Good Morning!
I’ll be in Atlanta on Wednesday evening. If you are too, come by "Hammer’s Good Time Emporium" (apparently named after one approach to the AWS contract negotiation process) at 7PM and let me buy you a round.
From the Community
Support for Amazon CloudWatch Evidently ending soon | AWS Cloud Operations Blog – CloudWatch Evidently is one of this week’s Deprecated AWS Services.
Me, when CloudWatch Evidently was announced: "Why wouldn’t you just use AppConfig?"
CloudWatch Evidently, in its deprecation announcement today: "We suggest using AppConfig."
This is a really neat exploration of using some recent CloudWAN features to control where traffic egresses for various network segments. I’m about to go diving into CloudWAN this week; pray for me.
The Onion reports that Hades’ Inferno Stadium Once Again Ranked Toughest Arena To Play In. Why am I mentioning it here? Because "A recently announced sponsorship deal with longtime corporate partner Amazon will fund the addition of 25,000 upper bowl seats as well as the restoration of the 6,000-gallon bucket of boiling water that tips onto the field to celebrate big plays."
A really neat (now patched) method for using CloudTrail as a mechanism for Data Exfiltration.
I’d missed that MySQL 8 included support for Dual Passwords. Why’s that useful? Because when you’re updating a credential you don’t have to change the username–both the old and new passwords can work for a period of time. Yay, no more rotation-induced outages. Younger me would have loved this before discovering how much better a database Route 53 is.
Reuters reports that AWS CEO Matt Garman’s message is Quit if you don’t want to return to office. I have to assume a couple of these quotes are taken highly out of context.
"When we want to really, really innovate on interesting products, I have not seen an ability for us to do that when we’re not in-person," said Garman. <– Is he seriously saying outright that the last few years of AWS service releases have lacked innovation / been interesting?
"I don’t know if you guys have tried to disagree via a Chime call," he said, referring to the company’s internal messaging and calling function. "It’s very hard." <– I agree with this. Doing anything via a Chime call is very hard.
I just learned that you can use Docker to build over SSH. Suddenly the fact that I’m on my laptop doesn’t mean I can’t use my desktop’s oompf for container builds.
Podcasts
Last Week In AWS: Amazon Basics Former2, Powered By AI
Screaming in the Cloud: Cloud Resilience Strategies with Seth Eliot
Screaming in the Cloud: Replay – Memes, Streams & Software with Cassidy Williams
Choice Cuts
Amazon CloudFront launches support for JA4 fingerprinting – This is interesting; I didn’t realize that client fingerprinting had gotten so advanced. We’ve come a long way since nmap’s early OS detection…
Amazon EC2 Dedicated Hosts now supports live migration-based host maintenance – Live Migration was a long time coming to EC2. Now that it’s here we’re seeing it talked about a lot more openly over the past few years.
Amazon EFS now supports up to 60 GiB/s (a 2x increase) of read throughput – What a long, long way we’ve come from the initial EFS launch where to get usable throughput on new EFS volumes the documentation said to use dd to create large empty files on the volume.
Announcing Amazon Q in AWS Supply Chain – If this isn’t considered a Supply Chain attack, what is?
Amazon S3 adds new Region and bucket name filtering for the ListBuckets API – Ooh! Finally I can give bucket access to someone, and their client doesn’t have to display the output of 50 other buckets to which they don’t have access. This has driven me nuts for YEARS.
Assign billing of your shared Amazon EC2 On-Demand Capacity Reservations – I know the (good!) reasons for it, but every time I see things like this it makes me imagine an engineering team declaring economic war on those bastards over on the other engineering team.
AWS Resource Explorer introduces new API to list resource inventory – Wow. Historically the only thing that offered anything even remotely akin to this feature was, and I am not kidding, "the billing system."
AWS Transfer Family SFTP connectors now provide real-time status of file transfer operations – This now outpaces the native capabilities of the ftp command line client.
Finch expands support to Linux, streamlining container development across platforms – This is a very polite tiptoeing around the reality that not everyone’s a huge fan of Docker-the-company’s pricing and licensing moves in recent years.
Ubuntu Pro for EC2 Spot Instances – This strikes me as insane. You don’t need long term support on instances that are definitionally ephemeral. And if you need support in those instances for legacy packages, why wouldn’t you patch the AMI in question once, then deploy from that thing? Who is using this, and what are they using it for?
Innovating with AI in Regulated Industries – Uh… regulated industries are designated such for excellent reasons. In approximately none of them are "robots who make things up and declare them true" an asset.
Announcing end-of-life for AWS IoT Device Management Fleet Hub, effective October 18th, 2025 | The Internet of Things on AWS – Official Blog – Yup–another service deprecation, just to make sure you don’t forget that AWS is deprecating services continuously these days. At least Google tends to annually rip the band-aid off…
Improve public speaking skills using a generative AI-based virtual assistant with Amazon Bedrock – So any AWS re:Invent speaker this year who’s anything less than scintillating is a reflection on the failure of GenAI? As one of them (COP218–sign up before it’s full!), I can assure you that my mistakes are my own, and I’m taking absolutely no feedback from a robot.
… and that’s what happened Last Week in AWS.
