Cloud Provider ‐ Choice - Campus-Castolo/m300 GitHub Wiki
☁️ Cloud Provider Choice – Why I Chose AWS
This project is deployed entirely using Amazon Web Services (AWS) as the primary cloud provider for hosting, networking, automation, observability, and container orchestration.
🔍 Why AWS?
✅ 1. Seamless Tooling & Compatibility
AWS offers deep native support for all services used in this project:
- ECS Fargate for containerized workloads without managing servers
- ECR for storing private Docker images
- RDS for managed MySQL databases
- CloudWatch for logs, metrics, and alerts
- Lambda for backups and scheduled tasks
- IAM, KMS, SSM for secure access and secrets management
➡️ These services are directly compatible with Terraform and GitHub Actions, ensuring smooth DevOps workflows with minimal overhead.
✅ 2. Strong Documentation and Community Support
The AWS ecosystem offers a wealth of documentation, tutorials, and community-built Terraform modules. These resources greatly accelerated:
- ECS task/service definitions
- GitHub Actions pipeline authentication
- IAM role assumptions and scoping
- CloudWatch logging and alarm integrations
🆚 Why AWS Over Azure?
Although Microsoft Azure was a strong contender, AWS ultimately offered more advantages for this specific project:
| Criteria | AWS | Azure |
|---|---|---|
| Terraform Compatibility | Mature modules for ECS, ALB, IAM, etc. | Good, but more friction with AzureRM provider quirks |
| CI/CD with GitHub | Native support for ECR login and image pull | Azure login requires extra setup and secrets rotation |
| Fargate vs. ACI | Tight integration with networking and IAM | Azure Container Instances lack deep networking support |
| Docs & Examples | Rich community support for ECS/Terraform/GitHub | Stronger for Azure DevOps pipelines, less GitHub-focused |
| Learning Environment | Learner Lab + Free Tier available | Free credits expire quickly; automation is limited |
➡️ In short, AWS offered better modularity, smoother DevOps integration, and fewer roadblocks, especially for container infrastructure.
🔁 From Learner Lab to AWS Free Tier
🧪 Initial Phase: AWS Learner Lab
The project began using AWS Learner Lab, a sandboxed academic environment. While helpful for prototyping, it introduced a key blocker:
❌ Learner Lab blocked ECR image pulls via ECS, breaking deployment pipelines.
✅ Final Setup: Personal AWS Free Tier Account
To resolve this, the full infrastructure was redeployed in a Free Tier–eligible personal AWS account, enabling:
- Full ECR access
- Custom IAM roles and secrets
- Proper monitoring via CloudWatch
- Working CI/CD with GitHub Actions
💸 Actual Costs – Free Tier Limitations
📊 Summary of April Charges
| Service | Amount (USD) |
|---|---|
| Amazon ECS (Fargate) | $16.06 |
| Amazon VPC | $5.09 |
| Load Balancing (ALB) | $0.20 |
| Amazon RDS | $0.07 |
| Data Transfer | $0.01 |
| Total (excl. VAT) | $21.43 |
| VAT (8.1%) | $1.74 |
| Total Charged | $23.17 |
🧾 Understanding the AWS Free Tier
| Service | Free Tier Limit (monthly) | Notes |
|---|---|---|
| EC2 (t2/t3.micro) | 750 hours + 30 GB EBS | Ideal for simple web servers |
| RDS (MySQL, t2.micro) | 750 hours + 20 GB SSD storage | May incur storage I/O costs |
| S3 | 5 GB Standard + 20,000 GET + 2,000 PUT | Great for static assets |
| CloudWatch | 10 custom metrics, 5 GB logs | Useful for monitoring + alerts |
| ECR | 500 MB storage | Exceeding this may incur costs |
| Lambda | 1M requests + 400,000 GB-sec compute | Used for backups or automation |
| ❌ ECS Fargate | Not included | Always billed per vCPU + memory |
| ❌ ALB (Load Balancer) | Not included | Billed per hour + GB processed |
🧠 Pro Tips to Stay Within Free Tier
- Monitor usage in Cost Explorer
- Set up budget alerts in Billing Console
- Use EC2 or Lightsail over ECS if cost is a concern
- Keep RDS storage optimized
- Use GitHub-hosted runners instead of EC2 for CI/CD
📌 Conclusion
AWS proved to be the most fitting platform due to:
✅ Out-of-the-box Terraform and GitHub integration
✅ Full-featured service suite, despite minor Free Tier overruns
✅ Strong community support and modular design
✅ Easier automation and monitoring compared to Azure
➡️ Despite incurring a small bill, this choice allowed full delivery of M300 competencies in a realistic and production-grade environment.