Master your cloud costs

Newsletter

Issue No. 454

Impromptu Security Week

12.22.2025
LinkedInReddit
Corey Quinn Headshot About the Author

Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure.

Search Newsletter

Good Morning!

Happy holidays! Barring strangeness, I’m off next week helping save my aunt’s candy cane factory from destruction, so I’ll catch you all in the new year. Behave yourselves!

From the Community

Amazon had an announcement this week, and my take is that Peter DeSantis moving to run AGI is Amazon admitting AI’s too important to leave in one org’s hands. The Apple-style vertical integration play—owning chips, models, and infrastructure—makes sense until you remember Microsoft’s Nvidia partnership and Google’s TPUs exist. But here’s the kicker: Amazon’s warehouse robotics fleet is the real sleeper story nobody’s pricing in yet.

I was quoted in this Computerworld article about GPU pricing.

Datadog just did AWS’s homework by documenting 65 privilege escalation paths—42% of which existing security tools completely miss. Turns out your "least privilege" strategy has more holes than Swiss cheese, and you’re probably paying AWS for the privilege of not knowing about them.

Amazon caught a North Korean IT worker (Bloomberg paywall) through keystroke analysis, which is either impressive threat detection or a reminder that your employer knows exactly how long you spend in Slack. Either way, someone’s compliance team just got a raise and a lot more budget. I bet Amazon employees are SUPER comfortable with how much data their laptops are no doubt gathering on them when they’re working from home at 3AM.

Podcasts

Last Week In AWS: The Full Court EU Sales Press

Choice Cuts

Automate java performance troubleshooting with AI-Powered thread dump analysis on Amazon ECS and EKS – AWS discovered that Java thread dumps are hard to read, so naturally they built a solution requiring Lambda, Bedrock, Prometheus, Grafana, S3, ECS/EKS integration, and CloudFormation. Because nothing says "simplify debugging" like adding six services to your architecture.

Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure – AWS discovered Russian state hackers pivoting from zero-day exploits to simply targeting customers’ misconfigured routers and VPNs. Turns out the "shared responsibility model" works great until nobody reads the manual and leaves their admin panel exposed to the internet.

Optimize WordPress performance on Amazon EKS with Amazon FSx for OpenZFS – Running WordPress on Kubernetes is like using a forklift to move a sandwich—technically impressive but wildly overengineered. Add FSx for OpenZFS and you’ve created a billing masterpiece that would make a simple $5/month hosting plan weep.

AWS reduces publishing time for Carbon Footprint Data to 21 days or Less – Finally speeding up carbon reports from three months to three weeks – because nothing says "urgent climate action" like waiting until Q2 to see Q1’s damage. At least now you can correlate your emissions spike with that regrettable architectural decision while the memory’s still fresh. It’s not lost on me that "Sustainability" was suddenly ignored once AI got hot.

AWS Payment Cryptography reduces API pricing by up to 63% and introduces tiered key pricing – AWS drops prices by 63% on a service most people didn’t know existed, which tells you everything about adoption rates. Nothing motivates a sale like crickets chirping in your newest data center.

Key Commitment Issues in S3 Encryption Clients – Is it Security Week or something? Six CVEs across every major language? That’s not a security bulletin, that’s a cry for help. The "Invisible Salamanders" attack sounds adorable until you realize someone’s been reading your encrypted S3 data for years. Update immediately, then maybe question why client-side encryption needed this many libraries to break identically.

Coursera and AWS survey reveals how technology leaders navigate cloud and AI transformation – A survey funded by a cloud vendor and an online education platform concludes—shocker—that everyone desperately needs more cloud and AI training, preferably purchased from those exact companies. The findings are about as surprising as discovering AWS charges for data transfer.

Automated extraction of compressed files on Amazon S3 using AWS Batch and Amazon ECS – They built an entire orchestration pipeline to untar files because S3 can’t do it natively. Five AWS services, CloudFormation templates, Docker images, and careful cleanup procedures—all to accomplish what a single bash script has done since 1979. Progress!

Cryptomining campaign targeting Amazon EC2 and Amazon ECS – GuardDuty caught cryptominers targeting EC2 and ECS by exploiting stolen credentials. The attackers enabled API termination protection to make cleanup harder—a genuinely clever persistence trick. Bet those surprise mining bills made for fun conversations with finance.

Tools

Route 53 is a database, because now you can shard it.

… and that’s what happened Last Week in AWS.

You might also like

More Newsletter Issues
Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.

Sponsorship Opportunities
footprint-orange
© 2026 L9 Labs, Inc. All Rights Reserved.
Terms of Service Privacy Policy Cookie Policy