Good Morning!

It turns out that AWS CEO Andy Jassy has apparently been letting crappy service names like ‘Amazon DocumentDB (with MongoDB compatibility)’, ‘Amazon Honeycode,’ ‘Amazon Elastic Container Service for Kubernetes (Amazon EKS)’, and of course ‘AWS Systems Manager Session Manager’ out into the world because he was preoccupied with naming the Seattle Kraken. I’m not kidding–that’s a full article on how he named the NHL team he partially owns, and it’s everything you could have possibly hoped for and more for how to name something well.

Focus clearly matters.

In happier news, tomorrow is my birthday, and marks the end of the eleven day Festival of Quinns that marks the time between my wife’s birthday and mine. Surprising her with a different annoying hat every day has been an absolute blast, but there’s a terrific chance I won’t live to see next year’s Festival at this rate.

From the Community

Have you heard about ChaosSearch, the fully managed log analytics platform that leverages your Amazon S3 as a data store, with no further data movement required? According to the CTO at Armor, a global cybersecurity company, “ChaosSearch is a critical piece of our infrastructure for processing terabytes per day of our customers’ log data.” And from Hubspot: “We are able to process and analyze terabytes a day of Cloudflare log data to identify and fend off DDoS attacks on behalf of our 76,000 customers at a fraction of the cost of our previous self-hosted ELK Stack.” 

Let’s not forget either: it’s not just about the raw cost savings (which are substantial), but also the “I don’t have to manage ElasticSearch with expensive engineering time anymore” angle! So take it from me, Corey Quinn, or take it from the ChaosSearch customers – either way, take a look at ChaosSearch today! Sponsored

I apparently went to a whole lot of unnecessary work to build out a cohesive, original model for how to build a cloud environment that paid attention to varying aspects and constraints. Instead I could have just pulled a Microsoft Azure and ripped AWS off wholesale to create the “Microsoft Azure Well-Architected Framework“. Seriously, this thing is such a blatant rip-off that I expect to see weird copy and paste artifacts.

This post talks about how AWS and the PHP community collaborated to improve performance Arm64 architectures. This is going to be basically everyone as soon as the first Apple Silicon Macs ship and suddenly every engineer who believes in local development hits weird corner cases…

It’s really hard to blame the customer/victim when Managed NAT Gateway surprises them by being half of their AWS bill. Its pricing model is and remains molten garbage; one Duckbill Group customer was spending $1.5 million on it out of a $5 million bill annual spend.

I got a phone call asking me to share my thoughts on cloud native computing. Once I stopped laughing, you can pretty much guess how that conversation went.

“Your data is being stored outside of the regions you told us to store it in” is never a good thing to hear from AWS; I’m surprised this isn’t getting more traction.

Microsoft’s multi-year snit about not running anything on AWS continues; the latest thing moving to Azure is Minecraft.

AWS employee Justin Garrison has a poignant post on transitioning from being a developer to becoming a devreloper.

The New York Times has a fascinating story on former Distinguished Engineer and VP Tim Bray, who resigned in protest over Amazon’s treatment of warehouse workers.

Twilio scores a very special S3 Bucket Negligence Award; they left a bucket world writeable, and someone uploaded javascript code to it. This is a fascinating one.

Jobs

If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

OpenEye Scientific is looking for a Backend Developer to be part of a team responsible for developing OpenEye’s cloud platform, Orion, a state of the art elastic workflow scheduler and orchestration system. Orion is a container-based scientific workflow system written in Go and Python. While there are some interesting workflow and container orchestration systems out there and also Kubernetes, none deliver the flexibility in using legacy applications and toolkits, ease of use, scalability, and reliability that they are targeting. Their system is made up of Floe, a Python workflow framework, and a cloud-based workflow runtime and user interface leveraging many technologies, including Django, Docker, and AWS.

Choice Cuts

Looking for easier ways to manage your cloud? Of course you are! Turbot’s cloud governance platform is your answer to automating your security, compliance, operations, and cost controls. Take it from David Boeke, Turbot CTO & VP Services, who says “If I had this 15 years ago, as an enterprise IT guy, I would have felt like I was ruling the world”. Learn more at turbot.com. Sponsored

Amazon Lightsail now offers CDN distributions to accelerate content delivery – “We turned an AWS service with an obnoxious number of dials and knobs into something a human who didn’t build it can understand, and then given it a pricing model you can understand” is Lightsail’s entire jam.

Amazon SQS Now Supports New Console Experience – SQS is the original AWS service. I’m not kidding! The old console was Sanskrit on a stone tablet.

Announcing AWS Serverless Application Model (SAM) CLI now generally available for production use – But it still recommends that I install it on Linux via Homebrew! And it still rebuilds everything on every deploy because it’s convinced that the Lambda Layer somehow changed! And it still melts hilariously on arm64 architectures! …yeah, that’s an AWS production-ready release, all right. Remember; just because AWS says something is ready for production doesn’t mean it’s ready for you to use it in YOUR production environment.

AWS Asia Pacific (Seoul) Region Adds Fourth Availability Zone – If your scripts all broke when a new AZ showed up, it’s time to write better scripts.

AWS CodeBuild now supports accessing Build Environments with AWS Session Manager – You can now log into your Docker container to troubleshoot things. I maintain that CodeBuild is the best Serverless service for running single containers on a schedule that AWS offers.

AWS Managed Services (AMS) Now Offers Context-based Proactive Incident Notification Service – “Proactive incident notifications” from the company that fails to update its own status page leave me somewhat skeptical. Stop lying cloud!

Contact Lens for Amazon Connect is now generally available – Contact Lens is both a rarity (in that its name is awesome, yet it’s an AWS product) and now generally available.

Introducing AWS Content Analysis – The worst part about this solution (which is legitimately nifty) is that it talks about how it’s powered by Machine Learning. That turns off the very people who actually care about this kind of thing. They want to know what’s in their content, not drink deeply from the Fountain of Marketing Hype! Talk more about the problem it solves, less about how you solve it, please.

Introducing Migration Evaluator: Fast Track your Business Case for AWS – You can tell that TSO Logic has been fully integrated into AWS–they’ve gone ahead and given it a completely forgettable name.

New Amazon Elastic File System console simplifies file system creation and management – An updated console awaits you as you roll NFS out to your fleet as if it were still 1998.

Now gain longer access to your AWS resources when switching roles in the AWS Management Console – We can now forestall the arrival of the Timeout Demon a bit longer when using the AWS console. Coincidentally, “the Timeout Demon” is what I call my toddler in her more difficult moments.

Field Notes: Building a Disaster Recovery site on AWS for your Azure Workload – AWS speaker / partner guidelines were historically very clear that you’re not allowed to mention their competitors. Somehow, this blog post mentions both GCP and Azure. The better move is of course to start with a DR strategy in another region of your chosen provider; solve the DR problem with service equivalence first, THEN worry about introducing a completely different set of cloud provider service and failure modes.

Securing and Accessing Secrets from Lambda@Edge using AWS Secrets Manager – There are some Lambda@Edge secrets this won’t help with. Specifically, “which region did that run in so I can look at the CloudWatch Logs?” “Guess and check, you yutz!”

The global digital skills landscape: Acquiring cloud skills is critical to workforce development – “It’s extremely important for your workforce to acquire cloud skills” says the company who sells you cloud services.

Deluxe enables same day global theatrical delivery using AWS Snowcone – It’s true! I ordered the Deluxe shipping option and my SnowCone showed up the same day, and was handed off to me via an elaborate musical number. I hear it’s even up for a Tony!

Tools

N2WS is your giant “easy button” for near-instant recovery —including cross-account and cross-region— even if your recovery process needs to happen in a specific sequence. solutions–try it free today!And with smart scheduling and data management you can achieve better SLAs, while saving on your AWS bill. Now for a limited time N2WS is offering $100 in AWS credit just for setting up their free trial. Sponsored

I’ve been playing with the Markov generator that powers totes-not-amazon.com; it generates fake product releases based upon AWS “What’s New” updates. More to come on that once I get GPT-2 dialed in a bit better…

A nice demo app of an S3 scanner that also features unit tests, written in Go.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.