Hacker News new | ask | show | jobs
by scarface74 2881 days ago
The “No True AWS Guru” ( https://en.wikipedia.org/wiki/No_true_Scotsman) argument...

I don’t think I’ve ever used the CLI to manage infrastructure on AWS.

I usually use the console for one offs. When something needs to be repeatable, I’ll create a Cloud Formation template.

Anything that’s more conplicated, I’ll either use Python directly or create a custom resource that gets called from CF.
1 comments
auslander 2881 days ago
Yes, Cloudformation is my main tool too. I just simplified my comment. Read it as managed by code, be it CF, python, awscli from shell, and all of it in the end boils down to specific API calls.
link
erik_seaberg 2880 days ago
The key thing is a repeatable process that's checked in, which pointing and clicking in the console is not.
link
scarface74 2880 days ago
Not always.

For instance we have a process that sends sns messages for alerts. It’s just as easy to go into the console and subscribe to the sns event notifications (emails and sms).

Second example. I initially configure passwords with CF (of course with parameters that are added when you run it.) It’s easier to go into the console afterwards to change passwords as it would be to update the stack and renter the passwords.

You aren’t going to store passwords in source control anyway.

link
erik_seaberg 2880 days ago
For SNS I'd use the API just to make sure every new team member gets signed up for every appropriate deployment (test, prod, whatever) and every old team member gets removed.

I agree it doesn't add much value for a single user rotating their own password.

link