Comment by pierat
1 year ago
Amazon will, but they also gauge their discount in how many prevention and security measures from their 5 Pillars you follow in your environment.
You can do stuff like "disallow any of these instances to be used in your env", so if you never use graphics cards, disallow the whole class.
You can also set limits like "no more than 20x m5.4xlarge".
But again, AWS is the worst about no actual hard limits, cause each system generates bills. Ive also seen the hell of "hidden system AWS Billing doesnt have is still submitting billing and we dont know what it is". Again, AWS enables basically infinite liability.
Ive also discussed with C levels that "every engineer and dev with AWS logins have an unlimited credit card to of which you're on the hook for". Lets just say that 'heartburn' doesnt even begin to describe the terror on their faces.
When people have to read and implement "5 pillars" or "cloud adoption frameworks" before start using cloud, learning stuff like hosting with hetzner or self hosting start to seems like comparatively easy and simple.
Exactly. Cloud was sold as "simple", but in reality you MUST know about data center operations, security in an effective zero-trust environment, failover vs HA vs load balancing, and so many footguns.
The big advantage to "cloud" was that you can provision more resources in seconds. Existing data centers had terrible non-VM and non-good VM management software that provisioning more CPU, RAM, storage was a weeks or months long trial.
And you can still get a 100k bill for hosting a SINGLE text file, cause DDoS and shitty hosting providers who demand unlimited credit is a thing.
Frequently I'm looking up if there's a way to have a hard limit on AWS billing, and it seems like many other people have the same concern as well. I do understand that the massively distributed system hosting 100+ products each with ~10 things to bill for means you can't have each service going to the magic billing limiter service and be ask "can account X spend 0.000001 USD now?" * every request * every cloud tenant, etc, etc.
That said, I still think there should be an easy way to set a daily limit. Should I use the Budget service to do that? Cost Explorer? Billing Alarms? Is it possible to have them shed whatever's spending all the money?...
Again, I see the whole can of worms here: what if your service is jamming tons of data into S3 because of a bug? Or you actually started something that got popular and you have a gigantic Dynamo table? Stopping an EC2 instance is maybe an easy call, but deleting data is iffy.
AWS just feels like a minefield because I'm occasionally worried with all the products, I'll check a box when creating an instance or SG or whatever, and that'll (e.g.) trigger CloudWatch to read all my logs, but I have some crappy debug config for some app which will vomit out dozens of logs a second accidentally, and instead of just trashing `/var/log/` I get billed for millions of log events or something.
AWS doesn't have to check that for every request. They only have to eat the cost if you go over and use more before they shut you down. And the shut down should be in a way that they switch data to read only and give you a day to react before they delete.
They might even offer this as an insurance, so you pay a little more but can be sure you stay in budget.