676 questions
0
votes
0
answers
21
views
AWS MYSQL RDS db instance freezes [migrated]
Ok I'm facing a real crazy issue, I usually connect through AWS VPN Client Endpoint normally and I can access my database. Today I tried and TablePlus just froze, checked if I'm connected through ...
0
votes
0
answers
23
views
Troubleshooting DNS Forwarding Between GCP Projects
I have two projects: Project A and Project B. In Project A, we have a private DNS server that handles DNS requests.
We have a requirement to use the private DNS server in Project A from instances in ...
- 1
0
votes
1
answer
42
views
Connect to Cloud SQL in another project and VPC using Cloud Run and Serveless VPC Access
I'm trying to access a cloud sql that is in another vpc with cloud run. I peered the vpc but I can't. What should I do so that cloud run sees cloud sql? cloud run is in project A and cloud sql is in ...
2
votes
1
answer
52
views
How can I get endpoint for Egress connection to Big Query
I am using google-cloud-bigquery SDK version 2.38.2 to create a BigQuery client in a Java project. I need to determines the exact endpoint URL when creating a BigQuery client using the following code ...
- 21
1
vote
1
answer
132
views
Error with network connectivity between public Cloud Run V2 service and private one
So I have two services: Server App + Embedding Generator App, deployed via Cloud Run V2. Server App is publicly accessible and Embedding Generator App is only meant to be contacted by Server App. I ...
- 2,170
0
votes
0
answers
152
views
How to set credentials via terraform for fine-grained access control in aws opensearch?
I'm setting an opensearch cluster in aws and want to enable fine-grained access control. based on the docs , i see we specify that in advanced_security_options settings and set the enabled to true. I ...
- 53
-1
votes
1
answer
381
views
Cloud Run Direct VPC Egress Connection Timeout Issue
I have a Compute Engine VM that runs MySQL and Redis, and a Cloud Run service that connects to those databases. I recently switched from using a VPC connector to direct VPC egress and I started ...
- 1,233
0
votes
0
answers
44
views
Issue with VPC Service Controls
I want to create a boundary for the project using VPC Service Controls and allow connections only from specific IP addresses. Below is the VPC Service Controls configuration
Perimeter Title: test
...
0
votes
0
answers
47
views
Github actions trigger Jenkins job on VPC
I have a github actions and a jenkins setup on our internal VPC.
I need to trigger specific job on this jenkins setup from the github actions.
please suggest ideas to achieve this.
One of the strategy ...
0
votes
0
answers
20
views
Firebase Cloud Function Address Space for Firewall VM setup
I have a VM running at GCP and want to access this VM with my firebase function via express.
Now the VM has a public IP, I would like to set the firewall of the VM so that only traffic from the ...
-1
votes
3
answers
1k
views
How to Access GKE Private Master from VPN in Hub VPC with Peering
I am currently facing an issue with accessing the master of a private GKE cluster on Google Cloud Platform. Here’s the configuration I have:
terraform code:
resource "google_container_cluster&...
- 1,334
-1
votes
1
answer
269
views
How to Enable Cost-Effective Internet Access for AWS Lambda in a VPC?
I have an AWS Lambda function written in Go that needs to connect to an RDS and an ElastiCache instance, both of which are in a VPC. To achieve this, I placed the Lambda function in an allowed ...
- 3
4
votes
2
answers
2k
views
Failed to release serverless ipv4 because in use by some address reservation
For some time now I try to destroy GCP project using terraform destroy. Almost everything was destroyed but I had some errors saying that I cannot remove
module.transformers....
- 3,256
1
vote
0
answers
72
views
GCP private VPC connection with external sql server
I have set up the private environment to connect onPrem sql server to gcp datafusion. Datafusion uses sql server's connector to fetch the data into data fusion.
Here are my setup details:
I have a ...
- 105
0
votes
0
answers
93
views
Cloud Run service blocked from accessing another Cloud Run service in the same VPC by CORS
I have two Cloud Run services:
Service A, a nextJS frontend with Ingress Control set to All and accepting unauthenticated invocations. It's using a service account with the run.invoker permission, ...
- 837
0
votes
1
answer
385
views
Google Cloud Function Shows ETIMEOUT Error When Connected To VPC Connector
I have deployed a GCP Cloud Function to make calls to Adobe APIs. Also, the same Cloud Function is making calls to Jira APIs. The Jira platform requires API calls to happen only through static IP ...
- 7,911
0
votes
1
answer
884
views
Cannot Connect to MongoDB Atlas from GCP Cloud Run Instance
I followed this guide to creating a static outbound IP and attaching it to the instance. I have confirmed that the outbound IP is correctly setup and that outbound requests are from that IP by using ...
- 536
0
votes
0
answers
426
views
How to route traffic between overlapping subnets on GCP from different projects/VPCs
In GPC we need to allow VMs on VPC A Subnet 1 to communicate with VMs on other VPCs (in other projects) where there subnets overlap (exchange originates from A).
eg.
Project A | VPC A | Subnet 1 | 10....
- 7
0
votes
1
answer
247
views
GCP VPC SC Rules for all projects under a folder
I am trying to set Ingress and Egress Rules for a service perimeter.
Currently have setup rules based on service accounts and resources(Projects).
I am also trying to see if I want to create rules at ...
0
votes
2
answers
342
views
VPC SC Service Perimeter handle Google Service Accounts
I have a service perimeter created on projects holding Cloud Composer.
The VPC SC Logs snippet are below,
"authenticationInfo": {
"principalEmail": "service-org-<...
0
votes
1
answer
85
views
Deploy Flask Microblog in private ec2 with private RDS
for a project with AWS I am trying to install a microblog made with flask on an ec2.
The architecture, for now, consists of
A bastion host deployed in public subnet with ip.
An ec2 deployed in ...
- 3
1
vote
2
answers
1k
views
Finding the VPC that my project associated with in Google Cloud
Just a naïve question.. I am not able to locate the answer.
In Google Cloud (GCP), how can we locate the VPC that a project is associated with.
I am aware that every project when created, is by ...
- 848
0
votes
2
answers
592
views
Connecting to a Cloud Function through a VPC returns 404
I need to add IP Restrictions onto my Cloud Function, and before you mention it using a SA or other forms of auth are out of the question..! ;)
I am having trouble, however.
My Cloud Function is ...
- 145
0
votes
1
answer
98
views
How to connect 2 VPC's that are 3rd party running your managed services
Here's the scenario I'm trying to resolve.
First, we have our VPC running services.
Second, we have manage Clickhouse service running in ClickHouse Cloud.
Finally, we have a manage Kafka service ...
- 111
0
votes
0
answers
249
views
Dataflow disable public ip
I´m using dataflow and I want to disable the public IP, I have tried the following commands:
--no_use_public_ips
--disable-public-ips
I have also provided a subnetwork using the argument:
--...
- 27
0
votes
1
answer
267
views
Need to extract the subnet id from the data source based on the region
I have data source module where I am extracting the subnet id by passing subnet name.
File is in the data module:
Module/data/data.tf
data "aws_vpc" "vpc-id" {
provider = "${...
0
votes
1
answer
251
views
How to establish SSH tunnel from python script on Google Cloud Run to server with PostgreSQL database?
I've done some research and based on it, my first question is:
It is not possible to establish an SSH tunnel from python script in Google Cloud Run to the server where the database is located natively,...
1
vote
0
answers
188
views
GKE and Private Workers Pool on Google Cloud
I been trying to follow the doc https://cloud.google.com/architecture/accessing-private-gke-clusters-with-cloud-build-private-pools but I can't already, I create all the components like vpc's, ...
1
vote
1
answer
45
views
Why is a route table not being checked when going into the IGW?
When I send a package to my ec2-instance, no route table is being checked:
Only when send back:
Why is no route table checked, when sent into the network?
- 3,086
0
votes
2
answers
233
views
AWS related question with terraform: Unable to SSH into EC2 hosted in private subnet
I am just starting out to learn both terraform and aws.
In this exercise, I trying to create VPC, EC2 in a private and public subnet, NAT and IG. I am able to SSH into the EC2 hosted in the public ...
- 3
0
votes
0
answers
65
views
Accessing AWS SecretsManager from inside a VPC
I have a Lambda function that need to be in a VPC and it needs to access a Secret from SecretsManager. While the code works when the Lambda is outside the VPC it does not work when inside the VPC. The ...
- 972
0
votes
0
answers
560
views
Error attaching subnets to VPC endpoint AWS
I'm getting an error when I attach subnets to a VPC Endpoint. I have a shared VPC called VCP1 and I need to create a VPC Endpoint with this VPC.
If I don't attach any subnet, the VPC Endpoint are ...
- 35
0
votes
1
answer
108
views
Can't connect to my server/instance with my Terraform Code for AWS Firewall Project
I am new in learning Terraform and currently creating a project. The architecture I'm trying to implement is this.
resource "aws_vpc" "InspectionVPC" {
cidr_block = "10.1....
- 1
0
votes
1
answer
2k
views
Adding VPC endpoint interfaces to NLB target group in terraform
I want to create a VPC in a specified region say (eu-central-1) with a given CIDR say (10.0.0.0/21).
For each available AZ in that region, I want to create a private subnet with a CIDR calculated ...
1
vote
1
answer
577
views
GKE Ingress with internal load balancer is UNHEALTHY
Here is my deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: test
namespace: default
spec:
replicas: 2
selector:
matchLabels:
app: test
template:
metadata:
...
- 21
-1
votes
1
answer
259
views
Necessary Routing for Invoking Lambda from ECS Across Different VPCs
I have two VPCs within a single AWS account. One VPC is running ECS services, and the other is running Lambda functions. I want to invoke these Lambda functions from the ECS services. Below are the ...
1
vote
0
answers
183
views
Timeout connecting to Elastic Search, both ES and Lambda are in the same VPC AWS
Timeout connecting to Elastic Search, both ES and Lambda are in the same VPC.
The lambda role allows it to access all "es:*" and the VPC allows any resource to access as well. The security ...
- 191
1
vote
0
answers
307
views
AWS ALB not receiving all traffic from VPC
I have an AWS Application Load Balancer sitting in front of my EC2 instances.
I'm investigating an intermittent problem where it seems some requests are not getting through to my application. The ...
0
votes
1
answer
84
views
Why is Serverless VPC Connector unnecessary when accessing Private Data Fusion via API from Cloud Functions?
I'm trying to run a private data fusion pipeline from cloud functions.
My assumption was that I would need to create the following Serverless VPC Connectors:
https://cloud.google.com/vpc/docs/...
- 3
0
votes
1
answer
419
views
GCP Access Context Manager with IP range
I have a problem/question regarding GCP's Access Context Manager. I am just trying it out together with VPC Service Control and my idea is to limit access to GCP services within specific project.
What ...
- 1,585
0
votes
1
answer
670
views
strongswan in aws EC2 in VPC1 to AWS site to site vpn in VPC2 - tunnel working but can't ping
I have been trying to get strongswan tunnel working from one AWS VPC to another VPC where site-to-site(s2s) VPN is configured for the last two days and the ping doesn't work. No connectivity at all ...
- 103
0
votes
1
answer
1k
views
Why can't I connect to my aurora postgres instance on aws from my computer?
My original plan was to set up a serverless aurora postgres database on aws to save money since I needed something to use within a dev environment and that we could connect to from our local machines. ...
- 896
1
vote
0
answers
138
views
AWS R53 api via PrivateLink
Is there any valid way of reaching AWS Route53 APIs over PrivateLink ? My lambdas have to stay private, with no global network connectivity, but those also need to be able to execute Route53 api calls....
1
vote
2
answers
598
views
GKE Cluster with hybrid private/public subnetwork
We currently have a public GKE cluster on which many data processing tasks are deployed. These tasks use a lot of bandwith because they download/upload very large files.
For some of our tasks, they ...
- 11
0
votes
0
answers
95
views
AWS Lambda: automating access key rotation - how to enable in a VPC?
For my personal project, I want to create an AWS Lambda Function that rotates my access keys once every three months. I challenged myself to deploy the function in an isolated subnet in my default VPC,...
- 307
0
votes
1
answer
716
views
Why can't 1 cloud run service (client) connect to another (backend) cloud run service when ingress is controlled?
I'm currently running two Cloud Run services (static web + web server).
The web server is connected to AlloyDB instance, which is all through a VPC.
I have also set up Ingress Control to allow traffic ...
- 246
0
votes
1
answer
223
views
How to get the pharmacodynamics data using lixoft connectors (Monolix) and getChartsData()?
I built a pharmacokietics/pharmacodynamics (PK/PD) model with Monolix and I'm using R to plot the results.
As suggested in Monolix website and on CRAN, I linked R and Monolix, loaded my project and ...
- 1
-1
votes
1
answer
90
views
Low Windows bandwidth in google cloud platform
I wanted to ask if anybody has been in a similar situation as me. Let me briefly explain my topology and the problem that has arisen. I have an on-premise site with mainly Windows resources and an up-...
3
votes
1
answer
2k
views
Can a private Kubernetes Cluster (on a VPC) expose services to the internet via load balancers and ingress?
This is going to be more of a conceptual question.
I'm fairly new to Kubernetes and VPCs, and I'm currently studying in order to take part in designing a Kubernetes Cluster on GCP (Google Cloud ...
- 77
2
votes
1
answer
3k
views
AWS CDK: Vpc subnet conflicts with another subnet
I want to create an OpenSearch domain in AWS CDK within a VPC. I've made some progress, but I'm stuck with an issue regarding CIDR.
var vpc = new Vpc(scope, "Vpc");
var subnet = new Subnet(...
- 3,047