I Followed the Official AWS Amplify Guide and Was Charged $1,100

I've been putting off digging into AWS for years now, and it's because of stories like these. There really should be a standardized training course that requires no credit card info and lets people experiment for free.

Instead they have some pencil pushers calculating that they can milk thousands here and there from "user mistakes" that can't be easily disputed, if at all. I'm sure I'm not the only person who's been deterred from their environment due to the rational fear of waking up to massive charges.

It is very unusual for AWS not to issue refunds in situations like this, so I don't think it's a function of them finding an edge to milk thousands from user mistakes. More likely they've found that issuing refunds is less onerous than it would be to provide accurate and cheap tutorials.

Perhaps that does not excuse the behaviour but AWS reversed a $600 charge I incurred using AWS Textract where the charges were completely legitimate and I was working for a billion dollar enterprise.

>Instead they have some pencil pushers calculating that they can milk thousands here and there from "user mistakes" that can't be easily disputed

User mistakes of this type must be a drop in the bucket for AWS and in my experience they seem more keen to avoid such issues that can cost more in damaged reputation.

AWS is not cheap, and in some cases it's incredibly expensive (egress fees), but tricking their customers into accidentally spending a couple of hundred extra is not part of their playbook.

I accidentally pushed an AWS key to a public repo, and by the next day, had like $50k in charges from crypto miners. AWS reversed the charges, with the only condition that we enable some basic security guardrails that I should have had in place to begin with.

A Cloud Guru / Pluralsight has something they call "Cloud Playground" or "sandboxes".

It might provide that, but I’ve never tried it myself, so I could be wrong.

> It is very unusual for AWS not to issue refunds in situations like this

...when asked to. But what percentage of mistakes like this end up just being "eaten" by the end-user, not realizing that they can ask for a refund? What percentage don't even get noticed?

What were the guardrails?

I encountered similar situation twice and AWS did not issue a refund both times. I'm avoiding AWS like plague now. Not going to rely on goodwill of support person handling my ticket today.

This is basically a whole section in the grifters guide to business. Placing small hurdles to refunds via things like asking for one / filling out a form / cashing physical cheques etc will result in not having to give back 100% of the money that you have taken from people.

https://en.wikipedia.org/wiki/Embarrassing_cheque

> I've been putting off digging into AWS for years now

In my opinion people end up in these billing situations because they don't actually "dig in" to AWS. They make their pricing easily accessible, and while it's not always easy to understand, it is relatively easy to test as most costs scale nearly linearly.

> the rational fear of waking up to massive charges.

Stay away from the "wrapper" services. AWS Amplify, or Cloudformation, or any of their Stack type offerings. Use the core services directly yourself. All services have an API. Getting an API key tied to an IAM user is as simple as clicking a button.

Everything else is manageable with reasonable caching and ensuring that your cost model is matched to your revenue model so the services that auto scale cost a nearly fixed percentage of your revenue regardless of current demand. We take seasonal loads without even noticing most years.

Bandwidth is the only real nightmare on AWS, but they offer automatic long term discounts through the console, and slightly better contract discounts through a sales rep. Avoid EC2 for this reason and because internal bandwidth is more expensive from EC2 and favor direct use of Lambda + S3 + CloudFront.

After about 3 months it became pretty easy to predict what combination of services would be the most cost effective to use in the implementation of new user facing functionality.

Automated secrets scanning is one of them. You can do it as a pre-commit hook. GitHub and Gitlab can scan it too.

https://docs.github.com/en/code-security/secret-scanning/int...

https://docs.gitlab.com/ee/user/application_security/secret_...

Care to share any details?

First time I've used S3 glacier in a wrong way and downloading few gigabytes resulted in multi-hundred dollars bill. I don't remember all the details, but it was absolutely non-obvious behaviour. I think it was corrected since then and today it wouldn't work like that.

Second time I've configured virtual machine with some fancy disk. It was supposed to work as CI build server, so I've chosen the fastest disk. Apparently this fastest disk was billed by IOPS or something like that, so it ate few thousands of dollars in a month. I couldn't even imagine disk could cost that much.

Basically these pricing nuances contradicted everything I ever encountered on multiple hosters I worked with and it felt like malicious traps designed specifically for people to fall into.

Pretty ironic that you're actually listing more things why I would not use AWS at all. You mention: "stay away from", "ensure that you", "reasonable caching", "bandwidth is the only real nightmare" are all huge red flags.

I hear people say that all the time, but it's not my experience.

I once ran up a bill of $60 accidentally, didn't get a refund. I've had three friends with bills, one got a refund.

It might depend on who you know, if you look like someone who is likely to spend more money in future, how stupid your mistake was, I don't know.

I thought the point of deploying to the cloud using higher level services was so that I could worry about my app and stop worrying about the minutia of managing load balancers or database servers.

Instead of interesting technical challenges I now get to worry about the minutia of Amazon's billing system. Neat! Where do I sign?

I very recently had a run away SageMaker issue that wasn't refunded. Wasn't much, only $50, but they said no.

Dang, they got you a few times. Those are all things I could've been bitten by.

They used to be better about refunding accidental or misunderstood charges. I had a couple winners a long time ago like a $600 bill for a giant EC2 instance I meant to stop. They refunded it quickly, no questions. The last time I needed to refund some accidental charges though, there was a lot more stalling and forms.

You know what's insane? RDS (database) instances can be stopped, but automatically restart themselves after 7 days. Didn't read the fine print and thought you could spin up a giant DB for as-needed usage? There's a thousand bucks a month.

As with all things, you are trading away old problems for new ones. The question becomes: are the new problems easier for you to solve than the old ones?

There are parts of AWS that feel like magic and parts that cause me to bang my head against the wall, overall I like it more than it annoys me so I use AWS but it’s not a silver bullet and not all workloads make sense on AWS.