So, I know that I promised that my next blog post is going to be about how I got this blog up and running in AWS in less than an hour like the technologies used, the architecture, and design thought behind it with a few code snippets along the way, unfortunately, I will have to postpone this because I deployed my blog in my old AWS account and that means I am not eligible for AWS Free Tier thus I have to redeploy my blog on a brand new AWS account!

What is AWS Free Tier you ask?

AWS Free Tier is a program that AWS runs which you are automatically signed up for upon creating a new account with them, the new account will be eligible for this program for 12 months once the 12 months expires AWS then starts charging you with the regular rates for the services you use, in my case without Free Tier my projection is around $0.95/month, I know, crazy right? But why pay $0.95 if you can run a highly available, highly scalable, and globally distributed blog for 12 months for free!

But be warned if you exceed your usage limits on any of the services you will be charged for any usage that exceeds the Free Tier limit. For example, with their Cloudfront service, you get charged $0.0100 per 10K HTTPS requests with Free Tier they only start charging you once you start exceeding 2,000,000 HTTPS requests! I hope that gives you all a clear idea of why I am determined on going through with this. For the free usage and blog content!

In theory, I can keep running my blog for free for all eternity by creating a new AWS account every 12 months and as long as AWS is around. But that would mean I will have to create a new email account for every new AWS account that I create right? Well, not really, I can just use one email account and append a plus ("+") sign and any combination of words or numbers after my email address. For example, if my email address is foo@example.com I can just do foo+bar@example.com and any email addressed to foo+bar@example.com will still go to foo@example.com and still be treated as unique by services I subscribe to like AWS.

I hope AWS is not seeing this

At this point in my post, I managed to create a new AWS account using the foo+bar@example.com technique. The next thing I usually do is ensure that I have MFA enabled on my AWS account for additional security. After enabling MFA on my new AWS account I always create a new IAM user with limited permissions for day-to-day use, and of course, I also enable MFA on it. Last but not least I configure Budgets under Cost Management on my AWS account, this is to ensure that I protect myself from blowing up my monthly spending, here is a Terraform snippet for configuring Budgets to send me a notification if my forecasted spending is going beyond $5 USD.

resource "aws_budgets_budget" "cost" {
  name              = "budget-monthly"
  budget_type       = "COST"
  limit_amount      = "5"
  limit_unit        = "USD"
  time_unit         = "MONTHLY"
  time_period_start = formatdate("YYYY-MM-DD_hh:mm", timestamp())
  
  notification {
    comparison_operator        = "GREATER_THAN"
    threshold                  = 100
    threshold_type             = "PERCENTAGE"
    notification_type          = "FORECASTED"
    subscriber_email_addresses = ["foo+bar@example.com"]
  }

  lifecycle {
    ignore_changes = [
      # Let's ignore `time_period_start` changes because we use `timestamp()` to populate
      # this attribute. We only want `time_period_start` to be set upon initial provisioning.
      time_period_start,
    ]
  }
}

That is all for today, I hope you learned a bit of something from this post, and for the AWS experts out there if you have other best-practice tips please let me know! It’s been awhile for me and I am a bit rusty.