[kohidavez]

Copilot can also help set up HTTPS/ACM Certs/Subdomains:

https://github.com/aws/copilot-cli/wiki/Applications#additio...

I love the cloudrun style service too - but one thing I think is cool about running on ECS/Fargate is that once you outgrow the constraints of CloudRun style services - you can drop down to the more granular infrastructure to make tweaks and adjustments. Just my 2c :)

[gavinray]

> Copilot can also help set up HTTPS/ACM Certs/Subdomains

Oh yeah for sure! I was really excited about this for that reason when I found it because of recent Fargate pains.

The irrational part of me just wishes that the "magic" from tools that AWS publishes like Copilot, Cloud Development Kit, Fargate CLI, etc could abstract it away in more of my interactions with AWS ;^)

> once you outgrow the constraints of CloudRun style services - you can drop down to the more granular infrastructure to make tweaks and adjustments.

Definitely, you're trading convenience for flexibility with Cloud Run vs Fargate. Cloud Run also doesn't support websocket traffic yet ( RIP =/ ).

I'm a massive fanboy of Serverless Containers and think they're the best thing since sliced bread. I run services on both AWS and GCP, and think Cloud Run and Fargate are both solid.

My takeaway with AWS I guess is: Don't interact with provisioning/managing infra raw, use the CDK or other tooling you publish haha.

[phamilton]

> Don't interact with provisioning/managing infra raw, use the CDK or other tooling you publish haha.

I've moved pretty much all my sandbox exploration to CDK. A one-shot destroy when I'm done to clean everything up is great. I also appreciate the documented types in Typescript. But beyond that, I've found that there's really no easy way to manage permissions manually. Doing ` bucket.grantRead(service.taskDefinition.taskRole);` is so much simpler than any of the policy generators in the aws console.