us-east-1 went down. Problem is that IAM services all run through that DC. Any code relying on an IAM role would not be able to authenticate. Think of it as a username in a Windows domain. IAM encompasses all that you are allowed to view, change, launch, etc.
I didn’t hardly touch AWS at my last job, but listening to my teammates and seeing their code led me to believe IAM is used everywhere.
Nothing to do with moving data. But you can’t move data without authentication.
I want my service to do a $thing. It won’t do $thing without knowing who I am and what permissions I have. The data doesn’t have to cross borders, the service simply needs to function.
Does that make sense? As I said, didn’t do much in AWS, but the principles are sound.
This is the actual realistic change a lot of people are missing. Multi cloud is hard and imperfect and brings its own new potential issues. But AWS does give you tools to adopt multi region. It’s just very expensive.
Unfortunately DNS transcends regions though so that can’t really be escaped.
This has been my biggest pet peeve in the wake of the AWS outage. If you’d built for high-availability and continuity then this event would at most have been a minor blip in your services.
Yeah, but if you want real redundancy, you pay double. My team looked into it. Even our CEO, no tightwad, just laughed and shook his head when we told him.
Didn’t only 1 AWS region go down? maybe before even thinking about anything else they should focus on redundancy within AWS
us-east-1 went down. Problem is that IAM services all run through that DC. Any code relying on an IAM role would not be able to authenticate. Think of it as a username in a Windows domain. IAM encompasses all that you are allowed to view, change, launch, etc.
I didn’t hardly touch AWS at my last job, but listening to my teammates and seeing their code led me to believe IAM is used everywhere.
How is that even legal, I thought there were data export laws in the eu
Nothing to do with moving data. But you can’t move data without authentication.
I want my service to do a $thing. It won’t do $thing without knowing who I am and what permissions I have. The data doesn’t have to cross borders, the service simply needs to function.
Does that make sense? As I said, didn’t do much in AWS, but the principles are sound.
Apparently even if you are fully redundant there’s a lot of core services in US east 1 that you rely on
No, there isn’t. If you of course design your infrastructure correctly…
Wrong. Stuff that wasn’t even in us east went down too. Dns is global
This is the actual realistic change a lot of people are missing. Multi cloud is hard and imperfect and brings its own new potential issues. But AWS does give you tools to adopt multi region. It’s just very expensive.
Unfortunately DNS transcends regions though so that can’t really be escaped.
This has been my biggest pet peeve in the wake of the AWS outage. If you’d built for high-availability and continuity then this event would at most have been a minor blip in your services.
Yeah, but if you want real redundancy, you pay double. My team looked into it. Even our CEO, no tightwad, just laughed and shook his head when we told him.