--- title: "Last Week in AWS #456: AWS-Esque" id: "15343" type: "newsletter" slug: "last-week-in-aws-456-aws-esque" published_at: "2026-01-20T14:30:00+00:00" modified_at: "2026-01-20T14:30:00+00:00" url: "https://www.lastweekinaws.com/newsletter/last-week-in-aws-456-aws-esque/" markdown_url: "https://www.lastweekinaws.com/newsletter/last-week-in-aws-456-aws-esque.md" excerpt: "The AWS community needs something like State of JS but for cloud services, and Peter Sankauskas built it. [This annual survey](https://www.answersforaws.com) captures what usage data can't - whether people actually *like* using AWS services or just tolerate them. Five minutes..." --- About the Author Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure. Sign up for the Newsletter Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark. "*" indicates required fields ## [Good Morning](https://www.linkedin.com/posts/coquinn_whatthehelliswrongwithyoupeople-activity-7416619138309115904-DXoN) ! The AWS community needs something like State of JS but for cloud services, and Peter Sankauskas built it. [This annual survey](https://www.answersforaws.com) captures what usage data can’t – whether people actually *like* using AWS services or just tolerate them. Five minutes of your honest opinions helps everyone. Remember: Route 53 is always a database. And also: If you (well, not *you*, but probably the saddest looking person on your finance team) are tracking commitments in spreadsheets and hoping your discount strategy still makes sense, you’re not alone. Most teams are cobbling together strategies/tools that weren’t designed for the scale and complexity of modern cloud environments. That’s why we’re building Skyway over at [Duckbill](https://www.duckbillhq.com)—to take you away from all that. Now the exclusive sponsor of Last Week in AWS, and also the company I co-founded. Cloud contract issues? Get in touch. ## Things I Found on the Internet The AWS community needs something like State of JS but for cloud services, and Peter Sankauskas built it. [This annual survey](https://answersforaws.com/) captures what usage data can’t – whether people actually *like* using AWS services or just tolerate them. Five minutes of your honest opinions helps everyone. [Cloud Egress Fees: What They Are And How to Reduce Them](https://www.backblaze.com/blog/cloud-101-data-egress-fees-explained/) AWS is betting big on regulatory compliance with a fully separate European cloud—new legal entity, EU-only staff, customer-controlled encryption. Whether [this sovereign cloud gambit](https://www.cnbc.com/2026/01/15/amazon-sovereign-cloud-europe-expansion.html) pays off depends on if European orgs trust it more than they distrust American tech giants. Smart hedge either way. If you’ve ever wanted to automate telling people to stop wasting your time—but professionally—[this deep-dive into building an AI email assistant](https://www.lastweekinaws.com/blog/i-hope-this-email-finds-you-before-i-do/) is both instructive and cathartic. The architecture’s overengineered in the best way, and naming it after the newsletter mascot is chef’s kiss. Amazon’s locking down copper supply [before the mine even opens](https://www.wsj.com/finance/commodities-futures/amazon-is-buying-americas-first-new-copper-output-in-more-than-a-decade-516a0a1f?st=S9nUcw&reflink=desktopwebshare_permalink) , which tells you everything about how seriously they’re taking AI infrastructure buildout. When a company that size starts buying decade-out mining capacity, they’re not just planning ahead—they’re reshaping markets. ## What AWS Has For Us This Time [Unanchored ACCOUNT_ID webhook filters for CodeBuild](https://aws.amazon.com/security/security-bulletins/rss/2026-002-aws/) Security researchers at Wiz found AWS misconfigured their own CodeBuild webhooks, letting anyone with the right actor ID commit code to critical repos. AWS fixed it in 48 hours and swears nobody exploited it. This is the second major CodeBuild lapse in the past year. Something in the water over there? Pro tip: if AWS can’t configure their own security correctly, maybe double-check yours. The [Wiz blog post]([https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild](https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild) ) does a much better job explaining what happened, without trying to downplay the situation. [Amazon EBS now supports up to four Elastic Volumes modifications in 24 hours](https://aws.amazon.com/about-aws/whats-new/2026/01/amazon-ebs-up-to-four-volume-modifications/) I always wondered why there was a limit here at all (past, y’know, rate limits to avoid insane flapping); “resize and test” is a pattern, y’know? [AWS Databases are now available on v0 by Vercel](https://aws.amazon.com/about-aws/whats-new/2026/01/aws-databases-available-vercel-v0/) AWS realizes they can’t win the newer generations of developers over with arbitrary complexity, so they’re pitching databases to them where their workloads live. Smart. [AWS Lambda announces cross-account access for DynamoDB Streams](https://aws.amazon.com/about-aws/whats-new/2026/01/aws-lambda-cross-account-access-dynamodb-streams) Finally fixing what should’ve been day-one functionality, but I’m sure the workaround industrial complex will miss all those “creative solutions” involving SQS, SNS, and a prayer. At least they didn’t make it a premium tier feature. It figures; I spent a fair bit of time in November replicating a stream cross-account into DynamoDB itself. It’s been a while since AWS released a feature right after I worked around, so this feels like a throwback to a happier time. [Enhanced Transactions view now available in AWS Billing Console](https://aws.amazon.com/about-aws/whats-new/2026/01/enhanced-transactions-view-aws-billing-console) They finally fixed the Transactions page so it loads in milliseconds instead of “go grab coffee and pray” minutes. Only took them until 2026 to make a billing interface work at reasonable speed. Your accountant will appreciate not timing out while reconciling invoices. [AWS Data Exports adds granular operation visibility for Amazon Bedrock model usage](https://aws.amazon.com/about-aws/whats-new/2026/01/granular-amazon-bedrock/) Finally, you can see exactly which Bedrock API calls are bankrupting you. Because nothing says “we care about your costs” like adding visibility *after* you’ve been paying for months. At least your CFO can now itemize their disappointment by operation type. Meanwhile I’ve been using Anthropic directly for over a year now just so I can see per model and per API key what’s using what… [Amazon EC2 X8i instances powered by custom Intel Xeon 6 processors are generally available for memory-intensive workloads](https://aws.amazon.com/blogs/aws/amazon-ec2-x8i-instances-powered-by-custom-intel-xeon-6-processors-are-generally-available-for-memory-intensive-workloads/) “Custom Intel Xeon 6 processors, available only on AWS” is a fancy way of saying Intel cut them a special deal that you’ll pay for through instance pricing. Those SAP HANA workloads just got 50% faster at extracting money from your budget. At least the licensing savings are real. [Opening the AWS European Sovereign Cloud](https://aws.amazon.com/blogs/aws/opening-the-aws-european-sovereign-cloud/) So AWS built a whole separate cloud just for Europeans who don’t trust… AWS. That’s some galaxy-brain business strategy right there. At least they’re honest about it taking an entire independent infrastructure to convince regulators they won’t peek at the data. Note, AWS ESC is pronounced “AWS-esque,” as in “rhymes with desk.” [AWS Organizations now supports upgrade rollout policy for Amazon Aurora and Amazon RDS automatic minor version upgrades](https://aws.amazon.com/blogs/database/aws-organizations-now-supports-upgrade-rollout-policy-for-amazon-aurora-and-amazon-rds-automatic-minor-version-upgrades/) Finally, a way to test database upgrades in dev before they crater production automatically. Revolutionary stuff, if you ignore the part where competent DBAs have been doing this manually for decades. At least AWS waited until 2026 to charge you for automation of basic operational hygiene. [Provision Oracle Database@AWS stack using AWS CloudFormation](https://aws.amazon.com/blogs/database/provision-oracle-databaseaws-stack-using-aws-cloudformation/) Oracle’s running their Exadata boxes in AWS datacenters now, and they’ll let you provision them via CloudFormation. Because nothing says “cloud native” like racking Oracle hardware in someone else’s building and charging you OCI prices while you’re already paying AWS. This partnership makes strange bedfellows look normal. [CLI v1 Maintenance Mode Announcement](https://aws.amazon.com/blogs/developer/cli-v1-maintenance-mode-announcement/) The CLI that launched a thousand scripts is heading to the retirement home in 2027. At least they’re giving you 18 months’ notice instead of the usual Google surprise deprecation. Time to update those bash scripts before your infrastructure becomes a museum exhibit. Maybe now it can stop being the default GitHub branch? [CVE-2026-0830 – Command Injection in Kiro GitLab Merge Request Helper](https://aws.amazon.com/security/security-bulletins/rss/2026-001-aws/) Turns out folder names can execute arbitrary commands in AWS’s agentic IDE. Because what could possibly go wrong letting AI write code while also parsing untrusted input? Patch immediately, then maybe reconsider whether “agentic” tools need quite this much agency over your system. … and that’s what happened ***Last Week in AWS.*** ## You might also like [More Newsletter Issues](https://www.lastweekinaws.com/newsletter/) Issue No.468 ### [Multicloud Interconnect and the Great CVE Hunt](https://www.lastweekinaws.com/newsletter/multicloud-interconnect-and-the-great-cve-hunt/) [Read More about Multicloud Interconnect and the Great CVE Hunt](https://www.lastweekinaws.com/newsletter/multicloud-interconnect-and-the-great-cve-hunt/) Issue No.467 ### [S3 Files and an AI-Powered Singing Rat Trap](https://www.lastweekinaws.com/newsletter/s3-files-and-an-ai-powered-singing-rat-trap/) [Read More about S3 Files and an AI-Powered Singing Rat Trap](https://www.lastweekinaws.com/newsletter/s3-files-and-an-ai-powered-singing-rat-trap/) Issue No.466 ### [S3 Gets Vectors, CloudFront Gets SHA-256, You Get the Bill](https://www.lastweekinaws.com/newsletter/s3-gets-vectors-cloudfront-gets-sha-256-you-get-the-bill/) [Read More about S3 Gets Vectors, CloudFront Gets SHA-256, You Get the Bill](https://www.lastweekinaws.com/newsletter/s3-gets-vectors-cloudfront-gets-sha-256-you-get-the-bill/) Issue No.465 ### [Aurora PostgreSQL: Now Free Enough to Be Dangerous](https://www.lastweekinaws.com/newsletter/aurora-postgresql-now-free-enough-to-be-dangerous/) [Read More about Aurora PostgreSQL: Now Free Enough to Be Dangerous](https://www.lastweekinaws.com/newsletter/aurora-postgresql-now-free-enough-to-be-dangerous/)