AWS’s (de)Generative AI Blunder

I’ve been an advocate for AWS SSO for a while, but the official tooling used to log in and work with various accounts within your organization has been somewhat lacking, to put it mildly. That’s why I was so pleased to stumble across granted recently.

Ubiquiti filed a lawsuit against Brian Krebs for reporting he’d done previously around an alleged Ubiquiti security breach.

Corey suggests that S3’s native features aren’t a substitute for a thoughtful backup strategy.

Google increases cloud pricing

Usually when I talk about AWS regions and availability zones, it ties back to [data transfer pricing] or some other model of cloud economics. Today I want to take a different angle: it’s my belief that how I think about AWS regions and how AWS talks about them are somewhat far apart. The reason I’m doing this in blog form instead of as a Twitter stunt or whatnot is that I’m not particularly intending to be funny, and to be transparent, I’m not completely sure whether I’m right or not. Let’s dive in.

You want to find a way to maturely and sensibly store those secrets in ways that are centralized (so you don’t have to update every server / container / function whenever one changes), secure (so they remain secret), and accessible (in practice, there’s little difference between a service going down and you losing your credentials to talk to the service). There are a number of ways to do this with native AWS services.

Status Paging You Last week The Register did an analysis piece on the AWS Status Page that heavily quoted me. This is a good thing; I’m a big fan of seeing my name in print, and that goes double for a publication that played no small part in my decision to enter the technology field […]

The Trials and Travails of AWS SSO Our newest Principal Cloud Economist Alex Rasmussen hails from a data engineering background. This is a capability that we and our consulting clients have increasingly needed, but his experience means that he’s been focused on different specific areas of the AWS universe than we have. As a result, […]

One of the often-debated questions in AWS is whether AWS account IDs are sensitive information or not and the question has been oddly-difficult to answer definitively. AWS is extremely clear that you should not share passwords to your account with others. They’ve also been clear that things like EC2 instance IDs, S3 bucket names, and […]

The CDK’s approach of client-side generation of CloudFormation templates is deeply flawed, but eminently fixable.

On January 28th, 2022, AWS sent out an email announcement informing customers that GuardDuty now supported EKS findings. By all accounts, that’s great! I’m a big fan of GuardDuty and its continued expansion to other services is awesome. However, there were some issues with this announcement. First, it was sent after business hours on a […]

Tomorrow Amazon reports its quarterly earnings. I’ve talked in some depth about AWS’s compensation model being heavily stock driven, and the market being the market that means a number of excellent AWS friends who have been absolutely killing it find their fortunes rising and falling based entirely upon how well Amazon’s Underpants Store division performs. […]