Good Morning!
I’m the day one keynote speaker at the ACG Community Summit in an hour and a half from when this newsletter gets sent where I’m giving all kinds of subversive career advice.
From the Community
With cyberattacks becoming more frequent and sophisticated, proactive Threat Hunting is increasingly critical. And here’s the good news: you can significantly improve your Threat Hunting game with existing staff & analytics tools (including the popular Open Distro Kibana). To learn more,Download The Threat Hunter’s Handbook from ChaosSearch, an amazing guide that covers: the 6 common stages of a sophisticated attack; how to adopt the mindset of an attacker; how to find the hidden clues of an attack in your log data; how to conduct a hunt using standard log analytics tools; and a detailed real-world example of combatting an advanced persistent threat. So check out The Threat Hunter’s Handbook from ChaosSearch and get a blueprint for identifying the clues in your log data that will stop cybercriminals in their tracks. Sponsored
A guide to AWS Comprehend, which I used to use for curating links for this newsletter until someone pointed me at Algolia instead.
This article on exploring AWS CLI v2 with AWS Single Sign-on is pretty damned close to my own explorations lately. Highly recommend.
A guide on using boto3 to send gzipped requests.
Some hardware and open sourced software to enable cloud-printing for restaurants with AWS IoT Greengrass is interesting, but I do wonder if most would be better served by some off-the-shelf solution instead of “some raspberries pi to throw this thing onto.” Restaurants are generally short on in-house IT talent to maintain solutions.
A gamer guide to playing AWS is a neat concept, but I’ve always hated those games that are full of microtransactions and clearly “pay to win.”
The team at RedMonk has once again penned an offensively well-written article that I wish I’d created instead; this time it’s What AWS Tells Us About Heroku 2.0.
Another article on how deeply problematic AWS’s “free tier” can be for new engineers.
I would like to call out that this article titled Andreessen Horowitz Partner Martin Casado on Cloud Costs, Margins manages to conveniently write out his peer Sarah Wang’s not inconsiderable part in writing that underlying report.
My article on how to spend half a billion dollars in a month via the AWS “free tier” is apparently making waves.
When you see an AWS article titled The Fault in Our Stars you just know it’s about permissions.
An era ends as longtime VP Rudy Valdez leaves AWS.
Jobs
If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!
Your curiosity of the world drives everything you do. You thrive in a collaborative environment where you get to build software in finance, healthcare, IoT, telecom, home security and automation, or other industries. You’d feel like you are home at Chariot Solutions. We’re a boutique software development firm looking for senior engineers – Java, Python, Node, AWS, React, Angular, iOS, Android. We’re one of top workplaces in the Philadelphia area, and we founded, curate and host Philly ETE, a conference with world-class speakers that’s been running since 2005. Our team sets us apart, including leadership that truly cares and treats you like family. We are committed to continuous learning and improvement, and we pay it forward to the tech community, attend and speak at conferences, and strive for work/life balance. Check out our job listings and apply to join us today.
98point6 sounds like a cool Seattle radio station but it’s actually a virtual care company that’s making primary care more accessible and affordable. They’re looking for engineers and engineering managers to further their efforts, build critical systems for on-demand care at scale and collaborate across the organization. Interested in joining their mission? Check out their open roles and apply now.
The AWS User Experience Products & Platform team is responsible for products that enable AWS users to manage their applications and infrastructure on AWS. Our mission is to deliver an effective, efficient, and loved user experience that makes it easy for all users to discover, learn, and build on AWS. Today, we own the AWS Management Console, the AWS Console Mobile App, the AWS Chatbot, as well as the User Experience Platform used by 175+ AWS service teams to develop and deliver their user experience across multiple channels (web, mobile, chat).
Think “GitHub for marketing teams” and you’d be pretty close to describing Loomly. They’re looking for someone to take ownership of and lead their DevOps/SRE efforts–and that person might well be you. They’re fully remote, post their salary ranges, and using a bunch of AWS services. I’m a fan of what I’ve seen from them so far; see if this role is up your alley.
Choice Cuts
Flying blind in the cloud? Lacework provides a flight recorder for your user, API, and container activity – all organized into behaviors that deliver answers in seconds and takes you out of the analysis paralysis game. Whether you’re ready to take the red pill or the blue pill, Lacework bridges the gap between DevOps and Security. Lacework makes it easy with everything from compliant service configurations to container app topologies – no rules required. Got doubts? Challenge accepted. See for yourself at lacework.com/lastweekinaws Sponsored
Got a headache from tracking down backups across dozens of accounts for compliance? Is the EC2-Other line item on your AWS bill exploding? Has AWS Backup taken you hours if not days to restore? All too common symptoms of AWS users until they met Clumio. This cloud backup tool can fix these problems and more, plus they just launched a free backup visualization and optimization engine called Clumio Discover, go check it out! Sponsored
Amazon CodeGuru Reviewer announces CI/CD Integration with GitHub Actions and new security detectors for Java – “You’ve gotta work with your sworn enemy because that’s where all the code lives” is a bitter but necessary pill for AWS to swallow. Their sworn enemy is of course “other companies who make money without giving it to Amazon.”
AWS Client VPN launches desktop client for Linux – Both of the Linux on the Desktop users I know at AWS must be thrilled about this.
AWS Control Tower announces accessibility, console and performance improvements – And how did they announce it? Via a release announcement on a very busy RSS feed, and not via an email to me, as a longtime Control Tower customer with an impacted organization in need of updating to use these new features.
AWS Managed Services (AMS) now offers self-service operational reporting across all your AMS managed accounts – You can now pay AWS to manage your environment but also to ignore that management aspect but still pay them extra anyway.
AWS Now Allows Customers To Pay For Their Usage in Advance – This is a trap to ensnare the unwary. If asked to do this, GET IT IN WRITING because when Accounting finds out what’s going on, they will go hunting for someone’s head on a spike; you very much don’t want them to point the finger of blame at you.
Managed Database Auditing with Amazon RDS Database Activity Streams for Amazon RDS for Oracle – Golf clap to the AWS marketer who snuck “Database Auditing” into the headline of a feature release around RDS for Oracle.
Audit Your Supply Chain with Amazon Managed Blockchain – Talking about Managed Blockchain is AWS’s way of affirming just how serious they are about clown computing.
Introducing a Public Registry for AWS CloudFormation – The ten items per page paginated list in the public registry is just going to scale super, super well once people start submitting things in earnest.
New – AWS BugBust: It’s Game Over for Bugs – Talking about $100m in technical debt (impossible to quantify) and then giving away “varsity jackets” and “tickets to re:Invent” as top prizes seems a smidgen… discordant.
Increase Amazon Elasticsearch Service performance by upgrading to Graviton2 – Oh for… stop with the “Graviton2!” marketing underlying the actual benefits of managed services; whether it’s an Arm or x86_64 instruction set is irrelevant for those services! “This family has better price / performance characteristics, consider moving to it” is all you need to say here.
Integrate your Identity Provider with Amazon Chime SDK Messaging – I’m slightly sad that they didn’t talk more about AWS SSO, a service I’m convinced more and more is a hidden gem of AWS. I’ve started using it and now I’m debating how I can best use more of it.
How to migrate Amazon DynamoDB tables from one AWS account to another with AWS Data Pipeline – Heaven forbid you just, y’know. Slap a one-click button in the DynamoDB console that takes a destination and does all of this nonsense for you.
AWS AppConfig: The Amazon service that helps you scale for large events like Prime Day – AWS is contractually obligated to help its corporate parent shore up the “Amazon Prime Day is totally a real thing that humans care about” narrative.
Restrict Access by member account to a centralized CloudTrail logging bucket – Cool, could you tell the IAM Access Analyzer about this so it can actually read these logs without throwing an error?
AWS is doubling down on improving the open source continuous delivery experience for our customers – How are they doing that? By joining a foundation–okay. To… advocate for “AWS customers” instead of “CD users as a whole.” I’m saving this in my “what do you mean Amazon doesn’t get open source?!” rebuttal file. I’m sure that Oracle joining the foundation a week beforehand had no bearing on AWS charging in here.
Managing Grafana and Loki in a regulated multitenant environment – Don’t forget to budget enough to fight off Disney’s lawyers for having something named “Loki.” They’re awful with that one lately, going so far as to yell at people who are themselves named “Loki.”
AWS announces AWS Healthcare Accelerator for startups in the public sector – Having spent hours in hospital waiting rooms this month, you’ve already sold me with the phrase “healthcare accelerator.”
AWS welcomes Wickr to the team – AWS attempts to compete with Google directly by launching a completely incoherent messaging strategy.
Tools
Observability is critical for managing and improving complex business-critical systems. With observability, any software engineering team can gain a deeper understanding of system performance, so you can perform ongoing maintenance and ship the features your customers need. Preview Honeycomb’s upcoming O’Reilly book to understand the value of observable systems and how to build an observability-driven development practice. Sponsored
Setting up a Transit Gateway is finicky and annoying; this tool helps considerably.
An up to date answer to the question “how many Amazon Web Services are there?”
Dolt is an implementation that painstakingly copies all of MySQL’s worst decisions intentionally.
… and that’s what happened Last Week in AWS.
