this post was submitted on 14 Jan 2024
90 points (92.5% liked)

Technology

59402 readers
2667 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] NegativeLookBehind@kbin.social 16 points 10 months ago (6 children)
[–] hpca01@programming.dev 25 points 10 months ago (5 children)

It's not fun, I got hacked through an archived git repo, for when I was learning to use AWS, following tutorials and whatnot.

Forgot about it for years, then out of nowhere got hit for 27k...needless to say I said good luck collecting that shit.

They waived it all granted I logged in and deleted all resources that were running as well as removed all identities. Sure as hell I did that and saw a ton of identities out in the middle of nowhere. Fucking hackers ran up a shit ton of AWS sagemaker resources trying to probably hack some dude's wallet.

Every time I see a tutorial on how to deploy x in AWS, I get pissed. The newbies need to learn about administration before they start deploying shit on cloud infra.

[–] SeeJayEmm@lemmy.procrastinati.org 1 points 10 months ago (1 children)

These services should have default billing alerts and limits you have to actively change.

[–] nybble41@programming.dev 2 points 10 months ago

I'd settle for just the limits, personally.

The part that makes me the most paranoid is the outbound data. They set every VM up with a 5 Gbps symmetric link, which is cool and all, but then you get charged based on how much data you send. When everything's working properly that's not an issue as the data size is predictable, but if something goes wrong you could end up with a huge bill before you even find out about the problem. My solution, for my own peace of mind, was to configure traffic shaping inside the VM to throttle the uplink to a more manageable speed and then set alarms which will automatically shut down the instance after observing sustained high traffic, either short-term or long-term. That's still reliant on correct configuration, however, and consumes a decent chunk of the free-tier alarms. I'd prefer to be able to set hard spending limits for specific services like CPU time and network traffic and not have to worry about accidentally running up a bill.

load more comments (3 replies)
load more comments (3 replies)