Good Morning!

Welcome to issue number 129 of Last Week in AWS.

This week takes me to Portland, Maine–and then on to New York for ServerlessConf. I’ll be releasing something interesting this Thursday as well on Twitter…

From the Community

​​Making your logs easy to query, filter, and visualize is the first step on the path to observability. Check out our guide, The Path from Unstructured Logs to Observability, to learn how to instrument logs a little at a time and make useful progress. With Honeycomb, on-call teams have the knowledge they need to make the best decisions for themselves and the business. Everyone wins.
​​ Sponsored

This post about Serverless made the rounds last week; it found it to be 15% slower and 8x more expensive. It’s worth the read.

Should you use SNS, SQS or both? Helen Anderson has more.

This guide to building a customized CloudWatch Dashboard with CloudFormation is worth a look. Don’t do this by hand.

Lyft tells us we’re doing it wrong; come along with them on their quest to operate Kafka clusters without an ops team.

A profile of Amazon Lumberyard, a service with no customers.

Using EFS inside of ECS remains a terrible hack.

Rails Apps, S3, and IAM policies security configs; oh my! Rails App edition.

An exploration of how far Amazon Textract can go.

AWS’s series of emails about their new EC2 on-demand service limits was so poorly written that I had to write an explainer myself.

A guide to choosing the right AWS tools for your startup.

Until Apple brings Siri to Amazon’s new voice alliance, it’s a non-starter.

You can use DynamoDB to track changes to DynamoDB because everything is terrible.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

​​This week’s team / victim at AWS to receive the jobs spotlight is the Amazon Elastic Compute Cloud (EC2) Core Platform Team! You may have heard of them–they build the services that do actual work instead of futzing around with flashy on-stage ML / AI / BlockChain nonsense. They’re far too polite to say that, so I will instead. Work on things that are fantastic and underneath the hood of the rst of it–like AWS Time Sync (yes, it’s real and it’s fantastic). I’m not eligible to work there, as it’s not the Corey Platform Team, but you probably are; check them out.​​

​​X-Team is hiring for a fully remote team, anywhere on the planet. The work is interesting, they partner with companies you’ve heard of, and you can work from wherever you care to be. Now before you wind up getting cynical, let me save you some time–I already did, and hopped on a phone call to chat with them and then berate them for their crappy culture. Instead I was pleasantly surprised: they invest in their people (including a personal development stipend), they have distributed community events (both online and in person around the world), and actually work with their employees; this isn’t a “send us a postcard if you ever get there” body shop. They’re looking for folks with AWS skills, as well as a wide variety of other technical abilities; this is legit. Take my word for it; join X-Team and see for yourself. Tell them Corey sent you…​​

​​Do you want to work in the Bay Area? Almost certainly not; the people are insufferable here. Consider instead staying wherever the hell in the US you happen to be and talking to Truss, a software consultancy. Picture all of the advice that I’d give you, and now envision that wrapped in something you could tell a customer without getting punched right in your sarcastic mouth. That’s what Truss does, but they for some unknown reason don’t describe it that way. Currently, they are seeking Senior Software Engineers anywhere in the US (yes, even the crappy parts) to help them with commercial and government contracts. Seriously, read this thing–they tell you what levels they’re looking to hire at AND THEN THEY EXPLAIN THEM SO YOU DON’T FEEL LIKE A MORON FOR NOT KNOWING THEIR INTERNAL RUBRIC! Virtually any other hiring manager who happens to be reading this should look at their job descriptions and feel comparatively ashamed.

Choice Cuts

​​Automatic updates. Auto-generated code. Who would go back to the days of manual operations? Epsagon, an AWS Advanced Technology Partner, delivers automated, distributed tracing for monitoring and troubleshooting cloud microservices – containers and serverless. Get started today with a Free Trial to see how Epsagon provides flexibility with the convenience of a fully automatic solution that fixes issues in seconds with trace, log and payload visibility in a single interface. Save your developers 95% in troubleshooting time and reduce errors by 75%.
​​ Sponsored

Amazon Aurora Serverless PostgreSQL Now Supports Data API – And it is of course pronounced “ah-pee,” with two syllables. Checkmate, “AMI has two syllables” purists.

Amazon ECS supports Automated Draining for Spot Instances running ECS Services – Great, now let me drain to Fargate seamlessly please.

Amazon Linux 2 AMI with .NET Core now includes Mono – And we hope it feels better very soon.

AWS Lambda Now Supports Custom Batch Window for Kinesis and DynamoDB Event Sources – Batch up your workloads to avoid screamingly high bills at the expense of latency.

AWS Marketplace now supports Paid Container Software on Amazon Elastic Kubernetes Service (EKS) – Because Kubernetes isn’t just for your own résumé, but also for hurling money at third party companies.

Now use AWS Systems Manager to execute complex Ansible playbooks – Systems Manager Ansible Manager shoves a stake through the heart of Ansible Tower.

vCPU-based On-Demand Instance Limits are Now Available in Amazon EC2 – This change is so god-awfully communicated that I had to write an article explaining it.

Cloud-Powered, Next-Generation Banking | AWS News Blog – “See, banks can still safely use AWS” is the subtext here. And it’s correct. Regardless of what breaches you see in the news, going with public cloud is provably the better security posture.

How to Create an AWS Cross-Account Support Case Dashboard | AWS Management Tools Blog – The support dashboard is so crappy that a company had to spend engineering time and energy to work around its crappy limitations–and rather than taking that as a “we need to fix this terrible situation,” AWS turned it into a how-to guide. Brilliant.

Tips for building a cloud security operating model in the financial services industry | AWS Security Blog – While handy, if you’re doing this based upon blog posts your regulators are going to hit you so hard that candy comes out.


​​Some companies sponsor this newsletter. Other companies I recommend based upon my experiences with them. This week, CHAOSSEARCH is both. If you want to use Elasticsearch APIs but want to spare yourself the “run an ES cluster, maintain it, fix it all-too-frequently, curse God, retire to the wilderness” steps, check them out. Your data lives in your own S3 bucket, while their magic provides incredibly responsive queries with the same ES APIs you already know and… tolerate. Reach out to CHAOSSEARCH and tell them I sent you, and also to turn off their caps-lock key.​​ Sponsored

A single command that wraps EC2 Instance Connect; sshaws is worth checking out.

retro-tag retroactively tags resources in AWS.

I’ve been saying for ages that Route 53 is my favorite database. ten34 makes it easier to work with.

A more reasonable RI calculator than the slow version built into Cost Explorer.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.