Good Morning!

At last: after parental leave, I return–only a few hours behind schedule. My thanks to the guest authors who made “me taking time off” possible; it’s deeply appreciated.

We’re well into AWS’s pre:Invent service dump of things that weren’t a fit for a keynote, so let’s get right to it.

From the Community

What do HubSpot, Klarna, Alert Logic and Armor all have in common? They all use the ChaosSearch Data Platform to connect and index data in their own AWS S3 environments, rendering their data fully searchable and available for analysis with their existing data tools. With unlimited scale, industry-leading resiliency, and massive cost savings, ChaosSearch is an ideal replacement for the ELK stack (which we all know tends to flop over at scale)! Now perform scalable log analytics on your AWS S3, using the familiar ElasticSearch API for queries, and Kibana for log analytics and visualizations, while reducing costs and improving analytical capabilities! Want to learn more? Join their CEO and CTO on Wednesday, Nov 18, for a 30 minute overview of ChaosSearch – register now! Sponsored

There’s “Route 53 as a database” horrifying, and then there’s “using Twitter DMs as a database” horrifying.

Segment talks about how they saved a boatload of money by optimizing Kafka, but not as much as if they had simply stopped using Kafka altogether.

“Then he seized his left foot with both hands in such a fury that he split in two.” Originally about Rumpelstiltskin, but while I was out also extended to IBM.

How are hundreds of thousands of people booking resort travel this year? They’re exposing themselves both to COVID-19 as well as this week’s S3 Bucket Negligence Award.

A dive into working with the Nitro Enclave via Python.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

If you’ve been working on infrastructure for a while (OK more than a week maybe) you’re sure to have Opinions on how our industry could improve the workflows we put in place to keep systems secure. Come work at Sym to help us build the platform to solve this! We’re looking for a Security & Infrastructure Engineer to lead our security program and improve the safety and reliability of our environment.

Do you hold a US Security Clearance? Do you want to build exciting things? Protect exciting secrets? Make big trouble for Moose and Squirrel? Check out the AWS Cleared Jobs and see if AWS might have a role that’s up your alley. Many restrictions apply; see page for details.

Chime is a challenger bank providing free banking & credit services – our mission is to give people financial peace of mind, we’re tangibly helping people in the real world, and we were recently valued as the #1 most valuable fintech company in the US (with a $14B valuation). We’re looking for AWS/Terraform experts who can help us secure our cloud infrastructure – if you’d like to learn more about it then we’d love to hear from you (for “How did you hear about this job?” please enter “LastWeekInAWS”).

Choice Cuts

Tired of juggling the cost of AWS backup and recovery with your SLAs? What about multiple products for your data NOT in AWS? Then quit the circus act and check out Veeam! Veeam unifies AWS backup and recovery with any other platform you need to protect into one easy solution. Better yet, they’ll help cut your cloud costs without compromising the ability to recover what you need, when and where you need to (even across clouds). They’ll be at re:Invent, so check them out! I hear they’re giving out free t-shirtsSponsored

Amazon Aurora Global Database Expands Manageability Capabilities – Aurora does what it does best: expand. Ever notice how your databases never seem to get any smaller?

Amazon EventBridge introduces support for Event Replay – This is way more exciting if you think of re:Play as AWS’s conference party instead.

Amazon Polly launches a new Australian English neural text-to-speech voice – Australian English sounds just like most other variants of English except for the blistering stream of profanity it now injects.

Amazon S3 Object Ownership is now generally available with AWS CloudFormation support – “Things that get put into the bucket get their ownership changed” is a serious challenge for Cost and Usage Reports. I’m happier about this than I probably should be.

Announcing new AWS Wavelength Zones in Dallas and Miami – You just know that some nutter is juxtaposing Wavelength zones with COVID infection rate maps.

AWS announces 40% price reduction for Amazon Elastic Block Store (EBS) Cold HDD (sc1) volumes – A massive price cut to an EBS storage variant you’re probably not using!

AWS Lambda now makes it easier to send logs to custom destinations – This is great for those who find CloudWatch Logs both not expensive enough, as well as too easily understood.

AWS Snowball Edge now supports importing virtual machine images to your deployed Snow devices – Historically you had to (and this is true) ship it back to AWS to get new images loaded onto it. You still do with SnowCone. Yes, this is awful.

AWS Snowball Edge now supports Windows operating systems – This is big news. Historically if you wanted a 49.5 pound device that ran Windows you had to buy a Dell Inspiron laptop.

Encrypt your Amazon DynamoDB global tables by using your own encryption keys – DynamoDB edges ever-closer to letting morons roll their own encryption.

New AWS Solutions Consulting Offer – Next-Generation Landing Zone – The real story here is that a third-party consulting partner got AWS to market a “Next Generation Landing Zone” offering that wasn’t first-party.

Quickly create Amazon EFS file systems from the EC2 Launch Instance Wizard – As much as everyone asks for CloudFormation support, what they really need but are secretly ashamed of is AWS console support.

Take a sneak peek at AWS re:Invent 2020 Cloud Financial Management Sessions – These are a bunch of exciting AWS billing talks that don’t appear to have materially changed since 2012.

Announcing AWS Glue DataBrew – A Visual Data Preparation Tool That Helps You Clean and Normalize Data Faster – There’s no Version Two of AWS Glue DataBrew, but see what’s new and what to do, and please pursue if it’s right for you.

Meet the newest AWS Heroes including the first DevTools Heroes! – The latest batch of AWS Heroes has been named. Community is important!

New – Export Amazon DynamoDB Table Data to Your Data Lake in Amazon S3, No Code Writing Required – Yes, “no code required” is what data science is simply famous for.

S3 Intelligent-Tiering Adds Archive Access Tiers – There’s a twelve hour access retrieval time for some of the furthest tiers, so make sure that your “loading” graphic spins long enough to cover that.

Welcome to AWS Storage Day 2020 – A roundup of AWS Storage Day, a day you didn’t know existed or was coming until after the fact.

Introducing MongoDB 4.0 compatibility and Transactions in Amazon DocumentDB – …but still trails in “mysterious data loss” for the full MongoDB compatibility experience.

.NET 5 on AWS – “Hah, we have a bunch of Microsoft code running on our cloud!” gloats Amazon, forgetting for a minute that basically everyone’s application code lives on GitHub.

Running bash commands in AWS CloudFormation templates – This feels like CloudFormation has finally ascended to what we were all doing fifteen years ago.

Introducing AWS Gateway Load Balancer: Supported architecture patterns – I have many thoughts on this that won’t fit into the format of this newsletter. Expect them later this week.

Enabling warfighters and intelligence mission success – “Warfighters” of course being just the latest in the “sysadmin” -> “DevOps” -> “SRE” title progression.


Engineers own the security of their cloud infrastructure – and that’s good news because it’s a problem tailor-made for engineers to tackle. Download the Engineer’s Handbook on Cloud Security to gain a better understanding of the nature of cloud misconfiguration and think more critically about securing your use cases. Sponsored

Glow lets you render markdown on the CLI. I don’t know if it speaks YAML or not, but that shouldn’t stop you from shoving your Kubernetes config into it.

A Lambda that reboots EC2 instances on a schedule is probably one of the most on-the-nose depressing things that’s certainly running in a bunch of production environments that I’ve seen in a while.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.