Good morning!
Welcome to issue number 141 of Last Week in A. W.S.
This newsletter was mentioned and linked to last Sunday on the front page New York Times story, Prime Leverage: How Amazon Wields Power in the Technology World. Welcome, new readers! For this week I’m bowing to the New York Times Style Guide and spelling the newsletter as “Last Week in A. W.S.” complete with the messed up keming.
I’m off for this week and next from doing actual work, but I’ll still be on Twitter, the podcasts, and here in your inbox. Thanks for continuing to read this ridiculous newsletter, folks. It wouldn’t be worth doing without you.
From the Community
CHAOSSEARCH allows you to turn terabytes of raw data into actionable insights in minutes… literally. If you want to use Elasticsearch APIs but want to spare yourself the constant “my Elasticsearch cluster has fallen over and it won’t get up” moments, check them out. Your data lives in your own S3 bucket, while their magic provides incredibly responsive queries… and you never have to move your data. Reach out to CHAOSSEARCH and tell them I sent you, and also to turn off their caps-lock key. Sponsored
I was quoted in this article on cloud trends to continue in 2020.
The Sysadvent blog posts a great article on importing and manipulating your Terraform configuration.
The toilet-goblins at Lyfebin earned themselves an S3 Bucket Negligence Award with distinction for threatening the journalist who reported on it.
The UK has a case study and guidance published around cloud lock-in. I agree with it.
Honeycomb talks about their approach to storage via Lambda functions.
Digital Consultancy IGME scores itself an Cloud Data Leak Exposes Thousands of US Defense Contractor Staff – Infosecurity Magazine by exposing the details of thousands of US defense contractor staff to the open internet. A “full service digital marketing consultancy” indeed!
I confess that Google Cloud Platform is probably here to stay. We had our fun, but I’m worried some folks took the “GCP is turning off in 2023” joking way too seriously…
A guide to monitoring CodePipeline deployments.
Tim Bray, who has forgotten more about computers than the rest of us will ever know, has penned some thoughts around Content-based Filtering.
A guide to building a data warehouse on top of Amazon Redshift.
Trek10 has a blog post up about Lambda destinations: What We Learned the Hard Way,
Large signs aside, it would appear that some reInvent attendees didn’t realize that the conference badges anonymously tracked attendee movements. Given the scrutiny around privacy, this really should have been opt-in.
Jobs
If you’re considering a job change, check out a position below. Regardless of where you find it, you should definitely negotiate your salary. If I were to magically become employable, I’d immediately head to FearlessSalaryNegotiation.com and talk to Josh Doody about it before saying anything further. He’s done this many times before, with a special emphasis on engineering roles at FAANG companies. He’s an artist when it comes to getting the best compensation possible without seeming greedy or losing the offer. He offers coaching, free articles, an ebook, and other things along the way. Check him out–and tell him Corey’s talking about him again.
At AWS’s EFS team, they work on developing systems and software to build and operate a distributed file system at cloud scale. The complexity makes my head hurt. The scale of the problems they attempt to solve every day provide unique and interesting challenges, some of which are even fun. As a developer at EFS you will be pushed to contribute at your highest level and embody the Amazon leadership principles of Promise–er, Deliver Results and Think Big. EFS: because they won’t let us shove NetApps into us-east-1.
X-Team is hiring Go developers with strong AWS skills, anywhere on the planet. The work is interesting, they partner with companies you’ve heard of, and you can work from wherever you care to be. Now before you wind up getting cynical, let me save you some time–I already did, and hopped on a phone call to chat with them and then berate them for their crappy culture. Instead I was pleasantly surprised: they invest in their people (including a personal development stipend), they have distributed community events (both online and in person around the world), and actually work with their employees; this isn’t a “send us a postcard if you ever get there” body shop. Take my word for it; check out X-Team and see for yourself. Tell them Corey sent you…
Choice Cuts
The recipe for observability has two main ingredients: tools that provide so much more than metrics dashboards, and an engineering culture of software ownership. Alternately, you could do what some other companies do and just slap the Observability label on anything you’re shipping today and call it good. Honeycomb’s latest e-guide, Developing a Culture of Observability, lays out why observability culture and tools go hand-in-hand. Learn how observability culture reduces business risk, makes developers happy, and increases site reliability – all for the benefit of your customers. Happy devs – happy customers, with Honeycomb. Sponsored
Amazon AppStream 2.0 adds dual monitor support for browser based streaming sessions – Dual monitor support is great and all, but I’m holding out for free two-day shipping.
Amazon Connect is now available in the Europe (London) A. W.S. Region – The Europe region is London, not “the EU region” as it’s been called pre-Brexit. Fascinating.
Amazon EC2 Fleet Now Lets You Preferentially use Available Capacity Reservations – EC2 Fleet erodes its value proposition of “simplifying large scale fleet management” by adding yet more knobs and dials.
Amazon EKS enables network access restrictions to Kubernetes cluster public endpoints – “Identity is the new network boundary” except when it comes to Kubernetes which enshrines some of the worst problems of yesteryear. Knock yourselves out!
Amazon Elastic Container Service launches a new CLI to launch and manage containerized applications easier – I’m actively annoyed that I like this as much as I do. It makes Fargate way, way, way more accessible for those of us who haven’t played with it before. This is going to require some deeper exploration…
Amazon ElastiCache for Redis adds support for Redis 5.0.6 with additional stability and metering improvements – For more on this we go live to the Redis Labs folks who are quietly grinding their teeth and forcing a smile.
Amazon Lex announces support for Conversation Logs – “What did we forget? Oh, right–logging.” Some days you wonder exactly how these products broke free from the lab in the first place.
Amazon MQ introduces throughput-optimized message brokers – Amazon MQ’s instances are called “brokers” because if you leave them running and forget about them, you’re suddenly a lot broker.
Amazon MSK adds support for Apache Kafka version 2.3.1 – But the upgrade process is really… hmm. We need a word that means “having a nightmarishly complex, bizarre, or illogical quality.”
Amazon Neptune supports Cross-region Snapshot Copying – Neptune (the Giraffe Database) is a curious animal indeed. It launched without a bunch of features one would expect that are steadily getting cleaned up along the way. For instance, it launched originally without TLS encryption support.
Amazon Personalize now supports contextual recommendations – This is a neat feature–given certain contexts you can influence recommendations generated. For example, you could present different content to folks depending upon what device or browser they’re using. iPhone users could have Lightning accessories recommended, people using Brave’s browser with its cryptocurrency thingy could instead be offered timeshare investments, etc.
Amazon Route 53 Resolver Endpoints for Hybrid Cloud Now Available in the Europe (Stockholm) A. W.S. Region – My favorite database’s endpoint service expands. Resolver endpoints, for those who forgot, are how you extend private zones to on-premise environments, among a few other things. You no longer need expose your databases to the world as a result.
Amazon SES now enables you to configure DKIM using your own RSA key pair – SES inches ever closer to being “a laughable replacement” for SendGrid instead of its previous state of “a complete non-starter.”
Amazon Textract is now PCI DSS certified and extracts even more data from tables and forms – So all of your printouts of credit card numbers can now safely be digitized and then left in an open S3 bucket for the internet’s convenience.
Amazon Transcribe now Supports Vocabulary Filtering – This lets you replace words with asterisks in a transcription. A. W.S. almost certainly applies this to marketing material with a word list that contains “multi-cloud.”
A. W.S. Certificate Manager Private Certificate Authority Now Emits State Change Events – Last Week in A. W.S. office-dog Ethel the Chihuahua emits unpleasant aromas, which is about as relevant to most folks’ workflows as this release.
A. W.S. Cloud9 is now available in 6 more regions – …frantically being renamed to A. W.S. Cloud15.
A. W.S. CodePipeline Now Supports Atlassian Bitbucket Cloud (Beta) – I’m not so sure that supporting a third-place git hosting service is going to move the needle overly much on CodePipeline adoption, but what do I know?
A. W.S. Elastic Beanstalk Launches the Windows Web Application Migration Assistant – This is AWESOME as far as releases go: it lets you migrate your workloads the hell out of Elastic Beanstalk and–wait, it doesn’t? It only moves workloads into EBS? Oh. Oh dear me.
A. W.S. Ground Station is now available in Europe (Stockholm) Region – “A regional expansion of a service that talks to satellites in orbit” seems to be more than a little bizarre to me, but what do I know? Ground Station is “Earth orbit” as far as region goes, no?
A. W.S. OpsWorks for Configuration Management now supports tagging and tag-based access control – Wait wait wait. Is “A. W.S. OpsWorks for Configuration Management” now its formal title? If so, it’s new. The documentation is stupendously unclear. This is going to haunt me over the holidays…
A. W.S. Security Hub integrates with A. W.S. Firewall Manager – It’s bemusing at times to realize just how many A. W.S. service releases distill down to “Huzzah, one service can now talk to another service!”
A. W.S. Service Catalog supports deprecation of product versions – And A. W.S. steps into the ring to challenge Google on their home turf of “deprecating things.” The cloud wars just got hotter.
A. W.S. Systems Manager Automation now supports adding tags to your executions – “We just destroyed all of production by mistake” now lets you use tags to sign your name, making it harder for a blameless postmortem to avoid blaming you.
A. W.S. Systems Manager Automation now supports targeting all instances in the account and Region – A. W.S. has made it easier than ever to instantly destroy your entire fleet of instances by mistake.
A. W.S. WAF improves request logging for context around matched rules – Aw, your infosec team’s least favorite scavenger hunt is about to come to an end. It’s no fun if they tell you exactly why a request fails in the logs…
Amazon CloudFront adds eight additional real-time metrics in Amazon CloudWatch – Last week I mistakenly said that CloudFront’s additional log metrics would spike your CloudWatch Logs bill. CloudFront logs to S3; thanks to eagle-eyed reader Matthew Clark for the correction! This week’s enhancements also correct the error by spiking your CloudWatch bill.
NoSQL Workbench for Amazon DynamoDB adds support for A. W.S. Identity and Access Management (IAM) roles and temporary security credentials – Wait, so you need to have this running on an EC2 instance instead of locally? I can’t very well have an IAM role on my laptop, so there’s something I’m missing.
New Amazon Corretto Repositories and Permanent URLs are Now Available – Amazon announces “permanent URLs” for downloading updates; Google deprecates their goo.gl URL shortener. Ouch.
OTA updates via HTTPs – If you think my obnoxious “A. W.S.” styling is annoying as hell this week, check this one out–someone forgot to tell Amazon that “HTTPS” is all caps. It’s not the plural of HTTP.
Session Manager now available directly from the Amazon EC2 console – Ahaha! They begin the multi-stage process of changing “Systems Manager Session Manager’s” terrible, terrible name.
Alejandra’s Top 5 Favorite re:Invent🎉 Launches of 2019 | A. W.S. News Blog – Alejandra has a great set of recommendations–even if she did completely snub my re:Invent expo nature walk.
New – Amazon Comprehend Medical Adds Ontology Linking | A. W.S. News Blog – This is a feature enhancement appreciated by oncologists and ontologists alike.
Collect and distribute high-resolution crypto market data with ECS, S3, Athena, Lambda, and A. W.S. Data Exchange | A. W.S. Big Data Blog – A. W.S. is now interested in actively helping their customers get ripped off by the cryptocurrency fad that’s sweeping the world.
Setting the record straight on A. W.S. and open source | A. W.S. Open Source Blog – A. W.S. rages against the aforementioned NYT article, with a blog post that name drops a bunch of partner companies they’ve bullied into saying that they don’t see A. W.S. as a threat.
Tools
Do you want to be able to use machine learning to enable predictive maintenance? Did you know, in a few clicks, you can enable a mechanism that starts and stops EC2 or RDS instances when you’re not using them? Do you want to know how to instantly deploy a Video On Demand system? Are you curious how A. W.S. Solution Architects would design different architectures? Use A. W.S. Solutions to help you get your well-architected workloads deployed quickly! You’ve got A. W.S. Problems; they’ve got A. W.S. Solutions. Sponsored
Chekov prevents misconfigurations at build time.
A new code terrorist is anointed as they found a way to stream movies from A. W.S. for effectively free.
This A. W.S. EC2 Spot Instance Simulator is fascinating as far as giving a glimpse into the complexity therein.
A better boto paginator is something every Python developer will almost certainly appreciate.
… and that’s what happened Last Week in AWS.