Last Week in AWS Logo

Good morning and welcome to 2019!

This is issue number 91 of Last Week in AWS.

A short issue this week, as the AWS machine ramps back up. If you're in Seattle and not doing anything Wednesday evening, I'm trying my hand at "cloud standup." Admission is free, (some) drinks are covered, but registration is required so we know what to plan for. Sign up at Thanks to Polyverse for sponsoring the venue!

Community Contributions

A walkthrough of building a Tram-Time Display with AWS Lambda. The San Francisco BART system should talk to the author; they might learn a few things.

After a year of trying it exclusively, I wrote up the 8 Things I've Learned Using an iPad for Presentations. Conference talks are fun, doing them without having to mess around with a laptop makes the experience better.

The wonderfully-named AWS Corey (not me; Corey Salzer is a San Francisco based Solutions Architect) writes about her journey to read more non-fiction books in 2018.

Four Lambda Layers have been published, covering FFmpeg, SOX, Pandoc and RSVG. Note that you may want to verify their provenance / security before implementing them into things you value.

A tale of a few best practices learned the hard way, this time covering S3 and VPCs.

This one goes so far beyond the typical S3 Bucket Negligence award I don't know where to begin. Essentially Guardzilla (a security camera manufacturer) baked AWS API keys into every device it shipped. When they were inevitably exposed, everyone's video became exposed. There has been no patch, and (incredibly) no public comment as of the time of my writing this. If you have a Guardzilla "smart" camera, unplug it immediately.

SummitRoute's Scott Piper put together a great table showing SLA coverage for AWS services. We've gotta start collecting his work somewhere other than on Twitter...

AWS Hero Jerry Hargrove has done it again; this time a visual service summary of Amazon Aurora Serverless. These things are gorgeous, and I want to collaborate with him on a snarky version of a few of these...

Now that S3 Public Block is in effect, S3 bucket negligence awards become a thing of the past, and we can turn our attention towards--just kidding. This week we've got three! The Indian identity system Aadhaar; Twinning, a viral site; and Abine Blur--a freaking password manager. I shouldn't plan on retiring this award in 2019, should I...

A reddit thread discussing the nightmare of using AWS for the first time. I don't agree with everything in the thread, but it's worth a read just to see how the service is often perceived by newcomers. We were all new to this once...

After a recent Twitter kerfuffle about the idea of Manager READMEs (a document managers give to new team members about their management style), I caught up with Etsy's Matt Newkirk to discuss his thoughts on the matter. It's worth a listen to this episode of Screaming in the Cloud.

Someone forgot to tell Trek10's Forrest Brazeal that there was a holiday; he apparently spent the time trapped in the office taking us in depth on going from relational databases to a single DynamoDB table. This is well worth the time to read if you play with data modeling at all.

Choice Cuts From the AWS Blog

Amazon API Gateway announces service level agreement - The only AWS announcements of note this week are that a pair of services get SLAs. The actual money / uptime guarantee of SLAs are almost irrelevant; their value lies in signaling to enterprises that this is a service that the provider takes seriously. This is a welcome change, one that's such a delight to me that I can't even snark about it properly. Well done.

Amazon EFS Announces 99.9% Service Level Agreement - EFS is in the same SLA boat. Though I loved to mock EFS at launch, it's matured into a solid, reliable service whose only fault is that NFS is a tire-fire of a modern architectural pattern. That's not its fault though...


If you want to build a command for the (sometimes arcane) AWS CLI, this website may help you get there without wearing out your tab key. (You do have bash/zsh completion turned on for awscli... right?)

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. In addition to this newsletter, I host the Screaming in the Cloud podcast about the business of cloud computing, featuring me talking to folks who are good at things; it's a nice contrast.

If you’ve enjoyed reading this, tell your friends to sign up at (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at