Good Morning!

Welcome to Last Week in AWS issue 176.

Over at the Duckbill Group, we’ve got a few new (and exciting!) services for your perusal. Run, don’t walk, and see how we can help fix your AWS bill:

From the Community

We’re all sadly familiar with the failed promises of the original data lake… but now that’s all changed! Join me, Corey Quinn, along with ChaosSearch, as we explore “DataLakes 2.0 – a new vision for Log Analytics” in their upcoming 3-part webinar series starting on Sept 10th! During this series (did I mention I’ll be speaking?) you’ll learn how to turn your Amazon S3 into a hot, searchable data lake, how to monitor and analyze your AWS services directly in S3, and more! So sign up for the webinar series “Data Lakes 2.0” today – even if it’s just to hear my lovely voice and unbounded wisdom! Brought to you by ChaosSearch – the fully managed log analytics platform that leverages your Amazon S3 as a data store! Sponsored

A walkthrough of the basics of Amazon RDS.

CloudForecast released its second part of an AWS Tagging Best Practices Guide.

I’ve been toying with AWS MFA on the CLI with <code>direnv</code> a bit lately. So far it’s intriguing;.

38 million new victims of this week’s S3 Bucket Negligence Award.

When Amazon won’t tell a government which company breached its drivers license data via an open S3 bucket, that’s a bit of a self schmeckel-stomp.

Amazon stomps on its own schmeckel with a poorly worded job posting for an intelligence analyst to track internal labor organizing threats. Their denial is neither detailed nor believable.

Amazon stomps on its own schmeckel with its lack of response to this article on pushing its partners out of the way to land large deals directly.

A dive into multi-cloud being crap; I think my position was well represented.

SREweekly had its “quinnypig moment” of a surprise AWS bill. It happens to the best of us!

Someone took my idea of structured data in DNS TXT records way too seriously. Please don’t do this.

It’s nice when I talk to a reporter and they don’t feel the need to censor my responses.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

Do you hold a US Security Clearance? Do you want to build exciting things? Protect exciting secrets? Make big trouble for Moose and Squirrel? Check out the AWS Cleared Jobs and see if AWS might have a role that’s up your alley. Many restrictions apply; see page for details.

Choice Cuts

Bridgecrew is the developer-first infrastructure security platform for both your public cloud and infrastructure-as-code. If you’re drowning in “Fix missing encryption” Jira tickets, you gotta check them out. They embed throughout the developer lifecycle—from commit to CI/CD to cloud—and they don’t just find issues. They give you the actual code to fix them via pull requests or automated playbooks. The best part? Their platform is free to use up for to 100 cloud resources—just sign up on their website. Sponsored

Amazon WorkSpaces enables AWS Resource Groups Tag Editor – Tag Editor remains a hidden gem of AWS that’s routinely discovered by people for the first time. Last week was the WorkSpaces team’s turn to be amazed.

Amazon CloudFront announces real-time logs – People were extremely happy about this until the very last word of the headline.

Amazon Kendra launches confidence scores – “Selecting answers that sound the most confident” is basically most tech company’s technical hiring process.

Amazon Lightsail now offers new OS blueprints – If you miss 2012’s computing technology, Lightsail now lets you relive those glory days by supporting Debian 10, and a few others.

AWS Solutions is launching a new Solution: Discovering Hot Topics Using Machine Learning that helps organizations discover and analyze trending topics among customers – Talk about machine learning overcomplicating everything. If you want to discover Hot Topics, go to the local mall and ask an angsty teenager.

AWS Step Functions increases payload size to 256KB – I guess it now takes the stairs two at a time?

Amazon CloudFront announces support for TLSv1.3 for viewer connections – TLSv1.3 has a simpler handshake. A video of the previous, more complicated handshake may be found here.

AWS Named as a Cloud Leader for the 10th Consecutive Year in Gartner’s Infrastructure & Platform Services Magic Quadrant – The Gartner MQ publication day is one of my favorite days of the year; it’s the one time where a bunch of other cloud companies proudly trumpet blog posts that emphasize just how thoroughly AWS is kicking the stuffing out of them in the enterprise market.

Federated multi-account access for AWS CodeCommit – I’d point out that it remains far easier to federate access to GitHub, but that doesn’t sell third-tier AWS services…

Announcing the winner of the AWS DeepComposer Chartbusters Spin the Model challenge – “Spin the Model” is a strange turn of phrase for an area of study that could also rightly be called “bias laundering.”

Announcing the General Availability of Bottlerocket, an open source Linux distribution built to run containers – A new Linux distribution goes GA. Every distribution specializes in something; Bottlerocket specializes in not having the program you’d like to use installed.

AWS Artificial Intelligence and Machine Learning Week is back – Register now – It’s like Shark Week, only sharks generally stop after they rip off a single limb.

JEDI: Why we will continue to protest this politically corrupted contract award – Did Oracle write this? Of course not; Oracle pays attorneys well, and those folks demonstrate an attention to detail that’s sorely lacking in this blog post. They certainly wouldn’t misuse the phrase “begs the question” to mean “raises the question.” They’d also not mis-pluralize Inspectors General as “Inspector Generals” like an inarticulate mook. They proceed to complain about a do-over, then in the same paragraph mention how they took advantage of said do-over to lower their bid by a lot. They then meander around the point before calling out our terrible president for corruption but… fails to make the case that that has much bearing or relevance here. If they phoned in their bid the same way they phoned in this blog post, it’s no wonder that the DoD chose Microsoft instead.

Finally, “We bid for a thing and lost, now we’re going to complain about it until the earth crashes into the sun” seems like it lacks a certain Customer Obsessed focus to me, but what do I know? Just that I haven’t seen this much sniveling from Amazon about a customer choosing another vendor before; it’s a terrible look that caps off Amazon’s already disturbingly atypical week of repeatedly stomping on its own shmeckel.


How do you separate observability hype from the functionality your team really needs? Check out our buyer’s guide and learn how to evaluate an observability tool, understand why observability goes beyond the traditional tools you use today, and how Honeycomb is leading the charge.

Or sign up today and try Honeycomb for free. Guess less and know more. Sponsored

A search engine for open S3 buckets is a handy thing. Ideally it doesn’t replace Amazon Kendra for your org.

aws-vault just released v6.

rolling update handler – An ASG link for use with EKS.

Ben Kehoe posted this SSO credential process.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.