Good Morning!

AWS has been talking about log4j issues so much this week that I suspect they’ve found a way to make it run containers. In any case, happy holidays for those who are entering a restful two week period. The rest of us will be envying you.

(Want to read this article online or share it with your friends on Twitter or Slack? As always, you can find it right here: Log4J For Containers)

From the Community

This issue is sponsored in part by my friends at ChaosSearch! As you know, running log analysis with Elasticsearch at scale can be unstable, relentlessly time-sucking and surprisingly expensive. Now try ChaosSearch – a fully managed log analytics platform that delivers the Elasticsearch API you love, with built-in Kibana, but with No ElasticSearch under the hood! ChaosSearch activates your Amazon S3 as a true data lake, for analytics at scale, with no data movement, no data retention limits and savings of up to 80% vs an ELK Stack. In fact with ChaosSearch, you can start with 3 easy steps: Store, Connect & Analyze. So start experiencing insights at scale from ALL of your data (and tell them I sent you)! Sponsored

A dive into AWS Re:Liability; the Status Page status.

What’s the best database? That’s right; you’re going to love this article on Using Route53 as a Key Value Store in GitHub Actions.

An insightful point: Everything is Build vs Buy, Even the Cloud.

A fun failure mode of AWS Transit Gateways encountering large packets.

Having to pretend to be other AWS services in order to get something to work should neither be necessary nor possible, and yet… Spoof Amazon Eventbridge messages to send custom messages through AWS Chatbot.

I got to interview Jeff Barr in a snarky format; here’s my synopsis of the recording.

Chris Farris has a comprehensive and snarky re:Invent 2021 Recap. I like this!

I guested on a podcast to talk about getting the high score on the AWS bill.

A fun recollection from Tim Bray about the inside story around filtering events in AWS.

I had an article published in The Information asserting that AWS Is Too Big to Fail (paywall).

A dive into using CloudFront origin groups to increase availability on SPA deployments. I’m sure the recent outage issues have nothing to do with the timing of this article and many like it.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

The AWS Transactional Services team builds some of the most foundational distributed systems that underpin and power many of the large AWS services and several of the most critical components of the retail platform. We specialize in building high performance, highly available data systems that provide strong transactional guarantees at scale.

We’re named Glassdoor’s #1 Best Place to Work! We’re building the analytics engine that helps 6,000 companies make smarter decisions.Heap is hiring Senior Infrastructure Engineers and Senior DevOps Engineers for our Platform Infrastructure team!

If you’re ENTHUSIASTIC about scaling Engineering Ops via Cloud Engineering Ops; COLLABORATIVE in selecting and incorporating the best DevOps tooling to support scale; and DRIVEN toward infrastructure-as-code and production-release made easy; continue because there’s more:While the above highlights DevOps, we are looking to obtain those who enjoy building with a focus on stability, operability, and tools to help us de-risk our stack and add more 9s to our availability.

If we’ve piqued your interest, find out more below and apply here: Infrastructure Engineer, Platform (Senior / Staff)

Heap Engineering Blog: Virtual Events: Making Data-Driven Decisions a Reality

Truss is a distributed-first, software consultancy that cares about communication, inclusivity, and modern software development practices. We push the envelope on building efficient technology that improves people’s lives. Currently, we’re seeking stellar Infrastructure Engineers and Sr. Infrastructure Engineers to help us with commercial and government contracts.

The AWS Billing team delivers timely and accurate invoicing to customers to enable confident purchasing decisions at all phases of cloud adoption. We’re building a modern commerce platform for the future of IT: enabling cloud-native pricing for all AWS services, keeping pace with rapid global expansion, and delivering at an unmatched scale. Our team sits between every AWS service team and every single AWS customer, generating millions of invoices worth billions of dollars every month. Most importantly, we work backwards from our customers to drive innovation and the new functionality that they have come to expect from AWS. As part of the AWS Billing team, you’ll be part of delivering the necessary capabilities to bring services to customers around the world, supporting custom pricing and billing models, driving global compliance, and generating customer invoices. You will run massively-scaled services and your ownership will start with metering records and contractual arrangements and end with the customer’s invoice. Our team is passionate about career development through mentorship, training, and upskilling. We also support flexible schedules to help our team achieve a better work-life balance.

Choice Cuts

🌐 CloudGraph is the open-source GraphQL API for AWS. Write simple queries, solve complex security, compliance, and cost challenges. CloudGraph answers questions like, 🔓 “Across all our accounts do we have any public S3 buckets, unencrypted EBS volumes, or internet-facing load balancers?” or, 💰“How much am I paying on a daily basis for each M5 EC2 instance in us-east-1 with the tag, “Environment: Staging?“. Check us out on Github. Sponsored

Ready to get to grips with Apache Kafka? Lenses Box is a complete container solution for you to learn how to build applications on a localhost Apache Kafka docker, complete with Lenses developer experience. Here you can practice developing streaming applications with SQL, use a real-time data & applications catalog to navigate metadata, and protect it all with granular role-based access controls. Whew. Sponsored

Amazon FinSpace is now in scope for SOC 1, SOC 2, and SOC 3 compliance – On the one hand, I’m aware that these certifications require time to achieve. On the other, I’m trying to imagine pitching this to FinServ customers without having them. Tough pitch!

Amazon Lookout for Vision now supports visual inspection of product defects at the edge – Meanwhile “Amazon Lookout for Twitter” now supports visual inspection of product defects in items that shipped to customers.

Amazon Nimble Studio adds new features to support Linux, Usage Based Licensing, and Los Angeles Local Zone – “Los Angeles Local Zone” is kind of a no-brainer for what is effectively a video editing and render studio in the cloud.

Amazon Route 53 updates API actions – Unfortunately the API still looks basically like shoving JSON into XML, a combination that only IBM could love. Seriously, JSONx is an unholy merger of the two that IBM built.

AWS Ground Station Launches a New Antenna Location in Punta Arenas in Preview – Two problems here. First, “Launches” and “Ground Station” mean different things than this headline intends them to. Secondly, an antenna isn’t really something you preview…

Now Open – AWS Asia Pacific (Jakarta) Region – AWS’s Jakarta region has launched with d̶o̶z̶e̶n̶s̶ several of services! Look for that to expand in the near future.

How Goldman Sachs built persona tagging using Apache Flink on Amazon EMR – I almost missed this the first time I saw it because the Goldman Sachs personas looked like a reprint of “Rich Dad, Poor Dad.”

What’s new in Amazon Redshift – 2021, a year in review – Alternate title for the same article: “What’s new in Snowflake – 2018, a year in review.”

Replicate your data from Amazon Aurora MySQL to Amazon ElastiCache for Redis using AWS DMS – “Use a third service to move data between two of our services” feels less like a feature than a bug to me.

Using AWS security services to protect against, detect, and respond to the Log4j vulnerability – Looking at the sheer number of AWS security services pitched in this article really brings home my “they cost more than the breach” argument.

I don’t approve when AWS smacks former employees with non-compete agreements and I don’t like it any more when Groupon sues Yelp over them either. I see that Groupon is deathly afraid that their former employee is going to tell Yelp the secret of losing 94% of their value during the time they were a public company.


You know how git works, right? “Sorta!” you respond. “Kinda! Not really. Please ask someone else!” That’s all of us. Git is how we build things, and Netlify is one of the best ways I’ve found to build those things quickly for the web. Netlify’s git-based workflows mean that you don’t have to play slap and tickle with integrating arcane nonsense and webhooks (which are themselves about as well understood as git). Give them a try, and see what folks ranging from my fake “Twitter for Pets” startup to global Fortune 2000 companies are raving about. If you end up talking to them (because you don’t have to; they get why self-service is important!) be sure to tell them that I sent you, and watch all of the blood drain from their faces instantly. You can find them in the AWS Marketplace, or at Sponsored

Remember when the services available per region table that AWS made available was actually useful and showed a table of service availability with more than one region displayed at a time? brings back the glory days when AWS helped customers here rather than leaning on the community to fix it for them.

Serverless now has a way to Setup a Custom URL Shortener in 2 Minutes. Having built a few of these by hand, I wish I’d had this back then.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.