Good Morning!

Welcome to issue number 140 of Last Week in AWS.

I wish to apologize for an incorrect statement last week: the IAM Access Analyzer doesn’t support multiple accounts or regions, but it did indeed ship with CloudFormation support. It’s still a sad internship, but now it involves a lot more copying and pasting than it does clicking in a web browser.

From the Community

The recipe for observability has two main ingredients: tools that provide so much more than metrics dashboards, and an engineering culture of software ownership. Alternately, you could do what some other companies do and just slap the Observability label on anything you’re shipping today and call it good. Honeycomb’s latest e-guide, Developing a Culture of Observability, lays out why observability culture and tools go hand-in-hand. Learn how observability culture reduces business risk, makes developers happy, and increases site reliability – all for the benefit of your customers. Happy devs – happy customers, with Honeycomb. Sponsored

Jennine Townsend guests on Eric Hammond’s blog to round up the various AWS Workshop Links from re:Invent.

Cloudonaut has a broader round-up than many; take a look. It’s a good read.

Somewhat surprisingly, this article on how to reduce the costs of your HTTP(S) API on AWS makes no mention of the recently-released “HTTP API” from AWS. The term itself of course remains ungoogleable.

It turns out you can rip AWS off by running a lot of your code outside of the Lambda function handler. Judging by most Lambda bills I’ve seen, this will save most shops dozens of cents a month.

A curious design pattern that demonstrates secure handoff between two different organizations using KMS and S3.

The AWS re:Invent 2019 Swag Review from A Cloud Guru is one of the more entertaining re:Invent roundups every year. Now stop and think for a second–people wasted HOURS of their lives for a bunch of this stuff that they’d not spend $5 on buying. That says something, though I’m not sure quite what.

Analyst firm RedMonk has five reInvent takeaways that sum up the show way better than I could. If you read one wrap-up, make it this one.

An in-depth analysis of Dynamo vs Cassandra that explores the various trade-offs around NoSQL systems design.

GE, Dunkin’ Donuts, and Forever 21 share this week’s S3 Bucket Negligence Award by way of failing to properly vet their external contractors. Smooth.

I led a walking tour of the reInvent expo floor and somehow didn’t get thrown out by security. This Twitter thread may have gone a bit too far, in retrospect…

Sadly, one of my favorite AWS offerings has now been depRicated.

It was lost in the rush of re:Invent announcements last week, but I came up with an in-depth dive into AWS’s Compute Optimizer.

A gripping tale of leaving the AWS Partner Network. It more or less confirms a lot of the trepidation I’ve had around the APN.

I got to snark into a camera about re:Invent, which then turned into a transcript. I regret nothing.

Snarky IT tabloid The Register has a great discussion about how AWS manages the Linux kernel at their scale.

My ridiculous gameshow appearance at re:Invent showed up on Twitch. How neat!


If you’re considering a job change, check out a position below. Regardless of where you find it, you should definitely negotiate your salary. If I were to magically become employable, I’d immediately head to and talk to Josh Doody about it before saying anything further. He’s done this many times before, with a special emphasis on engineering roles at FAANG companies. He’s an artist when it comes to getting the best compensation possible without seeming greedy or losing the offer. He offers coaching, free articles, an ebook, and other things along the way. Check him out–and tell him Corey’s talking about him again.

[Elastic File System jobsAt AWS’s EFSteam they work on developing systems and software to build and operate a distributed file system at cloud scale. The complexity makes my head hurt. The scale of the problems they attempt to solve every day provide unique and interesting challenges, some of which are even fun. As a developer at EFS you will be pushed to contribute at your highest level and embody the Amazon leadership principles of Promise–er, Deliver Results and Think Big. EFS: because they won’t let us shove NetApps into us-east-1.

X-Team is hiring Go developers with strong AWS skills, anywhere on the planet. The work is interesting, they partner with companies you’ve heard of, and you can work from wherever you care to be. Now before you wind up getting cynical, let me save you some time–I already did, and hopped on a phone call to chat with them and then berate them for their crappy culture. Instead I was pleasantly surprised: they invest in their people (including a personal development stipend), they have distributed community events (both online and in person around the world), and actually work with their employees; this isn’t a “send us a postcard if you ever get there” body shop. Take my word for it; check out X-Team and see for yourself. Tell them Corey sent you…

Choice Cuts

CHAOSSEARCH allows you to turn terabytes of raw data into actionable insights in minutes… literally. If you want to use Elasticsearch APIs but want to spare yourself the constant “my Elasticsearch cluster has fallen over and it won’t get up” moments, check them out. Your data lives in your own S3 bucket, while their magic provides incredibly responsive queries… and you never have to move your data. Reach out to CHAOSSEARCH and tell them I sent you, and also to turn off their caps-lock key. Sponsored

Alexa for Business adds end of meeting reminders, intelligent room release and meeting room utilization metrics. – If robots are now bursting into conference rooms to tell you that your meeting is over and that you should get the hell out, what’s left for interns to do?

Amazon Connect announces AWS CloudTrail support for APIs – After entirely too long, Connect now supports CloudFormation, deprecating noted Code Terrorist Ian McKay’s workaround that featured headless Chrome inside of Lambda functions clicking in the Connect console via federated links.

Amazon EC2 Spot Now Provides Instance Launch Notifications via Amazon CloudWatch Events – This is great for consumption via a metrics system, but if you hook these directly to PagerDuty… that’s just messed up.

Amazon FSx adds enhancements to the AWS Management Console – The FSx team realizes that people still use the AWS Management Console. “We don’t know who those people are or why they do the things they do, but it’s time to throw them a bone” they declare.

Amazon SageMaker Ground Truth Adds Auto-Segment Feature for Semantic Segmentation Labeling – “You draw four points on an image and it automatically generates a tight mask around the object in question” is how human beings would say what this does–but not the SageMaker announcement team, which is itself a highly tuned ML algorithm aimed at data scientists.

Attach multiple Elastic Inference accelerators to a single EC2 instance – How fast will that single EC2 instance go? What if it hits another one? How the hell big are these AWS regions anyway?!

AWS CodeBuild Now Supports Cross-Account Resource Sharing – …turning who pays for what into a confusing mess, and justifying spelling this service as “CodeBilled.”

Amazon CloudFront now provides seven new data fields in access logs – …and the CloudWatch Logs team rubs their hands together greedily at the increased billing for the additional data consumption that this generates.

DNS Resolution for EKS Clusters Using Private Endpoints – Wait, what’s that, haters? The private endpoints are looked up IN MY FAVORITE DATABASE? Route 53 rules everything around it.

Introducing Open Monitoring with Prometheus for Amazon MSK – Normally I’d have deleted this post without further comment, but a “friend” of mine is on the Prometheus core team and will whine incessantly if I don’t include his project’s moment in the sun. You’re welcome.

Reaching More Customers with Web and Mobile Chat on Amazon Connect | AWS Contact Center – Finally a story is told about AWS’s new Intercom competitor. It seems super neat except for the fact that this is going to continue to badger people on websites constantly.

Getting started with Amazon DynamoDB | AWS Database Blog – There are some use cases that require GSIs. For everything else, there’s Route 53.

Using AWS Systems Manager Change Calendar to prevent changes during critical events | AWS Management & Governance Blog – Systems Manager Change Mana–I mean, Calendar now keeps you from accidentally deploying during Black Friday, or on any Friday. Somewhere Charity Majors starts awake; someone’s saying something stupid about Friday deploys again!

Automating fall detection with AWS DeepLens | AWS Government, Education, & Nonprofits Blog – Except for the part where this can be used to justify machine-learning cameras being installed in bathrooms everywhere, this is a super neat idea.


Do you want to be able to use machine learning to enable predictive maintenance? Did you know, in a few clicks, you can enable a mechanism that starts and stops EC2 or RDS instances when you’re not using them? Do you want to know how to instantly deploy a Video On Demand system? Are you curious how AWS Solution Architects would design different architectures? Use AWS Solutions to help you get your well-architected workloads deployed quickly! Sponsored

A tool that lets you display your Cloudwatch dashboards remotely on other sites.

Systems Manager Agent can be leveraged to connect super easily to EC2 instances with the help of this tool.

A handy set of tools to back up all of your AWS resources for export to another cloud. This is the good kind of multi-cloud use case.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.