[andrewstuart]

It’s fiction that configuring the cloud is easier than configuring a computer.

I’ve worked at big companies with smart people who burn days and weeks trying to get IAM, gateways, vpcs, firewalls and lambda to play together. Let alone the ongoing nightmare of ops/dev interaction.

Complete cloud fiction.

The worst problem is the giant pile of cloud spaghetti you end up with and no one has any idea what connects to what and what depends on what. Easier to just accumulate more and more resources which cloud companies love.

Just run a computer, it’s easier.

[jvanderbot]

> It’s fiction that configuring the cloud is easier than configuring a computer.

We're arguing opinions and trying to apply logic.

Some people find lambda easier and it must be true that lambda fits certain workloads better. Some people prefer VMs or on-prem or other long-running services. I prefer both in different cases.

> The worst problem is the giant pile of cloud spaghetti you end up with and no one has any idea what connects to what and what depends on what.

Yes, it takes discipline to use the best tool for the job. "You should do X for everyting" is not the right approach, however. This argument is moot.

Right now I support:

* Lambdas for some very expensive infrequent number crunching

* Lambda-like on edge for fast response services that require low latency

* VMs for always-on services

* Computer in a closet for backups, logging, metrics, etc.

[diesal11]

To be blunt that sounds like operator inexperience. Throw someone who's spent their life setting up Windows servers on a Linux box and you'd hear similar resentments.

At the end of the day you still need to configure the instances for things like auto scaling, security patches, logging and so on. IAM & VPC still come into the mix when running on EC2, so you've avoided nothing.

[vidarh]

Having made money supporting both on prem, managed servers and cloud instances, my billable hours for cloud setups always ended up far higher, because the setups were invariable more complex.

You haven't avoided much of you replace lambdas with ec2. You do if you replace it with a rented managed server or even a colo.

[scarface_74]

Your people may be “smart”. But they aren’t “experienced”.

Did they use the CDK or even SAM?

[baq]

I've experienced ansible for managing a fleet of multiple hundred on-prem servers and now I'm experiencing CDK for managing a large infrastructure.

Both suck real bad.

Infrastrucure is hard, thankless work. Complexity blows up whatever you do.

[scarface_74]

You literally can tell ChatGPT to create a CDK typescript app that deploys a lambda + API Gateway where the lambda works with Get request and a dynamodb table. The lambda should have permission to read and write to the Table and it will get you 95% there.

Edit: I just did it with ChatGPT 4 expecting it to just create the CDK app. It actually created inline Node sample code as part of the construct for the actual lambda to read from the database.

The last time I did that as a sample to show other developers I still had a little additional prompting to do

[icedchai]

I've found that "permissions" are what bites most developers. It's always either IAM or security groups...

[scarface_74]

Using the ChatGPT prompt I said above, it did the permissions correctly

    table.grantReadWrite(lambda function)

Just as an experiment, I’ve thrown Lambda code I’ve written from scratch into ChatGPT and asked it what permissions it needed. It got it right.

ChatGPT is well trained on everything AWS related. It can transform CloudFormation to idiomatically correct CDK or Terraform.

I hate to say this because it sounds like an appeal to authority. But I really want to set context. I used ChatGPT for projects while I was working at AWS ProServe and since I left. They were generic utility scripts with no proprietary business related code.

[icedchai]

Neat! I personally hate writing Terraform (Does anyone like it?)

[alex_lav]

> It’s fiction that configuring the cloud is easier than configuring a computer.

> Just run a computer, it’s easier.

Statements made confidently while also being totally untrue.

> I’ve worked at big companies with smart people who burn days and weeks trying to get IAM, gateways, vpcs, firewalls and lambda to play together

Working with incompetent people is not an excuse.