Last Week in AWS Logo

Good morning!

Welcome to issue number 48 of Last Week in AWS.

It's an incredibly short issue this week; AWS didn't release much of note, and I can't be quite as snarky to third parties. 

I’ll be speaking this weekend at Southern California Area Linux Expo; use “LAST” for a 40% discount on tickets to the conference. Let me know if you'll be there; I'll host a meetup if there's enough interest.

This week’s issue of Last Week in AWS is sponsored by… me! If you’re spending more than $1M per year on AWS and are having a hard time making sense of your bill, finding way to reduce your spend, or making strategic decisions about your infrastructure, let’s chat!

Community Contributions

A terrific walkthrough of storing and accessing giraffe data using AWS Neptune.

The great story of how a serverless application costs about $5 a month to host once you take the free tier out of consideration.

A tale of how an AWS outage took down a site that wasn’t hosted on AWS.

I learned last week that Aurora offers SQL commands to simulate outages. That’s trippy…

Shopify weighs in with a tale of the pain inherent to S3 namespacing at scale… If you’re eyeing scale, doing this earlier rather than later saves a lot of trouble later.

This S3 bucket negligence award is more interesting than most, if for no other reason than most articles about the topic vanished during the week. Gizmodo’s is still up, but Capital One is disputing reports that Birst (one of its vendors) had an insecure bucket exposing CapitalOne data. If the report is indeed inaccurate, then we’ve got to give… Capital One / Birst credit…

An insecure S3 bucket led to a cryptojacking attack on the LA times. “Cryptojacking” is a new term that’s far less risque than it sounds.

A fun tale of how S3 scaling has hidden sharp edges, brought to you by Shopify Engineering.

Friday was more eventful than most, as us-tirefire-1 began the west coast day by terminating TCP on the floor.

Choice Cuts From the AWS Blog

Last week was dead for official AWS announcements. Other than Postgres 10 in RDS and Fargate gaining HIPAA compliance, nothing of note was released. I’m astonished. This hasn't ever happened since I started this newsletter. Is everything okay up there in Seattle?

Tools

Credit to s3tk for being a handy, fully featured S3 security toolkit. It’s not a bad first pass scanner at all.

rdspg brings sanity to your RDS parameter groups, which is something the native tooling doesn’t really do.

Forgot to mention this one last week; Duo Security’s CloudMapper reads your AWS environment and builds a network diagram out of what it sees. Fancy!

LambStatus is a serverless status page, written in Lambda. Ironically, Lambda’s own status page is a static green image assuring you that all is well.

This quick script lets you autoterminate EC2 instances after a given period of time has elapsed. This is a handy way of ensuring your instances don’t retire long after you do.

This API Gateway log parser does what it says– makes sense from the chaos that is raw API Gateway logs.

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you’ve enjoyed reading this, tell your friends to sign up at lastweekinaws.com (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at https://snarkive.lastweekinaws.com/