You all helped raise $40,887 for 826 National during our annual Charity T-Shirt drive; thanks for all who participated. It’ll be back next year with another terrible joke.

And of course, all eyes turn now to re:Quinnvent; like re:Invent except, y’know, good. It’s unfortunately that season yet again. If I spot folks wearing the charity shirts in Las Vegas, I may have goodies for them.

From the Community

Blackboard Inc. is a world leader in education technology, committed to supporting learners throughout their lifelong journey. Traditionally, Blackboard’s Product, SRE, DevOps and Support teams depended on a combination of custom-managed ELK stacks and managed Elasticsearch service offerings for centralized log management. But growing daily log volumes and variable spikes in log volumes were causing pain. Unpredictable spikes would cause the ELK stack to go down, making it unusable at times while management and data storage costs grew. Enter ChaosSearch. To see how ChaosSearch helped Blackboard solve this plethora of Elasticsearch challenges, check out the full Blackboard case study here. And when you’re ready to talk to ChaosSearch yourself – tell them that I, the magnanimous Corey Quinn, sent you! Sponsored

Lydia Leong has come out of hibernation in force, with another great blog post, Cloud cost overruns may be a business leadership failure.

The verdict on Lambda Graviton2 functions is apparently cheap and slow as per the community.

The story of a time an employee Almost Rage-Quit Amazon. But it was all right, everything was all right, the struggle was finished. He had won the victory over himself. He loved Big Brother.

I called presenting cloud cost savings like it’s a high score display The TurboTax of AWS Billing and I’m pretty sure I’m right.

I have a guest post up explaining what object storage is.

The article is titled AWS Communism – Part 1: How we cut our Load Balancing cost by more than 96%, but offers no concrete numbers or real examples. I’m disappointed; this had promise and the idea (sharing load balancers between dev workloads) does make economic sense, but this is just a sad lead magnet.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

The Duckbill Group (that’s me!) is hiring a Head of Consulting Services to join the team. We’re looking for someone skilled in managing and leading people, as well as in building and optimizing delivery processes. As a member of the leadership team in a nine-person company, you contributions will be instrumental to our continued growth and success. AWS expertise isn’t required, but it’s certainly a bonus. If you’re interested in a role that’s fully-remote, has big impact, and you want off the VC rollercoaster, come check us out.

Q: What is Amazon GuardDuty?

Amazon GuardDuty offers threat detection that enables you to continuously monitor and protect your AWS accounts, workloads, and data stored in Amazon S3. GuardDuty analyzes continuous streams of meta-data generated from your account and network activity found in AWS CloudTrail Events, Amazon VPC Flow Logs, and DNS Logs. It also uses integrated threat intelligence such as known malicious IP addresses, anomaly detection, and machine learning to identify threats more accurately. #### Q: What are the key benefits of Amazon GuardDuty?Amazon GuardDuty makes it easy for you to enable continuous monitoring of your AWS accounts, workloads, and data stored in Amazon S3. It operates completely independently from your resources so there is no risk of performance or availability impacts to your workloads. It’s fully managed with integrated threat intelligence, anomaly detection, and machine learning. Amazon GuardDuty delivers detailed and actionable alerts that are easy to integrate with existing event management and workflow systems. There are no upfront costs and you pay only for the events analyzed, with no additional software to deploy or subscriptions to threat intelligence feeds required.

AWS EKS is AWS’s managed Kubernetes service offering for those folks who don’t have the good sense to run ECS instead. They’re apparently setting out to build a new service within the EKS offering – because if there’s one thing AWS needs, it’s another way to run containers. This new service will tackle a complex and unique use case of some of their customers who are no doubt scowling at the heavy editorializing I’m doing here. This team makes a point of contributing back to the upstream EKS and open source K8S service community and are emphatic that they collaborate closely with other service teams at AWS to deliver this ground breaking new capability. The containers group is awesome – but after a pitch like that, whatever this new service is had better deliver, right?

Choice Cuts

Trajectory Conference is One Giant Leap for DevOps

Software powers the world. LaunchDarkly empowers all teams to deliver and control their software. DevOps and feature management are reimagining how businesses build and release new products. On November 9th and 10th, LaunchDarkly is hosting Trajectory Conference 2021 — a two-day event for software innovators who want to break orbit, not systems. Trajectory is a fully-virtual conference that focuses on the technology, people, and processes that continuously deliver better user experiences and more powerful software. Register today to join fellow thought leaders shaping the future of software development. Sponsored

Amazon Chime SDK now supports video background blur – Chime SDK’s “Background Blur” is climbing the charts rapidly to challenge Drake’s “Hotline Bling.”

Amazon Corretto October Quarterly Updates – Some of these are (appropriately for the season) spooky.

AWS Fault Injection Simulator now supports Spot Interruptions – I’m conflicted here. “Force a Spot interruption” is GREAT; I’ve been hoping for this for years. I confess I didn’t see it costing ten cents per minute that I run it, though. This just feels nickel and dimey in order to degrade my systems…

AWS Glue Crawlers can now be started using Amazon S3 event notifications – This is a neat feature that leaves you just one slight misconfiguration away from financial ruin.

AWS Pricing Calculator now supports Amazon CloudFront – You’re not going to like this. You need to be able to accurately predict traffic to your website (hard) based upon where your traffic will be coming from (nearing impossible) in order for this thing to be accurate.

AWS Security Hub adds support for cross-Region aggregation of findings to simplify how you evaluate and improve your AWS security posture – Hold the damn phone – an AWS service finally aggregates between accounts and regions? Someone is no doubt getting PIPed for this.

Bulk Editing of OpsItems in AWS Systems Manager OpsCenter – “Wait, you mean you’d want to do something more than once?” Yes. Yes I would.

Introducing Distributed Load Testing on AWS v2.0.0 – I attempted to look at the CloudFormation template here, but due to AWS’s insistence on naming it with a “.template” extension iPad OS refuses to let me view it. Ugh.

Enhanced Airport Passenger Experience with TaskWatch and AWS Panorama – If AWS really wanted to enhance the airport passenger experience, they’d let their employees book something upwards of “steerage.”

How to Use Webhooks to Automate Red Hat OpenShift App Rebuilds from AWS CodeCommit – Usually CodeCommit’s purpose is to demonstrate that an architectural diagram has never been implemented in the wild, but if you’re using RedHat OpenShift then yeah: you’re probably the kind of person who’d be gung ho for AWS’s Like Github But Worse.

Introducing the AWS Networking Competency for Consulting Partners – AWS Networking is so fiendishly complicated that only large well established consultancies (and also Accenture) are able to qualify for the competency.

Swiftly Search Metadata with an Amazon S3 Serverless Architecture – “Build a sidecar database that contains information about the things you’d like to search” is apparently what counts as a novel solution over at AWS these days.

Building containers images for AWS Marketplace containers-based product with AWS CodePipeline – “Building containers images” is awkward phrasing and still somehow the most delightful thing about this monstrosity.

Automate Amazon Redshift Cluster management operations using AWS CloudFormation – Managing stateful things via CloudFormation is the kind of mistake people make exactly once.

Compare different node types for your workload using Amazon Redshift – This isn’t just a pricing guide – oh no. It’s a full on AWS Solution® that installs a bunch of things to tell you what the best price/performance numbers are for Redshift. Not included: an admission that things like this are why Snowflake is kicking Redshift’s ass so hard that it can taste its shoe leather.

Migrate to an Amazon Redshift Lake House Architecture from Snowflake – I’m legit surprised that they didn’t put a “please, oh please” into this headline. Seriously, this thing is just so condescendingly rude to a customer / partner that’s frankly kicking the crap out of anything Redshift has to offer.

Use channel flows to remove profanity and sensitive content from messages in Amazon Chime SDK messaging – I’m predicting you’re going to have some trouble keeping up with profanity and its evolution, you dickwhistle.

Amazon EC2 Auto Scaling will no longer add support for new EC2 features to Launch Configurations – This is how AWS deprecates things; it’ll be there forever, they just stop adding new features to it. Like SES.

AWS Control Tower Account vending through Amazon Lex ChatBot – I really like this idea, but I want it as an out of the box turnkey solution – because right now, it’s an awful lot of “build it myself” to get this off the ground.

Alexa Smart Properties for Hospitality launches in the UK – Oh this isn’t going to go well for anyone. I have a bunch of Alexa devices in my home; appropriate for this month, the house feels freaking haunted.

Scan Amazon S3 buckets for content moderation using S3 Batch and Amazon Rekognition – Great, I get to spend another week explaining to journalists that no: AWS is not doing large scale content moderation on customer content, all because the Rekognition team is so bad at messaging that they should be placed on permanent Verbal Probation.

Dual-stack IPv6 architectures for AWS and hybrid networks – Come back when you get a working IPv6 only stack. That’ll be impressive. This is just a glossy veneer on an old architecture.

Enabling granular operational visibility for CloudFront with CloudWatch – This is the sort of thing that real CDNs give customers out of the box, and AWS tells the customer to build it themselves while also charging them for the privilege.


Observability is critical for managing and improving complex business-critical systems. With observability, any software engineering team can gain a deeper understanding of system performance, so you can perform ongoing maintenance and ship the features your customers need. Preview Honeycomb’s upcoming O’Reilly book to understand the value of observable systems and how to build an observability-driven development practice. Sponsored

I’ll be running the AWS Lambda Power Tuning dingus this week to see whether or not Graviton2 Lambdas functions are actually worth migrating to. One way or another I will have Opinions for you next week.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.