the request to another AWS customer’s distribution, bypassing the intend

- Technicalrepost.aws
RCS Testing: INVALID_PARAMETER error for originationIdentity in eu-central-1
Users testing Rich Communication Services (RCS) in AWS’s eu-central-1 region are encountering an INVALID_PARAMETER error when specifying the originationIdentity parameter, preventing successful RCS me…

- Technicalrepost.aws
GLM-5 (zai.glm-5) unreachable on Amazon Bedrock — eu-north-1
The AWS re:Post Knowledge Center user reported that the GLM-5 model from Z.ai is unreachable via Amazon Bedrock’s Converse API in the eu-north-1 region, despite successful tests with the GLM-4.7-flash…

- Technicalrepost.aws
Temp credentials still valid despite deleted the s3 access grant
A user reported that temporary credentials generated via AWS S3 Access Grants remained valid even after the associated S3 access grant was deleted and a revoke session policy was applied. The issue st…

- Technicalrepost.aws
AWS EBS Volume High Read Latency Alert from eG monitoring
A user on AWS re:Post describes experiencing high read latency alerts on an Amazon EBS gp3 volume (100 GB, 3000 IOPS) attached to a Windows-based r5a.large instance used as a Jump Host. The alerts cor…

- Technicalrepost.aws
Best practice for per-instance CloudWatch alarms at scale with CloudFormation?
The AWS re:Post discussion highlights best practices for scaling per-instance CloudWatch alarms for EC2 instances using CloudFormation. The key change is the recommendation to avoid manual ID manageme…

- Technicalrepost.aws
[Lambda Aliases] Question on Lambda Aliases Resource Mapping
AWS re:Post Knowledge Center has clarified how to properly configure Lambda aliases with event source mappings and Provisioned Concurrency (PC) in AWS CDK deployments. The key change is that event sou…

- Featurerepost.aws
Exposing Bedrock AgentCore MCP runtime for external MCP client access
A user on AWS re:Post is seeking a supported method to expose the Amazon Bedrock AgentCore MCP runtime for external MCP client access, enabling tools like Cline, Cursor, or Claude Desktop to connect d…

- repost.aws
JavaScript is disabled