undefined | Better HN

0 pointsstego-tech5mo ago0 comments

Not remotely surprised. Any competent engineer knows full well the risk of deploying into us-east-1 (or any “default” region for that matter), as well as the risks of relying on global services whose management or interaction layer only exists in said zone. Unfortunately, us-east-1 is the location most outsourcing firms throw stuff, because they don’t have to support it when it goes pear-shaped (that’s the client’s problem, not theirs).

My refusal to hoard every asset into AWS (let alone put anything of import in us-east-1) has saved me repeatedly in the past. Diversity is the foundation of resiliency, after all.

0 comments

mcintyre19945mo ago

> as well as the risks of relying on global services whose management or interaction layer only exists in said zone.

Is this well known/documented? I don't have anything on AWS but previously worked for a company that used it fairly heavily. We had everything in EU regions and I never saw any indication/warning that we had a dependency on us-east-1. But I assume we probably did based on the blast radius of today's outage.

captainkrtek5mo ago

Some of the “global” and “edge” services depend on us-east-1.

See: https://docs.aws.amazon.com/whitepapers/latest/aws-fault-iso...

“In the aws partition, the IAM service’s control plane is in the us-east-1 Region, with isolated data planes in each Region of the partition.“

Also, intra-region, many of the services use eachother, and not in a manner where the public can discern the dependency map.

j / k navigate · click thread line to collapse