‘Your AWS account is about to be suspended’ - Using Cloud Engineering learnings in real life

Share this post:
Cutover team /
Meet the team: Kieran Gutteridge, CTO

Related content:

Don’t let imposter syndrome get in your way: advice from a...
Meet the team: Nick Kyrkewood, Director of Engineering
Meet the team: Alex Duell, VP People
The evolution of Incident Management part 1: in the...
Pride Every Day: insights from the Gaygooners founder on...
The Front End Diaries - Using Cloud Engineering learnings...
Jack eats a can of worms - Using Cloud Engineering...

Jack Fenton

July 22, 2021

This is a story that ends badly. AWS account

If you’ve ever had a threatening email sent to you from AWS it’s enough to create a Jenkins-style rain cloud emoji 🌧️ in your head for the rest of the day.

Oh how did I upset the cloud gods and how can I appease them?

While most Cloud Engineers, and some others, have had the Amazon banhammer notifications to their work email (sorry for doing the 100-hour pentest/script error that nmapped every I.P. range in existence from 10,000 shells, Amazon, really sorry) getting a threatening one to your personal AWS account just shouldn’t happen - and must be the lowest of the low points you can achieve from such great heights. 

It’s my third threatening email to my personal email from AWS as well, for shame.

It all started well though! And for charity!

Go back a few months (...) ./time-machine.sh

In mid-2020 I was watching a YouTube video about some guys who had gotten in trouble and whose venture was about to bite the dust from COVID-19 

(editor's note): This is a revenge story more than anything. Against the virus.

I decided in a 0% alcohol beer-blur that I would raise some money for their charity doing the usual thing where you do some stuff and people pay you so they don’t have to read about it anymore. All while making me feel good and saving the world. Perhaps making some people laugh. 

I was going to become a philanthropist. If I could get past the problems:

Problem 1 (slightly techy): This charity was in South Africa and none of the usual Just Giving etc. platforms had an endpoint in a SA financial institution. 

I’d also had the experience of trying to wire money there before and that was novel - the bank didn’t seem to have IBAN or SWIFT or anything that I could see. I crossed out a few options, but we’re not addressing this problem today. This isn’t about crypto.

Problem 2 (more techy): the platform that was linked to the charity I wanted to donate to (Given Gain is the name of the fundraising platform) was extremely non-techy, it probably wasn’t ‘Cloud Native’. It had a ‘big clients only allowed’ closed API, we’ll get into that later, and some ghastly HTML pages (was all I could see at first).

Problem 3 (me being stupid): I had it in mind to do some sort of goal-based Kickstarter-type ‘If you promise it they will pay’ thing and offer a bunch of dubious pledges that people could pay the charity for me to do. Problem 3 was if this platform did exist it most certainly didn’t pay out to SA charities, and if it did then problem 3 (very techy) was that I didn’t know what to google to find it.

And this is when I did my first ever Cloud Architecture Diagram for personal reasons.

First, it started as some scribbles:

I’d have a Docker whale floating about looking merry, here is a React logo - check out this Half Life 3 icon in the corner - that’s a lambda function! … And it’s all stored in DynamoDB, look, mum, no servers! 

Write ‘K8s’ in the corner, go on!

(editor's note) : Needless to say, it eventually did sort of end up looking like I had imagined, which was handy for my ego but a lot of things became clear along the way...

Firstly, and you may have been there if you too are a Cloud Engineer, is that we like drawings on whiteboards but often our knowledge is as shallow as the water in the Docker logo. 

K8s? I messed about with some containers outside of docker-compose that one evening while preparing for a job interview - I clicked ‘Deploy’ on a CloudFormation tutorial and had Spinnaker in EKS broken in front of me - I, with someone’s help at the same job interview, got a container from 'pwd' to GCP in a few easy commands (that they told me to type in). 

Do I have it on my CV? I hope not.

I’ve played with people’s React apps, I know what it is and some ins-and-outs but I never had a front end - in my youth they were banned. Mum said they were nonsense. Etc etc. 

I’ve drawn up a full-stack application that could conceivably work, but would it? And how?

I sit with other Engineers and non-techies at work (and play) and I say ‘ooh test this locally, use this docker-lambda framework, here’s how to run React without installing Node, blah blah blah’. Had I ever practiced what I preach and built a full-stack app for the Cloud, locally? 

And then if I did would it be highly available, present on the public internet, but cheap, and, most importantly, without full ego death from embarrassment when it 404’d on a Friday because my colleagues flooded it with SQL injections?

All these questions.

The idea was simple though: You have some ‘items’.

We called them items because they were. 

What did Jack do next? Did the 'items' idea work? Did his ego stay intact? Find out in the next installment of this mini-series. 

Share this post:
operational resilience
Operational resilience /
Maintaining Operational Resilience at pace white paper
Integrations /
What is a runbook?
Remote Working /
Meet the team: Kieran Gutteridge, CTO