Good Morning!
If you (well, not you, but probably the saddest looking person on your finance team) are tracking commitments in spreadsheets and hoping your discount strategy still makes sense, you’re not alone. Most teams are cobbling together strategies/tools that weren’t designed for the scale and complexity of modern cloud environments. That’s why we’re building Skyway over at Duckbill—to take you away from all that. Now the exclusive sponsor of Last Week in AWS, and also the company I co-founded. Cloud contract issues? Get in touch.
Things I Found on the Internet
A platform engineer finds a trivial auth bypass in a major diving insurer’s (read as: DAN) member portal – sequential user IDs, shared default passwords, no rate limiting – and responsibly discloses it. Their reward? Legal threats instead of a thank you. This writeup is infuriating and entirely too common a story.
Google spent a decade telling developers API keys weren’t secrets and to embed them in client-side code. (Wait, what?) Then Gemini silently made those same keys authenticate to sensitive endpoints. (Are you shi–) Truffle Security’s research found nearly 3,000 exposed keys on public websites that now grant Gemini access nobody intended. This is a genuinely ugly design failure.
Amazon built its culture on the idea that writing forces clear thinking. Now leadership is pushing employees to let AI write their six-pagers instead. This piece from Big Technology talks to over fifteen current employees about what happens when the process that was the point becomes the thing you automate away.
Chris Farris nails it: treat your agentic AI like a new hire, not a god. This piece reframes AI security as insider threat management, which is the most sensible take I’ve seen. Give it an SSO identity, least privilege, and maybe don’t hand the intern the nuclear launch codes.
If you’re building on Bedrock and wondering why you’re only getting 5% of advertised quotas, this frustrated but well-articulated post nails the experience. Advertising 1000 RPM then delivering 50 while requiring weeks of paperwork to fix it is… a choice. I stopped using Bedrock in a few of my accounts for this exact reason. OpenRouter and Anthropic directly both have a vastly superior user experience, from where I sit.
What AWS Has For Us This Time
Amazon Aurora DSQL launches Playground for interactive database exploration
Credit where it’s due – removing the account signup friction to get folks using DSQL is genuinely smart customer acquisition. After all, if I haven’t given you my credit card, you can’t surprise me with whatever comes out the other end of the Byzantine Aurora DSQL Billing Puzzle Box.
Amazon Redshift Serverless introduces 3-year Serverless Reservations
Nothing says “serverless” like a three-year commitment billed 24/7 whether you use it or not. At this point the word has been stretched so far beyond its original meaning that it’s just “servers, but we manage them, and you pinky-promise not to leave.” An actual customer-obsessed service team would have integrated with last year’s Database Savings Plans instead of segregating it out into its own thing, which is why my standing recommendation to customers contemplating RedShift remains “if you’re going to set money on fire, consider getting a better result for it with Snowflake.”
Amazon S3 now provides AWS source region information in server access logs
Free visibility into which regions are making cross-region requests to your S3 buckets. Oh my god. I have wanted this for two decades now. SO SOON?!
AWS Compute Optimizer now applies AWS-generated tags to EBS snapshots created during automation
Compute Optimizer now tags the snapshots it creates before deleting your unattached EBS volumes, making it the one thing in your entire environment that actually tags things consistently, GREG.
AWS Lambda Durable Execution SDK for Java now available in Developer Preview
Why did it take over a quarter from the announcement of the feature for the Java SDK to support it, and then only in Developer Preview? That seems… slow?
Trusted Advisor will now tell you about the NAT Gateways you forgot about after last year’s migration, but only if you pay for AWS support. Otherwise Trusted Advisor knows the things that will save you money, but it will not tell you any of it unless you cough up. Poor form, that.
6,000 AWS accounts, three people, one platform: Lessons learned
Three people managing 6,000 AWS accounts is either a triumph of automation or a cry for help disguised as a blog post. Account-per-tenant is the “just give everyone their own VPC” of 2026, and your AWS bill becomes its own observability problem. At least cost attribution is easy: it’s all of it. Oh, and one day you’re going to onboard one additional customer and smack face-first into a limit that AWS either can’t or won’t raise for you, and now you’re in full on panic mode. ASK ME HOW I KNOW.
Petabyte-Scale Cost Optimization: How a Video Hosting platform Saved 70% on S3
Okay, 70% savings is well past “you did a great job of optimizing” and well into “what the hell were you doing before?” Let’s see here… sure enough, “stuffing frequently queried videos into Glacier Instant Retrieval.” Genius. AWS didn’t redact the details well enough, so it looks directionally like half a million saved a year on ~5PB of data stored, on a roughly $2 million annual total AWS bill. The fascinating part is how badly the JITP architecture + GIR combination backfired. The whole point of GIR was to save money on rarely-accessed data, but because the marketing videos kept getting watched, they were paying $30/TB in retrieval fees on data they were saving $17/TB by not storing in Standard. Every single view of a popular video was costing them money compared to the storage class they were trying to “optimize” away from. It’s a beautiful example of why you can’t just set lifecycle policies and forget about them. And why an AI assistant that blindly sets lifecycle policies can absolutely screw you to death, financially speaking.
Transform live video for mobile audiences with AWS Elemental Inference
Speaking of “setting money on fire to serve video from AWS,” turning landscape video into vertical TikTok crops in real time is genuinely useful, and I hate that. They called it “agentic AI” because apparently no product launches in 2026 without that phrase stapled to it. Pricing is… oh my god, this is insane. First, the blog post screenshots call out “$x.xx” which is wild, but the actual pricing page (wayback machine link, because any actual customer obsessed Amazonian / halfway competent marketer is going to treat this page like a raging fire in the building and get it fixed FAST) reeks of “we’ll figure this out later.” “If you use one feature we’ll charge you 15¢ a minute, if you use two features we’ll charge you 23¢ per minute.” No mention of what those features are, why they might be useful, and this banger: “our pricing is designed to encourage you to maximize the value of your content by using multiple features simultaneously.” They… just came out and said “yeah, we’re trying to upsell you to use more features.” Did this miss a memo somewhere? Am I being punk’d? Even GenAI does a better job of slapping words on a pricing page than this, are they being Frugal with the tokens again?
Migrate Amazon EC2 to ECS Express Mode using Kiro CLI and MCP servers
“Migrate your EC2 workloads to ECS using AI tools” is a sentence that would have gotten you involuntarily committed five years ago. Now it’s a blog post with two architecture diagrams. Points for honesty about EC2 being a maintenance tax, but solving complexity with Kiro CLI plus two MCP servers is a bold definition of “simplified.” The fact that they don’t even mention AWS Transform, a service billed as being able to do precisely this sort of thing, kinda says a lot all on its own.
AI-augmented threat actor accesses FortiGate devices at scale
We know they were using ChatGPT for this and not Claude, because otherwise this would have been turned into a customer success story for using Amazon Bedrock for something.
AWS posted a “correct the record” piece that true to type manages to imply the journalists are idiots while simultaneously misleading customers about what actually happened. I wrote a piece for The Register about AWS’s bizarre decision to throw engineers under the bus rather than admit their AI coding tool might have rough edges. Turns out “protect the robot, sacrifice the human” is now an actual corporate communications strategy. I’m weirdly proud of this piece, while absolutely nobody at AWS PR should be proud of their fists-of-ham messaging strategy around this one.
… and that’s what happened Last Week in AWS.
