Good morning!
Welcome to issue number 124 of Last Week in AWS.
Hello from VMworld! I live here so it’s not that exciting, but still. Another week full of opportunity and possibility in equal measure awaits us. Go forth and conquer. As always, you can hear my dulcet tones sarcastically mocking the news on the AWS Morning Brief podcast.
I’m speaking at the Sensu Summit 2019 next month. I think you’ll enjoy what I have to say there. I’ll be hanging out at the PDX DevOps Days that same week and probably speaking there, too…
From the Community
This week’s issue is sponsored in part by Site24x7. With support for more than 25 AWS services and other popular public cloud platforms, Site24x7 aims to provide businesses complete visibility into the uptime, performance and operational health of their cloud-powered applications. Also with CloudSpend, their AWS cloud cost analytics solution in tow, the path to predictable AWS cost is not far away. Give them a spin. Sponsored
If you need to use Terraform with multiple workspaces and environment, this article should set you on a better path.
A minimum viable CloudFormation template shouldn’t be this hard to get to–and now for you, it isn’t.
This handy Interactive Application Security Training aligns with what we know of the CapitalOne breach.
How to provide secure access to AWS accounts, from a company whose API is apparently “opens a ticket for Jordan to do something by hand.”
I don’t agree with the take that EC2 Instance Connect is an insecure default; “full access to administer the environment but we assume you won’t be able to log into the nodes” doesn’t map to any reasonable security model most responsible orgs should be embracing. I get that it’s not ideal–but it’s also far from a terrifying state of affairs.
It’s handy to be able to fetch a bunch of AWS resource tags (without being throttled!)–or without throttling someone else.
When enough people screw up a security setting, AWS begrudgingly agrees to scan for them just as soon as a major newspaper writes about the issue.
If you need to spawn game servers on AWS, consider reading this.
Richard Boyd reports in on his week in Seattle for Developer Influencer DayCamp, an invite-only event at AWS to which only some folks were cool enough to be invited.
J Cole Morrison has a simple workflow for building CloudFormation templates.
Code Terrorist and personal friend Kevin Kuchta has created a worse database than my Route 53 idea.
AWSgeek’s writeup of Amazon Managed Blockchain, but given the topic you need not bother learning more about it
Hooking Lambda functions up to hardcopy printers sounds terrifying to me.
If “here’s how to avoid getting sued when you move to the cloud” is an article that someone can write about your company, maybe your company sucks?
Jobs
If you’ve got an interesting job for this newsletter’s eminently employable subscribers, get in touch!
I’ve been waiting for this one for a long time. If I were to mention the AWS Commerce Platform, you’d shrug and figure it was some obscure division out of some satellite office. What if instead I told you that it was the department that handles all of the AWS billing system? That they work on petabyte-scale systems that do stream processing? That if you work in this team you get to feel the brunt of my slings and arrows more directly? There are incredibly gifted people working on ridiculously hard problems on this team. I suggest you check them out.
X-Team is hiring for a fully remote team, anywhere on the planet. The work is interesting, they partner with companies you’ve heard of, and you can work from wherever you care to be. Now before you wind up getting cynical, let me save you some time–I already did, and hopped on a phone call to chat with them and then berate them for their crappy culture. Instead I was pleasantly surprised: they invest in their people (including a personal development stipend), they have distributed community events (both online and in person around the world), and actually work with their employees; this isn’t a “send us a postcard if you ever get there” body shop. They’re looking for folks with AWS skills, as well as a wide variety of other technical abilities; this is legit. Take my word for it; join X-Team and see for yourself. Tell them Corey sent you…
Do you want to work in the Bay Area? Almost certainly not; the people are insufferable here. Consider instead staying wherever the hell in the US you happen to be and talking to Truss, a software consultancy. Picture all of the advice that I’d give you, and now envision that wrapped in something you could tell a customer without getting punched right in your sarcastic mouth. That’s what Truss does, but they for some unknown reason don’t describe it that way. Currently, they are seeking Senior Software Engineers anywhere in the US (yes, even the crappy parts) to help them with commercial and government contracts. Seriously, read this thing–they tell you what levels they’re looking to hire at AND THEN THEY EXPLAIN THEM SO YOU DON’T FEEL LIKE A MORON FOR NOT KNOWING THEIR INTERNAL RUBRIC! Virtually any other hiring manager who happens to be reading this should look at their job descriptions and feel comparatively ashamed.
Choice Cuts
Ever wondered why your CEO doesn’t give a toss about technical debt? The folks at Raygun set out to learn why, interviewing the executive leadership at Xero, Pushpay, and Vend to find out what’s really going on and how they think about engineering effort and software quality. Sponsored
Amazon Chime adds call history for voice and video calls – This explains why my iOS app had an unread badge for a solid week, and nothing I did worked to clear it. Nice feature, lousy implementation.
Amazon DocumentDB (with MongoDB compatibility) adds support for slow query logging – As iRobot’s Ben Kehoe asked, “why would I want my logs to be slow?”
Amazon ECS Now Supports Per-Container Swap Space Parameters – Rejoice, the simple answer to Kubernetes grows more complicated!
Amazon ElastiCache announces online vertical scaling for Redis Cluster mode and improves scaling non-Redis Cluster mode – Memcached. The “non-redis cluster mode” is memcached. You can learn more about this at Amazon’s new conference for caching, re:Dis.
Amazon EMR introduces Block Public Access Configuration to secure EMR clusters from unintentional network exposure. – “We’ve gotta compete with the S3 Bucket Negligence Awards somehow; this is our path to get there!” exclaims the EMR team.
Amazon Forecast Now Generally Available – I’ll be a believer when this supports predicting next month’s AWS bill based on the past six, but that’s probably not due as a feature until Amazon Fivecast.
Amazon Neptune is Now Available in the AWS GovCloud (US-East) Region – …and also in orbit beyond Uranus.
Amazon SQS Now Supports Tag-on-Create – Tag on create from a service that implemented tag on create thirteen years post launch.
Amazon Transcribe now supports speech-to-text in Russian and Chinese Mandarin–Mainland – This will come in super handy for this administration’s equivalent of the Nixon tapes!
AWS Systems Manager Parameter Store features are now available in AWS China (Beijing) Region, operated by Sinnet and AWS China (Ningxia) Region, operated by NWCD – I wonder if the “Systems Manager” suite of services sound as terribly named in Mandarin?
Easily enable AWS Systems Manager capabilities with Quick Setup – Welcome to the world, AWS Systems Manager Onboarding Manager.
New Quick Start deploys Amazon Redshift on the AWS Cloud – As opposed to deploying it where else, exactly?!
Tools
If you want to fetch all of the AWS public IPs associated with your account, you’re reduced to using some random third party script to get there because AWS doesn’t expose this natively.
Because God is truly dead, you can use AWS accounts themselves as git remotes.
A handy tool to clean up legacy resources from your AWS environment.
… and that’s what happened Last Week in AWS.