Good morning, and happy holidays!

Welcome to issue number 90 of Last Week in AWS.

If you’re in Seattle on January 9th, save the date; Tonight in AWS is a combination meetup, conference, and standup comedy session. That’s a polite way of saying “I’ll hold a microphone to my face and say words, but I won’t know what I’ll say until it happens.”

If you build something in the AWS web console, and then want to control it with CloudFormation, AWS cheerfully tells you to throw away what you’ve built and to start over. Ian McKay wasn’t content with this, so spent a few months of his spare time building AWS Console Recorder–a browser extension that looks at what you’re doing in the console, then turns it into CloudFormation, Boto code, Terraform, etc. On the one hand, this is magnificent. On the other, what the heck has the console team been doing for the past decade of this feature request topping wishlists worldwide?! Ian took it upon himself to fix the problem himself, embracing the Amazon Leadership Principle of “Disagree in Commits.”

AWS: Please hire him and give him a team immediately.

Community Contributions

Serverless Hero and stand-up guy/comedian Yan Cui published his thoughts on the serverless announcements at re:Invent 2018.

Eric Hammond (AWS Community Hero) has a wonderful blog post on Using AWS SSM Parameter Store With Git SSH Keys. I just did this last week, as it turns out.

I don’t normally include analyst pieces, but this thought-provoking take on Why Microsoft (Not Amazon) Will Win the Pentagon Contract is well reasoned–and increasingly points to Azure being the number 2 cloud. Google’s off in third place somewhere deprecating something their customers care about.

I didn’t attend KubeCon this year due to a prior commitment, but Chris Short did; his roundup is worth skimming.

Almost a month ago I went on a Twitter rant about How to Properly Engage with AWS Enterprise Support. That rant is now a blog post; enjoy!

Scott Alexander talks about re:Play re:Envisioned–and mentions my reference to re:Invent as Amazon’s Complex Queueing Service along the way.

If you’re confused as hell about all of the various Machine Learning options, you can now add to that confusion visually with this handy map for Machine Learning on AWSby Julien Simon.

I’ve often wondered why it’s important to use a VPN in 2018–doesn’t everything use HTTPS? It turns out that it does not! Cloud Security has more…

As I read the provocatively titled 6 things I’ve learned in my first 6 months using serverless, I went from rage (“Don’t use Python?! WHO THE HELL DOES THIS JAMES FELLOW THINK HE IS?!”) to thoughtful acceptance to actually testing out Vuetify.

Ben Kehoe is attempting to outsnark me with his 2018 Report Card for AWS Service Names. I mostly agree with him–but I can’t stand the name “Textract” and have absolutely no idea why I hate it so much. I’ll refrain from criticizing it further until I’ve further mapped the depths of my own psyche.

And this week’s S3 Bucket Negligence Award goes to Emtrain, with a special berating for failing to communicate effectively with the researcher who reported the issue to them.

Alex DeBrie of Serverless-no-the-company-not-the-movement writes an incredibly poignant piece about the “Invisible Improvements of AWS.” These are important; I care more about most of these than I do most of the services launches that I’ll likely never use.

“This is the first time the cloud giant has referenced the emerging technology with a straight face” is a heck of a sentiment from this article on quantum computing. It’s funny, I hadn’t noticed Amazon expressing much of a corporate sense of humor over the past two years. Perhaps it’s too subtle for me to detect…

The burning tire-fire that is your environment will be used to warm people’s homes in Ireland. I wish I could tell you I was making this up, but… nope.

Last week I got to catch up with Andrew Clay Shafer in Screaming in the Cloud: Open Source is Not a Business Model.

More fines hit Uber from its 2018 S3 Bucket Negligence Award.

Choice Cuts From the AWS Blog

Amazon API Gateway Simplifies Building Real-Time Two-Way Communication Applications with WebSocket APIs – The announced WebSocket support for API Gateway arrives, leaving the rest of us to wonder what a WebSocket might be, and if it’s relevant to us.

Amazon DynamoDB Accelerator (DAX) Adds Support for DynamoDB Transactions – Support for transactional integrity now reached DAX. It got there a while ago, but it took until now for the improvement to be confirmed.

Amazon DynamoDB Increases the Number of Global Secondary Indexes and Projected Index Attributes You Can Create Per Table – That shattering sound you just heard was your fragile understanding of DynamoDB data structures, best practices, and why your code does what it does. Happy holidays!

Amazon EC2 Introduces Partition Placement Groups – I’m not at all clear what delineates this from spread placement groups. I could ask someone, but I’d rather make fun of it here and guarantee five distinct emails explaining the nuances between them. Fire away, please!

Amazon MQ Introduces Network of Brokers Feature – FINRA was momentarily incredibly interested, but then realized that “MQ Brokers” aren’t the financial professionals they regulate. Sorry, finance folks.

Amazon Redshift now runs VACUUM DELETE automatically – “We won’t keep charging you for deleted data forever” is a welcome if somewhat overdue feature. If you work at Oracle and are thinking of poking fun at this behavior, shut your mouth; you don’t get to mock other companies for overcharging. Ever.

Amazon Route 53 Adds Alias Record Support For API Gateway and VPC Endpoints – Little things like this are transformative for those of us trying to build creative things that live at zone apexes.

AWS Elastic Beanstalk Adds Tag-Based Permissions – Elastic Beanstalk still an ongoing concern. It’s odd; I’ve had five conversations in seven days where people highlighted their love of EBS; it’s time to take another look at that in the new year.

Introducing AWS Client VPN to Securely Access AWS and On-Premises Resources – It turns out I’ll never again have to stand up my own OpenVPN server and play around with security groups to get developers into corporate environments. It was awful, but now I’m wistful about it.

Introducing Workload Qualification Framework to Project Plan Your Database Migrations to AWS – I’d love to hear others’ experiences with this one. Not that I’d accuse AWS of this, but often a vendor’s migration tooling recommendations translate directly into “spend more money.”

New AWS ParallelCluster Features – “Wait, was that an actual service?” No, it’s a GitHub repository for an open source project, but you’re not the only one who had to check.

Quickly Create, Build, and Deploy Amazon Alexa Skills from AWS – A more honest title would be “AWS Console no longer actively hostile to Alexa developers.” I’m looking forward to this if I ever come up with an idea for an Alexa skill people would like.

New SAM PUBLISH Command Simplifies Publishing Applications to the AWS Serverless Application Repository – You’re now one command line argument away from publishing your application to the Serverless Application Repository, which will come in super handy once people actually start using that thing.


If you want to ssh directly to an EC2 instance by its name, awser is worth checking out.

No matter which AWS service you store secrets in, s12v makes it easier to populate them into your application.

…and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.