Good morning!

Welcome to issue number 79 of Last Week in AWS.The AWS world caught fire this week with Bloomberg BusinessWeek’s explosive announcement about an alleged chip covertly planted onto motherboards destined for US companies’ data centers. Apple, Amazon, and SuperMicro all deny the allegations, leaving the rest of us wondering what the hell is going on. For my money, I’ve seen a lot from Amazon, but they’ve never lied to me. More to come this week, I suspect.

DigitalOcean’s Spaces product is similar to S3– but now it supports a built-in CDN. Picture this as “S3 + a CloudFront that isn’t terrible.” True, it lacks some of the CloudFront features, such as taking 40 minutes to update a distribution, eighty distinct controls that will break your site if they’re not set perfectly, or a pricing model that’ll surprise you with the GDP of a small country at month-end. Thanks to DigitalOcean for their ongoing support of this newsletter.

Community Contributions

I helped edit this article on development workflows in serverless environments. I think it came out rather well.

I wrote this post on Disaster Recovery Considerations in AWS, just because it seems like there’s a lot of stuff “everyone knows” that wasn’t written down anywhere.

While built around GCP, this article talks about load testing for cloud migration; the concepts map pretty well to any provider you care to use.

Midway through my own implementation of this pattern, A Cloud Guru has a post about using Amplify and the Serverless Framework together.

I got to speak with Ernesto Marquez on Screaming in the Cloud: How to Compete with Amazon.

This week GoCD by Thoughtworks highlights their free 30 day trial of Enterprise Support. If you’d like someone to call with all of your continuous delivery questions (possibly right after your deploy pipeline exploded!), consider GoCD; their open source product is free, but they also offer a streamlined support offering. Their reasonable flat-rate pricing means you’re not going to get ambushed by salespeople, and their support is no joke. Thanks to ThoughtWorks for their ongoing support of this newsletter.

Choice Cuts From the AWS Blog

Amazon API Gateway adds support for multi-value parameters – The Swiss Army Knife that is API Gateway now gets the equivalent of a pebble sharpener and a third nail file.

Amazon CloudWatch Launches Client-side Metric Data Aggregations – “You can cut your ridiculous CloudWatch costs by batching the data you send us” is what this is getting at.

Amazon WorkDocs new Web UI – “No matter what we do, Google Docs keeps beating WorkDocs.” “Hmm. Let’s do what they do, and arbitrarily change the UI on users every time the whim strikes us.”

Amazon Redshift announces Query Editor to run queries directly from the AWS Management Console – Giving a web interface to business users looking to query Redshift rather than forcing them to install a SQL client goes a long way towards making those users feel they’re not being told to go screw themselves.

AWS Cloud9 Now Supports TypeScript – I’m not sure why a dialect of Javascript is such a big deal, but here you go.

AWS CodeBuild Now Supports Building Bitbucket Pull Requests – I’m not sure that “we let you target another git remote” is a headline feature, but okay– if you say so.

AWS Systems Manager Announces Enhanced Compliance Dashboard – Another subcomponent of Systems manager, this one’s aimed at compliance folks. If you’re using Systems Manager in a regulated environment, you’ll love this.

How to Test and Debug AWS CodeDeploy Locally Before You Ship Your Code | AWS DevOps Blog – I’m not a fan of this approach. It’s throwing away a decade of cloud advancement and sending us back to the dark days of “WORKS ON MY MACHINE,” closed WONTFIX.

Using Federated Identities with AWS CodeCommit | AWS DevOps Blog – This is a great way to use your federated identity with your Git repository, in only forty simple steps.

AWS Service Operator for Kubernetes Now Available 🚀 | AWS Open Source Blog – This is somewhat nifty; you can now speak to AWS services directly using kubectl.

How to clone an AWS CloudHSM cluster across regions | AWS Security Blog – “Clone your HSM” is one of those phrases that will get your compliance-focused infosec people to perk up in terror three buildings away.

Setting the Record Straight on Bloomberg BusinessWeek’s Erroneous Article | AWS Security Blog – AWS came out swinging last week in a specific, stinging rebuke of the Bloomberg article referenced above.


While I’m increasingly less of a fan of local development, iam-docker-run lets you run Docker containers within the context of an IAM role, helping you sort out permissions issues earlier in the process.

…and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.