Terraform: Error creating launch configuration: AlreadyExists: Launch Configuration by this name already exists

If you’re creating an ASG using an AWS Launch Configuration, you cannot use a name for the Launch Configuration.

The solution? Simply omit name from your launch configuration.

 

https://github.com/hashicorp/terraform/issues/3665

Launch Configurations cannot be updated after creation with the Amazon Web Service API.

https://www.terraform.io/docs/providers/aws/r/launch_configuration.html#using-with-autoscaling-groups

 

AWS Lambda

Disabling a Lambda function should be easier.

It should be a clear UI control in the Lambda > Functions dashboard.

Which it is except you have to click on the Trigger (e.g. CloudWatch Events), then scroll down and hit the Enabled / Disabled toggle switch next to the function name there.

ECR Console Version 2

ECR (Amazon Container Registry) now has a dedicated management console.

https://aws.amazon.com/about-aws/whats-new/2018/12/amazon-ecr-console-version-2

Simple guide to creating a repo and pushing a docker image to it:

1. https://eu-west-2.console.aws.amazon.com/ecr/home?region=eu-west-2# and click Create a repository > Get Started

2. Enter a repository name (usually namespace/repo-name). e.g. snowcrash/wordpress

3. You’ll get a panel showing the URI – e.g. 026972849384.dkr.ecr.eu-west-2.amazonaws.com/snowcrash/wordpress

4. You’ll need to push a docker image to this repo. Assuming you’ve got a docker image you’re happy with locally then get a docker login command by running $(aws ecr get-login --no-include-email --region eu-west-2).

You get this aws ecr get-login command from your ECR console by clicking View push commands.

Note: the --no-include-email is required for more recent versions of docker. E.g. if you get the error message:

If it succeeds, you should get:

5.  tag it with

docker tag <image id> <remote tag>

6. and push with

docker push <remote tag>

 

AWS Config

Note: AWS Config records and evaluates configurations of your AWS resources.

You set up a bucket, a SNS topic and some rules.

The state of your AWS resources are stored and, if a non-compliant resource gets created, you get notified via the SNS topic.

Example rules might be:

  • Only SSL requests on S3 buckets
  • Logging enabled on S3 buckets
  • Versioning enabled on S3 buckets
  • Volumes are encrypted
  • SSH restricted: i.e. only a restricted set of IPs are allowed to access via SSH

https://aws.amazon.com/config/

 

Note: AWS Config is expensive.