Good Morning!

Happy AWS Bill week! Suddenly folks are caring a lot more about what they’re spending on AWS. If that’s you, we’d like to chat.

We also hosted the second of what’s becoming a weekly webinar series in which we answer your AWS billing questions. Feel free to submit a question at that link, or hit reply and ask me directly!

And in lighter personal news, my spouse and I are expecting our second child in early October. This year is going to be fascinating for oh so very many reasons…

From the Community

I guested on the official AWS podcast in which I complained about many things customers may encounter on their various cloud journies.

Continuing the “film noir meets comic book” theme of articles about the newly GA Amazon Detective, this article is written by a company that calls itself “Kablamo.”

Former AWS Senior Poobah (four levels below AWS Grand Poobah) Hal Berenson talks about COVID19’s impact on AWS.

A depressing account of Azure cracking while AWS remains strong. This isn’t good for anyone; it reinforces the crappy narrative that public cloud isn’t reliable. Azure’s failure to properly invest for additional capacity makes the entire industry look crappier than it is.

Using an in-memory cache for DynamoDB helped one company lop about 60% off of their DynamoDB bill.

Teads spent some time reducing their AWS EMR data processing costs. It’s a good start, but could go further. I don’t see it talking at all about utilization of the instances, for example…

I did a random twitter thread about the most expensive AWS API call you could make. Not to be outdone, someone figured out how to burn the most money with a single click in Azure. I’m impressed!

Unwilling to let AWS run away with the title for “most confusing names,” SpotInst rebrands to simply ‘Spot’. Elastic eyes the prize jealously…

I got to talk with AWS VP Sandy Carter on the Screaming in the Cloud podcast; check it out if you’d like to hear one of the most patient people at AWS put up with my nonsense.

An in-depth exploration of AWS Global Accelerator, a service I’ve generally been fairly down upon due to a lack of problem that it’ll solve for me. Form your own opinion!

It turns out that some of the S3 Bucket Negligence Award winners may not have actually fixed the problem, but instead merely removed the indexes. “There I fixed it.”


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

No one likes managing EC2 instances, so you might like managing the team that replaces them with containers. That’s right, the Fargate team is hiring three Software Development Managers. People-focused servant-leaders are encouraged to apply. Help bring about an end to the Serverless vs. Containers war that doesn’t need to be fought in the first place. One last point: every team at AWS has internal principles that embody their culture, but this team publishes theirs on GitHub. I wonder how they’d take pull requests?

Choice Cuts

ExtraHop provides threat detection and response for the enterprise. On-prem security doesn’t translate well to cloud or multi-cloud environments, and that’s not even counting IoT (because who wants to try?). ExtraHop automatically discovers everything inside the perimeter including all cloud workloads and IoT devices, detects threats up to 95 percent faster, and helps you act immediately. Sponsored

All Amazon Chime meetings now support up to 250 attendees – This is an early optimization that reflects Chime’s eager hope to one day support up to 250 customers.

Amazon RDS Now Supports PostgreSQL 12 – “This managed database goes to 11!” is now a statement of being out of date, rather than one of awesomeness.

AWS Database Migration Service now supports replicating data to Apache Kafka streaming platform – The difference between using Route 53 as a database and Kafka as a database is that when I talked about the former I was joking.

AWS Elemental MediaStore now supports CloudWatch Metrics – This resolves a longstanding problem with Elemental MediaStore: it didn’t cost enough.

AWS Lambda now supports .NET Core 3.1 – In a rare show of charity, AWS updates a supported Lambda runtime instead of saying “Lambda Layers exist, go build it your damned self.”

AWS Storage Gateway adds audit logs for File Gateway to address enterprise compliance requirements – This is either boring and irrelevant to you, or it means that suddenly you can use an incredibly handy AWS service that you couldn’t before. Come to think of it, that describes most AWS feature enhancements…

New Classroom Course: The Machine Learning Pipeline on AWS – Once again AWS dreams of a world in which we’re allowed to go to classrooms again.

Review and remediate unintended access allowed on your AWS resources from outside your AWS organization – The IAM Access Analyzer is the second free resource that does this, the first of course being the front page of the New York Times.

Simplify cloud resource management with AWS Service Management Connector for Jira Service Desk – AWS apparently attempts to compete with IBM Cloud: “to manage your cloud resources, please open a JIRA ticket.”

Amazon Elastic File System announces 400% increase in read operations for General Purpose mode file systems – NFS is file access across the network, and is notoriously slow as a result. AWS tackles this problem by making the disks faster.

Amazon GameLift in 2020 – Major update now available in preview – Amazon acquired GameLoft?! That’s ridic–oh, GameLIFT. AWS continues to build services for various audiences (in this case, game developers) and in turn market them to infrastructure engineers. But let’s test the theory! If you’re a game developer and you’re reading this, can you hit reply? I’m betting I get less than ten emails.

Amazon Sumerian supports exporting your scenes to glTF – “gITF” of course being AWS’s own custom in-house pronunciation of “gif.”

Amazon Transcribe Medical now supports batch transcription of medical audio files – Sorry, but right now isn’t the time to snark at all about Amazon Transcribe Medical–or any healthcare-related thing at all. This is awesome; if it applies to you, use it. If it’s too expensive and you want to use it, hit reply and I will move mountains for you.

AWS Glue now supports the ability to update partitions from Glue Spark ETL jobs – empty

AWS Serverless Application Repository allows sharing public applications from all commercial AWS regions – empty

Receive Notifications for AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, and AWS CodePipeline in Slack – My kingdom for a “block” feature in Slack.

Amazon Detective – Rapid Security Investigation and Analysis | AWS News Blog – Not a single film noir joke to be found in this writeup, because AWS doesn’t have an intentional sense of humor. That said, it’s HILARIOUS when it’s not trying to be–hence this entire newsletter.

Amazon Redshift update – ra3.4xlarge instances | AWS News Blog – Out of sympathy for the current economic crisis, AWS offers a Redshift node that (and I am not making this up) each costs only slightly over $2300 a month to run.

AWS DeepComposer – Now Generally Available With New Features | AWS News Blog – AWS DeepComposer is the premier tool by which AWS attempts to rip humanity’s soul out of its collective chest via music. I’m on board for this, and have two in my office.

CloudWatch Contributor Insights for DynamoDB – Now Generally Available | AWS News Blog – Expose your terrible DynamoDB access patterns for what they are, then lament about how hard it is to fix them. Then watch Rick Houlinan’s DynamoDB talks from the reInvents of yesteryear and lament about how easy he makes it all look.

Now Open – Third Availability Zone in the AWS Canada (Central) Region | AWS News Blog – Slowly but surely, every AWS region gains a third AZ. Meanwhile some Azure regions are apparently waiting to gain a second server.

Simplified Time-Series Analysis with Amazon CloudWatch Contributor Insights | AWS News Blog – Allow me to rewrite this headline: “AWS service now explains what the hell that giant spike on the dashboard is.”

Bottlerocket: a special-purpose container operating system | Containers – A deep dive into what Bottlerocket (motto: “It’s just Bottlerocket, not AWS Bottlerocket or Amazon Bottlerocket!”) is and does. Please enjoy this exploration of GNU/Bottlerocket.

AWS CLI v2 Docker image | AWS Developer Blog – AWS loses the packaging war, so they decide to give up and instead just ship their CLI tool inside of a Docker container because the hell with it. This is the same level of disdain that development has had for operations when shipping their code via container, but it’s notable to see this terrible pattern being used from a vendor to its customers.

Selecting and migrating a Facebook API version for Amazon Cognito | AWS Security Blog – Unfortunately this discusses how to migrate to a new version of the Facebook API rather than how to migrate the hell off of Facebook entirely.


Running a business is hard. Your cloud doesn’t have to be. DigitalOcean is the cloud that offers transparent, predictable pricing – even for Kubernetes clusters, which you’d have thought was impossible! You also won’t need 12 weeks of cloud school to absorb a zillion ancillary services just to be able to SSH into an instance. Is this the kind of simplicity you need out of your cloud provider? Check out DigitalOcean today. Sponsored

A daily scanner that shows what various Lambda runtimes in different AWS regions are showing for benchmark performance numbers.

Need screenshots done via Lambda repeatedly? Check out Little Lambda Puppets, which is a new visual image for all of us, I suspect.

DynamoDB’s expression syntax is so obnoxious that dynoexpr builds it out for you. The fact that this is needed is awful, but I’m glad it exists.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.