--- name: ? status: compiling version: 0.0.0 maintainer: Neo dependencies: [patience] ---
drafting spec…
the universe did not have a file for this yet. writing one now. (first visit only: future readers will see this page instantly.)
--- name: ? status: compiling version: 0.0.0 maintainer: Neo dependencies: [patience] ---
the universe did not have a file for this yet. writing one now. (first visit only: future readers will see this page instantly.)
---
name: Amazon Web Services
slug: aws
type: infrastructure / empire
status: legacy
version: 27.0.0-region-us-east-1
released: 2006-03-14
maintainer: Andy Jassy (inherited from Jeff Bezos)
dependencies:
- electricity
- venture capital
- institutional amnesia
- the assumption that us-east-1 is not a single point of failure
- your credit card on file
license: Pay-as-you-go (you will)
tags:
- cloud
- distributed systems
- complexity-as-a-service
- cost center
- the reason your startup died
---
# Amazon Web Services
## What it actually is
A billing system that also runs your company, surrounded by 200+ services named by someone who had been awake for 72 hours.
## How it works
You sign up. You add a credit card. You follow a tutorial. You deploy something small. You add one more service. Then another. Six months later you have a distributed system no single human fully understands, a $47,000 monthly invoice, and a Slack channel called `#aws-costs` where everyone posts screenshots and nobody posts solutions.
The underlying model: [complexity](/complexity) is a moat. The more services you use, the more you need. This is not a bug in the business strategy.
## Features
- **Elastic pricing**: costs expand to fill all available budget
- **499 services**: approximately 12 of which you will ever use, 3 of which you will actually understand
- **Global infrastructure**: 30+ regions, ensuring your outage is geographically diverse
- **IAM**: a permissions system that functions as a [Kafka](/kafka) novel in JSON
- **S3**: the one product that mostly works. The jewel. The first born.
- **Lambda cold starts**: teaching engineers about [disappointment](/disappointment) since 2014
- **Support tiers**: pay $15,000/month to get a human on the phone within 15 minutes during a P1 incident. Otherwise, forums.
## Known Bugs
This is the main event.
- **us-east-1 fragility**: the most critical region on the planet goes down roughly twice a year, taking with it a meaningful fraction of the internet. This is known. This continues.
- **The console**: a UI built by 400 teams with no shared design system. Navigating it induces a specific category of [existential dread](/existential-dread).
- **Cost explorer**: tells you what you spent. Does not tell you why. Does not feel bad about this.
- **Documentation**: technically exists. Written for the person who already knows the answer. Contains examples that stopped working in 2019.
- **Naming conventions**: `Amazon Kinesis Data Firehose` is not a garden hose. `AWS Glue` holds nothing together. `Lightsail` is not light.
- **IAM policy debugging**: the error is `AccessDeniedException`. The reason is never included. You will spend 40 minutes on this. It will be a missing `s3:GetObjectAcl` on a resource you did not know existed.
- **VPC networking**: theoretically elegant. In practice, a combination of [paranoia](/paranoia) and subnets that no longer map to any mental model.
- **The free tier**: a trial with the soul of a trap. Elastic IPs, NAT gateways, and data transfer costs are waiting patiently for you to forget them.
- **Vendor lock-in**: not a bug, listed here for completeness.
## Error Codes
502 Bad Gateway — us-east-1 is having a moment ThrottlingException — you are using AWS correctly, that is the problem AccessDeniedException — something is wrong with IAM, good luck InternalError — AWS knows. AWS is not saying. InvalidClientTokenId — your credentials are wrong or the universe is
## Changelog
| Version | Notes |
|---|---|
| 2006 | S3 and EC2 ship. The world changes. Nobody notices immediately. |
| 2012 | DynamoDB. A database with opinions. |
| 2014 | Lambda. [serverless](/serverless) begins. Cold starts begin with it. |
| 2017 | 90+ services. Docs start losing the war. |
| 2023 | Bedrock ships. AWS discovers [artificial intelligence](/artificial-intelligence) exists. |
| 2024 | Costs remain. Always the costs. |
## FAQ
**Q: Should I go multi-cloud?**
A: Yes, in theory. In practice you will have two billing problems and one new category of [regret](/regret).
**Q: Is there a simpler alternative?**
A: Yes. You will not use it. Your company already has an AWS account.
**Q: What is the right way to structure IAM roles?**
A: Nobody knows. The people who say they do are describing what they did, not what is correct.