Image

Good morning, and welcome to issue number 42 of Last Week in AWS.

Before we get started, a quick reminder that the Southern California Linux Expo (SCaLE 16x) returns in March. Hotel blocks are going quickly. I’ll be speaking there about the miracle known as Serverless; if you’re on the fence about attending I strongly suggest you go.

Community Contributions

A pile of handy AWS tips learned the hard way– I really wish there was a better way to find these edge cases and changes before you trip over them embarrassingly.

Cloudonaut tells the tale of migrating to Amazon Linux 2. Note that the OS is still not finalized; you don’t need to go rushing in to be an early adopter here! Think twice before migrating your multi-national bank to a non-final production operating system.

A great deep dive into how to use Lambda’s invocation context to better handle slow HTTP responses.

I’m afraid you’re thinking about AWS Lambda cold starts all wrong”. That’s provably untrue; I’m currently much more afraid of bears.

A step by step walkthrough of cloud native development with AWS Cloud9 & AWS CodeStar.

The Serverless people tie together how to monitor AWS account activity with a pile of tools.

Comcast and AWS have announced a partnership. These are two great tastes that go well together, and there’s a strong argument for Comcast to home everything out of us-east–1. After all, if that region is down, what could you possibly need the internet for anyway?

Longtime cloud cynic “The HFT Guy” predicts the demise of IBM SoftLayer by AWS. I’m not entirely sure I agree, but the piece itself is thought provoking.

I love this reddit thread’s architecture diagram on static site hosting so very much.

Choice Cuts From the AWS Blog

AWS Lambda Supports C# (.NET Core 2.0) - You can now write Lambda functions in C#, which is what they’re calling the language after focus groups around “D♭”… fell flat. You’re welcome, music majors.

AWS Lambda Supports Go - Lambda now supports Go, or really, any other language you can compile into a binary. We inch ever closer to being able to deploy full Docker containers without an arbitrary time limit on execution– oh dear I just reinvented Fargate again.

CloudWatch Introduces Tiered Pricing With up to 90% Discount for VPC Flow Logs and Other Vended Logs - While they may not be any more useful, at least VPC Flow logs are now less expensive. You may wish to consider reenabling them.

Introducing AWS Auto Scaling - AWS AutoScaling is a fantastic concept (tying together a lot of different autoscaling technologies in one place) that’s unfortunately been given a typical “did you even try” Amazonian name. This is going to be confused with EC2 autoscaling for ages.

Introducing the Gaming Analytics Pipeline on AWS - This makes it much easier for me to supply metrics around how many times a month angry children insult my parentage while I’m spending time in the toxic hellstew that is online gaming.

Now Publish Log Files from Amazon RDS for MySQL and MariaDB to Amazon CloudWatch Logs - Crank your logging volume and your AWS bill both into the stratosphere with one easy step!

Now Open – Third AWS Availability Zone in London | AWS News Blog - This is notable not because it’s a new AZ as such, but because it’s the third. A number of services make availability guarantees with phrases such as “Amazon DynamoDB stores three geographically distributed replicas of each table to enable high availability and data durability.” As to how they do this in regions with only two Availability Zones remains a Great Amazon Mystery. If you know the answer, I’m all ears.

Maintaining Transport Layer Security All the Way to Your Container: Using the Network Load Balancer with Amazon ECS | AWS Compute Blog - It’s great to have data encrypted from within a user’s browser, through the load balancing layer, all the way to your container, then securely stored in an encrypted-at-rest format within an S3 bucket– which you’ve negligently exposed to the entire world.

Amazon Web Services Is the First Global Cloud Service Provider to Achieve the Korea-Information Security Management System Certification | AWS Security Blog - This is no small feat, given that many official Korean sites are still stuck in ActiveX hell.

Take a Digital Tour of an AWS Data Center to See How AWS Secures Data Centers Around The World | AWS Security Blog - They don’t disclose which region this is, but I think we can safely say that it’s not us-east–1 due to the lack of fire.

Tools

Oh my stars– this ridiculous little toy program solved a problem I’ve been wrestling with for the past month. It lets me use GitHub as my authentication source of truth for an app I’m writing.

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you’ve enjoyed reading this, tell your friends to sign up at lastweekinaws.com (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at https://snarkive.lastweekinaws.com/