--- title: "Aurora PostgreSQL: Now Free Enough to Be Dangerous" id: "15334" type: "newsletter" slug: "aurora-postgresql-now-free-enough-to-be-dangerous" published_at: "2026-03-30T13:30:00+00:00" modified_at: "2026-03-30T13:30:00+00:00" url: "https://www.lastweekinaws.com/newsletter/aurora-postgresql-now-free-enough-to-be-dangerous/" markdown_url: "https://www.lastweekinaws.com/newsletter/aurora-postgresql-now-free-enough-to-be-dangerous.md" excerpt: "If you (well, not you, but probably the saddest looking person on your finance team) are tracking commitments in spreadsheets and hoping your discount strategy still makes sense, you're not alone. Most teams are cobbling together strategies/tools that weren't designed..." --- About the Author Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure. Sign up for the Newsletter Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark. "*" indicates required fields ## [Good Morning](https://www.linkedin.com/posts/coquinn_ive-been-staring-at-ai-company-logos-for-activity-7442632673766010880-m3Q0) ! If you (well, not *you*, but probably the saddest looking person on your finance team) are tracking commitments in spreadsheets and hoping your discount strategy still makes sense, you’re not alone. Most teams are cobbling together strategies/tools that weren’t designed for the scale and complexity of modern cloud environments. That’s why we’re building Skyway over at [Duckbill](https://www.duckbillhq.com) —to take you away from all that. Now the exclusive sponsor of Last Week in AWS, and also the company I co-founded. Cloud contract issues? Get in touch. ## Things I Found on the Internet Someone’s out there explaining AWS Aurora through comics, and honestly, I respect the hustle. Database concepts are hard enough without wading through dry documentation. [AWS for Idiots](https://awsforidiots.com/) makes the medicine go down easier with humor, which is frankly how most of us learned anything worth remembering about cloud services anyway. GitHub’s CTO wrote [a pretty candid postmortem](https://github.blog/news-insights/company-news/addressing-githubs-recent-availability-issues-2/) about their recent string of outages. Six incidents in February alone. Credit where it’s due: they’re naming specific architectural causes instead of hiding behind “unexpected load.” Whether the fixes stick is another question, but transparency like this earns some goodwill. A decade of AWS experience doesn’t inoculate you against a surprise $1,000 bill on a side project. Jordan’s [honest breakdown of replacing NAT Gateway and ALB](https://jch254.com/blog/lush-aural-treats-aws-cost-redesign/) with API Gateway HTTP API and Cloud Map is the kind of post-mortem that saves people real money. Baseline cost went from ~$50/month to near zero. Brooke Jamieson mapped every AWS service to a zodiac sign, and honestly [AWStrology](https://medium.com/@brookejamieson/awstrology-what-star-sign-is-every-aws-service-908c417e65a6) is the content I didn’t know I needed. It’s absurd, it’s delightful, and some of these are disturbingly accurate. Lambda as a Gemini? Two faces, runs hot, disappears without warning. I can’t argue with that. Supply chain attacks on CI/CD tooling should terrify you more than they do. Snyk published [a thorough breakdown of the Trivy GitHub Actions compromise](https://snyk.io/articles/trivy-github-actions-supply-chain-compromise/) where attackers rewrote 75 version tags to silently harvest pipeline secrets. Pin your Actions to commit SHAs, people. If you ran Trivy during that 12-hour window, rotate everything now. ## What AWS Has For Us This Time [Amazon Aurora PostgreSQL now available with the AWS Free Tier](https://aws.amazon.com/about-aws/whats-new/2026/03/amazon-aurora-postgresql-aws-free-tier/) Free Aurora PostgreSQL sounds generous until you realize $100 in credits evaporates faster than a puddle in us-east-1, particularly when you figure out what Aurora costs. This is the cloud equivalent of a drug dealer’s first taste: get developers hooked on Aurora’s convenience, then watch their managers discover what “serverless scaling” costs at production volumes. [Amazon EKS announces 99.99% Service Level Agreement and new 8XL scaling tier for Provisioned Control Plane clusters](https://aws.amazon.com/about-aws/whats-new/2026/03/amazon-eks-announces-sla-8xl-scaling-tier/) Four nines of availability on your Kubernetes control plane, measured in one-minute intervals. That SLA is impressively tight right up until you remember it only applies if you’re paying for the Provisioned Control Plane tier, which is itself very expensive. Genius! [AWS Lambda increases the file descriptor limit to 4,096 for functions running on Lambda Managed Instances](https://aws.amazon.com/about-aws/whats-new/2026/03/aws-Lambda-file-descriptors-increase-4096/) Quadrupling the file descriptor limit from 1,024 to 4,096 is the kind of fix that makes you wonder how anyone was running “high-concurrency web services” on Lambda before without hitting that wall constantly. The answer, of course, is they weren’t – they were just getting mysterious failures and blaming themselves. [The AWS Advanced JDBC Wrapper now supports automatic query caching with Valkey](https://aws.amazon.com/about-aws/whats-new/2026/03/aws-jdbc-caching-with-valkey/) “Simply add the wrapper dependency, enable the plugin, configure endpoints, and annotate your queries” – that’s AWS’s definition of “just a few short steps.” Like saying climbing Everest is easy: just walk uphill for a bit. Still, automating JDBC caching beats writing it yourself, which is the lowest possible bar to clear. [Announcing Amazon Aurora PostgreSQL serverless database creation in seconds](https://aws.amazon.com/blogs/aws/announcing-amazon-aurora-postgresql-serverless-database-creation-in-seconds/) “Hey, we have this super crappy thing. Did we make it less crappy? Hell no, we made it provision faster!” This is solving the part of Aurora that nobody was actually complaining about. The hard part was always the pricing surprises, not the setup time. But sure, now you can get to your first bill shock faster than ever. Two clicks to create, two hundred clicks to understand your invoice. [Enhancing auto scaling resilience by tracking worker utilization metrics](https://aws.amazon.com/blogs/compute/enhancing-auto-scaling-resilience-by-tracking-worker-utilization-metrics/) – Turns out scaling on CPU utilization when your workers spend all day waiting on DynamoDB responses is like judging a restaurant’s capacity by how hot the kitchen is. This blog walks you through worker utilization metrics instead, which is actually useful advice that’ll save you from 3 AM pager events. [Amazon CloudFront flat-rate pricing plans: new features and expanded capabilities](https://aws.amazon.com/blogs/networking-and-content-delivery/amazon-cloudfront-flat-rate-pricing-plans-new-features-and-expanded-capabilities/) Flat-rate pricing from CloudFront sounds great, and it supports even more, until you realize Lambda@Edge invocations are still billed at standard pay-as-you-go rates on top of your plan. That said, who cares about Lambda@Edge? Judging by its lack of updates, certainly not AWS. I did a [super deep dive](https://www.duckbillhq.com/blog/the-complete-guide-to-cloudfronts-flat-rate-pricing/) into this earlier; check it out if you’re interested. [IAM policy types: How and when to use them](https://aws.amazon.com/blogs/security/iam-policy-types-how-and-when-to-use-them/) Seven IAM policy types, each with its own attachment point, evaluation logic, and existential dread. This blog post is useful, which makes it suspicious coming from the same team that designed the policy evaluation flowchart that looks like it was drawn by a caffeinated spider. Bookmark it before your next access denied mystery. [Preparing for agentic AI: A financial services approach](https://aws.amazon.com/blogs/security/preparing-for-agentic-ai-a-financial-services-approach/) Seven design principles for letting AI loose in financial services. I’d have gone with one: “Don’t.” But sure, comprehensive observability and fine-grained access controls sound great until an autonomous agent decides to rebalance a portfolio at 3 AM and your only explainability is a CloudWatch log nobody reads. … and that’s what happened ***Last Week in AWS.*** ## You might also like [More Newsletter Issues](https://www.lastweekinaws.com/newsletter/) Issue No.468 ### [Multicloud Interconnect and the Great CVE Hunt](https://www.lastweekinaws.com/newsletter/multicloud-interconnect-and-the-great-cve-hunt/) [Read More about Multicloud Interconnect and the Great CVE Hunt](https://www.lastweekinaws.com/newsletter/multicloud-interconnect-and-the-great-cve-hunt/) Issue No.467 ### [S3 Files and an AI-Powered Singing Rat Trap](https://www.lastweekinaws.com/newsletter/s3-files-and-an-ai-powered-singing-rat-trap/) [Read More about S3 Files and an AI-Powered Singing Rat Trap](https://www.lastweekinaws.com/newsletter/s3-files-and-an-ai-powered-singing-rat-trap/) Issue No.466 ### [S3 Gets Vectors, CloudFront Gets SHA-256, You Get the Bill](https://www.lastweekinaws.com/newsletter/s3-gets-vectors-cloudfront-gets-sha-256-you-get-the-bill/) [Read More about S3 Gets Vectors, CloudFront Gets SHA-256, You Get the Bill](https://www.lastweekinaws.com/newsletter/s3-gets-vectors-cloudfront-gets-sha-256-you-get-the-bill/) Issue No.464 ### [S3 Turns 20 and SimpleDB Is Still Alive](https://www.lastweekinaws.com/newsletter/s3-turns-20-and-simpledb-is-still-alive/) [Read More about S3 Turns 20 and SimpleDB Is Still Alive](https://www.lastweekinaws.com/newsletter/s3-turns-20-and-simpledb-is-still-alive/)