Good Morning!
Well, I was clearly wrong in my prediction, and I regret not going to Philadelphia last week. More specifically, I was very pleasantly surprised to see how well re:Inforce went off. There were 56 straight minutes of Chris Betz’s keynote that failed to mention GenAI, and it was wonderful. The five releases that came out (even the ones touching GenAI) solved real problems experienced by real customers. It made me feel like it was 2019 again. Maybe re:Invent won’t be a total disaster?
From the Community
I stumbled upon A Short IPv6 Guide for Home IPv4 Admins at NANOG last week and saved it here to remind myself about it. I’m keeping it in the newsletter because I learned a few things about IPv6 that I didn’t already know.
This post on how we migrated from AWS to GCP with minimal downtime is frankly disturbing. It seems that they wound up migrating to a new cloud provider without having first vetted a lot of the transfer process, and (unless I’m missing something) presents as "the data transfer was super weird, we thought we were missing a bunch of data, but we weren’t so oh well on we go." My skin crawls when there are things I can’t explain in production; I’d have torn both environments apart to figure out EXACTLY what was going on here, lest it come back to bite me down the road. I don’t get the sense that was done at all?
I like these AWS cost visualizations for those of us who don’t spend our lives in the terminal.
In its infinite wisdom, Google requires every app in its Play Store to have a privacy policy. I repeat: Google requires this. The first rule of forcing Jamie Zawinski / "jwz" to do something is you never, ever do that–and Google gets to find out why that is.
The Former Amazon Intern Now Running Its Profit Engine is a dumb title of a Wall Street Journal profile of Matt Garman. Yes, he was once upon an intern. He presumably was also once a preschooler, but we don’t call him a former 4-year-old either. Before his current role he was an SVP, so it isn’t exactly like some whacky hijinks saw the mail room guy suddenly running the company; the story is simply that he spent a couple of decades at the company and demonstrated excellence, then got promoted a bunch of times. Ugh. And it still doesn’t tell me when his birthday is.
Jobs
And now for something even more near-and-dear to my heart, we’re hiring for multiple roles at Duckbill! We’re looking for both full-time
Podcasts
Last Week In AWS: Grandpa AWS Talks About the “GitHub Cloud”
Screaming in the Cloud: AI, Privacy, and User Control with Paul Harrison
Screaming in the Cloud: Steering Through Open Source Waters with Madelyn Olson
Choice Cuts
AWS CloudTrail Lake announces AI-powered natural language query generation (preview) – This is… a surprisingly good use of GenAI. I could have really used this recently; glad it exists now.
Detect malware in new object uploads to Amazon S3 with Amazon GuardDuty – This was a great idea when AirBNB built BinaryAlert seven years ago or more. What took AWS so long? Further, what happens when the malware signatures change–does every object get rescanned (at 60¢ per GB)?
AWS adds passkey multi-factor authentication (MFA) for root and IAM users – I wish that this could be used to authenticate in place of passwords instead of just as a second factor. Let’s be clear: if you can compromise a passkey, you can compromise an API key or a passphrase far more easily.
In the Works – AWS Region in Taiwan – This is fun, and I endorse it. The more regions there are, the sooner AWS is going to have to realize just how untenable its current "every region gets its own completely distinct console" approach is. It makes it very hard to chase something down if you don’t know EXACTLY where it is.
Optimize storage costs in Amazon OpenSearch Service using Zstandard compression – You can further optimize transfer costs for several different applications with their cross-AZ replication fees by enabling zstandard compression. This of course doesn’t apply to AWS native services, who get free cross-AZ traffic built in for replication purposes. The rest of us pay 2¢ per GB.
AWS debuts AI certifications and courses for cloud jobs – Of course there are certification paths for this. The pull quote "We are seeing a lack of expertise to help deploy, maintain, monitor models. An AWS certification that covers these skills would carry value to me as a hiring manager, and I would make this a requirement for my team." comes from an unnamed "AWS Partner" and is clearly completely fake–it’s the exact kind of placeholder quote you put in when drafting something like this, and you’d replace it with a real quote as soon as you get one. In this case they never got a real quote, because it’s a batshit insane sentiment to express.
AWS’s head of security shares 7 reasons why security will always be Amazon’s top priority – 8. Because if it isn’t they don’t have a cloud anymore. It’s beyond me how Azure is still a going concern at this point.
Tools
axe is a CloudWatch Log viewer. It doesn’t currently support live tailing, but even AWS’s offering only started supporting that from the CLI last week.
… and that’s what happened Last Week in AWS.