Amazon Web Services is a great cloud provided and does lots of things really well. However, after using it extensively for 7 years, I've discovered a number of issues/bugs/holes which Amazon do not seem to want to fix.

1. CloudWatch dynamic alarms

It is not possible to define a cloudwatch alarm using a wildcard for a particular dimension. For example. I would like an alarm which notifies me if any one of my EC2 instances has a CPU utilization above 90%. This is not possible with a single alarm, I must define a separate alarm for each EC2 instance which I run (and clean them up when instances are terminated)

2. CloudFormation gaps

Many things which are possible using the console, or through SDKs are simply not supported when using CloudFormation

 - Run ECS task (not as a service)

 - Enabling logging on ElasticSearch cluster

 - Remove service role from a stack

 - Terminate protection flag is only returned during describe_stacks if filter results in a single list entry

3. CloudFormation custom resource data types using YAML

When using CloudFormation custom resources the properties passed through from a YAML template 'lose' their type information. E.g. A number or boolean in YAML ends up as a string when handling the custom resource in a lambda

4. CloudWatch logging agent does not support parsing of sub-second timestamps

5. Failure to apply parameter group changes after RDS major version upgrade