Principles for Building New SaaS Products on AWS

212 点作者 jackgill大约 5 年前

13 条评论

This sounds like an excellent guide to a perfect vendor lock-in. It's just missing the final principle:#4 Operate as if you may be bought or cloned by Amazon at any time.

评论 #23085845 未加载

评论 #23086121 未加载

评论 #23087261 未加载

评论 #23086741 未加载

taylorwc大约 5 年前

I found myself nodding agreement until I reached the Cloud9 part... I think I can count on one hand the number of professional devs I know that use Cloud9 as their primary editor/IDE. Curious if I'm in a bubble on that front?

评论 #23086163 未加载

评论 #23085337 未加载

评论 #23085677 未加载

评论 #23087506 未加载

评论 #23085280 未加载

评论 #23085263 未加载

评论 #23085711 未加载

评论 #23085941 未加载

评论 #23086060 未加载

评论 #23087935 未加载

wiradikusuma大约 5 年前

"I'd ask most developers to start their day in Cloud9" -- hmm, no. Most developers I know have powerful computers (many of them are gamers), so it's wasteful not to maximize the ROI.Also, not everyone has fast/reliable internet all the time :)

评论 #23086195 未加载

jcims大约 5 年前

These get a little boutique, but if you want to attract and close large enterprise/regulated customers, I'd extend a few of yours:- Build your application to suit many customers or one. Large customers love to have their instance run in a dedicated account.- Open source your operations. Large customers love to see logs/operational activity from their environments (e.g. cc: cloudtrail/config/cloudwatch logs to customer, this assumes dedicated account)- Open source your security. Be prepared to ship guardduty, config rules, etc to your customer (this assumes dedicated account).Also, since we're focusing on AWS here- Build your application to support hybrid cloud customers. Expose it through private link, VPC connections, transit gw, firehose, api gateways, VPC lambdas, whatever is appropriate for your architecture.- Leverage IAM as much as possible for authentication/authorization. Not AWS-specific but implement SSO and assume customers will require numerous instances of your service when developing your user account model.- Leverage KMS as much as possible to protect data at rest, and support customer CMKs.There are more but I'll stop here.

indymike大约 5 年前

Some really good advice here. Especially the "build as if you are going to sell at any moment" and "build as if you are going to open source at any moment".

peterwwillis大约 5 年前

Immutable Infrastructure is more important than Infrastructure as Code, fwiw.The latter just means "it's in [version controlled] code". This has a variety of use cases, and it might mean you end up in a quagmire of complexity. It's become a cargo cult thing where I've seen people adopt horribly complex, fragile solutions over practical ones "because IaC".The former is a principle that basically has no downside, and only improves operational integrity. Even if you're literally deploying everything by clicking in the Console, it's still massively more reliable, repeatable, and recoverable as immutable artifacts.The next thing I'd recommend before investing heavily in IaC is auto-recovery. The most obvious example is Autoscaling Groups, but any health check combined with an automatic action such as restart or re-deploy can work. This works best with Immutable Infrastructure, and typically does not require IaC.

jackgill大约 5 年前

I'm interested in hearing opinions about this principle in the context of data engineering:> This also means leaning heavily into all the service offerings and orchestration tooling that is afforded to you by your platform.I've built a data lake and several ETL pipelines using AWS native services (Kinesis, Lambda, Athena). It works but it's a bit...fiddly. I spend a lot of time configuring these services and handling various failure modes. I've been wondering if I should be looking at third party vendors like Fivetran or Matillion for ETL.Does anyone who's worked with AWS data engineering services have thoughts on the trade-off between AWS native services and third party vendors in this area?

评论 #23085558 未加载

评论 #23086714 未加载

the_resistence大约 5 年前

Thanks for this perspective. It really helps the noobs trying to build more than single user stuff.

gfodor大约 5 年前

What’s the right granularity to shard aws accounts? I haven’t gone down this road. Is it madness to consider this as a multi tenant mechanism vs the usual foreign keys in the database approach? Is applying cloudformation across thousands of accounts feasible?

评论 #23086447 未加载

评论 #23086046 未加载

评论 #23087807 未加载

评论 #23087419 未加载

ignoramous大约 5 年前

> For instance, AWS doesn't have anything quite as tuned to fast frontend search experiences like Algolia.<a href="https://aws.amazon.com/kendra/" rel="nofollow">https://aws.amazon.com/kendra/</a> ?

评论 #23086418 未加载

eugenekolo大约 5 年前

Not sure how much I can trust "AWS Gurus" about actually building SaaS products in a real world at a real company.It's all good advice, but please provide me with the money, and resources necessary to do it all.

simonebrunozzi大约 5 年前

What a lame article. I don't find any utility in any of the principles expressed here. Also, in my experience (at AWS 2008-2014, before/after in the same industry), I can't recall instances of companies that either mentioned, or followed, these principles.Specific critiques:> #1 Build as if you may sell at any time> ... it forces you to build with best practices and isolation.The opposite. It gives you an incentive to postpone technical debt, you want to grow and be acquired at the expense of whoever is going to integrate your startup into $bigco later.Side note: "AWS Organizations" to me is simply a way for AWS to try to cover for the poor design choices of the organizational structure of an AWS account, and the unnecessary complications related to billing and metering.Try to understand the AWS bill of a sufficiently large company - you won't. The AWS rep won't. The AWS Solutions Architect won't.Also, never heard of a company being acquired at a higher price because they had a "proper" AWS setup.Ah, forgot this: if your acquirer is using MS Azure, good luck telling them that you are using Cloud9 or other AWS-specific stuff.Let's continue...> #2 Build as if you may open-source at any timeYes. In an ideal world. In practice, almost nobody follows best practices. Because there's always some urgency that takes precedence. This is why companies like Accenture, PwC, Deloitte, etc, keep billing monstrous amount of money to help large companies "migrate" or "evolve" or "adapt" or whatever buzzword they use.> #3 Build with a cloud-native mindset> ... going outside of the platform should be an exception and something you do only when truly needed> My thinking on serverless these days in order of consideration. > - If the platform has it, use it > - If the market has it, buy itServerless, really? A promising, cutting-edge technology, sure. You want to bet your startup on Lambda? Go ahead. Lambda has been around for ~6 years now (I even tried a super early version internally before it was released), and I still haven't seen a large company doing A LOT of development on Lambda. Most project using Lambda are small, confined, isolated projects and/or teams.Cloud native is great, WHEN it makes sense. I don't like religion too much, and I don't like religious people either; the author seem to have taken his faith in AWS too seriously.

评论 #23099202 未加载

Mizza大约 5 年前

This is blogspam.

评论 #23085906 未加载