10 Mistakes StartUp Founders Make when Getting Started on AWS

exequielrafaela

Exequiel Barrirero

Posted on March 16, 2023

10 Mistakes StartUp Founders Make when Getting Started on AWS

Overview

As a StartUp founder, using AWS can be a game-changer for your business. This cloud computing platform offers a wide range of services that can help StartUps scale and grow quickly. However, with any new technology, there are some common mistakes that early-stage companies make when getting started on AWS. In this article, we'll discuss the top 10 mistakes that StartUp founders make when getting started on AWS, and how you can avoid them.

Today we would like to share this article inspired by our participation at the AWS Technical Founder Sprint: Best practices to take your startup from zero to one in the cloud and also motivated by our journey as Select Tier Services Partner at binbash helping StartUps to build, launch and scale their workloads effectively on AWS (Amazon Web Services) for years.

We're mainly sharing this list based on our experience with dozens of AWS customer projects at https://www.binbash.com.ar, specifically around binbash Leverage Reference Architecture for AWS, where we've addressed all the mistakes presented in this post.

1. Not Understanding the Pricing and Cost Structure of AWS Services

One of the most common mistakes that founders make when getting started on AWS is not understanding the pricing and cost structure of the services they are using. AWS has a wide range of services and pricing options, and it's important to understand how they work and how they will impact your costs. Make sure you understand the costs associated with each service, including any hidden costs or usage-based charges.

Figure: Amazon EC2 Purchase Options (Source: Cost optimization on AWS, AWS Initiate Public Sector Presentation, accessed February 25th 2023))

2. Not Taking Advantage of the Available Cost Optimization Options

AWS has a wide range of cost optimization options available, and it's important to take advantage of them to keep your costs under control. This includes accessing Reserved Instance recommendations (for RDS, ElastichCache, DyamoDB, OpenSearch and RedShift) using compute savings plans (which have been lately strongly recommended by AWS), considering using spot instances, configuring lifecycle policies where applicable, and monitoring your services usage. You could find further detail in the AWS Cost Optimization Strategies for Tough Economic Times binbash article.

Figure: Cost Optimization Levers (Source: Cost optimization on AWS, AWS Initiate Public Sector Presentation, accessed February 25th 2023)

3. Not setting up AWS budgets

One of the most common mistakes that StartUp founders make is not setting up budgets for their AWS usage. AWS provides the ability to set up budgets, which can help you control your costs and avoid unexpected charges. It's important to set up budgets for different services and monitor them regularly to ensure that you are staying within your budget. ️

Implementation examples

4. Not Properly Securing Access to AWS Resources

Security is a critical concern when working with any cloud service, and AWS is no exception. It's essential to properly secure access to your AWS resources, including your EC2 instances, storage, and RDS databases. This includes setting up appropriate access controls like security groups, using multi-factor authentication, and monitoring suspicious activity.

🔒 Confusing the root account with IAM user's accounts: A common mistake that StartUp founders make is confusing the AWS root user account with IAM users. The root user account is the master admin account that has full access to all services and resources, while IAM users have access to limited and specific services and resources based on their attached IAM permissions. It's important to understand the difference between the root account and IAM users and to use them appropriately. From the official AWS Account Management Reference Guide Doc:

"The root user is the account owner and is created when the AWS account is created. Other types of users, including IAM users, and AWS IAM Identity Center (successor to AWS Single Sign-On) users are created by the root user or an administrator for the account."

Figure: AWS Account Root User (Source: W3 School, User Permission and Access documentation, accessed February 25th 2023)

🔒 Not setting up MFA: Multi-Factor Authentication (MFA) is an important security feature that can help protect your AWS account from unauthorized access. However, many StartUp founders forget to set up MFA, leaving their accounts more vulnerable to an attack in case their credentials are compromised. It's important to set up MFA for your root account and all IAM users to ensure that your AWS account is secure.

🔒 Using IAM Access Keys where IAM roles can be used instead: IAM roles provide the mechanism to use temporary credentials to authenticate against AWS services, which is clearly a more secure way of granting access to AWS resources than IAM access keys which are permanent and need to be rotated by the user. However, some early implementations decide to use access keys because they are more familiar with them increasing the possibilities of a security incident in case any of the user's AWS keys are compromised. It's important to understand the difference between IAM roles and access keys and to use them appropriately. Please consider reading the official AWS doc around Best practices for managing AWS access keys and this comprehensive AWS Startups Blog on How Setting Up IAM Users and IAM Roles Can Help Keep Your Startup Secure.

5. Not Utilizing Automation and Infrastructure as Code

Automation and infrastructure as code are greatly important best practices of any cloud infrastructure, and they can help you manage your AWS resources more efficiently. By embracing this best practices you'll get huge benefits like repeatability (same code for your dev, qa and prod envs), simplified troubleshooting since everything has been declaratively defined in the code, disaster recovery support by design since IaC will enable you to deploy the same exact stack in another AWS Region, auditability and security through a single source of truth defined as versioned code in your infra repo, full visibility for your DevOps and Cloud Architecture team, through the code, portability of your solution to other AWS accounts or even to other cloud providers if needed.

This includes using tools like Terraform, AWS Lambda and AWS CloudFormation, to automate tasks, as well as using version control to manage your infrastructure. Infrastructure as code (IaC) is a method of managing and provisioning infrastructure through code, rather than manually which will be error prone and not reproducible at all. By using IaC, you can automate the provisioning and management of your AWS resources, making it easier to scale and manage your infrastructure. Many StartUp founders neglect to use IaC, which can lead to severe manual errors and significantly increased costs in the long run.

📚 Recommended reading | https://www.simplethread.com/why-infrastructure-as-code/

Figure: binbash Leverage™ Reference Architecture deployment workflow (Source: , accessed February 25th 2023)

How to deploy a 100% IaC Reference Architecture fow AWS with binbash Leverage™

6. Missing Foundational Governance and not Properly Configuring and Maintaining your Baseline AWS Organization, Accounts, and Network Infrastructure

Your AWS organization and accounts, with their associated network infrastructure are critical components of any cloud infrastructure, and it's important to properly configure and maintain it. This includes setting up appropriate, service control policies (SCP), security groups, load balancers, and VPNs, as well as monitoring network performance and identifying and addressing any issues.

  • ✅ How? Cloud Infrastructure for your StartUp with binbash Leverage™. The leading, easy to deploy, reusable and most automated solution for defining, provisioning and managing your secure and scalable multi-account AWS infrastructure environment.
  • ✅ Getting started with binbash Leverage Reference Architecture for AWS | https://leverage.binbash.com.ar/first-steps/introduction/

Figure: binbash Leverage Reference Architecture deployment workflow (Source: Leverage official Ref Arch documentation, accessed February 25th 2023)

7. Not Using the Appropriate AWS Services for the Specific Use Case

AWS has a wide range of services, each with its own strengths and weaknesses. It's important to understand the different services available and to choose the appropriate ones for your specific use case. For example, if you need a database, it's important to choose the right one for your specific needs, like RDS, DynamoDB, Aurora, or other similar AWS DB managed services.

  • Rolling your own self-hosted solution instead of using a managed service: AWS provides a wide range of managed services that can save you time and resources. However, some StartUp founders prefer to roll their own solutions instead of using these managed services. If your're not experienced enough this can lead to increased costs and complexity and can be time-consuming. It's important to evaluate the managed services that AWS provides and to use them where appropriate.

8. Not using a CDN

Content Delivery Networks (CDN) can help improve the performance and availability of your applications. However, some StartUp founders neglect to use a CDN, which can lead to slow load times and poor user experience. It's important to evaluate the CDN option that AWS provides, which is CloudFront and to use its different configurations where appropriate.

Figure: AWS CloudFront Edge Locations Map (Source: SAP official blog, How to improve the performance of SAPUI5 Apps such as Fiori using Amazon CloudFront as CDN, accessed February 25th 2023)

9. Leaving unused resources running

AWS provides the ability to stop or terminate resources that are no longer needed. However, some StartUp founders forget to do this, which can lead to increased costs and inefficiency. It's important to regularly monitor your resources and inventory in order to keep running only the strictly necessary services.

  • Scale horizontally to increase aggregate system availability and optimize your costs: You'll automatically get the number of instances needed at each time to cover your needs reducing idle or overprovisioned resources. Check AWS Auto Scaling Groups and AWS Lambda and Application Auto Scaling for more information.

✅ EXAMPLE | binbash Leverage Ref Architecture lambda-nuke layer to clean-up unused resources with a cron based expression

✅ EXAMPLE | binbash Leverage Ref Architecture lamda-scheduler layer to stop-start resources based on a cron based expression

10. Not leveraging AWS support when running production workloads

Last but not least, another common mistake is not consider leveraging the support that AWS provides when running production workloads. AWS offers a wide range of support options (read more here), including technical support, architectural guidance, and operational support. By leveraging these support plan options, you can ensure that you could get the necessary help to validate your implementations, keep costs under control, manage risk, and get direct support from AWS specialists when running production workloads, mainly in case any issues arise to be quickly resolved.

Conclusion

At binbash, we're proud to be AWS Select tier services partners with years of experience helping StartUps build, launch, and scale their workloads effectively on AWS. Through our extensive work with numerous AWS projects, we've identified common mistakes that early-stage companies often make when getting started on AWS. These mistakes can hinder progress and lead to costly errors. However, using AWS can be a game-changer for StartUps when approached correctly. In this article, we've outlined the top 10 mistakes tech entrepreneurs make when getting started on AWS, and provided actionable advice on how to avoid them. Our recommendations cover areas such as pricing and cost structures, cost optimization options, and security best practices, including setting up MFA for your root account and all IAM users. By following these tips, we hope StartUp founders can make more informed decisions and achieve success on AWS.

Need help deploying your StartUp infra on AWS? >> Contact Us << 🚀

💖 💪 🙅 🚩
exequielrafaela
Exequiel Barrirero

Posted on March 16, 2023

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related