Good Morning!
The Festival of Quinns is nearing an end but we’re not quite there yet!
From the Community
The best way to get someone to completely ignore you is to alert them about things that are completely irrelevant. (This is clearly news to the AWS Marketing team that handles feature announcements.) DisruptOps helps you find and fix cloud security issues rapidly by filtering out the noise so you just get the alerts you want to receive. DisruptOps gives security and DevOps teams prioritized findings and routes relevant alerts to Slack, Microsoft Teams, or JIRA — with automated response options that save you both time and your own rapidly decaying patience. Finally, security is inside your workflow, instead of in your way. Get to know DisruptOps, and tell them I sent you for a free 30-day trial. Sponsored
Lambda@Edge is sad; CloudFront Functions less so. Here’s a migration story.
If you spin up an Amazon Workspace, it creates a directory for you. That directory is free! When you stop using Amazon Workspaces, that directory hangs around and costs you 5¢ an hour in perpetuity. What this article describes as a billing gotcha, I describe as actively hostile towards customers.
You learn a lot of lessons after 2 billion Lambda executions. Some of those lessons are about billing.
We published our AWS Cost Allocation Guide: Aggregating and Assigning Cloud Costs.
We have a guest post up on four ways to get free AWS credits. We sadly had to scrub #5, “threatening your account manager’s pets.”
I wrote about The Great Lie that we all tell ourselves.
A deep dive into Firecracker: the technology powering AWS Lambda.
This piece of sponsored content that AWS apparently paid good money for tells the story about how Amazon broke free from Oracle. I would point out both that A) “we took three years to migrate off of Oracle and we’ve got Amazon’s level of technical expertise” is a terrific example of why to not do that exact thing, and B) at no point does Amazon explicitly state that they don’t still have production workloads running on Oracle.
Troubling reports of gender discrimination at AWS have emerged. At the moment I have no reason to suspect that the investigation will be anything but sincere. If that changes, I promise you will hear about it here.
A Serverless Folk Song for your amusement. Dear lord.
The Artwork Archive accidentally made that artwork public domain as it scored itself an S3 Bucket Negligence Award.
Jobs
If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!
Your curiosity of the world drives everything you do. You thrive in a collaborative environment where you get to build software in finance, healthcare, IoT, telecom, home security and automation, or other industries. You’d feel like you are home at Chariot Solutions. We’re a boutique software development firm looking for senior engineers – Java, Python, Node, AWS, React, Angular, iOS, Android. We’re one of top workplaces in the Philadelphia area, and we founded, curate and host Philly ETE, a conference with world-class speakers that’s been running since 2005. Our team sets us apart, including leadership that truly cares and treats you like family. We are committed to continuous learning and improvement, and we pay it forward to the tech community, attend and speak at conferences, and strive for work/life balance. Check out our job listings and apply to join us today.
The AWS User Experience Products & Platform team is responsible for products that enable AWS users to manage their applications and infrastructure on AWS. Our mission is to deliver an effective, efficient, and loved user experience that makes it easy for all users to discover, learn, and build on AWS. Today, we own the AWS Management Console, the AWS Console Mobile App, the AWS Chatbot, as well as the User Experience Platform used by 175+ AWS service teams to develop and deliver their user experience across multiple channels (web, mobile, chat).
Choice Cuts
Orca Security: Cool Vendor. Cool Category. Cool Customers – ### Orca Security: Cool Vendor. Cool Category. Cool CustomersGartner has recognized Orca Security as a 2021 Gartner Cool Vendor in Cloud Security Posture Management (CSPM). Orca Security surfaces the most critical risks in AWS, Azure, and GCP in minutes, not months. These include vulnerabilities, malware, misconfigurations, weak and leaked passwords, lateral movement risk, and misplaced PII for both the workload and the cloud configuration itself, all while guaranteeing 100% coverage. Before Orca, this was simply not feasible. Sponsored
Just released! The ChaosSearch 2021 Benchmark Report on Log Data Management and Analytics. Recognizing the need for a broader view on how companies are managing their log data, we recently surveyed a wide group of organizations that make heavy use of log data in their day-to-day operations. The result is the ChaosSearch 2021 Log Management and Analytics Benchmark Report – now available for free. Learn key insights and findings on how companies are using log data management today to drive their operations, including: best practices for log data management, performance assessment; real-life customer use cases; top challenges; key investment areas, and a few surprising use cases! Get your copy of the ChaosSearch 2021 Log Management & Analytics Benchmark Report today! Sponsored
Amazon Virtual Private Cloud (VPC) customers can now assign IP prefixes to their EC2 instances – This appears to be capped to a /28 for each prefix, but has no direct charges associated with it beyond what you’re already paying. Ergo IP prefixes have Prix Fixe pricing.
Announcing availability of Red Hat Enterprise Linux with Microsoft SQL Server for Amazon EC2 – You can now run Microsoft SQL Server on Red Hat Enterprise Linux on EC2, but you should immediately stop whatever the hell it is you’re doing and re-evaluate what has led you to this dark and terrible place.
AWS Announces General Availability of Amazon EBS io2 Block Express Volumes – This makes the answer to “can we have a SAN in the cloud” significantly more nuanced.
Introducing AWS Edit in the Cloud – You have to read the actual architecture diagram linked from this blog post in order to figure out that “editing” in this case primarily refers to “video editing.” It certainly doesn’t extend to “editing AWS blog posts for clarity.”
CohnReznick Automates Claim Validation Workflow Using AWS AI Services – The best way to validate $300 in claims is via $4,000 worth of inscrutable Machine Learning® services.
Perform Chaos Testing on your Amazon Aurora Cluster – At long last AWS evolves the ability to rip the disks out of the database while it’s running. You’ve been doing that on-prem for years, always by complete accident.
Build a live streaming chat application using Amazon IVS and Amazon Chime SDK – This is a great demo of a solution that apparently the virtual re:Invent event team has yet to discover based upon last year.
Introducing AWS SAM Pipelines: Automatically generate deployment pipelines for serverless applications – I was all set to make a snarky comment about how this should support GitHub Actions in a future release, but get this: it already does in preview. First class work by the team that simultaneously helps customers and takes the wind right out of my sails. Next time I’ll be ready, SAM team…
Building a centralized Amazon CodeGuru Profiler dashboard for multi-account scenarios – Most companies would view “wow, this sure is a long and detailed blog post on how to let a service speak between multiple accounts” as a leading indicator that “wow, our multiple-account story apparently really sucks and we should absolutely find ways to make it way easier for customers to interact with.”
The new Amazon GameSparks is coming – Amazon once again tilts at its own windmill: the gaming industry.
Leading cloud innovators in Media & Entertainment: Netflix – Did you know that Netflix is an AWS customer? If you didn’t, you clearly have never seen a re:Invent keynote, attended a conference talk presented by an AWS employee, or spent more than two minutes speaking to an Amazonian.
Introducing the Amazon Pinpoint SMS sandbox – I’ve gotta be honest here: compared to Twilio, the Pinpoint developer experience makes this more of an SMS litterbox.
How The Washington Post’s Arc XP uses CloudWatch Metrics Explorer to reduce costs – It’s always great to see our clients talking about their successes. The Washington Post team was great to work with; their Lambda usage pattern was a fascinating challenge. “Using tags to programmatically determine which functions should have their concurrency / provisioned capacity adjusted before they hit a wall” is the kind of solution that doesn’t apply to most shops–but it most assuredly did here!
How to put a supercomputer in the hands of every scientist – AWS walks you through the process of buying every scientist an iPhone.
Scheduling satellite contact using AWS Ground Station and Python SDK – It takes sending satellites to orbit to pull it off, but AWS finally lets you schedule something without using cron syntax.
How to restrict IAM roles to access AWS resources from specific geolocations using AWS Client VPN – This dovetails nicely with the ability to restrict connections to AWS resources from areas with poor or absent internet connectivity.
AWS simplifies program for AWS Partners to offer, deliver, resell AWS Training – AWS makes it easier for training partners to do the most important thing from AWS’s perspective: making very sure that at no point do they describe a service with the wrong ‘Amazon’ vs. ‘AWS’ prefix.
Tools
Flying blind in the cloud? Lacework provides a flight recorder for your user, API, and container activity – all organized into behaviors that deliver answers in seconds and takes you out of the analysis paralysis game. Whether you’re ready to take the red pill or the blue pill, Lacework bridges the gap between DevOps and Security. Lacework makes it easy with everything from compliant service configurations to container app topologies – no rules required. Got doubts? Challenge accepted. See for yourself at lacework.com/lastweekinaws Sponsored
You can use API Gateway’s large pool of IP addresses as a proxy for all kinds of things if you want to.
A way to describe ddbcereal is that it strengthens your python code’s ability to serialize/deserialize DynamoDB at scale. A better way to describe it is that it “makes your protocols buffer.”
… and that’s what happened Last Week in AWS.
