Late yesterday, on the first day of Amazon’s annual AWS Re:invent conference, David Brown, VP of EC2 for Amazon, announced that they have added macOS instances, running on macOS hardware, to AWS’ Elastic Compute Cloud menu of services. This has, of course, lead to a lot of thinking on how this changes things for Mac Admins everywhere.

In late 2005, when we started Technolutionary, our first two servers were G4 Mac minis that ended up in a Winston-Salem data center called Solidspace. These two boxes cost us about $600 each, and we paid around $120/mo for the two spots on their bakers rack of Mac minis inside their secure data center space. As costs went, these machines were phenomenal for us, and I think we retired the last of the original pair in 2015 or so. By then, it was just a Macjordomo server and a FirstClass test instance.

Amazon’s announcement wasn’t a huge surprise. There have been data centers of Mac minis for at least 15 years, and of those, the most notable has been MacStadium. The Mac Admins Podcast, which I host, interviewed their VP of Engineering Chris Chapman last year to talk about Orka, their platform for managing and orchestrating macOS with Kubernetes. The idea being: what if you didn’t have to spend a lot of time managing a huge fleet of remote Macs manually, and instead could manage them with code orchestrators whose job is to render machines from bare metal into a known-good state for code deployment and testing purposes. Orka does this job well, I understand.

So when Amazon announced that you could just spin up new instances of macOS in EC2 — as simple as a short command from your own Mac:

aws ec2 allocate-hosts --instance-type mac1.metal \ --availability-zone us-east-1a --auto-placement on \ --quantity 1 --region us-east-1

The possibilities become very interesting very quickly!

AutoPkg at AWS! Development machines at a whim! Backed by super connectivity and uptime! All on Elastic Block Storage, which means your startup disk is infinite! Ability to talk directly to AWS Network objects! All tied into AWS’ security and resources!

There’s a lot to like here.

But it’s not what you’d call cheap.

The price, which I didn’t find on their website yet — an artifact of the announcement, I’m sure — works out to be about $1.083/hr. And, since it’s dedicated hosting on Mac hardware, you get to pay Dedicated Instances pricing. And that includes a $48/day per region fee. So, $26/day per mini, plus $48/day per region.

This is the opposite of “the first one’s free.”

The first one is expensive. $27,000 a year expensive.

Now, if your org already has a Dedicated Instance plan, that cost gets amortized out to your instance, and you’re still looking at just a shade under $9,500 per year at list prices. Sure, there’s Savings Plans, which could reduce your costs substantially, but we’re still not talking the $59/month for MacStadium.

Even if you took the weekends off, that’s $6,750 per year per mini.

Unless your org has an AWS-first, AWS-always policy, this isn’t for your singleton AutoPkg server.

Now, there’s exceptions to that statement, and like every case where there are exceptions, the exceptions are what make the case.

EC2 isn’t just any place to put a built-from-code, described-purpose server, it’s the place to put a server. Amazon Web Services is an incredible platform. From a security perspective? It’s the gold standard. You can tie the access control to an individual SSH key, defined by your org’s identity management system, with security groups that help limit access to the right people at the right place from the right zone.

One cool feature that this allows will be the ability to shift a Mac’s booted operating system to a new Amazon Machine Image via command line code. You can provide your own AMI, or use Amazon’s native AMI for Mojave and Catalina, and so segmenting a part of a fleet for beta builds based on a new AMI will be a much simpler task than it otherwise would be.

In the end, what this comes down to is organizational posture. If your organization is big enough to have a bunch of AWS infrastructure that will make this bill an afterthought, you’re big enough to use this for all kinds of things.

But a single AutoPkg server? Probably not.