Good Morning!


Welcome to issue number 110 of Last Week in AWS.

This week sees me in Barcelona, Italy for KubeCon. Some folks tell me that Barcelona is in fact in Spain, but that doesn't sound right to me. We'll agree to disagree. Come find me!

I'm hosting theCUBE on Tuesday and Wednesday; live tweeting is no longer enough for me, so live streaming it is.

Lastly, I'll be doing a Reddit AMA in /r/aws on May 28th at 11AM Pacific; see you there. Bring questions...

 
 
 

This issue is sponsored in part by Site24x7, Zoho's cloud monitoring solution.

 

This issue is sponsored in part by Site24x7, Zoho's cloud monitoring solution. Site24x7’s powerful AI-driven monitoring solution offers complete monitoring right from end-user experience to application performance enabling you to get insights into what’s happening in your AWS environment, all from a single console for just 1 dollar per resource. Give it a spin

 
 
 

   From the Community

 

A dive into AWS Transit Gateway Routing in Multiple Accounts that nicely captures the nuances.


A lighter way to deploy to ECS is well worth the time to read if you're considering ECS for your workloads.


A fun romp through exploiting common serverless security flaws in AWS. Pay attention!


I wrote a blog post about why Lyft is smart to pay AWS $300M. Read it before you call me a shill, please.


An IoT Coffee Monitor sounds like a lot of work versus "getting up to check if there's coffee."

 
 
 
 

This week's issue is sponsored in part by Digital Ocean.

 

With flat pricing across all global regions for compute, object storage, and databases - plus a free managed Kubernetes service - DigitalOcean makes it easy to scale up your infrastructure without guessing what your cloud bill will be every month. Plus their documentation and tutorials are some of the best in the industry, so there’s no need to go to cloud school to use their services. Thanks again to DigitalOcean for their ongoing support.

 
 
 

   Jobs

 

If you've got an interesting job for this newsletter's emminently employable subscribers, get in touch!


AWS is now hiring License Managers in four additional regions--wait, that's a service, not a job. Nevermind. I got confused.


It can often feel like keeping up with AWS is like drinking from a firehose. Why not work on an actual firehose? Kinesis Firehose (and other Kinesis teams) are solving hard problems around ingesting massive quantities of data at huge scale. With roles in Seattle, Palo Alto, and Cambridge (the one in the U.K.; they were banned from the one in Boston due to their insistence on pronouncing MIT as "mitt"), they're a fascinating team with wonderful challenges. For more information, check out their open roles. For a lot more information, implement Kinesis Data Streams in your environment.

 
 
 
 

This week’s issue is sponsored in part by GitPrime.

 

20 Patterns to Watch for in Engineering Teams. GitPrime's new book draws together some of the most common software team dynamics, observed in working with hundreds of enterprise engineering organizations. Actionable insights to help you debut your development process with data. Get Your Copy.

 
 
 

   Choice Cuts

 

Amazon EKS Adds Support for Public IP Addresses Within Cluster VPCs - Chalk up another win for the elegantly named AWSECS4K8S(EKS)!


Amazon EKS Simplifies Kubernetes Cluster Authentication - Meanwhile, this move is countered as Amazon Cognito prepares a feature release to complicate Kubernetes cluster authentication. The chess game continues.


Amazon RDS for MySQL Supports Password Validation - Now RDS can tell you that "kitty!' is a terrible password.


Amazon SNS Adds Support for Cost Allocation Tags - I see that the Cost Allocation Tagging team tagged the SNS team, likely with a bat.


Amazon Transcribe now supports Hindi and Indian-accented English - Boston accents still unsupported, since nobody can stand listening to them long enough to debug the system (hey-o!).


AWS Asia Pacific (Seoul) Region Adds Third Availability Zone - Unlike launching additional CloudFront Edge locations, a third AZ unblocks a number of customers who previously couldn't do certain things in a region. I'm not entirely sure why AWS launches regions without at least three, since a number of services have a requirement of three AZs to run in the first place... Mumbai got one too.


AWS Migration Hub EC2 Recommendations - With 180 different instance types, they pretty much have to build something like this.


AWS Lambda adds support for Node.js v10 - Node 10 is now a "rolling release" which means that your functions will now magically start seeing corner case regressions unless they're VERY diligent with ensuring that changes are non-breaking. I guess we'll find out!


Monitor Emails in Your Workmail Organization Using Cloudwatch Metrics and Logs - This is huge news for both Workmail customers; unfortunately one of them is slammed with higher priority projects and the other doesn’t realize they’re a Workmail customer.


Create fine-grained session permissions using AWS Identity and Access Management (IAM) managed policies - I've read this three times and I still don't understand what it does. Help?


You can now use custom chat bots with Amazon Chime - This announcement was heralded by cries of "what the hell is Amazon Chime?!" You don't want to know.


Troubleshooting, Monitoring, and Cost Tracking for Serverless Applications - Epsagon CEO Nitzan Shapira talks about how Epsagon helps troubleshoot, monitor, and track cost for serverless applications. I like the service; I've been using it myself for month, and it helpfully tells me that my costs are spiraling out of control at 22¢ a month.


Upcoming updates to the AWS Lambda and AWS Lambda@Edge execution environment | AWS Compute Blog - Surprise, the underlying OS that powers the Lambda execution environment is about to update to Amazon Linux 2. The time to test is now.


Spring 2019 SOC reports now available with 104 services in scope - Spring, a time when the world renews after the winter, birds start tweeting, and new SOC2 reports come out.


Best Practices Design Patterns: Optimizing Amazon S3 Performance - Amazon Simple Storage Service - It's worth reading the updated guide; a lot of historical common wisdom no longer applies, but for some reason they're not too loud about this one.

 
 
 
 

   Tools

 

IBM has released a code pattern that lets you run COBOL on Kubernetes because some product manager wasn't hugged enough as a child.


cost optimizations - An open source tool to quickly find cost optimizations in AWS and GCP environments. I like this!


A security scanner for Lambda seems interesting.


A handy Serverless app that transcribes audio to text. It's a great component of a larger system.

 
 
 
 

… and that’s what happened Last Week in AWS

If you’ve enjoyed reading this, tell your friends to sign up online at lastweekinaws.com — or post a link in your company Slack team!

As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

 
 
 

I’m Corey Quinn

I help companies address their horrifying AWS bills by both reducing the dollars spent and helping them understanding what they’re paying for.

 
 

Screaming in the Cloud

In addition to this newsletter, I host a podcast about the business of cloud computing, featuring me talking to folks who are good at things; it's a nice contrast.

 
 

Sponsor an Issue

Reach over 12,200 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon's cloud ecosystems.