How much of your API is dependant on GIT like semantics and how much could work with "plain files" storage?
It's neat to be able to transplant a CMS on top of other services that don't necessarily deploy by CI pipes, I made a DAV plugin(basic auth) for Netlify (back before the forks) so as long as a server supported listing(only DAV dependency really), GET, PUT and DELETE you could just plunk down the CMS files somewhere and point to the DAV share.
I believe Netlify CMS has an actual backend interfacing with the various Git systems they supported. Pages CMS is different in that it's a pure front-end app. I have a couple tiny serverless functions to help authenticate you with GitHub, but then after that there is no backend involved. That means I need some API for the front-end to interact with, at least for now.
Certificates from AWS Certificate Manager are part of the roach motel though - AWS orchestrates the issuance and holds the private keys so you can only use them via AWS services.
But that's what the grandparent was complaining about though? If you're not using the provider's managed services, then nothing is stopping you from running your own ACME client to provision certificates without paying the cloud provider money for certs.
"AWS Certificate Manager supports a growing number of AWS services. You cannot install your ACM certificate or your private ACM Private CA certificate directly on your AWS based website or application."
Free certificates you can't use on EC2 virtual machines are basically worthless, at least for me.
Stop internalising your 1990s architecture limitations! You shouldn't need to pay for a Layer 7 load balancer for an application that doesn't need it. A 1-core web server VM can easily put out 1-2 Gbps of HTTPS traffic. You don't need SSL offload. A crypto accelerator card is not required. You don't need an appliance to do HTTPS. You can have end-to-end HTTPS without additional infrastructure. Both Windows and Linux can do TLS out-of-the-box. You don't need a vendor to give you special permission to have security. There is no need to pay GoDaddy or DigiCert for a certificate.
The vendors are pulling the wool over your eyes, convincing you that your out-of-date thinking is good and proper, and then charging you for the privilege of having the bare minimum security that should be free as standard.
AWS ACM has always been free. ACM has never allowed you to export private keys. However ACM does have a way[1] for you to use ACM keys with EC2 instances: Nitro Enclaves. Nitro Enclaves carve off a little piece of your EC2 instance (memory + VCPU) into an isolated VM that feels a little bit like an HSM or a secure enclave.
I was just looking at your pricing page and the greyed-out-but-still-ticked items in the comparison lists are very confusing. Being greyed out makes it look like their not included, but there's still a tick, so maybe they're still included but less capable? Or available as an add-on? I can't tell what, exactly, you're trying to convey to potential customers.
While I understand the point you’re trying to convey, the commit history of this project stretches back to June 2013 so it’s a little unfair to imply it just “popped up” recently.
Cognito is a joke. It’s full of bugs, the hosted UI doesn’t support half the features and -- based on the change velocity I’ve seen over the last three years —- it is desperately under-resourced by AWS. The new releases always seem to be small changes (like adding a new OAuth provider) but never fixes for the major bugs.
To be fair, this is just how executable scripts work — it’s not a special yaml shebang, just a regular shebang for an executable that happens to take yaml files as it’s input. The underlying OS just invokes the command in the shebang and passes the file as the first parameter, exactly as it would if the shebang were for bash or python.
This is very cool. It looks much easier to use than the collection of Makefiles and build scripts I cobbled together in college.
One thing that’d make this even more awesome is the ability to drop in a data table and have it show up as a graph. The scripts I built in college allowed me to drop a CSV file into a directory and have it automatically turned into an EPS graph that I could use in LaTeX. It made for pretty easy, but very good looking reports.
