The 15 Biggest Mistakes Made with Amazon Web Services

Well, well, well… While we’re busy building a great startup, the nice folks at Newvem wrote a blog post on the 10 biggest mistakes” made with Amazon Web Services.

We think it’s a good list but somehow seems a little too “simple”.

This is OUR list instead.

The 15 biggest mistakes made with Amazon Web Services.

1) Wasting money by running resources that you don’t need.

2) You think you’re not wasting money, but actually, some resources are running IN ANOTHER REGION. Unfortunately, AWS doesn’t allow to see how much you’re spending globally. If like us, you use multiple regions, you need to check every region.

3) You are not optimizing the type of EC2 instances you’re using. A medium is double the cost, but five times more CPU power, for instance (pun intended).

4) You are not using subaccounts or IAM. This can potentially be your biggest security mistake. We use a master account to create subaccounts, and then use the subaccounts to do the stuff. Plus, we limit permissions with IAM, especially to those credentials that we store on EC2 directly.

5) You are running MySQL on Amazon EC2. Come on, Amazon RDS rocks (it’s a MySQL on EC2, but it’s managed by AWS for a small extra cost). Use it, and forget about your DBA nightmares.

6) If you are using Amazon S3 to do backups, you might consider Reduced Redundancy (it’s about 2/3 the original cost of Amazon S3).

7) Always use server-side encryption on Amazon S3. You never know.

8) If you use autoscaling, make sure you don’t do mistakes, otherwise, things can go really bad, either your site is down, or you have tens of machines running and don’t know how to stop them.

9) One of the biggest mistakes is thinking that you can start with your own colo, and switch to AWS later. You won’t have the time, and it will hurt. Use AWS now.

10) If you don’t know about Reserved Instances and Spot Instances, it’s time to know. You can save significant amounts of money… And rest assured that your fierce competition knows about it.

11) The AWS folks regularly host online webinars. It’s free, and it’s a great way to learn about it.

12) They also have events everywhere in the world. We recently attended “Running a lean startup with AWS” in Italy, hosted by our friends at H-Farm.

13) Well, thirteen is always a bad, unlucky number. Let’s use it for the worst mistakes of all. Not using the Cloud (AWS, or any other Cloud alternative such as Rackspace, Azure) in the first place! Wake up, it’s the year 2012 and it’s time to learn Cloud Computing!

14) Underestimating the importance of security, which also means forgetting about the existence of Amazon Virtual Private Cloud, or VPC. For most companies, that’s the only way you could securely use a public Cloud.

15) Messing up with users. IAM is a good tool, but it’s not easy to manage all the details related to permissions, teams, etc. Sometimes it happens that the wrong guy has the permissions to do everything… And things go bad. Make sure that you set permissions in a very conservative way. Especially if your team is bigger than 5-6 people.
And since you made it to here, a “bonus mistake” for you:

16) Not knowing about ElastiCache (an automated cache system between your apps and your DB), Route53 (DNS), and even more importantly not using Amazon CloudWatch and custom metrics. Metrics are the single most important thing to help you avoid disaster, or at least prevent the worst outcomes.

Well, what do you think of this list? Does it make sense?

Cloud Academy