Welcome to issue 176 of Last Week in AWS.

A relatively uneventful week in AWS releases; they're apparently saving them all up for re:Invent (AWS’s own version of Cloud Next) in December. My re:Quinnvent sideshow project should if nothing else be amusing as a result...

As always, if you've got challenges with your AWS bill, feel free to give us a shout; fixing them is what we do.

This issue is sponsored in part by my friends at ChaosSearch! Processing data at scale with an ELK Stack is: A. budget-breaking; B. soul-crushing; C. time-sucking; D. all of the above. Because ChaosSearch is a fully managed log analytics platform that leverages your Amazon S3 as a data store, there’s no more data movement, no data retention limits and savings of up to 80% vs current log analysis approaches. So if you’re sick and tired of your ELK stack falling over, or of having your data retention squeezed by increasing costs, then visit chaossearch.io today and join the log analysis revolution! (and tell them I sent you!) Sponsored

Cloudonaut has an analysis of how VPC endpoints increase DynamoDB latency by 30%. Apparently the constraint is now: Good, Fast, Cheap: Pick One.

A remarkably thorough guide to passing the AWS Solutions Architect Associate exam.

The UK has a list on GitHub that documents the architectural decisions made by the UK government in their AWS environment. It's kind of amazing! Thanks to Dan Moore for the tip.

When no less an authority than Steve Yegge (former Amazonian, Googler, and Grabber) writes a treatise on how Google Cloud's deprecation policy is killing them, smart folks take notice.

A guide to realtime monitoring your EventBridge Traffic. "What if tail -f were somehow more complicated" seems to be the AWS service end state.

How someone writes meaningful tests for AWS Lambda Functions. Personally I just ship them and then listen for customer complaints instead.

I'm not sure what a Prototyping Architect at AWS is or does, but Jerry Hargrove (famous for his Visual Service Summaries) is certainly about to teach us.

This week's S3 Bucket Negligence Award winner basically exposed everyone's email address.

If you hardwire AWS credentials into your application, you're doing it wrong. If you're also a COVID-19 track-and-test app that you require your university students to use, you are a fool.

If you've got an interesting job for this newsletter's eminently employable subscribers, get in touch!

Do you hold a US Security Clearance? Do you want to build exciting things? Steal exciting secrets? Make big trouble for Moose and Squirrel? Check out the AWS Cleared Jobs and see if AWS might have a role that's up your alley. Many restrictions apply; see page for details.

OpenEye Scientific is looking for a Backend Developer to be part of a team responsible for developing OpenEye’s cloud platform, Orion, a state of the art elastic workflow scheduler and orchestration system. Orion is a container-based scientific workflow system written in Go and Python. While there are some interesting workflow and container orchestration systems out there and also Kubernetes, none deliver the flexibility in using legacy applications and toolkits, ease of use, scalability, and reliability that they are targeting. Their system is made up of Floe, a Python workflow framework, and a cloud-based workflow runtime and user interface leveraging many technologies, including Django, Docker, and AWS.

N2WS is your giant "easy button" for near-instant recovery —including cross-account and cross-region— even if your recovery process needs to happen in a specific sequence. Try it free today!

And with smart scheduling and data management you can achieve better SLAs, while saving on your AWS bill. Now for a limited time N2WS is offering $100 in AWS credit just for setting up their free trial. Sponsored

6 new training courses for Amazon Connect - "How complicated is a given AWS service" is answered perfectly by this headline.

Amazon Corretto 8 & 11 support extended - "We're extending our free and open JDK support for an additional three years just because" is definitely an AWS thing to do. "Corretto" is even a great name, which is definitely NOT an AWS thing at all.

Amazon EKS on AWS Fargate now supports Amazon EFS file systems - You can now mount your home directory inside of Fargate EKS containers.

Application and Classic Load Balancers are adding defense in depth with the introduction of Desync Mitigation Mode - The AWS powered load balancers you've been ignoring quietly become more powerful. One day you'll work for them.

Announcing the newest AWS Heroes – August 2020 - Some great people in here this quarter--but also Ian McKay, noted Code Butcher and frequent friend of the newsletter. The seals are giving way!

AWS announces WorldForge in AWS RoboMaker - This is seriously interesting. And as a sign that the RoboMaker marketing team has their heads on straight, they grabbed "WorldForge" as the name instead of reserving it for an ML service that signs documents while pretending to be people.

Deter spam callers using Amazon Connect - From the company that also brought you "deter potential employees by making them use Amazon Chime."

Introducing the AWS Controllers for Kubernetes (ACK) - This is fascinating; eventually, Kubernetes stands a chance of replacing CloudFormation et al as the default "how AWS resources are provisioned." Of course they gave it a terrible name, why belabor it?

5 tips for implementing conversational experiences in travel - We're all trapped at home during a pandemic and somehow AWS found a way to be that person in the airplane seat next to you who just won't stop talking.

Re-thinking the Fine Dining experience - I trust advice on fine dining from a company with a stated "frugality" leadership principle about as far as I can comfortably spit a rat, which is coincidentally the kind of fine dining thought leadership I would expect from them.

Announcing AWS Amplify Flutter (Developer Preview) - "We think AWS Amplify Flutter is a great name!" "Only because until this moment you never considered AWS Stethoscope."

How to use AWS RAM to share your ACM Private CA cross-account - You can now save money and reduce the Resource Scavenger Hunt by sharing ACM Private CAs betwixt accounts. Note that each one of these puppies costs you almost $5K a year.

4 reasons to invest in entry-level cloud talent - Number 5: senior talent has to come from somewhere, dingus. Tomorrow's seniors are today's juniors.

Startups and enterprises alike are embracing containerization and Kubernetes, but security struggles to move at the pace of DevOps, bogged down by tools and processes not suited for cloud-native technology. Register for this webinar where cloud-native security experts from AWS, Informatica, and StackRox will discuss how to apply Kubernetes-native security and controls to protect containers and Kubernetes without slowing down application development and rollout. Date: Sep 03, 2020 | 10 AM PDT Sponsored

I've been setting up an overpowered workstation this week, and found asdf to be a great version manager that supports a bunch of different languages.

If you need to build an atomic counter with DynamoDB, this tutorial should sort you out. All they forgot to do was call it "Geiger" at the end.

A quick secure web URL redirect tool on top of API Gateway.

A simple tool that turns off development environments at night.

A straightforward "honey token" service that tells you when you just got your credentials stolen.

Instacart's library for working with ARNs is awesome, but they called it arn. "A Call to ARNs" was RIGHT FREAKING THERE, Instacart! It's like they got mad at Amazon competing with them in grocery delivery, so decided to return fire by competing with lackluster naming.