Good Morning!
I regret to inform you that I was forced to murder my business partner Mike Julian last week after he sent me the most infernal of all gifts: a 1000 piece jigsaw puzzle of the Cloud Native Computing Foundation’s (motto: "Uber for Kubernetes!") Cloud Native Landscape. I’d say he’ll be missed except that he absolutely will not.
From the Community
Observability is critical for managing and improving complex business-critical systems. With observability, any software engineering team can gain a deeper understanding of system performance, so you can perform ongoing maintenance and ship the features your customers need. Preview Honeycomb’s upcoming O’Reilly book to understand the value of observable systems and how to build an observability-driven development practice.
I missed it back in January, but Aiden Steele has a great deep dive into AWS GWLB: Deep Packet Manipulation. I didn’t realize it could do half of these things! I swear, half of an AWS service’s capabilities have to wait until customers with deep skillsets get their hands on them, and then explain them to the rest of us. Aiden should send AWS a bill for this.
Flexera’s State of the Cloud report is out once again, this time with a bunch of charts that aren’t blue for once. This is a notable improvement! Surprised that Azure is now seeing more workloads than AWS among the survey respondents…
People often think that I keep up to date on what AWS is doing via a variety of nefarious means, but really it’s just reading the stuff they put out themselves. Who reads documentation? Me. I read documentation.
Friend of the newsletter and occasional guest author Brian Scanlan reports from Twitter that switching to Intelligent Tiering led to an expected surge in transition costs, and then settled in at a 50% savings rate. The hype is real! Consider following suit.
I’ve gotta say, the responses to My Mental Model of AWS Regions taught me an awful lot. Thanks!
Jobs
Aptible is building a multi-cloud PaaS with powerful security and compliance guardrails baked in. Our platform is used every day by thousands of developers across hundreds of startups in order to ship complex architectures without needing to stop and think about security, compliance, or IaaS best practices. Help us build the future of cloud deployment! We’re hiring principal and senior software engineers, DevRel, and more. (Psst: we target 90th percentile salaries and post total comp directly in the job description.)
The AWS Region Services organization redefines the way AWS designs, builds and operates regions that will enable one thousand new regions and region offerings of different designs and sizes. We deliver products by working backwards from unique Customer requirements for broader applicability. AWS customers are extremely diverse, the AWS Region is the foundation for offering services to our customers. Expanding customer use cases, new geographies, and the rapid adoption of cloud computing makes new region builds critical for AWS to address evolving customer needs. Why you will love it: You will have exposure to teams and leaders across the entire company. You will see many aspects of the Amazon business. You will have a direct impact on AWS growth and delivering major new capabilities for our customers. You will have ownership and responsibility for defining and executing processes that deliver both savings and productivity for AWS.
At Modern Treasury, we are building payments infrastructure to power $750 trillion in bank transfers every year. Before Modern Treasury there has never been a universal API into the global banking system. Our ambition is to be the de facto standard for money movement for the world’s most innovative and fastest growing companies. Our customers use our APIs to automate payouts, direct debits, balance tracking and other payments use cases at scale. Join our engineering team at Modern Treasury to help build the new foundation of business and finance.
Podcasts
Last Week in AWS: The Surprise Mandoogle
Screaming in the Cloud: Diving Duckbill First into the Depths of Data with Alex Rasmussen
Screaming in the Cloud: The Hari Seldon of Third Party Tooling with Aidan Steele
Choice Cuts
While AWS doesn’t like to talk about it, this multi-cloud thing is…well a thing. This is where MinIO comes in. MinIO’s high performance, Kubernetes-native object store works on every cloud – literally all of them from AWS to Zayo. This means you can build S3-like data infrastructure anywhere. The world’s fastest object store with READ/WRITE speeds in excess of 325 GiB/sec/165 GiB/sec respectively, MinIO can handle any workload – from modern databases to AI/ML and advanced analytics. Couple that with a suite of enterprise features for ILM, IAM, security and resilience and organization can architect consistency for their data persistency – across and between clouds. Don’t take our word for it, see for yourself at min.io/download.
Amazon Chime SDK now supports live transcription with automatic language identification – Digging into this, by which I mean "I read the post," it’s an integration with Amazon Transcribe rather than an under-the-hood native capability. However, they don’t make customers wire it up themselves, an oversight for which some poor product manager will no doubt be demoted for being insufficiently Amazonian.
Amazon Route 53 launches Geolocation and Latency-Based Routing for Private DNS – Your non-public databases can now be as performant as your public ones.
Amazon Route 53 Resolver DNS Firewall significantly reduces service cost – A combination price reduction and internal architecture change. Note also that the headline isn’t "an update on Amazon Route 53 DNS Firewall Pricing" because it is in fact a price reduction for everyone, and also because they’re not Google Cloud.
AWS announces AWS Billing Conductor – At long last, "slapping artificial markups on the cost of cloud services" now comes to customers instead of being purely the domain of the AWS Managed NAT Gateway pricing team!
Announcing AWS AppConfig Feature Flags General Availability – Whoa whoa whoa, slow down there a second and back up. The initial launch blog post for AppConfig explicitly mentioned "feature flagging" as an example use case for AppConfig itself. I, like Pepperidge Farm, remember this. So what’s this feature, SUPER Feature Flagging? Oh, and while you’re answering that, can you also tell me how this service differs from "CloudWatch Evidently," a different AWS Feature Flagging offering? No, you can’t use the honest answer of "a manager in a different org was angling for a promotion." If you can’t explain it to me, good luck explaining it to customers…
AWS Chatbot announces support for management of AWS resources from Slack (General Availability) – ClickOps will not stand for its territory being ceded to ChatOps!
AWS Cost Anomaly Detection supports integration with AWS Chatbot – I promise you, if I were to sit the anonymous author of this post’s unfortunate wording in front of a livestream and told them to "simply configure an Amazon Simple Notification Service (Amazon SNS) topic," I’m rather confident that they would never use the term "simply" in that context for the rest of their life.
The AWS Lambda console now supports the option to share test events between developers – Sounds super simple, right? Hah, fooled you again! This is a feature that touches AWS Lambda, so of course it’s finnicky, complicated, and includes phrasing like "Lambda saves shareable test events as schemas in an Amazon EventBridge (CloudWatch Events) schema registry named lambda-testevent-schemas."
Couchbase Capella DBaaS is flexible, full-featured, and fully managed with built-in access via K/V, SQL, and full-text search. Flexible JSON documents align to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling, while reducing costs. Try it today for free and be up and running in 3 minutes—no credit card required.
Capgemini Simplifies the Letter of Credit Process with Amazon Managed Blockchain – I tried, reader. I really did. I wanted to believe that this was an actual real-world use case for blockchain, but alas: it’s a "reference architecture," which translates to "we would not actually deploy this to a customer site unless under duress, as we at Capgemini are not complete clowns and strive to deliver solutions to our clients that aren’t completely bonkers."
Build a cost-effective extension to your Elasticsearch cluster with Amazon OpenSearch Service – Their trademark lawsuit settled, AWS is back to its usual position of attempting to validate the living shit out of Elastic’s market for them.
Migrate your Amazon Redshift cluster to another AWS Region – Sure enough, this is roughly as complicated as migrating your Redshift cluster to a different cloud provider.
Archive data from Amazon DynamoDB to Amazon S3 using TTL and Amazon Kinesis integration – Maybe I misunderstand something key, but this feels dangerous to me. An outage in the Kinesis Data Streams connector or the stream itself, and instead of being archived, that data will end up being lost, no?
Prepare for faster disaster recovery: Deploy an Amazon Aurora global database with Terraform – Uhm… is the implication of this headline that you’re going to have to exercise your DR plan a lot faster than you thought if you use Aurora global databases with Terraform or what, here? I get that service naming is hard, but blog post headlines are a bit easier. Maybe try?
Automate email responses using Amazon Comprehend custom classification and entity detection – The architecture diagram contained herein is the most hilarious overcomplication of an autoresponder I believe I’ve ever seen.
Unravel the knowledge in Slack workspaces with intelligent search using the Amazon Kendra Slack connector – I sure would like to do this except that Kendra’s least expensive option is several times my entire existing monthly AWS bill.
Tools
Configuring a VPN server is hard due to their complexity and vast knowledge of certificate and networking required. You can spend the next 6 months setting up an OpenVPN server and fine tuning it. Or you can just use our solution and be up and running within 3 min. Not to mention that we have built in reliability into the product – it mimics the Serverless ideology. 0x4447 VPN Server using OpenVPN® on the AWS Marketplace
Usually I talk about open source tooling here. For a change, I want to highlight Cloud Profiler from Google Cloud. It’s free (until they, y’know… change their minds about that like they have with other services recently), it runs anywhere (including other cloud providers, and showcases Google’s engineering prowess in ways that directly benefit the rest of us. More like this, please!
I gave a description on Twitter of a developer tooling setup that I wish existed, but apparently doesn’t. If you know otherwise, please tell me.
… and that’s what happened Last Week in AWS.