Good Morning!
AWS Security Legend Dan Urson has left AWS after a decade and change and is now actively looking for work. I’ve talked with him a lot over the years; he’s a spectacular human who’s long been one of AWS Security’s shining lights. His departure is a loss for AWS, and I can’t wait to see what he gets up to next. If you’re looking for someone who’s forgotten more about AWS security than most people will ever know, you want to jump on this opportunity.
Don’t forget about my recent podcast series with Jon Myer!
From the Community
I’m Corey Quinn, and If I’ve told you once, I’ve told you a thousand times – ChaosSearch brilliantly indexes your AWS S3 data, enabling search and SQL workloads with infinite scale, lower cost, no data movement and faster insights. The CTO of Stile Education says: “Rather than managing a cluster of components, we now have an auto-scaling analytics system with ChaosSearch and Amazon.” Check out what other ChaosSearch customers say, including Blackboard, Equifax, 6th Street, Revinate and more!
I love this mental model for on-demand pricing. Strong endorse.
Something that Tinder-for-Pets company Datadog said on their earnings call led to a quick dive; apparently Coinbase was at one point paying them $65 million a year. That tracks; Datadog bills are the largest non-cloud-provider inquiry I get these days; the pricing can be monstrous.
The community Fedora AMIs now supports gp3 EBS volumes by default. Wish the default instance launcher in the AWS console did.
A former AWS employee chimes in with their thoughts on the current state of EC2 Spot pricing.
Molly White points out how a16z is just pushing crypto at all costs due to their significant stake in the sector. My heart, it weeps for them.
Almost a dozen of you sent in this Farewell to the Era of Cheap EC2 Spot Instances analysis; thanks! Depending upon Spot pricing or availability has always felt like a significant business risk.
This delightful jaunt through the lands of insanity uses my beloved Tailscale to trick an ALB into routing traffic to a laptop.
If you’re a Google Cloud IoT Core customer, it cannot be overstated just how boned you are for having trusted Google’s commitment to a product line that’s central to devices you’ve already shipped to your customers and aren’t able to easily update. Here are your migration options: Alternatives to Google Cloud IoT Core.
Kind of odd to me that Canva’s post on how they save millions annually in Amazon S3 costs doesn’t even mention Intelligent Tiering.
I certainly got some feedback on 9 Things I Love About AWS, I’ll tell you hwat.
Thank goodness that Amazon got $1 billion in tax breaks for five new data centers in eastern Oregon. Without that, they certainly wouldn’t have continued to meet customer demand in us-west-2. Seriously, when are local governments going to wake up to the fact that they don’t need to bribe big companies with tax breaks to secure investments?
Okay, there appears to be at least some growth in the data center industry vis-à-vis cloud growth..
Google Cloud’s Parisian outage has crossed the 3-week mark.
Podcasts
Last Week In AWS: Digital Home Depot
Last Week In AWS: Humoring the Parenthetical
Last Week In AWS: My 9 Favorite Things About AWS
Screaming in the Cloud: Cutting Costs in Cloud with Everett Berry
Screaming in the Cloud: Doing What You Love in Cloud with Nate Avery
Screaming in the Cloud: Operating in the Kubernetes Cloud on Amazon EKS with Eswar Bala
Choice Cuts
Is the thought of securing your AWS infrastructure giving you nightmares? Don’t worry, Teleport has got your back! Watch our latest episode with Allen Vailliencourt to learn how Teleport can make your life easier by providing complete visibility for regulatory compliance, securing your AWS infrastructure, and increasing developer productivity. No more nightmares, just sweet dreams of security and compliance.
Introducing Amazon EC2 I4g storage-optimized instances – These are of course pronounced "Eye-Forge," since EC2 is heavily embracing its naming convention of "plausible droid names from Star Wars."
Amazon RDS for PostgreSQL now supports pgvector for simplified ML model integration – This is so behind the times; my teachers were putting transparencies on the overhead pgvector back when I was in grade-school.
Amazon VPC IP Address Manager (IPAM) is now available in two additional AWS Regions – Microsoft Excel remains available on all of your corporate workstations in every region.
Private Access to the AWS Management Console is generally available – Oh dear, I don’t like this. It’s going to increase friction for your users, while simultaneously lending a false sense of security that you really shouldn’t have. To add one last point of friction, it’s also going to incur VPC endpoint charges.
AWS Systems Manager now allows customers to optimize the compute costs of their applications – An AWS service team learns about the existence of a second AWS service team.
Introducing Cedar, an open-source language for access control – IAM is so complicated that even AWS has to build an abstraction layer on top of it to make sense of it all. Now you can too.
New – Amazon Aurora I/O-Optimized Cluster Configuration with Up to 40% Cost Savings for I/O-Intensive Applications – You should enable this everywhere you’re able to do so. "Well hang on, won’t that boost prices for a lot of workloads?" You’re using RDS here; saving money isn’t the number one thing in your wheelhouse at this point. This just makes it easier to predict.
AWS Lambda for the containers developer – Man, this new "Queer Eye For the Straight Guy" spinoff sucks.
Committed to our communities: The economic impact of AWS’s $15.6 billion investment in Oregon – Today we learned that us-west-2 facilities employ over 1800 people. That’s a lot of "rack rats" swapping hard drives.
Tools
One view to see them all! Kentik provides Cloud and NetOps teams with complete visibility into hybrid and multi-cloud networks. Ensure an amazing customer experience, reduce cloud and network costs, and optimize performance at scale — from internet to data center to container to cloud. Learn how you can get control of complex cloud networks at www.kentik.com.
It’s once again time for me to showcase Granted; I use it to log into a variety of different AWS accounts from the CLI (okay, great, so what? Lots of things do that), but also to open up Firefox tabs that are account-specific so I can be logged into multiple AWS accounts at once. It’s awesome; check it out.
… and that’s what happened Last Week in AWS.