Ep#111 AWS Services Flashcards Challenge: Can Corey Quinn Define Them All?

Everybody, my name is John Mayer. Welcome to the John Maher podcast. Joining me today is cloudy, Miss Cory Quinn. Cory, thanks so much for joining me.

No thank you Jonathan. Pleasure to be here super awesome coincidence. That this is a John Meyer podcast and your name is John Meyers like you were almost born for the job. Would have been awkward if it have been someone else's name on the front of it. But I know he'll quit the Enzo. I just taken the job. Maher podcast later, when I made myself John Mayer vice-versa, wherever it is, but I don't have to change my name. I don't have to change the podcast and we're always doing I can see the same stuff. Something weird, but it's labeled under John Mayer. Thank goodness. I have it back there, I can remember my name. You joke about changing names and what not but I have it on good authority. That when Andy jassy took over for Jeff Bezos it would have been orders of magnitude easier to for a bunch of hard-coded internal systems. If he could just simply legally changed his name to Jeff, I don't know why he wasn't game for it for it, right?

Andy, Jeff Jessie.

Don't actually work better for some of those automated systems. In fact, we're going to talk about the motor made it systems. So everybody today we're going to have a little bit of fun. I have a set. Thanks of Corey, I have a set of never seen it on social media to check it out. We literally have a full-on set of AWS services in cards, but unfortunately as of today there all day too because there's probably more services to be sorry. Corey had to take that from, you know, since the start of this recording, I'm sure they want to know if you were than three more most of, which can probably run containers.

You never know. Actually, we're going to talk about their services today. So today the episode is all about learning AWS. And their service is, by the way, this is a disclaimer. Please do not use any of this information for their certifications or exams because you might get it wrong. Considering that I'm going to challenge Corey on some of the services that AWS has and what they're used for.

Excellent about Bob play that game that we should also probably not use them to constantly sounding and work discussion. Cuz when I say that Route 53 is a database which it is, it comes across as Quirky and endearing. Where is when you try and say that to someone in a job interview or to your boss when you suggested for a problem? They look at you, like you just popped a circuit somewhere 53. And when they say, well, they used it as a primary database for my stuff. And now they're intrigued by the bar, raise our own, how they used it.

Exactly. How did you disagree? And commit on that one and I disagree and commit. That's how I grabbed my coat. Passive-aggressively goes well and have a backbone. Alright. So call your mother, the angular was the hotness. It 1.2 now it's wrong, react. But I told Corey, you ready to get started? I'm always ready to make fun of AWS Services. It's kind of my stock-in-trade. All right. So we're going to have a little bit of fun. Corey, I have dekhda like, literally, I feel like I'm going to slide out other than all these cards in. These are pretty cool. You shout out to the team and by the way, I reach out to the team because the website doesn't exist AWS flashcards. I owe. How do I give you a credit for people? Want these comment Down Below on. How do we get ahold of you, Adrian, James, kyleon, and thanks for the cards.

All right, and I want to be clear as well. Do not play poker with AWS service cards because you can do that when and still go broke, especially if you win, you will lose all your money.

I'm going to die. Laughing already ready. Corey, do you want the service or do you want me to do like, read the description? You know what? I'll give you the service and you do a easy.

Cloud 9.

Cloud 9 effectively it's a w s codespaces it's more or less. An early arrival to the idea of desktop. Is it a browser runs on of course billable AWS services. So you can now do all of your coating inside of Google Chrome which is increasingly everyone's operating system of choice. The problem from my perspective is that they announced that it had a few bugs. I was looking forward to seeing them, get fixed. And then it was frozen like a mosquito trapped in Amber for 10 million years and I don't see a lot of movement around it. I like the concept, I like the approach. I don't like the glacial pace of feature advancement in that face. I told you how got into it then suddenly. All boys. Are we driving here? I fell asleep at the wheel again Hoops. I should probably pay more attention.

It's a little unfair, but not by much.

It's very close to description of Base integrated, AWS cloud and Waite. Why are they okay? This is a little typo. By the way, on your card by you say, d a w. Let me correct that one. I have no idea how normal people would frame this stuff. Let you run, right? And debug your code into a browser. And speaking of chrome, I'll tell you what is the best browser operating system? He said, operating system before a choice of a new platform, it is. Okay. Challenging question for you, how many tabs do you have open? How would you like to own control and protect your data in the cloud?

Are you using Salesforce be mad at you cover with being backup for Salesforce, backing up your Salesforce data effortlessly, whether it's on premise or in the cloud.

I'm asleep. Why wouldn't you backup your most critical CRM data from lost or corruption? Now, imagine your sales team coming in and not be able to recover all the information there note their pipeline because it's the one thing you didn't think you needed a backup. How about doing it? Effortlessly with being backup for Salesforce

What other nine reason that you should back up your Salesforce data? How about just to data loss and data corruption veeam backup for Salesforce eliminate the risk of you losing your data and metadata due to human error in aggravation or other Salesforce data loss scenarios. Check out bean bag up for Salesforce today. Now, how about we get you back to that? Podcast challenging question for you? How many tabs do you have open?

Right now, very easy. I have to one of which is for the podcast. I was just on one of which is for this and I closed everything else because that would be cheating. Otherwise,

Well, usually, I have hundreds of tabs open because I am a packrat. What are the features of Windows too? Because of course I do.

What are the features I should do? For Chrome is dumped a tax or something. Dump all your tabs to text and I can start fresh instead of going to the open-source World patches. Welcome, you worry about it. We're not going to build anything like that cuz we don't know a good way to display ads in that part yet.

Carpet. Next one, this one's going to be near and dear to your heart AWS budget. Sorry. No pretty picture. Set a budget. I know if you're allowed to use the term itself to describe the thing, but roll with it where you can say, I want I expect that this should be under $50 a month. Let's say for something and alert me, when I had certain thresholds on it, on a particular, Kaden, sweet, daily weekly monthly, or just when you hit certain threshold, and that's great. It's also started doing some deviation modern concentration with the coffin. Amelie detection function of his memory serves. The problem is, is it's driven off course, by the AWS Billing System, which alerts on cost data, completely blew the budget.

It's the evolution of billing alerts. I literally just got a budget alert this morning that I was over in one of my test environments, because I'm building a workshop. I'm like, oh, shoot kind of turn that down. All right, so the definition is 8 lbs budgets, give you the ability to set. Custom budgets, don't they use budgets in the definition as well? Alright, when your costs, are you succeeds or a forecast to exceed? Your budgeted amount allowed three budgets in a sentence?

They tried to change the definition for they couldn't budget, they had limited budget for changing it. Okay, if you do hear, here we go, cost Explorer

I love you.

It's a somewhat limited visualization tool of round. What factors have driven your spanned over arbitrary time. It a larger accounts that takes an awful. Long time to render it fails to do multivariate analysis. Super well, but it lets you filtering group upon a variety of different cop. Taxis, feed link to count the reagent, be at service, be at usage type that exclude or include things like credit applied to your account. It can take a look at Rock, Austin, amortize it out for things, like, repurchase agreements for reserved at this isn't savings plans. Mostly it is a source of Eternal sadness, when you're poking through it.

So everybody, I know a little recap and what we're doing here, Cory Quinn and I have a feel like I need to pronounce your full name. I just have it out as well. Since I am, of course, a cloud Economist cost explore itself. Is free the API for cost Explorer cost. One penny McQueary,

Okay.

I can see a lot of queries happening, what you're doing, what you have to do it, that makes sense. I also kind of sauce packets to keep automated system, just hammering that endpoint the death

So they charge you money. To look at your cost, that's costing you money. Programmatically. Yes, yes, yes. Cards at jws flashcards. By the way, he's got a said, I got to set some challenging Corey, and what these are. He does not know what I've picked, not at all and in fact I can roll through at all these cars and pick some of them for him. We just talking about AWS cost explore and it's an easy-to-use interface that lets you visualize understanding manager AWS cost in usage over time and I'm just only reason the first time cuz we don't have time to read all of it easy to use but it's all right.

Here's a good 1/8 of us, trusted advisor.

Plausible advisor, more like it. It's a series of checks that look across the various pillars of the, well architected framework is best. I can tell, if the alignment they're going for and figure out which, which are things you can do in your account, that it sees, when it refreshes the analysis to get the full Suite of Jax, you have to pay a minimum of $100 a month for a count in support with me, business to your or higher. And at that point, then they start unlocking things like how to save money on it. They're cost analysis is particularly laughable. It tells me that I can save a grand. Total of, I think $70 by turning off and idle instant and then buying a gun rights. Guess I was going to say nothing. I just turned off and then buying a savings plan or Reserve Vincent. For that thing that I just turned off to save the money. Then they got all those things together.

Welcome to AWS budget land and from my understanding, an awful lot of the recommendations along, other activities are equally on the helpful because I never see customers talking about it in any meaningful sense. They have the Gate of themselves with a wall and then once you get through that pay wall and you start using it, the recommendations are largely crap.

But I'm betting. That's not what the card says. I think I'm very intrigued by the definition. Is that short by the way, on the card. It's so there's two, I don't understand the top and the bottom part, it says an online resource to help you reduce cause increased performance improve security, by optimizing your ews environment, the other sentence. It's a definition. I guess says trusted advisor provides real-time guidance to help you provision your resources following AWS. Best practices, well architected review.

I strongly push back in the real-time analysis aspect of it takes at least a few days after you make changes and then refresh the checks were to start seeing it.

Near real-time what time it really is time. Just sent you a response S3. Glacier.

Not to because the glacier which was originally a service, then we're going to make that a storage class for S3, the goal being that you can use this for archival purposes. Now they've recently expanded it to instant retrieval which just means that you wind up storing the stator for less money and then when you retrieve it it isn't there instantly as opposed to traditional Glacier and of course Glacier deep archive in which case retrieving data is usually measured with a calendar, run the stopwatch now you can be sarcastically mean to your customers and have that spinning dial on the web page, go on for 12 hours but usually most people don't. It's great for audit approaches and 50 Barca component of. It is terrific. If you've never wanted to have to delete anything ever again, that works out to $1,000 a month for Pb, which is basically who cares money?

LOL. I don't think they should put cost on these cards at all they can put durability you know 11 92 durability but it says, has been there every S3, storage class, as 11:9 of durability except no longer used mostly deprecated. Reduced redundancy storage which had three even been frequent. Access one single availability Zone, still has 11 nines of durability. Because Disaster Recovery metrics do not factor into that durability figure.

At the mall that's actually interesting because it says customers can store data for as little as .004 per gigabyte per month as a cost-saving and it's secured. You got it right away and secure Doraville and extremely low costs. Cloud service for did archiving and long-term back up and I don't believe deep, archive is anywhere near that expensive but I have to check that would be cheating. That's why you don't put cost on these things. One crime and price update and suddenly, you don't have a story anymore. There's a little bit of that feedback and in fact you can put this into your enhancement request cost out of it cost changes. So frequently durability is actually usually around forever. Alright, your next one.

The service that AWS lamented in find a way to charge for directly identity and access management. Are you allowed to do a thing? Yes, or no people deny across-the-board as opposed to Azure which is sure seems possible, why not?

Effectively. No show me where not including the service formerly known as a SS SS out, but it's effectively is a way of handling of controlling access request for humans or other accounts for services. What is allowed to operate on certain Resources with certain actions. It's basically a checkbox Wonderland usually expressed as either yamral or as Jason because people are sad all the time.

So I saw SSO in here soon as this is why cards are the tools I work with to translate back and forth because no one is happy hour which one they're using and you are very correct. Is I am feature for your age of his account by your users. Now that's an interesting ad for labels going to Manatee to be a services and resources security. Wow. Don't you

The roof on, start making him up and seeing if I call it out or not.

Why do I have to get a fake car to make up a service and you'd be exactly into us?

All right. You knew I couldn't resist this one. You're famous AWS Route 53. It's a database. They're going to say it's a DNS service, they're wrong, it's a database Jersey. Last two in a row. I am and Route. 53 are the only two services that AWS has that. I'm aware of with a 100% SLA Route. 53 is public? Iams is implicit because realistically it security stopped working. You don't have a cloud anymore.

Does most of it? Why is it seem like I know I am supposed to be Global, but I know in u.s. East wanted, that usually has a hiccup Global, does it? Does it ever have an issue?

They hope I have not seen one too, because earlier and they wind up having differentiation. They talk about this in their Regional durability, white paper, came out late last year, or earlier this year, time is a fleeting thing and they talk explicitly about how control plane and data plan are separated. So when do UFC's, one had problems, Route. 53 is when one has problems S3. Had trouble provisioning new buckets but you can still use existing Pockets. Another Regent when Route 53 was impaired creating and managing zones was a problem, but existing zones would still resolved and return data for as long as in some cases that look that bad with age out. Not gracefully, but it would work where as making changes to things, when USC's one is having trouble, means you might not be going to space today.

All right, so blue origin. Here we come. Amazon Route. 53, is a highly available database know. I'm sorry domain name server can resist web services designed to give developers and business extreme. Liability cost-effective way to Route, end users to the internet. I noticed that on those e n s. I mean that there is nothing differentiating there between that and any other DNS provider that is it significant scale except highly available and durable part and that's your local DNS server too. If you want to spend one of those up.

I actually tried, I do one of those, it's nice to manage locally, but a pain it does. Do they do? It's also it's a resolver and it's also an authoritative server for zones that are delegated to it.

Can you use Route 53, externally and internally for AWS like internal resolution you can have a public and private down for the same thing. The thing on where you come from, you get different results, when carrying it has a lot to talk about cost. On these cars of surprised, I didn't mention it, there lookups are generally free. If it to an alias, in our record, for an AWS service for Billy and I forget the exact breakdown on that publicly. Usually if Route 53 is a significant driver, there's something else going on.

Not didn't get somewhat expensive but to do that, you're usually getting other things to be really expensive.

I did notice that on both of these you hinted that they have they're the only two that have 100% of time when only sorry 100%. Slason. The last public SLA of $100 for a Route 53 and the date of layer and they do not admit dinner to make an explicit public SOA statement for, I am of which I'm aware, but it goes down for 5 seconds, a year is still going to cause widespread and massive disruption.

All right.

I have to. What time is just a question, how successful has nothing been

All right, my next one we're going to do a couple more cuz this is why I'm having too much fun challenging you on some of these do you are getting them. All right. According to the cards are at least that you're a little off on the definition on the back but that's alright. We can we can skate 3, I don't speak marketing. Alright, Outpost

Oh yes, it's sold a angel problem, where you have workloads that you want to run on premises but can't figure out a way to do it. That doesn't include paying AWS by the hour for. So what is this is a rack that they ship out to you that they stuff chock full of servers historically they have small one and two you server options. Also code Outpost because that's confusing that run a subset of AWS Services they do need to be connected to a region. Things start going wonky. If they're disconnected for too long and that they are effectively a way of broadening AWS into your very own home.

Not quite accurate. You do need a loading dock and Enterprise support I've checked.

Wait a second. Have you tried to get one delivered to your house? Yes, I'm not prepared to pay the $180,000 a year, Enterprise support paid for this.

So if there was a mistake a loading dock at the EZ Park and stuff, there wasn't a 180,000 Enterprise thing, you have one at your house.

Absolutely, but not really. If they see at the hijack, a truck and do is that kind of energy do for the AWS modular Data Center Grade equivalent of outpost meets snowball Edge devices and of course, is yet another entry in the pantheon of AWS services that can be used to run containers supposed to be in a container.

Do it. Absolutely. Does it also shift to my Hundred spending along with a few paratroopers smdc? I'm thinking they said they missed the mark on her to be a wsmc for MC in your data center. Just make

But I'm pumped up for you. That is me. All right. So alpos is brings native AWS Services infrastructure. And operating modules do virtually anything all occasions Maison Primus seamless higher database removes the complexity of hybrid cloud.

Spoiler, it does not. It's just we're going to get some of that complexity postcards

Is there a second out for the same thing on your side while they have two implementations of? It's one of the rack and what is the small individual box Services? They're the same hybrid. Hey, I got double the pleasure here.

Oh no, those are not to. Okay, wait, I have another one.

What about Amazon virtual private cloud?

Oh yes, it's a networking abstraction that effectively lets you define a series of subnets with particular addressing in an AWS style environment. Once Upon a Time, everything public and had a public voting ID in 50 erratically. Talked to almost anything else in the battle days. Now that was going to be easy to Classic which has been put out to pasture. Now, it is effectively the network equivalent of your data center in the cloud, which is a great way to think about things. If you want to effectively worsen, your Cloud experience to improve your data center experience, for some folks, that's a fair trade. I consider it more of a transitional step count is always going to be king by default. It does not cost anything directly but okay, I have to touch on that because I know I dropped you in Noda, probably a month ago. I started seeing in my car seats. It is for the PC was part of it.

10. Hours for manage, not gateways for unattached elastic IP addresses for data transfer in a few different, Arcane ways and a few other pieces here and there. But I don't recall offhand, all the different charged up. Why would they break that out into those individual items in that group? It under V PC? It's a kind of a misnomer to the otherwise you'll wind up with them scattered all Four Winds. There's no Rhyme or Reason to where they put things on the awfl. They should have a miscellaneous category that for some reason, the electrical easy to other.

What is a group of internet is not Gateway charger, show up, find out that car. All right? So Amazon virtual private Cloud, also known as BBC. Let you provision a logical isolated selection of AWS Cloud where you can launch a w, a definition. OK. And virtual that use my mind by the word.

Well, there's a lot of words, on the back of this. All right, everybody, it real quick. I just want a quick recap. Cory Quinn is giving his best knowledge and definition of AWS Services. Now he's very clothes. He has around at all. We'll just say about 10 and then we're going to do about five more. Before we wrap things up, this is fun and humorous. I think I'm going to bring these the next time Corey and I are together. I'm going to pull them out. Me like, re Cory, what are we going to see and challenge him? I hope to find some of you was at the event. I'll give you the deck. Can you pull it out? And you ask Corey, what is This Server? You're going to be amazed at some of the things you said. Alright. Corey, you ready for the next few?

Hit me with it.

AWS managed services.

Picture of a humongous basil, reaction this specifically to compete against that class of company that will go ahead and manage and run your AWS environment for you. It's a team of people that will curate a subset of AWS Services because even a WS themselves doesn't want to be responsible for the full gamut and they do. I understanding more of a longer-term ongoing maintenance of her then AWS proserv. It's it's a little weird to think of that in the context of being an AWS service because it's more of an AWS team and an offering built around humans rather than computers which is a bit off the beaten path.

Every time I see a Ms is an acronym, I think someone flipped a cliff Somewhere Only management of your AWS infrastructure so you can focus on your applications.

All right, we're going to do for more. I'm just having too much fun, like, figuring out

AWS cloudfront.

It's a CDN built from first principles and usually it was an exercise in teaching customers patients because you could update a club for a distribution that would scattered all four corners of the world. In more time, it would take to hit one of those cities with a ballistic missile. It would it was basically go out to lunch, come back and find out that you screwed up a character somewhere. Try it again. Fortunately it acts as a as getting your content closer to where and users are, it's all. So of course, a service you need. If you want to have a website served out of an S3 bucket with a custom domain,

It's a treasure and a joy picture cloudflare if it were worse and your pretty clothes.

I know the pain that you mention I've deployed it out a bunch of times noticed that the images and stuff we're very stale. You go and void all of them validation that you say, you do like an ass trick and it just cleared it all or whatever. And, but you have to wait, like 30 minutes to an hour and then you got a check and if you check to soon to check to quick and see, the only image is meant as far as updates go, but it's still frustrating, I'm doing a Lambda Edge function, for example, to wait for the deploy to go through and improper than ever before. You can test the thing. So iterative development, in that sense, just becomes annoying, AWS, cloudfront is a fast content delivery Network, CDN that service, okay? That securely delivers data video application API to customers globally, with low latency, b r, a transfer speeds all within a developer friendly environment.

That's developing friendly. You'd like, that is variable, depending upon where the requests are coming from, where your customers sitting, that will impact what it cost per gigabyte to deliver content of them via cloudfront it somehow makes a wssu seriously gross person. Even left. Terminus

I found the card for a wsso, does that still exists? It does just renamed AWS IAM access identity Center because someone has paid by the word. It's a federation approach to for humans to get somewhat temporary credentials into an environment. Either in the console or in or is environment articles you can stuff into things, it replaces the idea of long-lived I am cred that people get careless with in the fullness of time, it ends up working across multiple accounts simultaneously within an organization, you could wind up having a different source of Truth. For the identity aspect of it, most people use doctor, or something like that. It spits out accounts and roles within those accounts that you can assume it's for humans, not for programmatic interaction. Those instead should be using roll assumption or instant spaced execution rolls, or something similar to that, never came and the Advent of ice and anywhere. Somewhat recently means all you need to get an IM role assigned us.

Is a SSL certificate signed by the correct CA.

Do you want to know and look at the back of this car? Do you want to know how many times has it so appears?

12 *, 12, * SSO of it. That's that's a lot of SSO. The documentation for that service even before and after the name is garbage, you have to basically somebody right through setting up the first time to really understand it and then the light goes on but that's some gnarly brambles. You're wading through before head light goes on,

11, before I say,

I'm sorry.

Amazon chime.

Okay, Amazon chime divides into two things and people misconstrue it. The SDK is a Communications SDK platform for video chat, Etc. It is. What's plaque uses under the hood for this video, calling? For example, and that service is awesome. Then you have Amazon, chime the desktop application that nobody likes and everyone says that it's awful, terrible etcetera, but it makes more sense when you realize what it is, which is fundamentally a testbed application for the chime SDK. It is the one, the one Saving Grace, at that application has and I will give it credit for this one minute before. Your scheduled call it calls you to join the bridge. It doesn't mean you can't be passive aggressive late to a meeting. You just have to be a little bit more, proactive about that.

I actually missed that that was one of the things were, I'd liked it that it called me for any meetings that it would happen and I I use chime to chat with various amazonians but time is a Communication Service that transfer into online meetings with a secure easy-to-use application that you can trust. It transforms online meetings. Is that what it says?

Transforms online meetings. I would not accuse it of doing that.

With a secure easy-to-use application that you can trust easy-to-use could mean that there are no buttons to click so that's nice. Okay 123, what we are through SSO is an extra 12 more. Alright two more cards and we will wrap things up.

AWS Lambda.

What was the line I use? My first issue of the newsletter on Mary had a little lamb. As the real source of Truth. And every time that land around her bill went through the roof and effectively, right package it up these days, but I can change it once upon a time with this customer Arcane interface. That required manual zipping of files in the rap and it turns into a event-based architecture. 20 thing happened to be at the passing of time. If I was off an event Bridge Rule and HTTP request excetera excetera, it runs the code or whatever, input it has been given and then does whatever that code says to do. It has some constraints around that have been expanded over time. Now, it's up to 15 minutes maximum possible. Runtime of the halting problem I will say well at 4:15 to terminate the end of every gordian knot style approach solution that were taken there. The it also has constraints as far as the amount of ram, you can allocate to it. 10 gigs last I checked and CPU.

I never deceive you scan linearly with ram allocated. So if you want to run faster, give it more rent. Not the most intuitive thing in the world but there you have. It used to have flashed a limited to 512 MB. Now, you can get a femoral storage attached for up to 10 gigs on that and the rest of the file system is read-only. So if your application isn't expecting that expecting years before bedtime,

Right now, the Salient points, you're very close on the definition. I'm going to give this one to you as a point. If you haven't missed a single want, either of you to let you run code without provisioning or managing servers. You pay for only the compute time you consume there's no charge when your code is not running.

A clear definition. Alright, one more, which is powered of them. That means every account has up to 75 gigs of free storage, so you can do the date.

There's some that tips that you've come across that you've highlighted for everybody on how to use her to get some additional storage. I like that, trying to find. Well, this is an old one. I haven't heard of that one.

Wait, didn't we do? I don't know. We're going to do this one. This is, this is a good one.

I'm finding out how I'm going to get the most kick out. I'm pretty much. All right so I know you'll probably get this one correct but just in case you do I have a secondary card that will pop up and just in case it is AWS cost and usage report.

Christ. These are the long-form AWS billing data. It lands in S3. You pay for storage. You can request it in multiple formats very often. If you wanted to do something, even slightly useful with it, you'll use something like glue or another ETL process, the wind up. Transforming them peanut, being an obvious Target. For there are many others and it whines up, giving you an hour-by-hour resource by resource, Deep dive break down into a sarcastic amount of information regarding the AWS bill. They are never actually finalize. There can be changes made to cost and usage reports after the month has ended, the new one has begun fac back several months there, occasionally changes just to keep us all on our toes. It is the most complete and thorough billing data available publicly to AWS customers.

Oh, you're right onto at awf. Causing usage. Report also known as what Corey liquor state it is. I am users in hourly or daily line items. By the way, there is hourly cost associated with his. So just know there's always a cost of that as well as tags that you have activated for cost allocation purposes. Well Corey, you are 2420 with some added to cost allocation, the cost allocation tags need to be enabled. And once that is done, those tags are visible going forward. They do not show up retroactively. So you have to figure out what fun questions, finances going to ask you about the bill 6 months from now and start allocating a tagging strategy for cost, allocation tags that will be responsive to those requests.

Does it sound like a pain in the ass? That's because it is

Hey, so what you're saying is tags, are important.

Yeah. So now that you can have 50 tags per resource, it can also beat. That's right. A database. But not every resource.

The list of resources that are not taggable gets smaller all the time. I don't recall the last time there was a generally available at service that was launched. That did not support tagging but there's been an effort to go back and and retroactively fix some of the lack of ability of tag on Creative resources. So I'm used to be you create the resource and then you'd have to make a separate, call the tag them in a bit of a mixed bag.

Way back then. When I originally start out in AWS tagging was important. Not all services accepting. I think we had to like a 10 tags for each. One had a developer who created his own tagging system in tagging. Application to go back in tag. All this all the services being utilized, there was actually some open source of flight. What was a tag monkey that went around and kind of tagged, I need those resources very critical time consuming but very important when you want to allocate things and reduce stuff, not only Security Service, control policies, but like Corey mentioned because it causes, you can use his report. Someone recently, last 2 years, you can use Tag based access control which I thought was a recipe for disaster, but those predictions have not come to pass much which is like being wrong in the right direction. The it is also worth mentioning that they have used. It goes beyond just cost. I like tagged data based upon its applicability to various compliance control. Is this HIPAA Control Data? Is this p. I i what?

What is the sensitivity of this? And people can start making policies and controls based upon bad as well. Also never going to tag things, effectively requires wrote, adherence Doctrine, and a lot of busy work. Computers have to do it. They do people do the good citizen efforts alone. Now, there's a lot of flow that one's are doing this automatically. You're going to tag ec2 instance, good for you, gold star. Did you remember also tagged, the elastic IP address, you attached to it, the DDS volume back and get the snapshots of. Those are OBS volume. And, of course, the entrance, do you have reason to show up in cloud trail? And in bed watching logs from those applications running on those things. How do you wind up attributing those things back and it becomes a dizzying rat Nest, nightmare very quickly.

Even the date of that your house within S3 in the classifications of it to tagging that for you know, not only usage later but archiving is off. I mean tagging is critical on tagging as well. Yeah, actually. So I did a course on that and I talked about d l m and how important was the tag your instances. Only for the simple fact is that you can do life cycle policies based off of tags, No Tag no life. Cycle policy which actually translated to back to the snap. Shots automation is key because what will happen is you'll spell something with the lower case, I spelled with an uppercase and you might spell one way of my spelling another way. And it's just like off, like prod versus production and you have to do an automated. So that is spelled the same way everywhere and that you tag her throughout the entire lifecycle of the application or service.

Yeah, it's you need something. Automatic is going to wind up addressing then all for fun. Just because people sometimes get surprised by this is Gail every API in AWS API has rate limits. So if you're running something cost 10000 resources, build a cube and then drain. You don't just run a shell script in the loop and then wonder why everything exploded.

Wonder why I don't stop. Corey, I have a cards Galore all over my desk. This is a huge mess before I wrapped up in Seattle here. The second week of March vote, first week, we're doing something awesome with Chief evangelist, Jeff bar. Also Steven bar, we're going to do is sit down recording and tips house. Looking forward to this

I am too but I'm assuming just for the sake of argument that Jeff has absolutely no idea. We're coming, it's going to be half podcast video recording. I have bungled home invasion from my understanding of it. So get out of here for it to show up. Knocking on this door we're here can just come out and play dive into some of that home style pizzas around chatt. We're going to look at his recording setup hacktoman to Jeff and his reputation and put a nice person is that I will eat food that he prepares for me. There are very few a w s v p is that I will give a straight shot to poisoning me. So Jeff is Jeff is a real one. The only time and I hope you got all your documents updated.

Oh yeah, it'll be fun. This is an awesome. Thank you.

I'm going to die laughing. This is an awesome. Thank you so much for doing this with me and running through the AWS services from this awesome book and flashcards provided by ATV as flash cards. Do it during James Kyle you and thanks for sending me. These were to have a lot more fun with them in the future. By the way, I expect some of the world's saddest tarot card reading if nothing else, but the spread look at all the services and oh no, your startup is going to die for another idea that we're going to do with these cards next time around. In fact, I might bring them with me. Alright. I'm not going to spoil that. We're going to have a lot of funds are bringing this to Seattle.

I'll see you there. All right, everybody. Cory Quinn, Cloud Economist, Cory. Thank you so much for joining me. Thank you for having me. It's always a pleasure to Windows. My love affair with the sound of my own voice. Well, I'm glad you enjoyed everybody. My name's John Mayer, don't forget to hit that like, subscribe and notify because guess what? We're out of there.