Good Morning!

Our annual reader survey has been described as “the first time I have ever enjoyed filling out a survey.” I’d suggest taking a look and filling it out yourself; it’s very on-brand.

re:Quinnvent approaches! I have sponsor options to please virtual and in-person attendees alike; time is running out.

From the Community

Blackboard Inc. is a world leader in education technology, committed to supporting learners throughout their lifelong journey. Traditionally, Blackboard’s Product, SRE, DevOps and Support teams depended on a combination of custom-managed ELK stacks and managed Elasticsearch service offerings for centralized log management. But growing daily log volumes and variable spikes in log volumes were causing pain. Unpredictable spikes would cause the ELK stack to go down, making it unusable at times while management and data storage costs grew. Enter ChaosSearch. To see how ChaosSearch helped Blackboard solve this plethora of Elasticsearch challenges, check out the full Blackboard case study here. And when you’re ready to talk to ChaosSearch yourself – tell them that I, the magnanimous Corey Quinn, sent you! Sponsored

Chris Short (author of DevOps’ish, standup human, and someone worth knowing) has joined AWS EKS as a developer advocate.

I like this post, but if you title something AWS Glue first experience – part 2, wouldn’t a better title be “AWS Glue second experience?”

My colleague Tim Banks is excellent at two things: whining whenever people put beans in chili, and giving excellent conference talks like this one.

A story of DNS, branch deployments to Kubernetes, and more by your friend and mine, Blake Stoddard.

Stephen O’Grady again has a banger of an article: A Return to the General Purpose Database. He’s right. At this rate, there’s going to be a job for “figuring out which of the 40 AWS managed databases should be used for this app.”

I talk about the futility of charging people to learn your platform in The Dumbest Dollars a Cloud Provider Can Make.

Amazon won another government contract; this time to store data for the UK’s MI5, MI6 and GCHQ. I can’t wait to see which competitor contests the award this time.


If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!

The AWS Identity team builds the secure identity, access, and resource management foundation for customers to scale in the AWS Cloud. We make sure that our customers have flexible identity options to migrate existing workloads securely to the AWS Cloud and to build their new cloud-native applications. By joining the AWS Identity team, you will work on the core technologies used for authentication and authorization to all AWS services (such as Amazon EC2, Amazon S3, and Amazon DynamoDB). You’ll work at the intersection of security, optimization, large-scale data, machine learning, and user experience to form innovative new ways to easily manage access to millions of users and resources.

Choice Cuts

🌐 CloudGraph is the open-source GraphQL API for AWS. Write simple queries, solve complex security, compliance, and cost challenges. CloudGraph answers questions like, 🔓 “Across all our accounts do we have any public S3 buckets, unencrypted EBS volumes, or internet-facing load balancers?” or, 💰“How much am I paying on a daily basis for each M5 EC2 instance in us-east-1 with the tag, “Environment: Staging?“. Check us out on Github. Sponsored

Incidents are valuable investments in learning new things, but only if you treat them that way; otherwise they’re just sparkling outages. If you’re on call and responsible for operations or reliability, you need frameworks, tools and much more. This pragmatic guide on incident management from Blameless SREs is full of tips. Learn how to use runbooks, retrospectives, checklists and collaboration tools. Download and share. Sponsored

Introducing Amazon EC2 Spot placement score – “Why would I care about this when I launch a spot instance?” As the post says, imagine launching 2000 spot instances and the probabilities shift somewhat…

AWS Fargate now supports Amazon ECS Windows containers – Microsoft is awesome! AWS loves Microsoft and cherishes Microsoft workloads. You can now run Windows containers inside of Fargate because AWS and Microsoft are best friends.

Babelfish for Aurora PostgreSQL is now generally available – Microsoft is terrible! AWS hates Microsoft and despises Microsoft workloads. This was announced last year, is open source, and is now available: it translates from Microsoft SQL to PostgreSQL. I’m nowhere near good enough at databases to evaluate it; I’ll wait and see what smarter folks than I have to say about it. I’m told this has been tried before and has never quite worked out…

AWS Fault Injection Simulator now injects Spot Instance Interruptions – I’ve been wanting to force spot interruptions for AGES; I should have specified that I didn’t want to pay ten cents a whack for them…

AWS Marketplace announces Purchase Order Management for SaaS contracts – Originally the AWS Marketplace was an end-run around Procurement. Yesterday it was working with Procurement. Now it’s attempting to replace Procurement. This is the Amazon way.

Announcing AWS SAM Accelerate – quickly test code changes against the cloud (public preview) – At last, I can talk about this! I was in a private preview for this a while back. I didn’t have an appropriate project to test it on, so I had to build one. This is the real reason I built the @awscwoud Twitter bot that turns AWS updates into “furry speak” that swaps Rs and Ls for the letter W: so I’d have something to test. Glad to be able to talk about it now, but that bot is howwibwe.

Riverside County California Digitizes Public Records Validation with AWS Blockchain Technology – Back in the early 2000s I lived in Southern California. Riverside County was disparagingly referred to by those of us in OC / LA as “the Valley of the Dirt People.” It has apparently taken until now for their municipal government to find a way to make their residents seem more clownish.

Amazon RDS Custom for Oracle – New Control Capabilities in Database Environment – This is apparently huge for Oracle database workloads; for me, it means that RDS is now the 18th way to run containers on AWS.

AWS Local Zones Are Now Open in Las Vegas, New York City, and Portland – Just in time for re:Invent, when Las Vegas becomes every cloud customer’s local zone for a week.

New – Amazon EC2 C6i Instances Powered by the Latest Generation Intel Xeon Scalable Processors – The “i” to designate Intel processors is some nice shade; they’re no longer the default!

New – EC2 Instances Powered by Gaudi Accelerators for Training Deep Learning Models – These are large, brightly colored, and frankly? A bit gaudy.

Building an on-demand phone call recording solution with Amazon Chime SDK – I’d want to see a bit better clarification that if someone builds something like this, and at least one call participant is located in a two-party consent state, using it is a crime without notification to all parties that the call is being recorded.

Use Amazon EC2 for cost-efficient cloud gaming with pay-as-you-go pricing – “Cost efficient” says the blog post that doesn’t break down its own costs. It suggests the least expensive g4dn instance, which in the tier 1 regions costs over $250 a month if you forget to turn it off.

Automate AWS App2Container workflow using Ansible – Chris Short worked on Ansible; now that he’s over in EKS as a developer advocate I can’t wait for him to weigh in on things like this.

Introducing geospatial queries for Amazon DocumentDB (with MongoDB compatibility) – If you want to know what’s coming soon to AWS GovCloud, look at what was released years ago in AWS’s commercial regions. Similarly, if you want to know what’s coming soon to DocumentDB, look at what was released years ago in MongoDB.

Detect industrial defects at low latency with computer vision at the edge with Amazon SageMaker Edge – And if it doesn’t work, you can always detect industrial defects at higher latency as you watch a misaligned CNC machine blow itself into low earth orbit.

NHL goes all in on UHD with help from AWS – TIL that TLAs are WTF. LOL.

Amazon Simple Email Service Celebrates 50 Years of Email – “Celebrates?” Is that really the word? I hope this email finds you stoically sitting on the couch begrudgingly.

Setting up an Amazon CloudWatch Billing Alarm to Proactively Monitor Estimated Charges – This is a great idea. Well? What are you waiting for, AWS; build this into the system and enable it for everyone. Chop chop, time is money!

Delta Sharing on AWS – I hope you can soon use Lambda to share Delta. This item is sponsored by COVID-19

Three ways to improve your cybersecurity awareness program – I can shorten this to one way: let me deliver the presentation. I promise it will be memorable as well as effective.

How automated reasoning helps Amazon S3 innovate at scale | AWS Storage Blog – This paper won an award at an academic conference. (That’s like a technical conference except that most of the attendees actually know what they’re talking about.) It further demonstrates that no, Virginia, you will not be building your own S3 at home from some spare parts.


Observability is critical for managing and improving complex business-critical systems. With observability, any software engineering team can gain a deeper understanding of system performance, so you can perform ongoing maintenance and ship the features your customers need. Preview Honeycomb’s upcoming O’Reilly book to understand the value of observable systems and how to build an observability-driven development practice. Sponsored

An automatic IAM key disabler seems handy – it disables keys after a defined period of not being used. That said, it seems incredibly likely to lock people out of things like “backup accounts,” which will only get discovered when access is suddenly and urgently needed.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.