Good Morning!

Are you in Phoenix on Sunday at 1PM? I will be. I’ll be at Zuzu for a couple of hours hosting a community meet-up. Come by and grab a complimentary drink or two, meet me in person, threaten me in a context in which you’re able to be much more intimidating, hear my snark in person, and oh so much more. I hope to see you there!

Now then: four. That’s how many AWS announcements there were last week that I found to be significant enough to deserve comment, and none of them were particularly good. Oh, there were the usual few dozen puff / filler blog posts, inconsequential feature releases, etc–but I find myself fundamentally growing tired with the constant banality and I frankly just do not have it in me to give them the attention that they very clearly do not deserve. If AWS doesn’t care enough to make them interesting, I don’t think I should either…

From the Community

One view to see them all! Kentik provides Cloud and NetOps teams with complete visibility into hybrid and multi-cloud networks. Ensure an amazing customer experience, reduce cloud and network costs, and optimize performance at scale — from internet to data center to container to cloud. Learn how you can get control of complex cloud networks at

A wonderful walkthrough of how to beat Cost Explorer into shape to expose the data you’re looking for. For those of you who haven’t made a lifestyle of living in that tool for half of every workday, this is going to be illuminating.

Teri Radichel talks about one of the most annoying things in AWSdom: Transferring Files in S3 Between AWS Accounts. I hate having to do this; my kingdom for the ability to move an S3 bucket between accounts.

There’s a debate raging over at the Amazon Collective on Stack Overflow as to whether to tag AWS services with aws- vs. going back and forth between aws and amazon like the service names themselves do, weaving in and out like a monkey who’s gotten into some moonshine while left unsupervised by a man in a yellow hat. I believe the answer should be to use the aws- convention for two reasons. First, it makes it abundantly clear that you’re not talking about, say, the Amazon store’s retail APIs. Secondly, it does what AWS themselves should be doing: distancing themselves from the incredible and increasing erosion of trust currently going on with the Amazon brand in other business units. Alexa, the Amazon retail store, the Kindle e-readers… all of them have taken significant blows to the trust required from customers to remain in their currently dominant positions. AWS has been left largely untainted (so far, anyway); I don’t think AWS wants to invoke that trust erosion in the customer mind more than they absolutely have to.

This TechCrunch article about some random company selling stuff in the AWS market for enterprise blockchain would usually sail past me as being irrelevant, were it not for the breathless quote “Looking forward, web3 and blockchain is inevitable,” uttered by an AWS VP who’s apparently unaware that if you say dumb things to reporters they will write them down and tell everyone about the dumb thing that you said. One of the most respected people at AWS at the time recently wrote about how Andy Jassy of all people couldn’t find the value in blockchain despite dispatching an incredibly talented team to find it; are you telling me that this VP is at odds with their leadership on this particular topic? Wild statements like this erode the trust that folks have in every statement AWS makes when they go unchecked; stop doing this please.

This article on things they didn’t teach you about Software Engineering comes by way of newsletter reader JoAnne Nabor; I love getting reader submissions. Please keep them coming!

A fun blog post floating around talks about how to gaining access to inherited AWS EC2 instances. I remember these days! They were awful.


Last Week In AWS: Computers Checking Compliance Boxes

Last Week In AWS: The Work of Sober Minds

Screaming in the Cloud: Exposing Vulnerabilities in the World of Cloud Security with Tim Gonda

Screaming in the Cloud: The Return of re:Invent with Pete Cheslock

Choice Cuts

All anyone really wants is to be understood. Including your users! Combine AI models with the Pinecone vector database to make your applications understand and act on what your users want… without making them spell it out. Make your search application find results by meaning instead of just keywords, your personalization system make picks based on relevance instead of just tags, and your security applications match threats by resemblance instead of just regex. Pinecone provides the cloud infrastructure that makes this easy, fast, and scalable. Understand more about Pinecone and try it →

AWS Config supports 22 new resource types – A service that rounds to "basically perceived as useless without significant customization" and also charges per rule evaluation has found new and exciting ways to generate additional nondeterministic charges in your AWS bill that generate what you will further perceive to be no value. Happy 2023!

Changes to AWS Billing, Cost Management, and Account Consoles Permissions – Oh pissballs. I don’t mind the permission changes. I mind the "it doesn’t take effect for another week so you can’t test it," the "then any accounts created after this cutover point will not work in the old way," the "late on a Friday in July the old way will globally stop working," and the way that AWS is fundamentally making a security change for the better very much a customer-facing problem.

Tired of the vulnerabilities, costs and slow recoveries when using snapshots to protect your AWS data? Check out Veeam for secure, zero-fuss AWS backup that won’t leave you high and dry when it’s time to restore.

Run a popular benchmark on Amazon Redshift Serverless easily with AWS Data Exchange – I’m so accustomed to AWS avoiding certain things in such painfully obvious ways that I just assumed that the "popular benchmark" was branded by a competitor or something. Nope; it’s just such a "popular" benchmark that nobody would know wtf they were talking about if they included it in the headline…

How to optimize costs for grant-based research projects with AWS – I think my big problem with articles like this is that AWS’s recommendations for optimizing costs are invariably complete crap. "Buy savings plans," "migrate to Graviton," and "we are completely out of ideas–wait refactor everything to our version of ‘serverless’" are basically their entire repertoire, and I can’t quite figure out whether that’s rooted in malice or incompetence. If they got this right, my company would have to either pivot rather severely or stop existing, and yet six years into this journey there’s no sign of that being anywhere on the horizon.


Cloud native just means you’ve got more components or microservices than anyone (even a mythical 10x engineer) can keep track of. You had an accurate inventory in a spreadsheet once, but when was the last time it got updated? With OpsLevel, you can build a service catalog in minutes and ditch the spreadsheet once and for all.

If you haven’t been blessed with the Money Fairy whacking you around with the money stick, you probably can’t use IPAM; subnet-watcher will help a fair bit with regard to telling you when you’re running low on IPs in a given subnet within your VPCs.

This is new to me: if you add cli_auto_prompt = on-partial to your AWS profile config, you can tab complete through various options in the command line when typing them out. This is a godsend.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.