Good Morning!

Welcome to issue 160 of Last Week in AWS. As promised last week, I’ve released a post-mortem of last week’s email link issue. I suspect you’ll enjoy it.

My video from the Pulumi webinar has been posted, and in my humble opinion makes most other webinars look like crap. Check it out and let me know what you think.

From the Community

Have you registered for the NoSQL digital event of the year? Accelerate: A NoSQL Original Series is around the corner with season 1 premiering on May 12, 2020. The original series will be a combination of live stream and on-demand, binge-worthy episodes that capture how users and enterprises are succeeding with NoSQL and Apache Cassandra™.

Sign up today to hear from leading technologists and immerse yourself in Cassandra, Kubernetes, Graph, and more. What are you waiting for? Register today at Sponsored

Route 53 is a database, and now DynamoDB is a calculator. Alex is my new favorite Code Terrorist.

Forrest Brazeal is offering to help folks break into tech with the cloud resume challenge.

Where to start when you inherit an AWS account.

It’s always interesting to find this newsletter cited in various things; this time, an AWS Security Ramp-Up Guide by a respected security firm.

Scribd talks about using Terraform to integrate Datadog and AWS.

The best Kubernetes control system is of course Microsoft Excel.

Forrest Brazeal has written a love ballad to S3. I can’t top that factual description.

It’s always nice when one of our clients references our workS in a blog post. This time it’s about reducing EBS volume costs.

I wrote a post about Why Zoom Chose Oracle Cloud Over AWS and Maybe You Should Too. I’m sure that won’t cause me any angry messages on Chime.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

No one likes managing EC2 instances, so you might like managing the team that replaces them with containers. That’s right, the Fargate team is hiring three Software Development Managers. People-focused servant-leaders are encouraged to apply. Help bring about an end to the Serverless vs. Containers war that doesn’t need to be fought in the first place. One last point: every team at AWS has internal principles that embody their culture, but this team publishes theirs on GitHub. I wonder how they’d take pull requests?

Choice Cuts

Blue Matador is the easiest way to start fully monitoring your AWS infrastructure. Getting AWS Cloud monitoring set up for the first time is manual and cumbersome, requiring significant time and toil with a typical infrastructure monitoring tool. Blue Matador removes the burden of a complicated setup—just hand it your AWS read-only credentials, and in minutes, it tracks resources, detects baselines, manages thresholds, and sends you insights. Try Blue Matador free for 14 days. They’re so confident you’ll love it that they’re giving $100 to try it. Sponsored

Amazon CodeGuru Profiler improves process for authorizing new applications – It’s now easier to pay per line of code analyzed. I love the product, can’t stand the pricing model at all.

Amazon Connect decreases telephony pricing – Price cuts are a very AWS thing. “This only applies in two regions to four countries for outbound calling only” is likewise a very AWS thing.

Amazon EBS increases concurrent snapshot copy limits to 20 snapshots per destination Region – “Hey Corey, how do you learn about all the weird limits AWS has?” Sometimes it comes from one of those ridiculous limits being increased, as it is in this case.

Amazon EFS Updates Service Level Agreement to 99.99% – It’s one thing to say that your service is now more reliable, but it’s another to say you’ll issue refunds if it’s not. Well done.

Amazon EKS Improves Cluster Creation and Management in the AWS Console – “See the new console design here” is a new addition to these releases for which I will take personal credit. My snark about “no pictures, huh” apparently registered with the EKS team.

Amazon EKS now supports Kubernetes version 1.16 – I’m not coming up with new snark every few months when Kubernetes updates / deprecates a version. Here you go, sad people who have to care about this.

Amazon EventBridge schema registry is now generally available – “A thing talked about on stage at reInvent becomes available” is depressing, because that was stage time that could have been given over to things that customers could have used at the time.

Amazon Kinesis Video Streams adds API support to easily retrieve media clips – This announcement causes an actual problem for me: I had “Kinesis Video Streams” in a list of fake services I’d made up, and it’s apparently real. Oops.

Amazon SES now offers VPC Endpoint support for SMTP Endpoints – This is a pricing change, though it’s not obvious on its face that that’s true. If you’re sending large piles of email through a NAT gateway, this is a win for you.

Amazon Transcribe Medical now supports custom vocabulary – Such as “COVID19,” “Coronavirus,” and a blistering stream of highly inventive profanity.

Announcing availability of AWS Outposts in Indonesia – This is less a service announcement, and more of a “FedEx has agreed to ship full racks to another place” announcement.

Announcing General Availability of Amazon SageMaker Notebooks and expansion of Amazon SageMaker Studio to additional AWS regions – More parts of Amazon SageFactory are apparently coming online.

Announcing the general availability of AWS IoT Core Fleet Provisioning, a new feature that makes it easy to onboard large numbers of manufactured devices to AWS IoT Core at scale – The fun thing about IoT stuff is that the things that take advantage of this won’t hit store shelves for at least a year. The pricing also has to hold still; the economics of units that are built and shipped to customer are fixed.

AWS Glue now supports serverless streaming ETL jobs – This solves the problem of “sometimes Glue would finish a job, and thus stop billing the customer.” Now it runs forever!

AWS Storage Gateway adds Amazon S3 Intelligent-Tiering for File Gateway – Stories like this are a giant win for AWS Marketing; it validates their tremendous hard work and ever-growing advertising spend when they’re able to demonstrate that two AWS services have finally heard of one another.

AWS WAF now supports migration wizard for converting WAF rules from AWS WAF Classic – Ooh, a tool exists now to do what anyone who’s been paying attention has already done manually. Thanks, AWS.

The AWS Well-Architected Tool is now available in the Northern California, São Paulo, and Singapore Regions – The Well-Architected Tool is a checklist, so why the blue hell is that checklist only available within certain regions?

Introducing Genomics Secondary Analysis using AWS Step Functions and AWS Batch – “You think you’re now magically a doctor on Twitter thanks to five minutes at Wikipedia Medical School? Great, now hows about you spend money on cloud services like it” is a great response to these Instant Medical Experts on the internet.

Kernel Live Patching is now available in Preview for Amazon Linux 2 – Well this is novel. I used to love this capability with KSplice, then Oracle bought them and now we don’t talk about KSplice anymore.

Simplify IoT device registration and easily move devices between AWS accounts with AWS IoT Core Multi-Account Registration, now generally available – It’s always a good day when it becomes marginally easier to use services between AWS accounts in the same org. Given how many things need this, we have decades upon decades of good days ahead.

Amazon CodeGuru Reviewer launches new, more cost-effective pricing model – Oh… oh god. They revised the CodeGuru pricing model to make it “more cost-effective” and turned it into what I thought the pricing model actually was. It turns out that I was misinformed–it used to be in fact far, far worse. Now it’s merely awful.

Amazon RDS for SQL Server now supports Windows authentication in more AWS Regions – Because “your database will handle authentication differently based upon where it is” isn’t the kind of statement that gives people horrifying pause or anything…

Amazon Translate now adds support for Mexican Spanish – I’m including this release for the small but disturbingly vocal contingent of my readers who are somehow convinced that “Mexican” is itself a language.

AWS DeepComposer announces real-time visualizations for in-console model training and improved interactivity in learning capsules – You’re not going to drive adoption of AI without some movie-like visual effects, so here; AWS has thrown some of that crap into their DeepComposer console for you to marvel at.

ECR now supports Manifest Lists for multi-architecture images – Releases like this are the result of early adopters like me playing around with Graviton2 instances and discovering that a strange selection of tools don’t support ARM architectures. We’re noisy enough that releases like this are the outcome.

Join the FORMULA 1 DeepRacer ProAm Special Event | AWS News Blog – FORMULA 1 teams are apparently incredibly bored right now.

Now Open – AWS Europe (Milan) Region | AWS News Blog – If Cape Town launched with a bang, the Milan region barely whimpered. The sixth region on a continent vs. the first apparently lands differently.

Building and testing iOS and iPadOS apps with AWS DevOps and mobile services | AWS DevOps Blog – I’ll take AWS seriously on how to properly build mobile apps just as soon as the Route 53 web UI works on iPadOS. Today it very much does not.

Keep up on the latest from AWS Organizations–Spring 2020 | AWS Management & Governance Blog – A summary post of all of the delightful changes that’ve come lately to AWS Organizations. Given that Organizations are free, they are of course all non-profit Organizations.

AWS IAM introduces updated policy defaults for IAM user passwords | AWS Security Blog – Updated IAM password policy changes are a great thing to slip out on a Sunday.

IAM Access Analyzer flags unintended access to S3 buckets shared through access points | AWS Security Blog – Given what I’ve seen of customer awareness around S3 Access Points, I’d hazard that virtually all access to S3 buckets via access points is unintended.


Running a business is hard. Your cloud doesn’t have to be. DigitalOcean is the cloud that offers transparent, predictable pricing – even for Kubernetes clusters, which you’d have thought was impossible! You also won’t need 12 weeks of cloud school to absorb a zillion ancillary services just to be able to SSH into an instance. Is this the kind of simplicity you need out of your cloud provider? Check out DigitalOcean today. Sponsored

A Chrome Extension that fixes one of the most annoying aspects of the AWS console: Route 53 isn’t in the Database section.

A new IAM management tool called AirIAM.

A handful of decorated lambda handlers that may help you with your serverless challenges.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.