[HN Gopher] Show HN: Vantage - An alternative AWS console focuse... ___________________________________________________________________ Show HN: Vantage - An alternative AWS console focused on developer experience Author : StratusBen Score : 112 points Date : 2021-01-12 18:09 UTC (4 hours ago) (HTM) web link (www.vantage.sh) (TXT) w3m dump (www.vantage.sh) | changxu wrote: | I got a demo of Vantage recently and being able to build | dashboards for each environment (eg dev, staging, prod) seems | really useful | yevpats wrote: | Looks good, congrats! Open source alternative | https://github.com/cloudquery/cloudquery | neom wrote: | This is awesome. Putting yet another tool you don't have | control over in your toolchain seems to be causing headaches | for a lot of developers with big applications these days. | Relying on other peoples services is always a risk, great to | see there are OSS alternatives. | gagejustins wrote: | At DigitalOcean (where I didn't overlap with Ben) we obviously | thought a lot about how to improve the DX around interacting with | cloud resources, both GUI-based and programmatically. Great to | see someone taking that idea to its natural next step :) | jensenbox wrote: | I think there needs to be better pricing. I know pricing is hard | but there should at least be a call to action if you have much a | much bigger spend than what is on the pricing page. | StratusBen wrote: | This was a miss for me personally. We added a few more Q&A | around this but aren't pushing any changes to the site until | after launch now. | | The answer is essentially we have custom plans available and | you just need to contact support@vantage.sh - we just want to | understand your scale and use case. In some cases we aren't the | right fit right now. For example, we spoke to a company with | ~$20M in monthly AWS costs and told them we need to get back to | them before we can realistically support them. | | We'll hopefully have this updated tomorrow. Thanks for this | call-out. | aynsof wrote: | Congratulations on the launch. This looks fantastic! | | AWS's release cadence is absolutely crazy - I can barely keep up | with all the new releases. Are you planning on supporting all AWS | services? If so, how are you planning on keeping up? | StratusBen wrote: | Thanks so much! | | We are letting our users dictate what services we support. We | can typically add support for a new AWS service in a few hours | at best or ~2 days at worst. | | The nice thing about Vantage is that its essentially a | personalized console just for you - so even if we add support | for a bunch of AWS services you'll have a console just for what | services you're using. | | Also at one point we hope to hire some more engineers to assist | with development progress. | bberenberg wrote: | Am I understanding correctly that if I have over 500 a month in | spend there is no free trial option? | | Also FYI the email verification hit my spam box on Gmail. | | Edit: Also is there any way to have multiple users on a Vantage | account? | StratusBen wrote: | If you have over $500 per month of AWS spend, you are still | free to use the product (no credit card required to get | started) and everything will work but certain features will be | restricted. | | For example, cost transparency reports will require an upgrade | to use for spend over $500 per month. The specifics are | detailed on our pricing page here: https://vantage.sh/pricing | | We are taking a look at what it would take to offer a free | trial on our end in the future as well. | bberenberg wrote: | Makes a lot of sense. Theres an interesting item I noticed: | | -You limit based on spend | | -You don't support all AWS Services | | -As a result you don't see all of our spend | | -Which means you actually limit based on spend of supported | services? (I think?) | StratusBen wrote: | That's correct. | | It also aligns our incentives with insuring we do as good a | job as possible with appropriately representing your costs | :) | itisit wrote: | In a sea of CMP options, what sets Vantage apart? Sincerely | asking, as I cannot tell from the site's docs. And does Vantage | leverage AWS Cost Anomaly Detection in any way? | poletopole wrote: | I was just thinking the other day whomever does this will be very | rich. AWS' console is the worst. | abarrettwilsdon wrote: | I use Vantage and it's definitely a good product and all but the | real value is every hour you don't have to spend using AWS | directly. | | I would pay _so_ much money to never have to use Cloudwatch and | AWS Cost Management again. Thankfully, I qualify for the vantage | free tier for quite a while longer. | acnewyork wrote: | Congratulations on the launch. The cost estimation feature is | awesome - very useful for people like me who are not very good at | cleaning up resources. Also like the cross-region view without | having to switch console regions. | | This looks promising - good luck! | StratusBen wrote: | Thanks! | synunlimited wrote: | Any thoughts on a self hosted version? (I didn't look too closely | at all the marketing stuff if this is already addressed) | | Would be nice to put something like this up behind our own VPN | auth etc | StratusBen wrote: | We have been asked about this a bunch, yup. | | It isn't something we're going to get done in the near term but | if you'd like to discuss, I'd be happy to chat about it. Feel | free to email me at ben@vantage.sh | trestenhortz wrote: | That's a mammoth task to take on. | | Which AWS services do you cover? | scheub wrote: | They have a page for this on their docs: | https://docs.vantage.sh/supported_services/ | dazzeloid wrote: | Within 30 seconds of signing up for Vantage I discovered an old | unused EC2 instance I was still paying $17/month for. This made | me realize how weirdly hard it is to see a usable cost breakdown | by resource on AWS...converted :) | StratusBen wrote: | This brought such a smile to my face. Thank you for sharing and | happy we could help. | | A lot Vantage users have the use-case of using Vantage purely | for "insurance" of things going awry like this. | stunt wrote: | Everything that AWS offers comes with lots of caveats. I'm happy | that good competition from Azure is forcing AWS to simplify some | of of their services and make things a bit more straightforward. | jdmcd wrote: | We've been using Vantage for a few months now and it's a really | great layer on top of the AWS console. I particularly like the | correlation of the metrics right in the dashboard - makes light- | weight DevOps real easy. | msoliman wrote: | This is a godsend. We're running multiple accounts and different | regions on AWS, and I believe Vantage will be phenomenal. Excited | to use it. | foreigner wrote: | I've always wondered why AWS doesn't just open source their | console. it's such a usability disaster and there's so many | developers that would love to contribute improvements to it. | Wouldn't that make financial sense to Amazon? | londons_explore wrote: | Does the dashboard use non-public APIs? | chippiewill wrote: | From Amazon's perspective being unable to easily see what | resources you have in your account might be a feature, not a | bug. | itisit wrote: | AWS Cost Explorer easily reveals all resources in an account: | | https://aws.amazon.com/aws-cost-management/aws-cost- | explorer... | StratusBen wrote: | Hi HN, | | Vantage is an alternative to the AWS console focused on developer | experience and cost transparency. My background is in public | cloud where I was the product lead for DigitalOcean's Droplet | product and at AWS on the container services product management | team. Our team is 100% bootstrapped with two technical co- | founders and a designer. | | Vantage is ReadOnly by default and is meant to work alongside | your existing automation tools. We aim to help address two | problems: (1) navigate and organize resources across multiple AWS | services, regions and accounts in an intuitively designed | experience and (2) show where your costs are coming from in a | simple manner. Some of our users have described us as "Mint.com | for AWS accounts." | | In the future we are looking at automated recommendations to save | you money, help identify orphaned resources and get into | deployment of applications. In addition, we look to add support | to other public cloud providers. For example imagine seeing your | bandwidth usage on S3 and being able to automate a Cloudflare | integration. Or see your Heroku and AWS resources in one place | and get comparisons across providers. | | This post represents our first official "launch" and we are eager | to collect feedback. Please have mercy :) | | Feel free to contact me directly at ben@vantage.sh if I can be | helpful to you in your infrastructure journey. | adwww wrote: | Congrats on the product launch, looks a neat UI. | | AWS easily has the worst UX of the three major clouds I've | used. From that perspective my favourite by far is GCP. | | Do you forsee supporting other cloud vendors? I guess there is | a lot less demand for others, in terms both of number of users, | and also Google and Microsoft UIs are a bit less awful to start | with... | StratusBen wrote: | Thank you! Great question. We are planning on supporting GCP, | Azure, DigitalOcean and Heroku in the future and have users | who have actively been requesting support for all of them. | | Additionally - I think we can build a truly objective cloud | console that shouldn't be relegated to just public cloud | provider services. | | For example: Why can't scale.ai sit alongside ML offerings | from AWS and GCP? Why can't Cloudflare see S3 egress and have | Vantage facilitate an integration? Why can't you auto- | replicate an environment from Heroku or DigitalOcean to | AWS/GCP/Azure? These are some ideas we have going forward. | | Currently we have multi-account support for AWS and have been | thoughtful with our architecture to quickly add other | providers going forward so stay tuned :) | lawnchair wrote: | Looks nice! Surprised something like this hasn't come out | sooner. The AWS UI is a hot mess. Good luck. | raylad wrote: | How does it handle credentials? | | What's the potential for Vantage being hacked and the hackers | gaining admin access to your users' AWS accounts? | StratusBen wrote: | The provided CloudFormation stack creates a Cross Account IAM | Role with a list of read only permissions. We don't accept | access keys or secrets. | | - A permissions overview is here (most aren't used for now). | This list was made from the AWS-managed IAM policy of | "ReadOnlyAccess" but whittled down to remove things like our | ability to read from S3 Buckets or Databases: | https://docs.vantage.sh/permissions/ | | - The latest CloudFormation stack is here: https://vantage- | public.s3.amazonaws.com/x-account-role-creat... | | As for security, we are leveraging best practices learned | from our time at AWS and DigitalOcean. Every person on our | team has spent time at a public cloud provider and applying | what we've learned there to Vantage. We've also been in | contact with certain AWS employees to ensure we have proper | setups. | dastbe wrote: | for what its worth, there is a much better scoped | ViewOnlyAccess managed policy that makes a much better | distinction about what is reasonable read-only access | (ecs:listClusters) and not reasonable read-only access | (dynamodb:Query) | StratusBen wrote: | That's good feedback. Customers can also give us a Cross | Account IAM role with whatever permissions they'd like | and Vantage _should_ work accordingly in a gracefully | degraded fashion. | | For example: If you only want to give us access to EC2, | things should theoretically work. | | To use a custom cross account IAM role all you need to do | is email support@vantage.sh and we can help out with some | other configuration details to get it going. | philsnow wrote: | I'm so refreshed to see this designed this way. I assumed | that they would be asking for an API key or equivalent, | because I don't know anything about the product team or the | company and this bad behavior is so bog-standard. | | I beg you to blog heavily about this approach, especially | if you find success with it / it doesn't provide a very | negative user experience. See if you can get featured on | enterpriseready.io or something. | StratusBen wrote: | Hey, thanks for that comment and I'm glad folks are | noticing our approach. We are happy to blog about it. | We've had a tremendous amount of success with it. | | Security is a top concern of ours and this was really the | only option for what we are doing. | trestenhortz wrote: | How does this work? Do you have servers that connect to AWS using | my credentials? | StratusBen wrote: | We wrote up a quick overview of how Vantage works here: | https://docs.vantage.sh/connecting/ | | tl;dr: The Vantage application (hosted on AWS) interacts with | your AWS account through something called a Cross Account IAM | role that defaults to read only permissions. | VectorLock wrote: | Although this is a nice little simplified view into your AWS | account I think calling it an "alternative AWS console" is | misleading because you can't actually do anything with it, use it | to make changes, etc. | StratusBen wrote: | It's a fair call out and something we've struggled with in | messaging at this stage of the company. It's hard to keep | messaging simple but also be succinct with what we are | providing. We will be iterating on this over time. | | That being said - we are slowly adding management actions and I | do believe we will be compatible with a number of AWS services | in due time. For example, you can manage Route 53 record sets | directly from Vantage. We wrote a post up on it here: | https://medium.com/@bensign/raising-the-bar-for-the-route53-... | OutsmartDan wrote: | Crazy how you need a tool that reads another tool to figure out | how much you're spending for the original tool. | | I'm sure there was a purpose for how the AWS console was | originally built, but if someone spent this much time for an | alternative, there's a clear problem in its original conception. | dastbe wrote: | finally getting to see a demo of this, and all I have to say is | freakin' boom | grinich wrote: | Congrats on the launch! | k__ wrote: | I was a bit whelmed when I used it. | | I expeced an alternative to the AWS console, but got a monitoring | dashboard. Didn't seem like I could do much with it besides | looking at my resources. | StratusBen wrote: | Out of curiosity - what else would you like to do? We're always | open to feedback. The only write actions we have are around | Route 53 detailed here but we're adding more soon: | https://medium.com/@bensign/raising-the-bar-for-the-route53-... | k__ wrote: | I guess, I would like to do what I can do with the actual AWS | console. Provision and update my resources. Otherwise it's, | like I said, only another monitoring dashboard. | | I mean, that isn't bad, it's probably doing a good job at | that. But I guess, I simply expected more interactivity from | an AWS console replacement, haha | random5634 wrote: | Isn't it supposed to be read only for security - that's at | least a big benefit in my book. Ideally without dynamodb | query permission either. etc | k__ wrote: | Sure, totally understand that. It's just not what I think | about when I read AWS console replacement. ___________________________________________________________________ (page generated 2021-01-12 23:00 UTC)