Hello and welcome to this week’s issue of Last Week in AWS. I’m your host, Mike Julian, filling in for Corey while he’s lounging on a beach somewhere.

From the Community

The end of the Everything Cloud – Wherein Forrest makes a great case for why all these service deprecations are a good thing, and I agree.

The real screwup, as he puts it, is the lack of any formal communication about what’s going on and their intention. Definitely agreed on that.

So why didn’t that happen? My take: AWS PR is widely known to be a spin department, not a traditional PR and comms department, and there really isn’t any central group best suited for communicating things like this. Further, as a major company, clear signals like that would cause market analysts to have a fit.

Cloudfront WAF bypass resulted in a 9k bill (Reddit) – I hadn’t thought of this as a risk vector, but here we are. The first comment is fantastic about how to mitigate it.

Podcasts

Last Week In AWS: Matt Garman, The Reaper of Services

Screaming in the Cloud: Summer Replay – Spreading the Networking Vibes with Serena (@shenetworks)

Screaming in the Cloud: Summer Replay – What GitHub Can Give to Microsoft with Jason Warner

Choice Cuts

Introducing AWS End User Messaging – I commented on this last week, but a reader pointed out this is more than a rename: they’ve effectively launched a new service by splitting the SMS and push notification capabilities from Pinpoint into a thing called AWS End User Messaging. This looks a lot like a Twilio direct competitor now.

Pinpoint is actually still around and handles only email now, sitting atop SES as it always has. It does raise a question now of whether Pinpoint will be deprecated or perhaps rolled into SES.

Amazon EFS now supports up to 30 GiB/s (a 50% increase) of read throughput – Big performance jump for those who use EFS. 🎉

Amazon RDS for Db2 supports loading data from Amazon S3 – This is awesome because it opens the door to ephemerality for DB2 databases (yay lower costs!).

AWS announces private IPv6 addressing for VPCs and subnets – On one hand, more IPv6 support is great. On the other, I’m not sure of teh practical impact here? The addresses in question are private, non-routable addresses, so it’s not a cost savings story. I guess I can see an argument for managing internal IP address exhaustion. 🤔

Announcing delegated administrator for Cost Optimization Hub – A feature I didn’t know I wanted: delegated admin, the same way Identity Center can delegate admin to another AWS account so the Cost Optimization Hub admin isn’t having to use the payer account. Nice work.

OpenSearch optimized instance (OR1) is game changing for indexing performance and cost – From the article: "The OR1 instance type also enables cost reduction because their price for performance is 30 percent better than existing instance types. When adding more than one replica, price for performance will decrease because the CPU is barely impacted on an OR1 instance, while other instance types would have indexing throughput decrease."

And also because you can run fewer replicas thanks to it copying the data to S3 at the same time.

Could be a great way to cut costs on all those OpenSearch clusters we all have sitting around.

Tools

hotnops/apeman: AWS Attack Path Management Tool – Per the author, Daniel Heinsen: "Apeman is a graph-based tool to model AWS IAM permissions. This marks the start of a new journey to methodically identify and remediate IAM attack paths …"

Anything that makes IAM easier to grok is very much welcome in my book.

… and that’s what happened Last Week in AWS.

Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.