Uly.me

cloud engineer

LightSail Upstream Error 515

If you use LightSail, AWS provides an easy way for you to connect to LightSail instances via Web SSH. I normally use a terminal (ssh client) to connect to LightSail instances, but using Web SSH is very convenient. If you try to do an OS upgrade, for example from Ubuntu 18.04 LTS to Ubuntu 20.04 LTS, you will break Web SSH. AWS has added a special Web SSH configuration on LightSail base images. The error you’ll get is “Upstream Error 515.” The only way to fix this is to get AWS Support to help you apply the fix. It’s not a make or break it deal, but it can be a nuisance if you prefer to use AWS Web SSH instead of a terminal. If you need a more secure SSH connection, consider uploading your ssh-key to the server, and disable password login.

AWS CLI V2

How to install AWS CLI version 2.

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

AWS Certificate List

Here’s how to get a list of certificates in AWS Certificate Manager.

aws acm list-certificates \
--profile default \
--region us-east-1 \
--output text \
--query 'CertificateSummaryList[*].{ARN:CertificateArn,Domain:DomainName}'

EC2 Password Authentication

When you stand up an AWS instance, it’s only accessible via SSH key using the default user, typically ec2-user.

Add password to ec2-user, then enable password authentication to ‘yes’ in SSH.

# Add password to ec2-user
sudo passwd ec2-user
# edit ssh config
vim /etc/ssh/sshd_config
# enable password authentication
PasswordAuthentication yes
# save file and exit

Restart SSH service.

systemctl restart sshd.service

AWS EC2 Describe Snapshots

Here’s how to describe snapshots using query with tags.

aws ec2 describe-snapshots \
--owner-ids xxxxxxxxxxx \
--profile default \
--region us-east-2 \
--output text \
--query "Snapshots[*].[SnapshotId,Tags[?Key=='Name'].Value[] | [0]]"

Result.

snap-xxxxxxxxxxxxxxxxx	Server1
snap-xxxxxxxxxxxxxxxxx	Server2