Good Morning!

As I go to press it’s been announced that Amazon Retail CEO Dave Clarke has resigned from Amazon, effective July 1. "I’ve had an incredible time at Amazon but it’s time for me to build again," he says, giving rise to the very reasonable question "what the hell does he think he’s been doing at Amazon for the past 23 years?"

On the YouTube front, we have our good ol’ Uncle Suitcase talk to us about their trips:

From the Community

Are you struggling to determine what analytics workloads can perform well in the data lake, and which ones should be pushed to the data warehouse for peak performance? According to Gartner, you’re not alone. But thankfully, a category of technologies that Gartner calls “analytics query accelerators” are here to help. Get your free copy of the new Gartner Market Guide Analytics Query Accelerators, courtesy of ChaosSearch. Learn how analytics query accelerators provide SQL or SQL-like query support on a broad range of data sources to deliver BI dashboards, interactive query capabilities, and support for data modeling. Help your data lake deliver faster time to value – get the free Gartner report, courtesy of ChaosSearch, today!

I confess I’m not up to speed on the differences between SNS and SQS . This article helped.

A deep geek dive into first impressions of Graviton3 chips. Finally, hard data rather than vague marketing assertions!

AWS the YAML Way sounds horrifying to me, then I remember that S3 still likes its XML from time to time.

It’s rare to see people complaining about new Terraform features since they largely don’t exist, but this post suggesting that Terraform should have remained stateless makes a fair bit of sense.

I kinda put the boots to the new "Serverless" Aurora option in The Aurora Serverless Road Not Taken.

The Register continues to document how Broadcom’s purchase of VMware means much for existing VMware customers, all of it frankly horrible for them.

One of the single greatest parts about AWS’s Certificate Manager is that its (free) certificates auto-renew for you so, unlike Spotify, you don’t take a massive 8 hour outage when they expire.

Choice Cuts

Software powers the world. LaunchDarkly empowers all teams to deliver and control their software. DevOps and feature management are reimagining how businesses build and release new products. Get control of your code to ship fast, reduce risk, and reclaim your nights and weekends. Learn how your team can reap the rewards of Continuous Delivery without all of the risk. Check out LaunchDarkly.

AWS IAM now supports WebAuthn and Safari browser for multi-factor authentication with security keys – Cool, now can you jackwagons stop making me create multiple IAM users to get around your "one MFA device per IAM user" nonsense restriction? And also the AWS root account, while you’re up?

NoSQL Workbench for Amazon DynamoDB adds support for CreateTable, UpdateTable, and DeleteTable operations – Adding this to the Workbench is kinda like using a woodworking workbench as part of your new dining room table. Instead of a back-of-house tool it’s now part of a production deployment process and that worries the crap out of me.

Price reductions on Amazon EC2 instances running SUSE Linux Enterprise Server (SLES) OS – This is huge news for the three European banks who use SUSE Linux and absolutely no one else because it’s not 2006 anymore.

Monitoring and alerting break-glass access in an AWS Organization – This is a very real problem, but this is such a convoluted solution that I don’t have any trust that it would actually fire in the unlikely event that someone used the break-glass access method.

Introducing the newest AWS Heroes – June 2022 – A number of folks I deeply admire have been recognized as AWS Heroes. Congrats to them!

Trigger an AWS Glue DataBrew job based on an event generated from another DataBrew job – This is amateur hour. Real professionals trigger a Glue DataBrew job from the same DataBrew job, borrowing heavily from the "Lambda Invokes Itself" pattern.

Using IAM database authentication with workloads running on Amazon EKS – I’m no database expert, but you’d really think that this blog post would mention that AWS’s own guidance for IAM authentication against databases suggests you limit it to "a mechanism for temporary, personal access to databases" as well as recommending that you "use IAM database authentication only for workloads that can be easily retried." I’m sure it’s fine.

Version 1 of the AWS Cloud Development Kit (AWS CDK) is now in maintenance mode – If you’re using V1 of the CDK, stop it. Don’t worry though, it’ll be right there at the top of Google search results for the next few years to confuse you.

Reimagine search on GitHub repositories with the power of the Amazon Kendra GitHub connector – GitHub has one of the best search implementations I’ve seen; it’s tremendously helpful when I’m trying to find code either in my organization or globally. Yet somehow Amazon, the company that seems to think that when I search for underpants I don’t see a single thing above the fold that isn’t their brand or a sponsored ad, dares to suggest that they’ve beaten GitHub search at their own game? Shenanigans, I say.

AWS is the cloud customers choose for their SQL Server workloads – Azure boasts that they’re 5x cheaper than AWS for SQL Server workloads. They don’t boast that this is because they’re jackasses with licensing. So in effect, this post is highlighting that AWS is so much better than Azure that customers are willing to pay a 5x premium to use it. Nice job, Azure Pricing Team. You nailed it.

Introducing IP-based routing for Amazon Route 53 – I just finished setting up Latency-based routing, now there’s another thing to learn / choose between.

Join me in Boston this July for AWS re:Inforce 2022 – Amazon’s CISO would like to "personally invite you to attend" via that most personal means of communication, a public post on the AWS security blog.


Make DevOps suck less by getting your workloads to AWS in minutes instead of months using AutoCloud. Their platform automatically generates secure, production-ready Terraform code that is customized to your unique snowflake of a business. Once workloads are deployed, AutoCloud gives users full cloud security posture management (CSPM) capabilities along with drift detection, automatically generated architecture diagrams, BlastRadius™ security analysis for compromised resources, and a single internet-scale GraphQL API for all 1,000 of your AWS accounts. Make your weary CIO smile by aligning every cloud resource with your business today.

Since we’ve established that Aurora Serverless is nonsense, consider that there’s an open source thing called Neon that purportedly does it right for PostgreSQL.

ifto is a debugging module to figure out why the hell your Lambda function keeps timing out.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.