Uly.me

cloud engineer

Archives for September 2021

AWS Request Domain Renewal

Occassionally, AWS requires validation of your domain via email message. Here’s the command to send a request.

aws acm resend-validation-email \
--certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \
--domain yourdomain.com \
--validation-domain yourdomain.com
 
aws acm resend-validation-email \
--certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \
--domain www.yourdomain.com \
--validation-domain yourdomain.com

You will need acm:ResendValidationEmail permission to run the command.

AWSCLI Permission Denied

When running awscli as a user, I’m getting a permissioned denied.

[user@servername ~]$ aws s3 ls
Traceback (most recent call last):
  File "/home/db2inst1/.local/bin/aws", line 19, in <module>
    import awscli.clidriver
  File "/home/db2inst1/.local/lib/python2.7/site-packages/awscli/clidriver.py", line 17, in <module>
    import botocore.session
  File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/session.py", line 26, in <module>
    import botocore.configloader
  File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/configloader.py", line 19, in <module>
    from botocore.compat import six
  File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/compat.py", line 172, in <module>
    import xml.etree.cElementTree
  File "/usr/lib64/python2.7/xml/etree/cElementTree.py", line 3, in <module>
    from _elementtree import *
ImportError: PyCapsule_Import could not import module "pyexpat"

This is a permission error with the directory where the awscli is installed.

$ which aws 
/usr/local/bin/aws

I ran chmod to fix the directory permission.

chmod -R 755 /usr/local/aws-cli/

The error is now gone.

$ aws s3 ls
bucket-1
bucket-2
bucket-3

Nmap Scan Top 1000 Ports

Use this option if you want to scan the top 1000 ports.

$ nmap -F 10.10.10.10

If you want a single specific port, then use -p option.

$ nmap -p 80 10.10.10.10

RPM Hung

Check if there’s a runaway rpm process. This returns number of processes that are running.

ps -ef | grep rpm | wc -l

Kill it.

killall -9 rpm

You should be able to run yum updates from this point on.