Last Week in AWS Logo

Good morning!

Welcome to issue number 47 of Last Week in AWS.
Last week in (North|South) Carolina was fun. For those pedants who wrote in: the conference is called "DevOps Days Charlotte," but is held in a nearby town in South Carolina. There's no winning on that one-- but it was a great conference nonetheless...

I’ll be speaking in a couple of weeks at Southern California Area Linux Expo; use “LAST” for a 40% discount on tickets to the conference. Let me know if you'll be there; I'll host a meetup if there's enough interest.

This week's issue is once again sponsored by Owl Labs, creators of the Meeting Owl. Instead of a typical sponsorship, they came up with something more creative-- they shipped me a Meeting Owl, and asked me to record part of the creative process that leads to Last Week in AWS. Setup was straightforward-- it detects simply as a webcam with a microphone; all of the heavy lifting, the focus switching, the audio is handled onboard the Owl itself-- the OS just sees a webcam. It works with any video conferencing software you could possibly want to use, including unfortunately Amazon Chime. Picture a stand-up meeting with remote folks participating, or a conference room where that one remote engineer is tired of squinting at the screen to figure out who's speaking.

Take a look at how the Last Week in AWS sausage gets made: 

Image
I like the product a lot-- and as a generous "thank you" to Last Week in AWS readers, they're raffling off a Meeting Owl in a couple of weeks; you cannot win if you do not enter

Welcome to issue number 47 of Last Week in AWS.

Community Contributions

I wrote down some thoughts on the Myth of Cloud Agnosticism last week. I’m curious to know if you agree or not; feel free to hit reply and chime in. I'd love to hear how I'm wrong!

Breaking in to Tesla’s AWS account and using it to mine bitcoins is like stealing a Ferrari to tow a boat, but that apparently didn't stop some folks who quite likely didn't know what they had.

A good exploration of AWS networking with Terraform. This helps shed light on a perennially confusing topic.

A great dive into how to build an Imgur clone with AWS tooling. While a great learning tool, please don’t actually do this.

Apparently the RDS team is about to have a year that resembles S3’s 2017; people exposing public RDS snapshots is apparently a widespread problem.

The tech press has finally caught on to a new S3 extortion scheme that isn’t the cost of outbound data transfer.

A discussion into the enormous pile of money that Dropbox saved by leaving S3. Make sure you’re at similar scale before cargo culting this one…

Choice Cuts From the AWS Blog

Access Your Reserved Instance (RI) Coverage Information via the AWS Cost Explorer API - We’re one step closer to a shell script on GitHub that spits out a first-line approach to reducing your AWS bills– but context remains important. I’m tempted to write a crappy one just so that better developers than I make it better.

Amazon CloudFront Launches Fourth Edge Location in Seoul, South Korea - Just in time for the Olympics! This helps respond to the deafening chorus of complaints that three CloudFront edge locations in Seoul just weren’t enough– the chorus that surely existed only in some project manager’s mind.

AWS Serverless Application Repository Now Generally Available - Now you too can grab random code authored by strangers to achieve certain results. I'm skeptical today, but eager for the future of this sort of offering's potential to impact code reuse.

AWS Single Sign-On Now Supports AWS Command Line Interface Access - ...wait, you mean that until now SSO users couldn't use the CLI easily? That must have been... fun.

AWS Trusted Advisor’s S3 Bucket Permissions Check Is Now Free - Having ridden the S3 bucket security pony as far as it will go and then dragging the body another five miles, AWS no longer charges you to tell you you’re making a grievous error.

Inter-Region VPC Peering is Now Available in Nine Additional AWS Regions - You can now peer VPCs across regions, with a much greater likelihood that you actually have resources in the regions that support this.

Network Load Balancer now Supports Cross-Zone Load Balancing - This is a big win for folks who imagined that load balancers wouldn’t be AZ restricted.

Tools

aws-vault - A vault for securely storing and accessing AWS credentials in development environments. I mentioned this one a while back, but it's come up enough times since then that it's time to revisit it.

A virtual SSH bastion that makes use of the AWS systems manager. I haven't tried this one yet, but I'm curious. 

Export boto profiles to shell environments. This makes it a lot easier to keep things consistent between accounts.

Segment’s cwlogs is apparently a lot faster than other tools for working with CloudWatch logs sensibly. A number of you wrote in with this one!

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you’ve enjoyed reading this, tell your friends to sign up at lastweekinaws.com (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at https://snarkive.lastweekinaws.com/