Lower My AWS Bill

Newsletter

Issue No. 405

And we’re back!

01.13.2025
LinkedInReddit
Corey Quinn Headshot About the Author

Corey is the Chief Cloud Economist at The Duckbill Group, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure.

Search Newsletter

Good Morning!

At long last, we’re back! AWS has put out a number of releases, and a few of them are worth commenting on.

Incidentally, if you’re in Seattle this week, so am I! I’ll be at Outer Planet Brewing at 7PM this Thursday; I hope you will be too.

From the Community

You’d likely say that a post highlighting the 27 second variance between "epoch time" and "seconds since 1970-01-01 at 00:00:00" sounds like deep nerdery, and you’d be correct. But Aphyr does that better than most, so read Seconds Since the Epoch and enjoy.

The story of how a surprisingly fun and free-to-play clicker game called Dyson Swarm is built on top of AWS services.

Volkswagen had to leak the data of 800,000 EV Users because they couldn’t find a way to make an electric vehicle cheat on emissions tests. This is tentatively an S3 Bucket Negligence Award, but the article wasn’t clear on just what kind of AWS storage system got breached.

If you’re going to do something on AWS like, I don’t know… Harnessing 3200 Gbps Network: A Journey with RDMA, EFA, and libfabric? You should probably be sure to bring money. There’s a reason the author works at a company that’s reportedly just closed a half-billion dollar funding round.

A (presumably) well-meaning security researcher at Snyk apparently deployed malicious NPM packages targeting Cursor, which… okay, fine, I don’t really know where the Red Team acceptable behavior line is drawn these days, but it certainly gets crossed when this package ships your environment variables upstream. Snyk’s media group had not responded to a request for comment as of press time.

Can AWS really fix AI hallucination? asks The Register. Betteridge’s Law of Headlines responds "Nope."

Avoiding mistakes with AWS OIDC integration conditions is a good read; take it from someone who historically made a mistake with AWS OIDC integration conditions. Oops.

The many ways to obtain credentials in AWS | Wiz Blog hits home for me this week; I’ve been spending some time on a new side project and once again I’m vexed by just how irritating it is to safely and responsibly convert SSO sessions into credentials that some of the AWS tooling can understand in my development environment.

An amazing takedown of Apple Intelligence that resonates with my own experience with it: They squandered the holy grail.

Podcasts

Screaming in the Cloud: Heroku’s Resurgence with Adam Zimman

Screaming in the Cloud: Replay – Changing the Way We Interview with Emma Bostian

Choice Cuts

Amazon DynamoDB now supports configurable point-in-time-recovery periods – This is just plain weird. The configured maximum recovery period doesn’t impact the price you’re charged for turning on PITR–so why does this feature exist? I can only assume it’s to meet some data deletion compliance requirement for a very specific use case, but I’m thrilled to be proven wrong.

AWS Compute Optimizer now expands idle and rightsizing recommendations for Amazon EC2 Auto Scaling groups – This is interesting–if you’re running autoscaling groups, Compute Optimizer (motto: "We also optimize storage volumes because we don’t name things good!") can tell you when you should be using different instance types, or when you should really consider scaling things down for a change. I like this!

Announcing the new AWS Asia Pacific (Thailand) Region | AWS News Blog – Now that ap-southeast-7 exists, it’s really starting to feel as if treating every region as its own isolated cloud environment is becoming untenable. The management overhead for some workloads is growing fierce.

Shaping the future of CDK together – Well this is something new. Not quite a foundation, but a steering council? This might be worth paying attention to.

The benefits of an email-based AI virtual assistant on AWS – "Using email as a secure medium" is a section heading in this article and it has me screaming. Yes, email CAN be made into that, but you have to go significantly out of your way in various usability impacting ways to get there. Virtually nobody does this–so referring to email as inherently "secure" is deeply misleading in ways that can get customers into serious trouble.

Securing a city-sized event: How Amazon integrates physical and logical security at re:Invent – The physical logistics of something like re:Invent will never cease to amaze me.

Tools

If you want to Never Have Outdated Footer Dates Again, you owe it to yourself to check this site out. Trust me. Just do it.

fetch-aws-spotprice does what it says on the tin. I do love these wrapper functions that bring a human level of understanding to otherwise arcane AWS CLI positional arguments.

… and that’s what happened Last Week in AWS.

You might also like

More Newsletter Issues
Newsletter Footer

Sign up for Last Week in AWS

Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Sponsor Icon Footer

Sponsor a Newsletter Issue

Reach over 30,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon’s cloud ecosystems.

Sponsorship Opportunities
footprint-orange
© 2025 The Duckbill Group. All Rights Reserved.
Privacy Policy Cookie Policy