Monitoring your AWS Service Limits

It’s all too easy to go past your AWS Service Limits if you’re dealing with big accounts.

E.g. the default for m4.largeper Region is 20. We’re currently running 65 in our smallest Region.

https://console.aws.amazon.com/trustedadvisor/

 

Attempt 1: using AWS’ solution

This unfortunately uses Cloudformation. Moving on…

Attempt 2: using awslimitchecker

See http://awslimitchecker.readthedocs.io/ comes to the rescue. You can write your AWS Lambda scripts with it and you’d be good to go.

E.g. List Limits for a Region

awslimitchecker -r eu-west-2 -S EC2 -l

Note that these are defined manually in ./limitchecker/lib/python2.7/site-packages/awslimitchecker/services/ec2.py

and are from https://aws.amazon.com/ec2/faqs/

However, if you have an account that’s already in use these limits may differ. And may also differ per Region.

As I said, it doesn’t query TrustedAdvisor dynamically. Moving on…

Attempt 3: getting the Service Limit data by CLI

Generic TA Check ID:

aws support describe-trusted-advisor-check-result --check-id eW7HH0l7J9 --region us-east-1

and the EC2 On-Demand Check ID:

aws support describe-trusted-advisor-check-result –language en –check-id 0Xc6LMYG8P –query ‘result.sort_by(flaggedResources[?status!=ok],&metadata[2])[].metadata’ –output table

https://docs.aws.amazon.com/cli/latest/reference/support/describe-trusted-advisor-check-result.html

For Check IDs per Service see: https://aws.amazon.com/premiumsupport/ta-iam/#Information_That_Trusted_Advisor_Displays

 

Note that this only seems to work for us-east-1 so you’ll need to make sure this is your default profile (or specify a profile that uses it).

E.g. for other endpoints I got:

Could not connect to the endpoint URL: “https://support.eu-west-2.amazonaws.com/”

and

Could not connect to the endpoint URL: “https://support.us-west-2.amazonaws.com/”

This seems to imply there are no Support endpoints other than us-east-1.

UPDATE: I was right:

AWS Support has a single endpoint: support.us-east-1.amazonaws.com (HTTPS).

https://docs.aws.amazon.com/general/latest/gr/rande.html#awssupport_region

 

More info: https://aws.amazon.com/premiumsupport/ta-faqs/

 

Note 2: if you don’t have Business or Enterprise support this CLI won’t work and you’ll get something like usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters].

You can use some Python like this for running EC2 instances:

so let’s just adapt it to:

 

 

warning: deleting branch ‘old_branch’ that has been merged to ‘refs/remotes/origin/old_branch’, but not yet merged to HEAD: why I hate/love git

git is immensely powerful. In the same way that English is as a language. There are endless nuances.

I love that you can do so much with it.

However, I hate that, even after a decade using it, I’m still running into basic issues that interrupt my workflow while I go and research the error message to see what’s going on under the hood.

Here’s an example. I was so confident I could delete the local branches I did two at once. And ran into 2 separate error messages. i.e. I did a git branch -d <local_branch1 local_branch2> that had been pushed and merged only to get these messages:

A. warning: deleting branch 'old_branch' that has been merged to 'refs/remotes/origin/old_branch', but not yet merged to HEAD.

Turns out, when you do a merge --squashand delete the remote branch you’ll get this warning. Here’s why:

  1. you created the branch
  2. pushed to remote
  3. merged there and deleted the remote branch
  4. did a pull from origin/master
  5. your local HEAD (master) does not have a record of this merge (even though it was done on the remote) hence the warning

https://stackoverflow.com/questions/12147360/git-branch-d-gives-warning

B.

Check with:

https://stackoverflow.com/questions/7548926/git-and-the-branch-x-is-not-fully-merged-error

 

Linux OS version

Use cat /etc/os-release

e.g.

or

Terraform: security_groups vs vpc_security_group_ids

Basically, just use vpc_security_group_ids.

  • security_groups – (Optional, EC2-Classic and default VPC only) A list of security group names to associate with.

Could not connect to the endpoint URL: “https://ec2.eu-west2.amazonaws.com/”

Annoying but this:

aws ec2 describe-availability-zones --region eu-west2

fails saying:

The reason is simple – there’s a typo in the Region.

It should be:

aws ec2 describe-availability-zones --region eu-west-2

Would be nice if the AWS CLI gave a better error message! E.g. like there’s no such Region.

More here: https://stackoverflow.com/questions/40409683/aws-s3-cli-could-not-connect-to-the-endpoint-url

tmate

Install with

brew install tmate

Run with

tmate

then copy and paste the ssh string for another person to share your session.

Exit with

exit(or Ctrl d)

https://tmate.io/

 

SCROLLING

If you want to page up / down in the buffer enable the mode with:

CTRL b then [

then

Page Up / Page Down (i.e. Fn + Up arrow / Down arrow).

Use ESCto exit this mode.

https://superuser.com/questions/210125/scroll-shell-output-with-mouse-in-tmux?rq=1