Anybody out there with solid experience with #AWS in #terraform / #opentofu? All the resources for the Gender Dysphoria Bible are managed in terraform, but they're created against my root account.
I want to migrate them all to their own organization, but can't find any guides on how to do this in terraform. I don't want to break my config by clickopsing this.
@twipped Accounts belong to organisations, not the other way around. If you want to keep your original account separate, you’d have to create a new account either without a parent org or with a different parent org to your original account. Either way you’re not able to transfer resources between them. What you’d probably want to do is snapshot any databases from origin account, transfer them to the new account, then use terraform to spin up completely new resources using those snapshots to restore data from where appropriate. You’d likely need to then update DNS to point to the new account resources.
If you’ve got an org with your original account, and want to actually move the account into a different org, that should also work, but it doesn’t sound like you’re set up like that.
@endareth there are no databases, but there is the route53 config, several s3 buckets, edge lambdas, and a couple cloudfront configurations. I want it all separately billed from my personal sites.
Think of it like the site has been bought and I’m trying to move it to a new owner (thats not what happened, but its effectively what I’m trying to do). There really no way to transfer this without recreating it all?
I briefly looked at AWS S3 Glacier storage, thinking maybe having a second cloud host for my backups would be good.
I can't actually figure out how much this will cost me because they charge per operation (you know, like PUT, GET, etc.) in addition to the storage costs (which I easily figured out).
People may want to reconsider using #AWS#S3 for static web hosting, or at the bare minimum come up with convoluted names and treat their S3 bucket name as sensitive information. If your S3 bucket name comes up in any web search (for example because it's literally in a public GitHub repo), that's a potential attack vector.
@michael When experimenting with AWS, Azure, and more I always pull down anything after I have completed a tutorial. I don't trust cloud service providers not to charge for something that should not be charged for.
I haven’t tested this myself, but it seems this may be a very nasty way to inflict targeted or random harm against anyone with #AWS#S3 buckets. #infosec
#localstack as a "free" tool. The free code works fine for integration testing a few specific #AWS services or a few app that happen to be all community edition services.
But for any real world app that wasn't architected specifically to stay within localstack's free offering, using local stack for an entire app requires Pro & a monthly subscription.
@mistersql
This should be sort of Amazons problem too though.
LocalStack have pulled together (I have always been skeptical it was more arrangement than dev) a lot of things, AWS should do for free, in offline-first; but won't because there is more money to be had insisting on preview builds and ephemeral environments.
Even when they get bugs, I'm like.... Meh 🤷
Interestingly (to me); I've not had to use it much in nearly 3 years.
@nf3xn Maybe to a professional … although I must have hired six people to help with AWS and they were never heard from again. I think they saw a creepy Japanese girl come out of a well or something. Only about three people were able to figure it out, and the last one spent a few months helping me migrate all our data off.
I did a migration in 2005 by myself in a week, and needed one friend in 2012 to cover it in the same length of time.
I have never seen any user interface as shoddy as AWS’s.