Good Morning!

A few choice puns, a couple scathing AWS criticisms, and a handful of sincere compliments for things AWS does that I really appreciate make this a remarkably well rounded issue.

My link-trade with Techmeme continues all month long; you might be surprised by how many things I talk about in this newsletter were on Techmeme first. They’re really a great aggregator…

From the Community

This issue is sponsored in part by my friends at ChaosSearch! As you know, running log analysis with Elasticsearch at scale can be unstable, relentlessly time-sucking and surprisingly expensive. Now try ChaosSearch – a fully managed log analytics platform that delivers the Elasticsearch API you love, with built-in Kibana, but with No ElasticSearch under the hood! ChaosSearch activates your Amazon S3 as a true data lake, for analytics at scale, with no data movement, no data retention limits and savings of up to 80% vs an ELK Stack. In fact with ChaosSearch, you can start with 3 easy steps: Store, Connect & Analyze. So start experiencing insights at scale from ALL of your data (and tell them I sent you)!

A quick article on how to get dynamodb-local working on Apple Silicon.

An intro to codegen with AWS Smithy; I hear good things, but sadly for my purposes it’s Java only. I don’t know the language.

This video on Reddit shows how painful it is to automate AWS SSO in its current state. Love the service, but it needs some quality of life enhancements in a big way.

The MIT Press Reader has an article on the The Staggering Ecological Impacts of Computation and the Cloud. The eye-opening fact for me was the realization that the Cloud has a bigger carbon footprint than the entire airline industry globally.

If I were to send a tweet that said something like "Rackspace is now the roach motel of cloud platforms" I’d get some angry replies, but that’s a direct quote of a Computerworld headline. It’s definitely a company in decline. Despite adding in a bunch from their Onica acquisition, their Case Studies page has shrunk over the past few years from 15 pages down to 6. Additionally, whenever I see a client running a bunch of RHEL instances and I ask what’s up with them, the answer is always the same: "we used to be a Rackspace customer and that’s all they would support. We can turn those off now." Pour one out for a formerly inspirational company.

A wonderful article that’s probably one of my favorite in recent memory is well worth the read: AWS S3: Why sometimes you should press the $100k button.

The tale of a company’s migration from one AWS account to a robust AWS Multi-Account Strategy.

The Elastic vs. AWS trademark lawsuit has been settled. Settlement terms are confidential, but AWS renaming everything to OpenSearch, saying nothing at all publicly, and Elastic writing a blog post about the topic tells us exactly how that one played out.

Brian Scanlan (a periodic guest author at Last Week in AWS) writes about 5 lessons learned from building Intercom Europe at speed in AWS during a pandemic.

We have a guest blog post from Ben Kehoe up on the Last Week in AWS site that asserts The CDK’s Most Fundamental Flaw is Fixable.

A retrospective on 2021 that I’ve been eagerly looking forward to: Follow the CAPEX: Cloud Table Stakes 2021.

A lot of folks are feeling dissatisfied with their roles right now. This story features an Artificially Intelligent Amazon Supercomputer Stuck In Dead-End Retail Job.


Aptible is building a multi-cloud PaaS with powerful security and compliance guardrails baked in. Our platform is used every day by thousands of developers across hundreds of startups in order to ship complex architectures without needing to stop and think about security, compliance, or IaaS best practices. Help us build the future of cloud deployment! We’re hiring principal and senior software engineers, DevRel, and more. (Psst: we target 90th percentile salaries and post total comp directly in the job description.)

AWS offers technologies for running code, managing data, and integrating applications, all without managing servers. Serverless technologies feature automatic scaling, built-in high availability, and a pay-for-use billing model to increase agility and optimize costs. These technologies also eliminate infrastructure management tasks like capacity provisioning and patching, so you can focus on writing code that serves your customers. Serverless applications start with AWS Lambda, an event-driven compute service natively integrated with over 200 AWS services and software as a service (SaaS) applications.

Nebulaworks is a software engineering firm founded, built, and managed by engineers, for engineers. Our mission is to create high-performance engineering teams where members are inspired to collaborate openly, incentivized to gather new knowledge and skills, and value simplicity when solving difficult problems. We’re looking for individuals who are passionate about being a force multiplier, enabling our customers to unlock their high-performing team potential. If you love Linux, open-source, and value driving all changes through version control we’re currently hiring Sr. Software Engineers, come introduce yourself!

At Modern Treasury, we are building payments infrastructure to power $750 trillion in bank transfers every year. Before Modern Treasury there has never been a universal API into the global banking system. Our ambition is to be the de facto standard for money movement for the world’s most innovative and fastest growing companies. Our customers use our APIs to automate payouts, direct debits, balance tracking and other payments use cases at scale. Join our engineering team at Modern Treasury to help build the new foundation of business and finance.

Choice Cuts

While AWS doesn’t like to talk about it, this multi-cloud thing is…well a thing. This is where MinIO comes in. MinIO’s high performance, Kubernetes-native object store works on every cloud – literally all of them from AWS to Zayo. This means you can build S3-like data infrastructure anywhere. The world’s fastest object store with READ/WRITE speeds in excess of 325 GiB/sec/165 GiB/sec respectively, MinIO can handle any workload – from modern databases to AI/ML and advanced analytics. Couple that with a suite of enterprise features for ILM, IAM, security and resilience and organization can architect consistency for their data persistency – across and between clouds. Don’t take our word for it, see for yourself at

Amazon RDS now supports Internet Protocol Version 6 (IPv6) on RDS Management APIs – RDS gets IPv6 support, and some of the most odious people on Twitter have one less service to complain about.

Amazon Redshift announces support for unloading data to JSON files – I continue to wage my one-man campaign to support XML.

Introducing auto-adjusting budgets – "The budget automatically gets raised" is a nice way of saying "AWS bill goes brrrrrrrrrrrrrrr" because of course the numbers only ever go UP!

AWS WAF introduces AWS WAF Fraud Control – Account Takeover Prevention for protecting your login page against credential stuffing attacks – This is a neat feature for those of you who have login pages. There was a time I’d have paid handsomely for this feature.

Amazon Elastic File System Update – Sub-Millisecond Read Latency – EFS now gets a lot more performant. Haven’t had the chance to run benchmarks myself yet, but I hear good things.

New – Amazon EC2 C6a Instances Powered By 3rd Gen AMD EPYC Processors for Compute-Intensive Workloads – "With the launch of C6a instances there are now officially more than 500 Amazon EC2 instances for customers to choose from" is the winning line in this post. I’m sure our friends at AMD just love their entire value proposition distilled down to "they cost less."

Deploy Python Application using AWS App Runner – This isn’t the hard part. The hard part is the decision point of "I have a python application, how should I deploy it to AWS?" We’re drowning in options that become less differentiated with every new launch.

How To Expose Multiple Applications on Amazon EKS Using a Single Application Load Balancer – This is a handy conceptual walkthrough that hits at just about the right level of complexity and assumption around reader knowledge. More like this, please.

Software powers the world. LaunchDarkly empowers all teams to deliver and control their software. DevOps and feature management are reimagining how businesses build and release new products. Get control of your code to ship fast, reduce risk, and reclaim your nights and weekends. Learn how your team can reap the rewards of Continuous Delivery without all of the risk. Check out LaunchDarkly.

Migration options for MySQL to Amazon RDS for MySQL or Amazon Aurora MySQL – RDS (either flavor) is a strange service. At small scale it’s absolutely worth using just for the toil it relieves you from. That said, as you continue to scale out, you eventually reach a point where the premium you pay exceeds the cost of running a database fleet on top of EC2 yourself. My fear with Aurora is that that migration looks a lot more like a one way door due to the lack of EC2-based feature parity…

Automate code reviews with Amazon CodeGuru Reviewer – How hard can it possibly be to fire off a Lambda that slaps a "LGTM" onto a PR as a comment?

The CDO: Chief Disappearing Officer – I periodically suggest having a twelve-year-old double check your writing for things that may appeal to a more sophomoric sense of humor, such as I don’t know, "they incrementally and persistently infuse the changes required in mindset and skills to embrace the “D.”"

Apply profanity masking in Amazon Translate – The amazing part of this post is that they censor the profanity in the English portion of the screenshots, but not the original French. I’ll further note that the term they chose as an example is used as a misogynistic way to refer to women, and this article is bylined to three dudes.

Build and scale direct-to-consumer streaming video offerings – This is a joint effort between AWS, who builds great infrastructure, and Salesforce, who knows how to build a user interface that doesn’t make customers want to gouge their eyes out.

Amplify Bash: Get Started Contributing to AWS Amplify Open Source – Amplify itself says "Our default implementation works with Amazon Web Services (AWS), but AWS Amplify is designed to be open and pluggable for any custom backend or service." And somehow despite a fair bit of searching I’ve found zero instances of it being used for anything other than spinning up AWS resources. "Come volunteer for a project that starts and stops with you giving us money" has always hit a sour note for me. Perhaps I’m just old and cynical.

Brazilian Space Agency and AWS sign Statement of Strategic Intent to support long-term growth in regional space sector – The first thing to go to orbit will be the AWS bill, as they’re poised to spend Brazilians of dollars on this.

How to secure API Gateway HTTP endpoints with JWT authorizer – I’m periodically dismayed every time I look at just how much manual work is required to get an API Gateway to secure a function. Basic auth, JSON web tokens, etc… it’s always a struggle.


Configuring a VPN server is hard due to their complexity and vast knowledge of certificate and networking required. You can spend the next 6 months setting up an OpenVPN server and fine tuning it. Or you can just use our solution and be up and running within 3 min. Not to mention that we have built in reliability into the product – it mimics the Serverless ideology. 0x4447 VPN Server using OpenVPN® on the AWS Marketplace

aws-auth is a tool that helps you programmatically authenticate into AWS accounts through IAM roles. My single objection here is that it doesn’t support AWS SSO, so it’s useless for my purposes. Maybe it’ll help you?

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.