[judge2020]

> The Ugly > Cost can get sky-high

Is there _any_ service on AWS where you feel like you're getting more value than the dollars you're paying with (other than IAM and Free tier services)? It's no secret that AWS is one of the most successful and profitable modern businesses, but perhaps there's a hidden offering that does something, does it well, and costs very little compared to the value it brings.

[czbond]

Most if not all services, I feel are a good enough value...when I consider my "time" or hiring consultants time to do the same, etc.

A single example was GuardDuty above. I know how expensive similar to GuardDuty services are per month when you have to have a well planned strategy, implementation, execution, operations for threats... no matter if one does it "in house" or with "consultants" - the cost is very high to implement anything similar to GuardDuty. No matter if it is duct taped open source or enterprise offerings.

And then you have to do that same iterative business process loop across infrastructure (servers/database), data centers, code deployment, DevOps, security, etc etc.

[shitlord]

I use DynamoDB, Lambda, Fargate, and a few other services for a side business. I don't want to spend my time fiddling around with a database or EC2 instances. I'm able to run everything I need for under $100 a month without a lot of overhead, which I think is a good value. This may change as the business grows.

I can't complain about DynamoDB or Lambda pricing. Fargate is a little expensive for what we are running, but the infrastructure management tradeoff still makes it worthwhile.

[OJFord]

> Fargate is a little expensive for what we are running

Because of low usage? Lambda supports containers now (as of 2021 I think) so if you have a container to run (or something you could containerise) it's a relatively straightforward usage question which of Lambda/Fargate/EC2 makes sense on price. Lambda doesn't have to complicate comparison by being a completely different architecture/setup any more.

[shitlord]

No, the cost of a Fargate vCPU is just higher compared to EC2. An EC2 t3.small instance costs about 2 cents/hour and a similar configuration on Fargate costs about 9 cents/hour. For m6i.large and c6i.large instances, the disparity isn't as bad but it's still 15%-20% more expensive.

There are a few different reasons we're using Fargate. Like the other commenter mentioned, there's the lambda max run time. Our Fargate tasks also have a few sidecar containers running alongside the main services. The ECS Exec integration is also nice for poking around when things aren't working correctly.

[OJFord]

Of course it is, if it were cheaper then it would always win over EC2 for container workloads.

This is why I said it's a matter of usage - it's worth paying more per unit time if it's running less and more sporadically making it cheaper over all.

[shitlord]

I don't disagree about usage, but a 300% upcharge over a burstable EC2 instance is not reasonable from a pricing perspective.

Fargate should allow users to specify their compute requirements beyond just vCPU count and GB memory.

[arinlen]

> Lambda supports containers now (...)

The usecases for Fargate vs Lambda are not the same. For instance, Fargate is mainly intended for servers/long-running applications, whereas Lambdas have a hard runtime cap of 15min.

[OJFord]

Why is that incompatible with it being a matter of usage, as I said?

Lambda makes sense when usage is a small fraction of the day; 'long-running applications' are not that.

[ceejayoz]

RDS is one for me. I’ve set up a regionally replicated, point-in-time backuped DB cluster and have no desire to run one again.

[nl]

Lambda. I've build multi-region endpoint compute services before. Never again.

Someone else mentioned RDS and I agree with that too.

[bnchandrapal]

There are a few AWS security services which are free/priced reasonably.

Some free services:

1. AWS Org (Disable services and enforce guardrails)

2. VPC (Create private networks)

3. IAM (User access and IAM policy analyzer to help with least priv)

4. IAM Access Analyzer (Alert on resources with cross account & public access)

5. SSM Inventory & Patch manager (Basic check if all VMs have security updates installed)

Reasonably priced IMO:

1. AWS WAF with free managed rules (when rightly configured you get lesser FP and high ROI)

[discodave]

Those services are gateway, or requirements for using other services though.

A VPC isn't useful without EC2 instances in it. AWS Organizations allows you to create more accounts, with more instances, databases etc in them!

[PaywallBuster]

Lambda/dynamo can work quite well

Dev/staging environments are virtually free

Prod will cost more depending on usage, but you could optimize costs and add caching (like cloudflare - at cdn level)

[nijave]

S3 and load balancers (with ACM support). Having a magic load balancing appliance that autoscales and supports TLS termination is nice and reduces a lot of maintenance. There's nice value adds like OpenIDC support.

S3 is incredibly powerful and cost effective for the price. It has insane throughout and a very simple API (compared to, say, setting up SMB or NFS to support public uploads where you need more pieces)

[didip]

Just get the fundamentals:

- Some core databases.

- Compute in the form of EC2 or EKS with EBS.

- IAM roles.

- Secrets management.

- Load balancers.

- S3.

That’s basically it. Build the rest yourself, they tend to be cheaper.

[fomine3]

Route 53

[pelagicAustral]

I use Route 53 for some of my domain names. It’s alright, but I think I get far more value on CloudFlare’s free tier. Except that I leave the AWS ecosystem...