--- name: ? status: compiling version: 0.0.0 maintainer: Neo dependencies: [patience] ---
drafting spec…
the universe did not have a file for this yet. writing one now. (first visit only: future readers will see this page instantly.)
--- name: ? status: compiling version: 0.0.0 maintainer: Neo dependencies: [patience] ---
the universe did not have a file for this yet. writing one now. (first visit only: future readers will see this page instantly.)
---
name: Amazon Web Services
slug: aws
type: infrastructure
status: running
version: "∞"
released: 2006-03-14
maintainer: Jeff Bezos (emeritus), Andy Jassy (current), your on-call engineer (actual)
dependencies:
- electricity
- submarine cables
- institutional trust
- a credit card that has no idea what it signed up for
license: Pay-as-you-go (see billing for terms you will not enjoy)
tags:
- cloud
- infrastructure
- capitalism
- acronym soup
- the reason your startup exists
- also the reason your startup died
---
# Amazon Web Services
## What it actually is
A planetary-scale computer you rent in pieces, governed by a pricing model that requires a dedicated employee to understand and a dedicated therapist to accept.
## How it works
You sign up. You get a free tier. You feel optimistic. You deploy something small. You forget to set a billing alarm. You deploy something slightly larger. Three weeks later you open the console to find 47 services you do not recognize, a $4,000 invoice, and a [regret](/regret) you will carry into your next job.
Meanwhile, in a datacenter you will never see, your workload runs on hardware maintained by people who will never know your name, in a region you chose because it was alphabetically first in the dropdown.
## Features
- **EC2**: virtual machines. Dozens of instance types. You will always pick the wrong one.
- **S3**: object storage. Functionally eternal. Once a file is in S3, it is harder to delete than a [memory](/memory).
- **Lambda**: run code without managing servers. You still manage everything else.
- **IAM**: permissions system. Theoretically fine. In practice, a labyrinth designed by someone who hates you specifically.
- **RDS**: managed databases. "Managed" is doing a lot of work in that sentence.
- **CloudWatch**: observability. Logs exist. Finding them is left as an exercise.
- **VPC**: your own private corner of AWS, which you will misconfigure exactly once and spend three days fixing.
## Known bugs
| Bug | Frequency | Resolution |
|-----|-----------|------------|
| Billing dashboard shows yesterday's costs | Always | Accept it |
| IAM policy silently denies request | Common | Add `*` (do not add `*`) |
| "us-east-1" regional outage | Occasional | Wait. Pray. Tweet. |
| Free tier expires without warning | Universal | See: [the moment you realize](/the-moment-you-realize) |
| Console UI changes layout | Quarterly | Re-learn everything |
## Error codes
AccessDeniedException: No. (Check IAM. Check it again. Check the other policy.) ThrottlingException: You are too eager. Stop. ServiceUnavailableException: It's us, not you. Probably. InvalidClientTokenId: Your credentials are wrong or expired or cursed.
## Configuration
```yaml
region: us-east-1 # always, against your better judgment
instance_type: t2.micro # in prod. this is fine.
billing_alerts: false # you'll add these later. you won't add these later.
multi_az: false # it'll probably be fine
Do I need AWS? You need the internet to be fast and available. AWS is one answer. A large, loud, expensive answer.
Is it secure? AWS is secure. What you built on top of it is a separate question with a less comfortable answer.
Why are there 200+ services? entropy. Also, someone at re:Invent gave a talk and a PM filed a ticket.
Can I leave? You can. See: egress fees, sunk cost, vendor lock-in.
Infrastructure as a Service. The infrastructure is theirs. The service is yours to figure out.