Good Morning!
From the Community
This observation that SSDs Have Become Ridiculously Fast, Except in the Cloud matches what I’ve been seeing. There’s always a network hop to get to the disk invoked in clouds…
Wait—if you’re in Canada apparently Amazon Q lying to you can be legally binding?! Hot new tip for AWS cost savings just dropped!
When AWS invariants aren’t [invariant] is a terrifying thing to contemplate…
If you tell me that you’ve built a better mousetrap than the S3 team, I have oh so very many challenges and questions for you before I think you’re even within the same universe as being correct–but it looks like the folks at Tigris may very well have done it.
Okay, dunking on Microsoft for its Azure security issues is pretty common around here, but this claim that Microsoft Azure Hit With The Largest Data Breach In Its History is absolute crap. Azure itself wasn’t breached; they were impersonated, and a bunch of folks entered their credentials into a third party that then compromised them. Sure, it’s bad–but pinning this on Azure as if it was somehow their security lapse is a bridge too far. Blame them when they get it wrong, but this wasn’t one of those times.
Google has expanded into AWS territory by giving the user of a free dataset a BigQuery bill shock to the tune of $14K.
Podcasts
Last Week In AWS: Managed OUs and An Intriguing IAM Hierarchical Model
Screaming in the Cloud: How Scaling Turns Rare Occurrences Into Common Ones with Jason Cohen
Screaming in the Cloud: Overcoming Cloud Development Obstacles with Elad Ben-Israel
Choice Cuts
AWS Incident Detection and Response now offers five minute response time for critical incidents – Given that this starts at $7K per month per workload, I don’t think expecting a 5 minute response time when things explode is at all unreasonable.
Multiple solution tagging on ACE opportunities – "Measure what you care about" is always true, and apparently talking to an AWS Partner is increasingly going to be gamified into "how many solutions can we force on them until they catch on?" This kind of post clearly doesn’t thrill me.
Introducing the .NET 8 runtime for AWS Lambda – It’s still kinda odd to me that for some languages, new runtimes really matter–and for others, "eh, stuff it in a Docker container and get back to work" is de rigueur.
Best practices for managing Terraform State files in AWS CI/CD Pipeline – This sure is a lot of words to describe what most of us are already doing: storing the state file in S3, with an optional locking mechanism in DynamoDB. See, the entire reason HashiCorp has a Cloud product at all is that AWS never bothered to think from the customer perspective on this point. "Gee, I’d like an authoritative hosted service that keeps the state of my infrastructure up to date and handles locking issues." I’m still surprised that they remembered to teach CloudFormation to read from a Git repository at re:Invent; I keep meaning to try that one out.
Understand Amazon S3 data transfer costs by classifying requests with Amazon Athena – Yeah, I hate this. Yes, yes, the solution is great and all, but it includes gems such as "here’s the Python code to generate the SQL query." All of this is just to… understand what you’re paying for data transfer? How did this become a big data problem for the customer to solve? S3 is a marvel, but its billing transparency is increasingly looking like a Stone Age relic.
Tools
I have a ClickOps detector that captures people doing things in the console, but this tool focusing on the detection of manual AWS events seems significantly more comprehensive.
I found a bunch of esoteric git config options and now my computer yells at me every time I try to commit something because it didn’t do what I thought it did. Oops.
… and that’s what happened Last Week in AWS.
