|
|
|
|
|
|
by ben509
2052 days ago
|
|
|
The author didn't just delete the database. He deliberately installed it on an ASG, which is designed to drop instances. Using an ASG to manage a production database is a tale from the land of What The Everloving Fuck Were You Thinking, as you note, the author makes a habit of bad practices. It's at least instructive to note that there is only one canonical good practice when working with AWS: Always assume you are handling a footgun until you have proven you aren't.
For instance, you might think that Cloudformation is a reasonable way to manage a database in RDS because it's an integrated service and you can keep your configuration in source. That must be a good practice, right?While they have improved the AWS::RDS resource in that there are fewer ways in which small configuration changes will drop your database, there are still big red banners in the documentation.[1] To do it, you must specify a policy to say, "please don't nuke my prod database." Because AWS will always default to being a footgun. [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGui... |
|
|