[Last Week in AWS] Issue #164: AWS Security Landscapers

Good Morning!

 

 

This is the 164th issue of Last Week in AWS, but that feels like a hollow observation against the backdrop of the uprising we have seen developing in the United States (this newsletter's home country) over the last week. Although the content for this newsletter was written in advance, here I am on Sunday night feeling shaken to my core and torn about what to say to you all on Monday. You're here for tech snark and I'm the clown that's good at providing it, but that's not what this moment demands of us.

 

The United States has a sordid and shameful history of racial injustice, but calling that a "history," while truthful, also presents a too-easy opportunity to ignore the reality of ongoing racial inequality that persists to this day. The protestors' anger is righteous, and their cause is just. My words cannot possibly add more than they are saying with their actions.

 

For those who, like me, are feeling lost and trying to figure out what to do to help make the world worthy of the oppressed people in it, I have a few charitable organizations to recommend:

 

http://www.pisab.org/we-are-undoing-racism/

 

https://www.naacp.org/

 

https://nmaahc.si.edu/connect/give

 

Now, as ever, #BlackLivesMatter.

 

If you've any interest in a temporary break from fighting the good fight, here's this week's prerecorded content below:

 
 
 

   From the Community

 

Sick of having to manage different CI servers and tools? Of course you are, even if you can't admit it in public. Let's talk about Buildkite; a unifying voice in this sea of madness. It has an easy-to-use web UI, extensive docs, and a portable agent that runs on any hardware or container runtime. You want to talk scale? Shopify has happily used Buildkite to grow from 300 to 3000 engineers--while keeping builds under 5 minutes. Check it out at buildkite.com. They've even got a CloudFormation stack if you want to cosplay as a responsible engineer! Sponsored

 

 

Common English descriptions of a huge swath of AWS services were on my backlog, but someone beat me to it, and did so excellently. Now I want to collaborate with the author on adding a "snark" column.

 

 

If you want to use Python to get every item from a DynamoDB table before you die of old age, you're in for a treat.

 

 

An obnoxious interview question I tweeted about led to a bug report in GNU's coreutils project. Because it's GNU's coreutils project, the bug is closed as WONTFIXYOUFREAKING_MORON.

 

 

I've been saying for a while that separating AWS from Amazon would be a net positive for everyone. It's nice to see that respected publications are beginning to agree with that position.

 
 
 
 

   Jobs

 

If you've got an interesting job for this newsletter's eminently employable subscribers, get in touch!

 

 

"At Stedi, they're working in one of the biggest markets on the planet – EDI, the technological backbone of the physical product economy. They’re building a next-generation platform: a ubiquitous commercial trading network to automate the trillions of dollars in B2B transactions exchanged by nearly every company on Earth. If you're interested in what they're building and how they’re building it, they'd love to hear from you.

 

 

No one likes managing EC2 instances, so you might like managing the team that replaces them with containers. That's right, the Fargate team is hiring three Software Development Managers. People-focused servant-leaders are encouraged to apply. Help bring about an end to the Serverless vs. Containers war that doesn't need to be fought in the first place. One last point: every team at AWS has internal principles that embody their culture, but this team publishes theirs on GitHub. I wonder how they'd take pull requests?

 
 
 
 

   Choice Cuts

 

Mistakes happen in the cloud. Just ask anyone who's accidentally left expensive workloads running, put sensitive data in a public bucket, or agreed to deploy an Oracle product. The folks at cloudtamer.io believe that a well-governed cloud means never having to say you're sorry--and not because Finance doesn't know where to find you. cloudtamer.io unifies access and identity management, budget enforcement, and compliance automation into a single solution that works across both AWS and Azure. If your cloud ops team or developers apologized recently, check them out. If they refused to apologize, several notable tech companies are currently hiring. Sponsored

 

 

3 New Role-Based Learning Paths for AWS Media Services - And not a one of those paths is "trapped in my home while accidentally becoming my own AV crew."

 

 

Amazon MSK now supports Apache Kafka version upgrades - It always has, if we're being technical. It's just that the upgrade process is no longer "throw the entire cluster away and start over."

 

 

Amazon QuickSight launches integration with Amazon SageMaker and more - SageMaker is catching on like wildfire, so QuickSight desperately hopes to ride its coattails to success. Sure, why not.

 

 

Amazon RDS for PostgreSQL Supports R5, M5, and T3 Instance Types now available in AWS GovCloud (US) Regions - empty

 

 

Amazon S3 adds support for IPv6 protocol in AWS China (Beijing) Region, operated by Sinnet and AWS China (Ningxia) Region, operated by NWCD - As global tensions continue to escalate, AWS stokes them by inflicting IPv6 on a foreign power.

 

 

AWS Fargate now encrypts data stored on ephemeral storage by default in platform version 1.4 - Excellent for compliance checkboxes and (for all practical purposes) absolutely nothing else.

 

 

AWS Systems Manager Explorer now provides a multi-account, multi-region summary of AWS Compute Optimizer recommendations - This is a common pattern. No, not "putting random words after 'Systems Manager'" though that remains a perennial favorite, but rather a given service so completely biffs it on working cross-account and cross-region that a completely separate service team has to step in to fix it.

 

 

Data Lifecycle Manager adds supports scheduling based on cron expressions and additional backup intervals including weekly, monthly and annual schedules - If there's one thing customers adore, it's fighting with cron's arcane syntax to schedule something. Of course it's in UTC rather than whatever timezone you happen to be in; didn't you notice that the two-week delay of the Last Week in AWS newsletter archive on the website publishes back-issues at different times depending upon whether DST is in effect?

 

 

Network Load Balancer now supports TLS APLN Policies - This newsletter goes to just shy of 20,000 people. At most 2 of you realize that I intentionally switched the letters in this headline; it's ALPN, but almost nobody in the world is up to speed about it.

 

 

Now deploy AWS Config rules and conformance packs across an organization from a delegated member account - Another day, another service becomes Organization aware, and another doomed attempt to make the term "conformance pack" sound anything less than actively ridiculous.

 

 

AWS Solutions: Serverless Bot Framework adds a remastered user interface and uses AWS Amplify - This is pretty neat. You try to deploy the solution, it causes a Cambrian explosion of resources within your AWS account, and if you dare to complain on Twitter the Serverless Bots swoop in to tell you you're doing it wrong.

 

 

Introducing the latest AWS Heroes – May, 2020 | AWS News Blog - A new crop of AWS Heroes have been anointed-and they're all new to me. This is a good thing; it means the AWS community has grown well beyond my ability to keep it all in my head the way I do AWS products.

 

 

New – AWS Amplify Libraries for Android and iOS | AWS News Blog - Finally, AWS Amplify has Knative libraries for iOS and Android. A small subset of the people reading this are suddenly very worried that the previous sentence might not contain a typo after all.

 

 

New – SaaS Contract Upgrades and Renewals for AWS Marketplace | AWS News Blog - Selling SaaS to enterprises continues to grow more Enterprisey. One day there will be so many configurable options within the AWS Marketplace that it'll gain sentience as an ERP implementation.

 

 

Single Sign-On between Okta Universal Directory and AWS | AWS News Blog - With the shiny new Okta support, AWS Single Sign-On releases its best feature yet: a way to completely bypass AWS Single-Sign On.

 

 

Fine-grained Continuous Delivery With CodePipeline and AWS Step Functions | AWS DevOps Blog - Step Functions meet CodePipelines for a "turtles all the way down" level of CI orchestration. Give it a try so that your code may be the sand showered into the finely machined gears you're given.

 

 

Implementing Serverless Transit Network Orchestrator (STNO) in AWS Control Tower | AWS Management & Governance Blog - I... what on earth is the problem that this is solving for? I'm sure it exists, but oh my stars does it sound awful.

 

 

AWS Shield Threat Landscape report is now available | AWS Security Blog - This contains something I'm not sure I've seen before: a "state of the internet" security report that isn't gated by a demand for your contact info.

 

 

How to create SAML providers with AWS CloudFormation | AWS Security Blog - Setting up SAML federation with CloudFormation sounds to me like something akin to rewiring an iPhone while wearing oven mitts.

 
 
 
 

   Tools

 

Running a business is hard. Your cloud doesn’t have to be. DigitalOcean is the cloud that offers transparent, predictable pricing - even for Kubernetes clusters, which you'd have thought was impossible! You also won't need 12 weeks of cloud school to absorb a zillion ancillary services just to be able to SSH into an instance. Is this the kind of simplicity you need out of your cloud provider? Check out DigitalOcean today. Sponsored

 

 

Do you want to learn about all the different S3 features? Of course you don't; you'd sooner go to the dentist for a root canal. Fine, be that way. Play this S3 game instead.

 

 

You used to have to wire your Lambda functions together. Now you can use AWS's open source project instead to wire together your Lambda functions.

 

 

I love this tool so much. It's a Python equivalent to curl, but it lets you make signed requests to AWS endpoints over socks5.

 

 

Who watches the instances? This tool is great at small scale, but will drive you batty past a certain point.

 
 
 
 

… and that’s what happened Last Week in AWS

If you’ve enjoyed reading this, tell your friends to sign up online at lastweekinaws.com — or post a link in your company Slack team!

As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

 
 
 

I’m Corey Quinn

I help companies address their horrifying AWS bills by both reducing the dollars spent and helping them understanding what they’re paying for.

 
 

Screaming in the Cloud

In addition to this newsletter, I host a podcast about the business of cloud computing, featuring me talking to folks who are good at things; it's a nice contrast.

 
 

Sponsor an Issue

Reach over 19,000 discerning engineers, managers, and enthusiasts who actually care about the state of Amazon's cloud ecosystems.

 
 
 
 
 
 
                                                           

Older messages

[Last Week in AWS Extras]: How to Compete With AWS

Wednesday, May 27, 2020

I'm digging the feedback I've gotten so far. By and large you all like these deep dive posts, so I suspect they're here to stay. Today's topic is on competing with AWS; it's not the

[Last Week in AWS] Issue #163: Introducing AWS SnowCannon

Monday, May 25, 2020

Good Morning! Welcome to issue 163 of Last Week in AWS. It's Memorial Day here in the US, so the country is shut down even more than it has been for the past couple of months. The AWS release

[Last Week in AWS Extras]: When AWS Elastic Underpants launches, here's how I'll learn about it

Wednesday, May 20, 2020

As we all find ourselves climbing the metaphorical walls, we express our frustration in different ways. Since it's Wednesday, mine is via long-form snark. Should you want to share this post you can

[Last Week in AWS] Issue #162: Amazon Macie Some Well-Deserved Pushback

Monday, May 18, 2020

Good Morning! Welcome to issue number 162 of Last Week in AWS. This week saw an AWS online summit that was... less than it could have been, largely due to unclear expectations. There weren't any

[Last Week in AWS Extras]: The Lost Opportunity of Amazon Kendra

Wednesday, May 13, 2020

Another Wednesday, another rant piece I've yeeted directly into your inbox. By far the most common request last week was to have a permalink to the post so folks could share it, so all right: it

You Might Also Like

Charted | Global Economic Confidence in 2025, by Country 🌎

Wednesday, December 25, 2024

While emerging markets in Asia have the strongest confidence in the global economy looking ahead, European countries are most pessimistic. View Online | Subscribe | Download Our App FEATURED STORY

Top Tech Deals 🎅 Sony Headphones, iPhone Cases, 4K Projector, and More!

Wednesday, December 25, 2024

The season of giving is upon us. How-To Geek Logo December 25, 2024 Top Tech Deals: Sony Headphones, iPhone Cases, 4K Projector, and More! The season of giving is upon us. Happy Holidays! If you're

Why the Race to AGI is Humanitys Defining Moment

Wednesday, December 25, 2024

Top Tech Content sent at Noon! Boost Your Article on HackerNoon for $159.99! Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, December 25, 2024? The

Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

Wednesday, December 25, 2024

THN Daily Updates Newsletter cover The Data Science Handbook, 2nd Edition ($60.00 Value) FREE for a Limited Time Practical, accessible guide to becoming a data scientist, updated to include the latest

Software Testing Weekly - Issue 251

Wednesday, December 25, 2024

GitHub Copilot is free! 🤖 View on the Web Archives ISSUE 251 December 25th 2024 COMMENT Welcome to the 251st issue! In case you missed it — GitHub Copilot is free! The free version works with Visual

Daily Coding Problem: Problem #1647 [Medium]

Tuesday, December 24, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Square. In front of you is a row of N coins, with values v 1 , v 1 , ..., v n . You are

Sentiment Analysis, Topological Sort, Web Security, and More

Tuesday, December 24, 2024

Exploring Modern Sentiment Analysis Approaches in Python #661 – DECEMBER 24, 2024 VIEW IN BROWSER The PyCoder's Weekly Logo Exploring Modern Sentiment Analysis Approaches in Python What are the

🤫 Do Not Disturb Mode Is My Secret to Sanity — 8 Gadgets I Want To See Nintendo Make

Tuesday, December 24, 2024

Also: The Best Christmas Movies to Watch on Netflix, and More! How-To Geek Logo December 24, 2024 Did You Know Their association with the Christmas season might make you think poinsettias hail from a

😱 AzureEdge.net DNS Retiring Jan. 2025, 🚀 Microsoft Phi-4 AI Outperforms, 🔒 Microsoft Secure Future Initiative

Tuesday, December 24, 2024

Blog | Advertise | View Online Your trusted source for Cloud, AI and DevOps guidance with industry expert Chris Pietschmann! Phi-4: Microsoft's New Small Language Model Outperforms Giants in AI

Mapped | The Top Health Insurance Companies by State 🏥

Tuesday, December 24, 2024

In 13 US states, a single company dominates the health insurance market, holding at least half of the total market share. View Online | Subscribe | Download Our App Presented by: Global X ETFs Power