Good Morning!

AWS had its Storage Day last week, and it felt like a long overdue rain after a drought. It contained a bunch of very impressive releases instead of halfhearted nonsense. Sure, the pricing was a bit screwy on some of it, but these are welcome enhancements and expansions instead of someone’s lackluster attempt to get themselves promoted. Please continue the trend; I promise you, you don’t have to release everything that’s good during a one week span directly after American Thanksgiving.

From the Community

By now, most of you know that I’m a huge fan of ChaosSearch – not because they sponsor my newsletter, but because their revolutionary solution for log analytics actually works! Now, ChaosSearch and The Eckerson Group have just published a new whitepaper called “Log Analytics for CloudOps.” This whitepaper explains why traditional pipelines for log analytics break down, and how CloudOps can streamline or re-architect these pipelines to optimize productivity. You see, the best CloudOps teams stay agile by quickly and accurately responding to events that require speed, scale, or innovation. But this requires a new approach to log analytics pipelines – and I, Corey Quinn, am here to tell you that ChaosSearch is doing that right now, for companies like Klarna, Blackboard, Equifax, Armor and more. So check out the new ChaosSearch whitepaper “Log Analytics for CloudOps” and check out ChaosSearch today – and tell them I sent you! Sponsored

Trust the community to deliver a List of AWS Service Principals when AWS falls down on the job.

A dive into Margins vs Free Cash Flow viewed in the context of Pinterest’s reported $3.2 billion AWS spend commitment. This isn’t nearly so dry as it sounds – I promise.

When someone leaves AWS and immediately posts a blog, it’s worth reading. In this case the person is Matt Asay, their former Head of Open Source Strategy here to tell us what we don’t know about working with AWS.

Forrest Brazeal’s joining Google Cloud prompted me to author Hey AWS, You’re Missing Forrest for the Trees.

AWS is apparently debating being more aggressive in removing content that violates their acceptable use policy. When people start banging on about this being “political censorship,” take a second to review the actual Acceptable Use Policy and see if you can figure out which of the six categories of material that AWS will not tolerate on the platform constitutes a political opinion.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

The Duckbill Group (that’s me!) is hiring a Head of Consulting Services to join the team. We’re looking for someone skilled in managing and leading people, as well as in building and optimizing delivery processes. As a member of the leadership team in a nine-person company, you contributions will be instrumental to our continued growth and success. AWS expertise isn’t required, but it’s certainly a bonus. If you’re interested in a role that’s fully-remote, has big impact, and you want off the VC rollercoaster, come check us out.

As a Software Development Engineer on the Consumer Reliability Engineering (CRE) Red Team, you will build software to automate chaos experiments at all levels of granularity. You will build software that produces Prime Day/Cyber Monday scale traffic simulations for the global Amazon websites ahead of large scale events. If you’ve ever wanted to shake the tree and see what falls out of Amazon-scale software systems, this is your opportunity to do so. The learnings from your software and chaos experiments will fundamentally change how Amazon measures the resilience posture of its retail websites, and will ultimately drive the improvement of the software owned and operated by literally thousands of developers. Sound spicy? It is! Check out more here.

Choice Cuts

Observability is critical for managing and improving complex business-critical systems. With observability, any software engineering team can gain a deeper understanding of system performance, so you can perform ongoing maintenance and ship the features your customers need. Preview Honeycomb’s upcoming O’Reilly book to understand the value of observable systems and how to build an observability-driven development practice. Sponsored

How do you communicate with your users from your app? In most cases, it’s likely a labyrinth of coded templates and APIs. This doesn’t scale and that’s why we built Courier. The Courier API enables companies like LaunchDarkly and Lattice to deliver complex automated notification experiences quickly and efficiently. Read LaunchDarkly’s story or sign up for free. Sponsored

AWS Distro for OpenTelemetry adds support for Amazon ECS in Amazon CloudWatch Container Insights and metrics support for AWS Lambda applications in Amazon Managed Prometheus (Preview) – It’s impossible without clicking to determine whether this is real, or created by the fake AWS release announcement generator.

AWS Systems Manager enables additional application management capabilities – “Systems Manager Application Manager” is such a bad name for a service offering that even AWS avoids using it in the title of the feature announcement.

Amazon EBS direct APIs now supports creating 64 TB EBS Snapshots – I didn’t understand what RAW photo format was when I got my first digital camera, so I used to email 64TB snapshots by accident all the time.

AWS Lambda now supports AWS PrivateLink in previously unsupported Availability Zones – Okay, I don’t give a toss about Lambda’s PrivateLink support. The actual news here is that Availiability Zones are absolutely not all the same within the US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Mumbai), South America (São Paulo), Canada (Central), and EU (London) regions. I really want an authoritative list of which AZs I should studiously avoid in those regions, please. This isn’t to dunk on you folks; it’s to guide new customers away from specific environments where they’re likely to have a suboptimal experience.

AWS Transfer Family simplifies managed file transfer workflows with low code automation – I like this release, despite the fact that “low code” clearly means “without having to use a Lambda function to glue our stuff together” over at AWS.

Introducing New AWS Solution Provider Program Incentives for AWS Partners – “You get money when your customers spend more on AWS” is a conflict of interest in some ways. Look, I’m not accusing anyone of malfeasance here, but this feels an awful lot like incentivizing the deployment of Managed NAT Gateways to client accounts. Even the perception that this might be possible is one of the reasons why The Duckbill Group is not an AWS Partner.

Inspect Subnet to Subnet traffic with Amazon VPC More Specific Routing – I’m a big believer in making fun of AWS’s service names for a few reasons. Most obviously, they’re really bad names. Slightly less obviously is that nobody spent 18 months naming a service they way they did building the service (and if they did, they should feel bad about it!). And even less obviously is that it’s a joke that anyone, no matter how they fare in terms of technical ability, can understand the joke and laugh along at home. All of which is to say that “Amazon VPC More Specific Routing” just leaves me, for once, with nothing snarky left to say.

New – Amazon EFS Intelligent-Tiering Optimizes Costs for Workloads with Changing Access Patterns – For some reason I thought that this was already how it worked. Huh. Looks like there are some caveats that mean I was getting charged retrieval fees for infrequently accessed files that became active again; this release makes the thing that exists work the way that I thought it did. On the plus side, in my environment it appears that this has been costing me roughly 3¢ a month. I have already requested a refund.

New – Amazon FSx for NetApp ONTAP – I adore this so much. NetApp is the gold standard for NFS in production environments. If I can get this service offered in a more serverless way without a 1 TB minimum filesystem size (like EFS only with ONTAP’s benefits) I would advocate using it for use cases both sensible and profane.

New for AWS CloudFormation – Quickly Retry Stack Operations from the Point of Failure – Well this is a surprise, but a welcome one. “You can fix the thing that isn’t working in your CloudFormation stack without tearing the whole thing down first” is a massive timesaver for those of us with “iterative development practices,” which is a formal term for “whacking keys on the keyboard at random until the bloody thing works.”

How to Accelerate Performance and Availability of Multi-region Applications with Amazon S3 Multi-Region Access Points – S3 suddenly has multi-region buckets. Okay, not really, but that’s how it presents to developers and their applications. This is a fantastic release that’s great for customers. Really, my only complaint is that the pricing is clearly designed by malevolent clowns who finish the summary of the nondeterministic and completely unpredictable cost structure with “in other words the routing cost is easy to estimate.”

Solving interoperability in healthcare with AWS Marketplace – How about AWS solves for interoperability between its own service teams first?

Announcing new AWS SDK for Swift alpha release – There’s also apparently one for Kotlin. To me the interesting part is that there are still widely used languages that don’t have native SDK offerings.

Centralize or Decentralize? – This argument for decentralizing echos why I’m not a fan of “Cloud Centers of Excellence.”

Bluetooth Low Energy (BLE) IoT Mobile Application with AWS Amplify, AWS IoT and Swift – I like the demo, but it falls subject to the common IoT use case. To build this demo, you need a bunch of software as well as an Arduino device. It’s more of a commitment than “just the software bits.” I still have an AWS IoT EduKit dingus gathering dust because I have no idea what to do with it yet.

Amazon Managed Grafana is now Generally Available – And once you deploy it, you can get a dashboard that displays its specific availability.


The forecast is showing clouds so make sure you’re prepared with simple, secure, and cost-effective cloud data protection from Veeam. Take advantage of this exclusive Veeam offer that includes: unlimited AWS backup FREE for 30 days, $250 AWS credits, and 3 months free when you buy. Veeam has you covered – check it out! Sponsored

I am in love with this. Forget Route 53; we can now use AWS Tags As A Database.

The aacli tool lets you programmatically authenticate into AWS accounts through IAM roles in a multi-account AWS Organizations setup. Y’know, the way you’re supposed to do it but AWS gives you remarkably few tools to get there?

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.