Author: Jackie Chen

AWS Config service role is not authorized to perform: iam:CreateServiceLinkedRole for Global Accelerator


We recently noticed an interesting error in CloudTrail across multiple accounts: "errorMessage": "User: arn:aws:sts::123456789012:assumed-role/AwsConfigServiceRole/ConfigResourceCompositionSession is not authorized to perform: iam:CreateServiceLinkedRole on resource: arn:aws:iam::123456789012:role/aws-service-role/globalaccelerator.amazonaws.com/AWSServiceRoleForGlobalAccelerator because no identity-based policy allows the iam:CreateServiceLinkedRole action" According the above message, it looks like the AWS Config service role was trying to create the service linked role for Global Accelerator. The … Continue reading AWS Config service role is not authorized to perform: iam:CreateServiceLinkedRole for Global Accelerator

Why QuickSight increases CloudTrail cost so much?


Does QuickSight increase CloudTrail cost? In short, it does. But it could be either minor or major. It really depends on your use case. As mentioned in another post AWS Cost Anomaly Detection, we noticed a dramatic CloudTrail cost in one of our AWS accounts. After some diggings, it turns out it was caused by … Continue reading Why QuickSight increases CloudTrail cost so much?

Updates to Exposed Access Keys check in Trusted Advisor


Since April 25, 2002, Trusted Advisor refreshes Exposed Access Keys (check ID: 12Fnkpl8Y5) check automatically. This check can't be refreshed manually from the Trusted Advisor console or the AWS Support API (you will get the response saying the check is not refreshable). If you created your AWS account after April 25, 2022, the check results … Continue reading Updates to Exposed Access Keys check in Trusted Advisor

AWS Cost Anomaly Detection


Overview AWS Cost Anomaly Detection is an AWS Cost Explorer feature that uses machine learning to continuously monitor your cost and usage to detect unusual spends. Using AWS Cost Anomaly Detection includes the following benefits: Receive alerts individually in aggregated reports. You can receive alerts in an email or an Amazon SNS topic.Evaluate your spend patterns using machine … Continue reading AWS Cost Anomaly Detection

TJS-AJV


TJS-AJV is a handy tool that uses TJS to generate json schema from typescript interface, and uses AJV to validate a config file against the json schema. How to use TJS-AJV? Define your Interface file which will be used to dynamically generate the json schema. For example, the sample-schema.json schema file is generated from the typescript Interface sample-interface.ts by tjs-ajv.Define your config file, … Continue reading TJS-AJV