Read on Twitter
Let’s try something different. What @awscloud concept are you struggling with? Let me help explain it or find someone who can.
The way accounts were designed originally. "Hard to delete" and "at no point is there not a way to bill for charges" are fundamental tenets of the architecture.
This should change. It's 2021. https://twitter.com/JoeEmison/status/1355362611378999299?s=20
This should change. It's 2021. https://twitter.com/JoeEmison/status/1355362611378999299?s=20
"Programmatically provision resources as defined in JSON / YAML / #awswishlist XML."
They're wordy, a bit finnicky, and a lot of projects and tools use more human-friendly things that get rendered into CF.
I struggle too. https://twitter.com/deconstructized/status/1355362767788601347?s=20
They're wordy, a bit finnicky, and a lot of projects and tools use more human-friendly things that get rendered into CF.
I struggle too. https://twitter.com/deconstructized/status/1355362767788601347?s=20
Because this looks an awful lot like "a bug" or "an abuse vector" to the original designers of CloudFront, unfortunately.
Have you tried this between multiple accounts? https://twitter.com/JoeEmison/status/1355362824327991297?s=20
Have you tried this between multiple accounts? https://twitter.com/JoeEmison/status/1355362824327991297?s=20
"Small teams each implementing their own things" is how @awscloud works. Anything that has to touch everything (console, billing, tagging) is a patchwork mess, because "Console Czar" isn't how they do things there. https://twitter.com/bashtoni/status/1355363392370876417?s=20
CDK is the path to provisioning infrastructure for developers who aren't steeped in AWS / ops-land. Make no mistake--it is the future, and it's coming. These are early days, which is why it's so rough. https://twitter.com/MoreScooters/status/1355363550273921025?s=20
"Watching it at first to make sure it doesn't run away," then a stop-task scheduled, and/or a billing alarm. It's not ideal yet. I haven't checked whether Copilot has something for this yet. https://twitter.com/RozenMD/status/1355363793224667141?s=20
X-ray is and will remain a "failed product" until it reaches critical mass across sufficient services. This Is Not The Way. I'm sorry. https://twitter.com/Flawed101/status/1355363881883996160?s=20
There really isn't one (short of working with the file as a stream instead of an object via API) until S3 lets you manipulate compressed files directly. This is a good idea. #awswishlist https://twitter.com/owenconti/status/1355363823046127620?s=20
Because some jackwagon tried to use Route 53 as a database once and they're still recovering from it. https://twitter.com/randomfrequency/status/1355365071480741888?s=20
You can scope down the ListBucket permission to a prefix, but sadly that's about it. Read-after-write consistency means the error should be a lot more predictable now with fewer edge cases; cold comfort. https://twitter.com/astuyve/status/1355365557554577408?s=20
This one resonates. There's a lot of things to learn up front (EC2 or similar, Lambda, VPC, IAM, "the console," etc.) before you build your first thing. The learning curve flattens out after that, but it's front-loaded. https://twitter.com/karamcnair/status/1355365661791322112?s=20
Console interfaces? Because they are trying mightily to fix their UI issues, with varying levels of success from team to team. https://twitter.com/stringsn88keys/status/1355366460328185858?s=20
Oh my stars yes. A great new release is the VPC Reachability Analyzer which will at least tell you why the networking isn't letting the traffic through.
It is Complex and unintuitive for sure. https://twitter.com/Contextify1/status/1355366683372740619?s=20
It is Complex and unintuitive for sure. https://twitter.com/Contextify1/status/1355366683372740619?s=20
I'll catch hell for this but "the console." It gives you a better sense for how the teams imagine people will interact with their service. You can always tab-complete your way through the CLI, after all... https://twitter.com/rfpludwick/status/1355368528526811144?s=20
I use Amazon Glue for this; that's basically what it's designed to do. Glue v2 is a lot less spendy. https://twitter.com/chriserickson/status/1355368722676985856?s=20
At launch, EKS basically just needed admin rights to provision it. That's improved, but https://docs.aws.amazon.com/eks/latest/userguide/security_iam_id-based-policy-examples.html is wildly optimistic about what's needed. #awswishlist https://twitter.com/poiThePoi/status/1355368301061316608?s=20
Shame, mostly. Slightly more seriously, I think they want to be able to deprecate these if needed; they can't if they're public interfaces. https://twitter.com/MoreScooters/status/1355370656964227076?s=20
Build a role for them to assume from their own AWS account. Enable CloudTrail management events so you can keep an eye on what they do. Terminate their access when they're done. https://twitter.com/Omar_cloud20/status/1355372740912492546?s=20
Once upon a time, the tagging team had to support all the services. Then one day that shifted and the burden fell to the service teams. Some got the memo sooner than others. https://twitter.com/Estranged/status/1355373706579566592?s=20
