r/aws

We have a node project, and I just upgraded to serverless v4, and I'm having issues with the deploy, we deploy doing sls deploy with github actions, and it takes like 15 minutes to deploy all lambdas with serverless v3, we use the serverless-bundle plugin. But now, with esbuild, it kept going for 47 minutes, until github just said it failed, in the action itself it showed the loading yellow dot like it kept going.

Anyways, I'm working on fixing it, at least have a clean deploy and then optimize stuff. But I started to question if it's worth it. A lot of people don't like v4, especially becuase of the price, but I think our org is small enough for it to be free, we don't even make that many deploys daily. I'm not 100% sure we won't have to pay though.

Do you think it's better to switch to something else? I'm not sure how much it'll take me to fix the deploy and optimize it, and maybe we can just switch to something else, like https://github.com/oss-serverless/osls, or AWS SAM.

Yes, it sucks that I already worked on upgrading to v4, but that's life.

Building an MVP right now and keep seeing mixed opinions on Amazon Cognito. Some people say it’s great because you don’t have to manage auth yourself. Others say costs + complexity become painful as you scale.

For people who’ve used it: was it worth it? did you eventually migrate away? any better alternatives for startups/simple SaaS apps?

Trying to avoid rebuilding auth later 😭

Update/edit: now considering Auth0, but most folks are saying its costly, descope is also an option - has less reviews on the market but it seems more customisable, stytch / firebase are decent options too but cost/feature parity is again another ongoing discussion.

I just started learning AWS yesterday.
I learned that AWS uses a pay-as-you-go pricing model.
If I publish a website using S3 as a portfolio, do I have to keep paying to keep it online, even when no one is viewing it?
I want to know how to prove that I can use AWS.
In many videos, people say that instead of only getting certifications, it’s better to build real projects because it helps you get jobs more easily.
I know this might be a beginner question, but I couldn’t get a clear answer from ChatGPT, so I’m asking here.

Migrated our GenAI development from OpenAI to Bedrock to keep data in VPC. First month bill was 3x expected. Claude Opus tokens are expensive and we had no caching, plus cross-region inference costs we didn’t see. Also paying for provisioned throughput we barely use. For teams doing GenAI development on Bedrock, what cost controls are non-negotiable? Any AWS native tools for prompt caching, batching, or do you build your own? Need to cut this bill 60% or we roll back. CTO is angry.

I was building my website for several months and was planning to use SES from Amazon because it's honestly the cheapest option, and I won't be making any money from my website since it would just be showing information to users for free, so it looked like a good choice.

I was planning to use it for registration/password reset/security emails for my users.

Well, I got rejected today, and after reading a bit about it on this subreddit, I can see that it's not uncommon.

Could someone please give me any tips on whether there is something that I can do to try again, or suggest an alternative?

Hello! Wondering what I should learn such as knowing where tokens are stored, S3, etc.

Thanks 😃

Hi, I’m doing an internship where my mentor has asked me to transfer data from my laptop’s folder (local machine) to an ec2 server in THREE different methods.
I used scp but she said it’s too basic, then for my first method i used aws s3 sync, mountpoint and task scheduler.
PLEASE tell me two more methods i can use under FREE TIER.

We're two non-tech founders building an accounting product for Indian SMBs. Tiny scale, 0 to 10 customers in the first few months, maybe 100 by end of year if things work. Compliance pushes us into ap-south-1 because Indian books of accounts have to stay in India.

The reason I'm posting is we just went through two rounds of cost review and both rounds caught fairly basic stuff we'd missed. Want to see if r/aws spots more before we click anything.

Setup at launch:

RDS PostgreSQL Multi-AZ db.t4g.small for the main DB, plus a separate Single-AZ db.t4g.micro for the audit log (compliance reason, restore of main can't reach audit). RDS Proxy in front of both. Cache.t4g.micro Redis, single node. One Fargate worker running 24/7 for backups. App Runner for the main app, though we have a fallback to Fargate+ALB because there's some chatter that App Runner is closed to new accounts now. Six S3 buckets, one of them in Object Lock Compliance mode for the audit evidence. KMS keys per environment. CloudTrail and GuardDuty in both ap-south-1 and ap-south-2.

After corrections, our line items work out to roughly:

RDS main 5,200. RDS audit 1,000. Two RDS Proxies 3,700 (this is the one that stung, we had it at 500 because we thought it was a flat fee, turns out it's per vCPU per hour). Redis 1,500. Fargate worker 3,470. App Runner 2,100. S3 350. KMS 300. Secrets Manager 550. CloudWatch 400. CloudTrail 200. GuardDuty 600. CloudFront 100. NAT Gateways 5,500 (we just plain forgot this one in v1, two NATs for prod, one for staging). Public IPv4 500 (the EIPs the NATs sit on, AWS started charging $0.005/hr per IP last year). Developer Support for the launch month, 2,400. Misc data transfer 500.

Comes to 27,985 pre-GST. AISPL adds 18% GST. Lands around 33,022 a month all in.

At 100 customers we're projecting 51,053 a month. Plan is to grab Reserved Instances once we have 30 to 60 days of stable usage, that should claw back 30 to 62% on the RDS side depending on term.

What I want to know:

What are we still missing. The ones I'm nervous about are cross region S3 replication egress (we replicate to Hyderabad), RDS backup storage past the free tier (35 day retention at 50GB autoscaling to 200GB, that compounds), ECR storage as we push more images, and CloudWatch Logs Insights if we end up using it a lot.

Anyone actually running a vaguely similar shape on ap-south-1, does our launch number track with what you see on your bill.

The RDS Proxy question. Is 3,700 a month for the pair actually worth it on db.t4g.small. We use Prisma which is connection-hungry but at our launch scale it might be cheaper to tune the pool manually and add Proxy later.

Anyone provisioned App Runner in a fresh ap-south-1 account opened this month. If it's actually closed to new customers we need to know now.

Not selling anything, trying to not blow up our runway in month one.

small rant.

Woke up this morning to our account suspended. We had a case come up about a month ago stating suspicious activity and possible compromised account. We looked all over cloud trails all the tenant items and found nothing of note. Proceeded to ask for more information for the next couple of days with no response from AWS support. I closed the ticket as I've seen them re-open if there are any issues still open. Not this time and then finally the day of reckoning came and boom account suspended.

I understand I probably should have pestered them more but I don't think its cool to not respond to a ticket and then suspend a production account. I have since opened up the old ticket and created a new one to bring the account online. I was hoping to pay for expedited services but can't while your account is in this state it seems. So I'm stuck with basic support and a director who is pacing in front of my office.

So in desperation here I am on reddit posting in hopes of an escalation.

Happy Tuesday everyone 😄

I've been using AWS for many years. When starting a new project, I create a new account for it. Recent stack plan is: Bedrock, SES, DynamoDB, Lightsail, IAM, CloudTrail, ECR, EKS, CloudWatch, Certificate Manager, etc.

It's still early in the project but I know SES requires approval so I submit my request... 2 days later, after sending them all the details requested, they deny my request. Their reason? "We cannot tell you why, for security reasons." Then they marked the issue as "resolved."

I've never misused an account nor sent marketing emails nor spam and never would. I re-opened the issue, replied, and linked my previous, years-old account. After 3 days, still no response.

I always looked at the difficulty with using AWS as job security for me, but the delay in responding and the ridiculous reason for denial make me wonder: Should I be avoiding AWS?

Hey everyone. I am a pre final year student. I have built a web app comprising of 4 microservices along with Docker and all. I dont have any idea about AWS and will be guided by my Devops teacher at the University.

1. I want it to be deployed in AWS but the thing is I am not financially independent till now to be able to deploy it with cost.
   2)My intention is to deploy the project but only run it when the recruiter or someone asks me to for the site or What should I do ?
2. Wont deploy it in render/railway
3. Any other suggestion or tip is appreciated.
   The main reason to deploy it is to enhance my CV and to increase the chances of getting hired. Thank you

Is it risky to disable AWS WAF, when all I have is placeholder 1-page sites. It costs me 24 per month to have WAF.

My cloud enthusiast friend(idk how do people actually find it interesting if money isn't at play) couldn't defend herself after I brought this up with her.

Was wondering if people here could do that.

Hey folks

Hope you're doing well

I have a phone screen interview coming up with AWS

I have been told that after that phone screen (there will be technical part in it), if i make it, I'll enter an interview loop with 5 consecutive interviews each with a different person

I wanted to know, if you guys have the info, what's the complete process

And what's harder, getting past the phone screen or the interview loop ? (Statistacally or personal feeling)

Also any advice before going into the phone screen/interview loop ? It for a System Engineer /DevOps role

Thank you very much for your feedbacks

Appreciate it in advance 🙏

Hey everyone,
I’ve been trying to create an AWS account, but I keep running into an error during the phone verification step.

Every time I enter my number and click “Send SMS (step 4 of 5)”, I get the message bellow.

I’ve tried multiple times, different browsers (Chrome, Firefox), cleared cache/cookies, and even switched networks same issue.
I’m using a Mozambican phone number (+258) and i also tried it with my South African number(+27), and I double-checked that it’s entered correctly without the country code repeated.

Has anyone else had this problem recently? Is there a workaround or do I need to contact AWS Support directly?

Processing img m1b8i3wu1y1h1...

Hey everyone,

I’m working on the infrastructure for a startup backend (built with NestJS), and we’re trying to keep our compute costs as low as possible while maintaining high availability.

we decided to skip standard EC2 and instead deployed 3 concurrent Spot Instances behind a load balancer . The idea was that if AWS reclaims one instance (giving us that lovely 2-minute warning), the other two can easily absorb the traffic while a replacement spins up. It's been great for the wallet and uptime.

However, we immediately ran into a classic distributed systems issue: duplicate crons.

Because our scheduled tasks (processing queues, sending automated notifications, database cleanups) were running natively inside the application layer, running 3 active instances meant every single cron job fired 3 times simultaneously. Obviously, this started causing race conditions and duplicate database writes.

Our Workaround: Instead of trying to handle distributed locking inside the app (via Redis/Redlock or a DB lock table), we decided to decouple the scheduling layer entirely from our volatile web servers.

Here is what we built:

1. Amazon EventBridge handles the cron rules/intervals globally.
2. EventBridge pushes the event payload into an SQS queue (acting as a buffer/safetynet).
3. AWS Lambda consumes from SQS and executes the actual background logic.

This completely freed up our web servers to just handle HTTP traffic, and it guarantees that our scheduled tasks fire exactly once, regardless of how many Spot instances are spinning up or shutting down.

My questions for the community:

• Is this standard practice for handling crons when horizontally scaling on a budget, or did we overengineer a solution to a problem that could have been fixed simpler?
• Are there any hidden gotchas or cost traps with the EventBridge -> SQS -> Lambda pipeline that we should watch out for as our task volume grows?
• How do you personally handle background schedulers when running multi-instance web servers?

i am having AWS EC 2

i was using 7 instances from a long time

today i stopped instances and tried to start instances

but now it shows below error , only 1 instance is able to be started at a time

You have requested more vCPU capacity than your current vCPU limit of 1 allows for the instance bucket that the specified instance type belongs to. Please visit http://aws.amazon.com/contact-us/ec2-request to request an adjustment to this limit.

can anyone help?
tried asking to increase quota but i guess AWS rejected

Context : A recent grad in Computer Science(DS Track), do not have any official experience so far. Need something substantial on my resume for opportunities. Interview selection rate was not that great either.(International Student). I was an academic at heart, so I applied to 1 PhD program and got in - It is in a slightly new domain than my prev ones - Operations Research/Industrial Engineering. I will be joining in Fall'26 and have some time to spare and want to knock out a certification and build a portfolio at the same time aiming for internships for Summer'27.

I hear the "projects/skills >> certs" argument and initially began with this plan :

1. Prepare for AWS CLF -> Got a udemy course as well -> simultaneously prep begin for AWS DEA -> course bought for this as well
2. Give CLF and then use the 50% to give DEA.
3. Been working on an "in-depth" creative cloud based LLM project that actually solve problems I face. In-depth? - I have built the mockup, tested the basic utility and functionality. Also spent a big chunk of my time and effort in building the experimentation infrastructure(Data Engineer) to collect data to make the product better/personalized for other future users. Will collect data for me and my friends(alpha testers) and make decisions for the product(Data Scientist).

Given that my domain has changed, but the job descriptions have not really changed(as much of optimization/prescriptive analytics still happens under the DS role), I was thinking about these things :

1. Can I just skip the CLF and do an SAA instead?(I want to try the Sales Engineer role). And people say CLF is too easy and introductory in nature.
2. Should I prioritize the DEA -> SAA now?(I don't mind even though i have bought the course for CLF)
3. I do have some other cool projects that I would wanna do(and would HAVE to do) for my new-ish resume(more OR friendly i guess?)

Hey r/aws! I'm one of the maintainers of DeepEval, an open-source framework to evaluate AI agents (it's like Pytest for LLMs), and I wanted to share a recent integration we released with AgentCore that you might find useful.

Long story short, we found:

1. AgentCore to be increasingly popular with our community, and
2. No easy way exist to test these agents without being coupled to AWS's platform

So we made evals for AgentCode 100% open-source by integrating it in DeepEval, it's literally 2 lines of code:

https://preview.redd.it/llfgtg1uww1h1.png?width=1366&format=png&auto=webp&s=f30adca0fa9e66ac6e85e5ed6e42e671a220886b

That's literally it. Under the hood, "instrument_agentcore" traces agentcore agents, while "invoke" calls agentcore allowing DeepEval to capture the trace. And once we have the trace, you can simply use DeepEval's metrics for evals, in this code snippet task completion.

You might also notice that we were able to use Pytest, that's because that's what DeepEval wraps.

Anyway, hope this was helpful, super curious to know whether you see yourself using this integration. Not going to drop a link here for obvious reasons but, LMK if you're interested!