Share this page!

Maybe Scrolly?
Corey Quinn Profile picture
Twitter logo
Jan 31 9 tweets 3 min read
So let's find out why GuardDuty is the spendiest @awscloud service in one of my AWS accounts for January.
Okay, a crapton of CloudTrail events. Hmm.

This account is part of an organization. I'd have expected this to show up either in the CloudTrail bucket account, or the org payer management account.
GuardDuty console in this account confirms it.
Daily GuardDuty cost is fairly spikey.
Okay, this makes some sense. It's a "legacy" account that predates my adoption of Control Tower. Instead of sending cloudtrail logs to the central logging / audit account, it's using its own.

And there's a bunch of stuff in this account.
The first management event trail is free. Cool! The second would cost me ~$6.50 for this, which is also fine.

Why is GuardDuty costing 4x that?
Well that'd do it; GuardDuty analysis of the CloudTrail events is 4x more expensive than the CloudTrail cost would be (disregarding the first free trail, obviously).

Now, wtf is causing that many events without showing up on the bill?
Time to click the suspicious and frightening "Create Athena Table" button.
And this thing tells me that it's a third party vendor I was playing around with making 9.6 million queries against the account so far this month. Somehow I'm only being billed for 6 million of those in GuardDuty. Hmm.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Corey Quinn

Corey Quinn Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @QuinnyPig

Corey Quinn Profile picture
Feb 1
And now, the Alphabet (Google's parent company) earnings call. It's the rarest of unicorns: a YouTube video that doesn't whine at me to upgrade to YouTube Premium. Image
The market is happy. Stock up 7.5% in after hours trading.

A 20 for 1 stock split coming this summer.

Let's look at the @googlecloud numbers.
Google Cloud showed $5.5B revenue for the quarter, or a $22 billion annual run rate.

Margins are less rosy; for the quarter they lost just shy of $10 million a day.
Read 20 tweets
Corey Quinn Profile picture
Feb 1
I've repeatedly said that if I were going to start a company from scratch today and I didn't have a pile of experience with @awscloud, I'd be hard pressed to choose a cloud provider who wasn't @googlecloud.
I stand by that, but let's bound this with the reality that I *do* have that experience with AWS.
If I'm building something for production, where downtime is going to have a real impact to my customers and to my business, it's borderline unthinkable that I'd pick a provider that isn't @awscloud.
Read 9 tweets
Corey Quinn Profile picture
Feb 1
If I have to go through annual security awareness training, so do you.

@ESET may not enjoy this very much. It's threading time! Image
Well if someone markets to me under this name we know where it came from. Image
I... is this really necessary? I guess the 90 minute training's gotta be filled up with something.

"Meanwhile, Jackson's partner is cheating on him. Will he find out? Let's tune in..." Image
Read 26 tweets
Corey Quinn Profile picture
Jan 29
It took me a while to figure it out, but the reason I adore @b0rk’s content is that she excels at approaching explaining things in a way I can only aspire to. A thread…
Her latest is a great example of what I’m talking about. Go read it, then come back.

jvns.ca/blog/2022/01/2…
Think of basically every other ipv6 advocacy piece you've ever read. They all round to "here's why it's good and you should use it," usually with a helping of "you ignorant jackass" sprinkled throughout.
Read 9 tweets
Corey Quinn Profile picture
Jan 29
If you had given me 200 guesses about which company just pulled a “hey fuckstick, we’re turning on a chargeable service for your account because fuck you” I would not have guessed @awscloud.

Clearly times are changing and so must my impressions and opinions about the company.
Yeah, it’s the bad answer.
Yeah, it's not going to impact a bunch of folks financially, but this is the first time I can *ever* recall that "configure something in AWS, leave on a trip for a decade, and come back to a higher monthly bill" has been true for any customer.

Read 11 tweets
Corey Quinn Profile picture
Jan 28
Sure are a lot of JavaScript fans on Twitter. I think there'd be more Python shitposts except we're all busy trying to solve dependency problems.
I want to do a python project on my Mac. Okay, install asdf so I don't destroy my system python install, select the version.
Make sure my shell is configured to use it properly.

Time to pip install the stuff I need to globally.

Now time to create that project. Use a virtualenv to contain dependencies. Install all that global stuff all over again...
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Like this author's thread?

Get emails when @QuinnyPig has new unrolls!

Check out other threads from @QuinnyPig!

Read all threads by @QuinnyPig

:(