Good Morning!
I’m in Cancun this week, so if there’s anything you think I got wrong this week, I blessedly won’t have to hear about it until I’m back. Have fun!
From the Community
Google Cloud took an outage, and it’s curious to me that it seems that no core Google offerings were down. Search? Ads? It shows a lack of eating their own dogfood. If AWS took a global nap (something hard to imagine, I admit), there’s zero chance that Amazon’s storefront would work…
Frequent reauth doesn’t make you more secure is something that needs to be shouted from the mountaintops, apparently.
Podcasts
Last Week In AWS: AWS What’s New Got Old
Choice Cuts
AWS IAM now enforces MFA for root users across all account types – FINALLY. We’ve only wanted this since, when, 2006?
One Year EC2 Instance Savings Plans are now available for P5 and P5en instances – Suddenly this month all of the GPU instances (not the latest ones, of course) seem to be on sale over at AWS.
AWS Certificate Manager introduces exportable public SSL/TLS certificates to use anywhere – I think my writeup on the topic encapsulates this nicely. Good feature. Keep going.
Verify internal access to critical AWS resources with new IAM Access Analyzer capabilities – This is $9 a month per resource! That is so far beyond "reasonable" pricing that I have to wonder if it’s some kind of joke. At a glance it’d turn my $504 AWS bill into ~$1750, and I’m not fully convinced it’s seeing all of the eligible resources to which it’d apply. I’m sorry, but I’m hard pressed to imagine a scenario where the data breach isn’t less expensive.
Introducing AWS CDK Community Meetings – If you’re looking for something to to tomorrow that has strong PTA energy, AWS has something for you.
Rapid monitoring of Amazon S3 bucket policy changes in AWS environments – Again, this sure seems like something that could be built into the S3 service natively. And yes, without charging an arm and a leg for it.
1Password’s New Secrets Syncing Integration With AWS | 1Password – This was announced by 1Password, not AWS, but merits inclusion here. Secrets Manager remains the best at one thing: charging per password. I’d rather see integration with the (excellent) Session Manager Parameter Store, personally.
CNBC reports that Anthropic’s Claude 4 "launched on Trainium2 GPUs" and there are some questions I have. Exclusively, or some small part ran there so it checked a box? When did AWS start calling Trainium2 a "GPU" instead of a "systolic array?" And it seems weird to run inference workloads on something called Trainium when Inferentia is right there, so I find myself very confused here.
Credit where due, AWS has reverted their terrible AWS What’s New feed interface. This is why we get noisy!
Tools
Before they backpedaled and fixed it, someone made An AWS news feed interface that doesn’t blow. Their words, not mine.
Another stab at a pricing calculator, this one for DynamoDB.
… and that’s what happened Last Week in AWS.
