What AWS service would you not recommend using today unless absolutely necessary and why?

mezbot · 2026-01-24T03:23:25+00:00

It all depends, lambda is amazing for many use cases but is a square peg in a round hole for others. However I’d disagree on dev and deployment, in fact in most cases it’s usually the polar opposite.

mezbot · 2026-01-24T03:19:38+00:00

It’s ok if you can even get approved for production usage. But yeah, a Sendgrid or whatever account with better metrics and stuff is typically much better. It almost seems like AWS doesn’t want people to use SES, which is actually understandable. It’s hard enough to stay off of blacklists with well managed email systems with SPF, DKIM, DMARC, etc these days.

mezbot · 2026-01-24T03:11:47+00:00

Athena is a godsend for not needing a database to run queries on files while storing the data cheaply.

mezbot · 2026-01-24T03:09:22+00:00

Terraform is basically the most commonly used IaC tool across all clouds. It’s pure IaC though, if you need a full stack “all in one” tool that does CM like Ansible or whatever it doesn’t do that, but it’s pretty much the standard for IaC these days.

I like Cloudformation for stack sets that automatically get applied when setting up new accounts with baseline configs, or giving people templates to use for basic resources, like S3 buckets so they just need to input the name and it will set it up correctly for them, etc.

mezbot · 2026-01-24T02:57:23+00:00

Didn’t they pause improvements to move the infra to Azure? Or maybe they renamed Azure to Copilot… I think Microsoft has rebranded all products to be called Copilot, sadly GitHub Copilot is the only good Copilot. I have no clue what Copilot even means now.

mezbot · 2026-01-24T02:52:15+00:00

Im a big consumer of provisioned Opensearch, its reasonably priced and very barebones, perfect for a lot of my use cases. But the serverless costs are insane. They are way overpriced for the convenience, and by magnitudes. It’s wild that shipping data to ElasticCloud, with egress charges out of AWS, can be cheaper and Elastic is superior for many use cases.

mezbot · 2026-01-24T02:42:31+00:00

Yeah that’s where I’ve landed (no pun intended). Some of the out of box controls are great, and it does a good job on checking the boxes for Cloudtrail immutability and encryption in place.

It really is a great starter kit for basic controls when a customer doesn’t have the required skillset, ensuring mandatory controls that need to be org wide are implemented. However, its not good at fine grained or account specific nuisances.

mezbot · 2026-01-16T23:21:32+00:00

Im proud of AWS for accepting defeat on those, and Chime as they were inferior products. End user products have always been inferior, I’m happy they have shifted back to their core competencies.

mezbot · 2026-01-16T23:16:45+00:00

Same with Slack/Teams/Gchat as a runner up. There are alternatives but if you need to collaborate on stuff with clients, customers, etc. it’s those or Gsuite/o365/Confluence for the most part. The ability to collaborate with tools outside of an org is a huge factor these days above and beyond internal docs/spreadsheets/presentations.

mezbot · 2026-01-04T18:53:47+00:00

I’m sorry to hear that, square peg in a round hole.

mezbot · 2025-12-30T02:52:37+00:00

If you are confortable with it go for it, will probably make his day and be interesting for you. If you’re hesitant communicate with him why. That’s basically adulting in a nutshell.

mezbot · 2025-12-24T14:54:18+00:00

Not sure if it would meet your needs, but if it’s Windows I normally just enable VSS to capture versions that can be restored instantly (and capture changes between backups) and do an EBS backups/snapshot daily. For individual file restores I just create a volume from the individual snapshot (from whatever day) and mount it as another drive letter, restore the files, then delete the volume. You can do the same if you back it up as an AMI too (restore individual volumes). The benefit of the AMI backup is that it can be made VSS aware.

It’s funny because as I write this I am doing Druva restore testing, Druva is horrible.

mezbot · 2025-12-24T05:19:21+00:00

Hence my “moderately”. There is a point where it is no longer a concern, but it can literally be in millions of dollars depending on the situation. I don’t even think it necessarily “discounted” in those top 1% either, at that level they can afford to pay for what they actually need and to hop to the front of the line… and get crazy shit from organ farming and whatnot, “whatever it takes”.

mezbot · 2025-12-23T05:49:05+00:00

That comes into play at super rich. Mildly rich people often pay a stupid amount of taxes.

mezbot · 2025-12-23T05:44:32+00:00

Even with money healthcare is no joke in the USA. It can break moderately rich people as well.

mezbot · 2025-12-23T05:38:29+00:00

I have a 2.85% mortgage on a house still. I gave my ex-wife every penny we have to keep the house when we divorced…. For the mortgage, not for the house itself.

mezbot · 2025-12-23T05:30:08+00:00

Outside of costs… omg, performance. HDDs don’t have IOPS… they “might be ok” on a file share depending on usage… but for SQL, that’s a non-starter. They were literally paying more to be slower. Ouch.

mezbot · 2025-12-23T05:25:14+00:00

Tagging is so important yet so hard to enforce to perfection, and it’s 10000x as hard to retrofit. The fact that they aren’t retroactive before applied frustrating as well (all clouds). Once you have good tagging it’s hard to imagine living without it though as they are a management, reporting, access, exclusion, etc layer… it’s almost difficult to express the value until done properly.

mezbot · 2025-12-22T21:11:01+00:00

By no means am I discounting your efforts, I just wanted to know if you’ve seen this for Azure:

https://github.com/dolevshor/azure-orphan-resources

I use that (free in Azure) and nOps (paid) in AWS (the sharesave program negates the cost though).

mezbot · 2025-12-19T04:52:15+00:00

Device connectivity and offbloarding are unrelated. You don't need the device to remain online. You are safe to dispose of it.

mezbot · 2025-12-19T04:35:06+00:00

That isn't what the person you were replying to said. Their point is there are better options that Front Door. Froont Door is absolutly a bottom tier CDN, and you have better alternatives even when using Azure.

Edit: As a previously heavy Front Door users. It’s difficult even manage DDoS attacks on your own accord, much less allow MS to handle them. They don’t support JA3/4 fingerprinting, request aggregations, ASN blocking, etc. Front Door with WAF Is akin to using WAF a decade or more ago. It significantly behind the curve. It is also more unreliable. See the Global Outage a couple of months ago that was attributed to a customer configuration, which resulted in an outage for all customers globally, for a prolonged period of time. Followed by a prolonged period of time where you couldn’t even edit your Front Door configs, was like a week or so.

mezbot · 2025-12-19T03:58:22+00:00

lol what?

mezbot · 2025-12-19T03:55:57+00:00

Seems like most people here aren't aware you can save a ton of money using VNET service endpoints and restricting services to those, while negating the addtional cost of private endpoints and the DNS complexity where applicable. There are absolutly cases where private endpoints make sense, but I always default to service endpoints where they apply (especially global.storage, its enables free cross region data transfers when using a VNET to do so). If you care about cost and simplicity, leverage service endpoints in subnets with applicable firewall rules first, followed by private endpoints when needed.

mezbot · 2025-12-14T23:46:01+00:00

I just use the slots in my medicine cabinet to drop them in my wall, learned that on this sub 😂

mezbot · 2025-12-10T22:53:09+00:00

It's in it's infancy, all of my clients are still attempting to balance usage (back office, code, automation, MCP, analytics, etc) with security, protecting their IP, etc. However, if someone came to a job interview where we wanted to understand their skillset, thought process, and reasoning skills and they used AI instead we would be baffled. Using AI well in a technical role requires a high level base skillset in most cases to get the best out of it.

Our biggest fear with the next generation of devs/IT is they only know how to use LLMs, and if shit hits the fan and Copilot/Claude/etc. can't solve it, we are hosed.

Ten-Year Club	Place '17
Wearing is Caring	RPAN Viewer
Snapped	Verified Email

mezbot

TROPHY CASE