Good Morning!

It’s notable that while my article on the impact to AWS from Amazon’s horrifying statements made a heck of a splash, nobody has told me that they disagree with my assessment. That alone speaks volumes.

It’s AWS billing week once again; if yours ails you, give us a shout here at The Duckbill Group and see if we can help.

From the Community

Ah… the ELK Stack – so much initial promise, yet ultimately so unstable at scale – not to mention the unending time and opportunity costs of maintaining the beast! For those of you still shepherding an ELK Stack along – I can’t urge you strongly enough to put down your Advil, and take a look at ChaosSearch today. They’ve really engineered something amazing – a fully managed data analytics platform, with NO ElasticSearch under the hood, that leverages your own Amazon S3 as a data store. Imagine no more data movement, no more data retention limits and all at a fraction of the cost of running your ELK Stack. Definitely check out ChaosSearch today – you won’t be sorry! Sponsored

Ably’s blog has a post about the current limits of AWS network load balancers.

I adore that someone dove deep to turn Route 53 into a Blazingly Fast Database. I love everything about this.

A special S3 Bucket Negligence Award goes to MobiKwik, who not only denied the breach initially but also threatened the research who reported it. Smashing job, folks.

I joined ChaosSearch to make fun of data lakes over on AWS Insider. It was an experience…

I got to hang out on an AWS Insider webinar and make fun of data lakes with ChaosSearch. That was fun for me; I don’t know that anyone else appreciated it.

AWS is renowned for its customer obsession, terrible naming, and Amazon Web Services joins the OPC Foundation. In this case, it’s the OPC Foundation which has something to do with industrial operating standards and thus provides a refreshing break from Kubernetes.

Stackery has a great intro to the basics of IAM policies, something nobody understands.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

AWS is building something new and refreshingly different–and may I say, it’s certainly ambitious! It’s still very, very early days–and the service needs to get from where it is today all the way to general availability, otherwise I won’t get to make fun of it. Help me entertain you– if you’re a senior engineering manager with a penchant for assembling really large engineering teams in a very early stage product, you want to talk to AWS about this “manager of managers” role.

Think “GitHub for marketing teams” and you’d be pretty close to describing Loomly. They’re looking for someone to take ownership of and lead their DevOps/SRE efforts–and that person might well be you. They’re fully remote, post their salary ranges, and using a bunch of AWS services. I’m a fan of what I’ve seen from them so far; see if this role is up your alley.

Choice Cuts

[Free Book] Definitive Guide to Feature Management

Feature management is a new class of software development tools & techniques powered by feature flags. A feature management platform like LaunchDarkly fills the gaps of conventional feature toggles. Learn the ins & outs of feature management today.

Ship Fast. Rest Easy. LaunchDarkly. Sponsored

Amazon EMR now supports Amazon EC2 Instance Metadata Service v2 – I dislike that IMSv2’s security benefits won’t be realized for everyone until v1 is fully deprecated, but this is a step towards getting there.

AWS Lambda@Edge changes duration billing granularity from 50ms down to 1ms – Yay, Lambda@Edge is now 50x cheaper when you call it to add a freaking static header to every response, something CloudFront should have enabled many years ago but didn’t.

CloudWatch Metric Streams – Send AWS Metrics to Partners and to Your Apps in Real Time – While AWS sure did pick a bad week to launch a service with the word “streams” in its name, this is interesting insofar as it makes it easier for monitoring companies to get CloudWatch metrics–but the pricing looks like it may somehow be even WORSE than it used to be. In other words, “the CloudWatch bill shouldn’t be higher than the Datadog bill.”

How to Get Started with Amazon Route 53 Resolver DNS Firewall for Amazon VPC – When something breaks, it’s always DNS. Now it can intentionally be DNS with the ability to block certain results from resolving. I’ve been eager to see this feature launch; for a few things it makes compliance way easier.

Reduce Unwanted Traffic on Your Website with New AWS WAF Bot Control – I can’t wait to implement this myself so I can block people who are dry and humorless from signing up to this fine newsletter.

Migrate terabytes of data quickly from Google Cloud to Amazon S3 with AWS Glue Connector for Google BigQuery – A rare naming of a competitor in an AWS blog post that isn’t part of their ill-considered and poorly executed “setting the record straight” series. They managed to also include the phrase “you might have egress charges for migrating data out of Google BigQuery into Amazon S3” with a straight face.

Canadian Customers dialed in to the benefits of Amazon Connect – Connect remains an aberration: a higher level service aimed at a non-typical AWS customer niche, that’s actually finding success.

Preparing for Kubernetes API deprecations when going from 1.15 to 1.16 – AWS clearly doesn’t know how to handle public deprecations, and hates when it’s forced upon them by upstream.

If there’s one thing I hate, it’s multi-cloud. And also Kubernetes. In this upcoming event, Fairwinds and I will be debating these points and more–how companies can’t really succeed without understanding what’s going on estate-wide, all while trading barbs. You won’t want to miss this… Sponsored

Rust detection using machine learning on AWS – The machine learning detects Rust via the presence of evangelists who will absolutely not shut up about how efficient Rust is.

Getting started with Amazon Location – One of the ways AWS services are hamstrung is in their lack of ability to use higher-level products to demonstrate what they do. Amazon Location is a drop-in replacement for the Google Maps API (renowned for its hilariously high price hike), but they don’t have a quick-and-dirty demo that shows you a map.

Announcing the AWS Space Accelerator for startups – Not to be confused with the AWS Global Accelerator which is something COMPLETELY different. What are you, simple?

Spend a day with AWS experts, and learn how to build a data lake – This course will cost you $700 plus whatever the value of the employee’s time is while they take the course. In return, you’ll come away with a thorough understanding of just how far AWS’s data and analytics offerings have to go.


If your mean time to WTF for a security alert is more than a minute, it’s time to look at Lacework. Lacework will help you get your security act together for everything from compliant service configurations to container app topologies, all without the need for PhDs in AWS to write the rules. If you’re building a secure business on AWS with compliance requirements, you don’t really have time to choose between antivirus or firewall companies to help you secure your stack. That’s why Lacework is built from the ground up for the Cloud: low effort, high visibility and detection. To learn more, visit Sponsored

A text-based user interface lets you manage ec2 instances from your console just as God intended.

Dear friend and former Duckbill Group employee Kevin Kuchta launched Sqltoapi out of a conversation we had internally. This is relevant to my interests and possibly yours due to the commutative property of shitposting: if everything is a database, than a database can be everything; in this case, a REST API.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.