Last Week in AWS Logo

Good morning!

Welcome to issue number 46 of Last Week in AWS.

I’ll be speaking in a few weeks at Southern California Area Linux Expo; use “LAST” for a 40% discount on tickets to the conference. Let me know if you'll be there; I'll host a meetup if there's enough interest.

I’ll also be keynoting DevOps Days Charlotte this week; if you're in South Carolina, come say hello!

Lastly, re:Invent 2018 dates were announced-- once again we'll be spending the week after Thanksgiving (November 26-30) waiting in long lines in Las Vegas, shuttling between venues, and unable to attend talks we've registered for. The smart move is to register for hotels now, before they figure out that they can charge 5x the going rate...

This week's issue is sponsored by Owl Labs, creators of the Meeting Owl. Instead of a typical sponsorship, they came up with something more creative-- they shipped me a Meeting Owl, and asked me to record part of the creative process that leads to Last Week in AWS. Setup was straightforward-- it detects simply as a webcam with a microphone; all of the heavy lifting, the focus switching, the audio is handled onboard the Owl itself-- the OS just sees a webcam. It works with any video conferencing software you could possibly want to use, including unfortunately Amazon Chime. Picture a stand-up meeting with remote folks participating, or a conference room where that one remote engineer is tired of squinting at the screen to figure out who's speaking.

Take a look at how the Last Week in AWS sausage gets made: 

I like the product a lot-- and as a generous "thank you" to Last Week in AWS readers, they're raffling off a Meeting Owl in a few weeks; you cannot win if you do not enter

Community Contributions

Because Amazon Elasticsearch is painful unless you’re running default settings, Meltwater’s engineering blog talks about how they built a 400+ node Elasticsearch cluster on top of i3 instances instead.

Freelancing site Upwork has published a new index of skills-in-demand. Number 1 is, depressingly, Bitcoin. Number 2, even more depressingly, is DynamoDB.

Why do I keep encountering this stuff the week after I could have really used them? OpenBridge has published what they term The Definitive Setup Guide for AWS Athena Analytics; they’re not far from wrong. Now if I can just get IAM to grant the permissions I want for QuickSight…

This horrifying bug in awscli is apparently an xkcd comic that came to life.

Let’s say you have a problem. “I know,” you exclaim. “I’ll use Lambda functions.” Now you have several thousand problems. This dive into managing your Lambda empire with Serverless helps rectify that.

A topical treatment of the challenges inherent to cold starting Lambda functions. I keep hoping these problems go away, but I’m pessimistic.

I often use AWS Device Farm as an example service for “does this really exist, or am I making it up?” In a sentence, it’s hundreds of physical Android and iOS devices that you can rent to run a variety of tests. Julien Chaumond has started the glorious process of using these devices to take pictures and audio recordings. This is just some next level thinking…

Palantir (motto: “We’re always watching”) talks about using Terraform to spin up Stack Overflow Enterprise in AWS. I’m still trying to wrap my head around running an internal-only version of Stack Overflow at a single company– but I’m strangely compelled by the idea of closing various threads as off-topic.

BuckHacker is a search engine that lets you dig through insecure S3 buckets. It’s currently “down for maintenance,” which I read as someone in their office excitedly saying something like “Hey team, Amazon is acquiring us! We’re going to be named Amazon Cease and Desist– wait, I should probably read the rest of this letter…”

Adrian Hall gives a very thorough rundown of what’s new with AWS AppSync. I’d forgotten about this service; it was announced at re:Invent, and it’s a managed GiraffeQL service.

This week’s S3 Bucket Negligence Award is brought to you by FedEx. It’s depressing to see a company renowned for advocating corporate responsibility so thoroughly abdicating their own…

Choice Cuts From the AWS Blog

Amazon Elasticsearch Service Now Available in the AWS GovCloud (US) Region - Three and a half years after it was launched, Elasticsearch is now available in GovCloud. If you’ve never had the pleasure of working with regulated workloads in this environment, that’s downright speedy!

Amazon GameLift FleetIQ and Spot Instances Reduce Costs by up to 90% - The Spot model continues to expand to new and exciting services that most of us have never heard of before. This is good for our bills, lousy for our mental stack of what AWS services actually exist.

Amazon Polly New Phonation Tag Enables You to Create Softer Speech - Amazon’s text-to-speech service no longer screams at you, as it slowly learns to mumble.

Introducing the Real-Time Insights on AWS Account Activity - You can now follow along as you watch attackers exfiltrate data from your cloud environment. The things you learn will be helpful in your next job!

Longer Format Resource IDs are Now Available in Amazon EC2 - Rejoice– your resource identifiers now closely resemble a dump of their own firmware. Enjoy repeating these to people across a crappy cell phone connection. “Okay, that’s ‘M’ as in ‘mnemonic’…” “Wait… what?”

Join Us for AWS Security Week February 20–23 in San Francisco! | AWS Security Blog - This week is AWS security week in San Francisco! Bask in it, then return to the other 51 weeks of the year in which you figure someone else will take care of security.


A handy profile switcher for those of us who have entirely too many AWS accounts to worry about manually.

How have I not seen awslogs before; it’s basically tail -f for CloudWatch.

This is a great selection of cloudformation templates to help automate very common tasks. I wish AWS would offer stuff like this more officially; it’s fantastically useful.

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you’ve enjoyed reading this, tell your friends to sign up at (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at