Good Morning!

I’m in New York for the AWS summit tomorrow–but I’m staying until Friday. I’ll be at Apotheke Mixology on Wednesday@7PM with my bearded cohort, Mike Julian–join us for drinks!

It’s once again time to mingle with AWS folks; looking forward to seeing some of you folks in person.

From the Community

Every company needs a plan for when things go wrong. We’ve written these plans many times, and every time wished for a reference that reflects how companies actually work today. So here it is — our years of collective knowledge and experience distilled into a Practical Guide to Incident Management for your whole organisation. Enjoy!

This article about Walmart’s Cloud Native Platform is an interesting read. It really feels to me like they’ve built their own cloud that has exactly one customer; that’s not recommended for almost any company.

It took quite literally years, but an AWS service team (SageMaker Canvas) managed to sneak a $290 charge into my bill that I wasn’t expecting. It’s a complex series of issues with a handful of contributing factors, but the short version is to make sure you’ve killed any experiments you were running back when SageMaker Canvas was free, since it now charges $1.90 an hour.

Honeycomb has a neat post up about Exploring AWS Costs Beyond the Service Level. I wish more folks thought about things this way — and also that it didn’t take an engineering organization of Honeycomb’s caliber to get to this level of visibility.

My article on ChatOps resulted in a surprising number of emails basically thanking me for highlighting the security risks. Ideally it helps SOMEONE!

The Register has a thought-provoking question: will cloud giants drive colos off a financial cliff? I don’t think so, but I can easily see an acceleration of the existing trend towards colocation consolidation as a result of decreasing SMB demand for rack space…


Last Week In AWS: Azure Insecurity Templates

Last Week In AWS: Mr. Selipsky’s Geography Class

Last Week In AWS: The ChatOps Issue That No One’s Chatting About

Screaming in the Cloud: Enterprise Developer Advocacy with Maish Saidel-Keesing

Screaming in the Cloud: Incidents, Solutions, and ChatOps Integration with Chris Evans

YouTube: Learning in Public with swyx

YouTube: My Security Posture

Choice Cuts

Fortinet’s partnership with AWS is a better-together combination that ensures your workloads on AWS are protected by best-in-class security solutions powered by comprehensive threat intelligence and more than 20 years of cybersecurity experience. Integrations with key AWS services simplify security management, ensure full visibility across environments, and provide broad protection across your workloads and applications. Visit us at AWS re:Inforce to see the latest trends in cybersecurity on July 25-26 at the Boston Convention Center.

Amazon EC2 Auto Scaling customers can now monitor their predictive scaling policy using Amazon CloudWatch – This is a moderate improvement for the folks who monitor their predictive scaling policies via the AWS bill.

Amazon WorkMail now supports invoking Lambdas to fetch availability (free/busy) – I’m torn. I like the idea, but the idea of having to write a Lambda function just to set yourself as available on your calendar is horrific. I like the option, but the positioning of this as a good user experience approach is… bad.

Image background removal using Amazon SageMaker semantic segmentation – Am… am I the only person who thinks the "final image" in this demo looks like garbage?

New – Amazon EC2 M1 Mac Instances – These are really interesting–almost half the cost of the Intel version, incredibly useful for a few Ci/CD workflows. The one complaint I have is that the Intel version is called "mac1" whereas the M1 variant is called "mac2." They’re setting themselves up for a decade or more of nominative off-by-one issues.

How William Hill migrated NoSQL workloads at scale to Amazon Keyspaces – This headline reads dramatically differently than its author intended if you approach it from the eminently reasonable perspective that "William Hill" is "some random dude."

Every application needs authentication, but building it yourself is a distraction. FusionAuth is customer identity software built for developers. They’re not Auth0. Their people know authentication and will show you a better experience. What’s cool is you can self-host so you’re in control of your identity data. There’s a free download version, no strings attached. Or if you want it hosted, they’ll set you up in AWS, just ask.

Understanding the lifecycle of Amazon EC2 Dedicated Hosts – Increasingly the only reason to use dedicated hosts that isn’t both ridiculous and within your company’s control is meeting third party license requirements. And I take a dim view of those companies’ position on the matter. That said, this is a great explainer about what you need to know if you’re in this position.

How to use Amazon RDS and Amazon Aurora with a static IP address – Fortunately the post doesn’t live up to the eldritch horror of my initial reading of the headline: "Wait, people are accessing databases that just hang out on publicly available IPs on the internet?!" Everything contained within reassuringly expects that customers are being incredibly intentional with VPNs, firewall restrictions, and/or Direct Connect.

Announcing AWS Config Custom Rules using Guard Custom policy – Can I custom opt things out of Config rules? Because when I was building out Last Tweet in AWS in all regions last month, it only cost a few cents except for the $16 in Config charges.

Get ahead this summer with no-cost cloud training from AWS Educate – Someone’s gearing up for an incredibly frustrating "How I Spent My Summer Vacation" essay this September.


Presumably for legal reasons, Retool can’t describe what they do as “Visual Basic for internal apps,” but that’s how I think of them. I’ve been a long-time customer, and they remain the only low-code tool I’ve encountered that actually lives up to the hype. To learn more visit

This week’s tool isn’t strictly cloud related, but I’m proud of it; my Last Tweet in AWS twitter client now automatically creates alt-text for uploaded images via Azure’s Computer Vision API. Accessibility is important. I want to be clear: the autogenerated captions are not perfect by any stretch of the imagination–but this is a start.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.