Last Week in AWS Logo

Good morning!

 

Welcome to issue number 63 of Last Week in AWS.

After a fair bit of work, I’ve migrated off of my older, lesser email provider over to Sendgrid. You shouldn’t notice a difference, but if this found its way into your spam folder, could you please do me a favor and mark it as not spam? Google and Office365 still aren’t quite sure what to make of me yet…

Today has me leaving for Open Source Summit Japan. If you’ll be in Tokyo this week, let me know– I’m giving my “Silence of the Lambdas” talk on Thursday afternoon.

Community Contributions

I agree with this article; cloud cost is very often the wrong angle from which to approach a “do we migrate to cloud” story.

There are entirely too many serverless frameworks now, but I like a lot of the design decisions that went into Architect.

I had a great chance to sit down and chat with Pete Cheslock in Screaming in the Cloud Episode 14: Cheslocked and Loaded.

A discussion on the economic advantages of Kubernetes Ingress over ELBs.

I’ve never touched DynamoDB Streams– this writeup is making me consider changing that. This is a neat capability of a poorly understood (in general) service.

Lambda cold-starts are crappy. They’re far worse inside a VPC.

If your RDS clusters have any of the now 9 year old db.m1 and db.m2 families, they’re finally being deprecated. It’s time to move on to a more capable instance type…

The inaugural REdeploy conference (exploring the intersections of resilient technology, organizations, and people) is coming to San Francisco this August. Last Week in AWS is proud to be a media sponsor.

Friend of the newsletter Datadog is having their Dash conference in New York on July 11-12. If it works for your schedule, I strongly suggest attending; AWS is a platinum sponsor, and longtime readers know how finicky they are about putting their logo on any conference that doesn't have the word "Amazon" in the title somewhere. Use the code "DASHLAST" to get 20% off of registration. 

This is a bit off the beaten path; experts are expressing alarm over systemic risk as much of finance moves to AWS. With many trillions of assets under management being driven by systems on a single provider, there’s non-trivial risk emerging. Fascinating story…

Trek10 has a great guide to managing your AWS Greengrass Lambda Functions with SAM. I’d love to hear stories from folks using Greengrass in the wild; if that’s you, please hit reply.

Choice Cuts From the AWS Blog

Amazon Aurora with PostgreSQL Compatibility is Available in the US West (N. California) Region - Holy crap, us-west–2 is still being maintained?! I thought it had been left to rot and accrue unfortunately high bills to folks unlucky enough to have figured that Northern California was a great region to start within.

Amazon ECS Adds Daemon Scheduling - “Daemon Scheduling” sounds way too exciting for what distills down to “ensure at least one of the monitoring containers runs in every cluster you spin up.”

Amazon ElastiCache for Redis announces support for Redis 4.0 with caching improvements and better memory management for high-performance in-memory data processing - Redis 4.0 has come to ElastiCache just a few days after a few sarcastic comments about ElastiCache surfaced on the Redis release announcement threads. I think the only reasonable conclusion to draw is that shaming AWS into a two-day long marathon release is what happened, and there was no possible way they were already working on this previously.

Amazon GuardDuty Optimizes AWS CloudTrail Analysis Reducing Cost for Customers - Is there any way to read this other than “we no longer pummel the CloudTrail API to death in the least optimal fashion possible– say, something like you might have a summer intern develop as their first project in the corporate world?” Unfortunately there are few details available around what changed.

Amazon MQ Now Supports AWS CloudFormation - Wait, what? How is the order of services in this title not reversed? CloudFormation has to support services, not the other way around— right? Am I losing it?

Amazon API Gateway Supports Private APIs - A common feature request has been granted– you can have API Gateways only accessible from inside your VPCs.

AWS CloudTrail Event History Now Includes All Management Events - “Wait, you weren’t logging those already?” “So, funny story…”

Announcing AWS DeepLens support for TensorFlow and Caffe, expanded MXNet layer support, integration with Kinesis Video Streams, new sample project, and availability to buy on Amazon.com - Ah, but who will watch the watcher? This is why you had best buy two of these things.

AWS Limit Monitor Now Supports Customization - This is a serious antipattern from how service limits are supposed to be handled. Apparently you’re supposed to hit limits you didn’t realize were there and in fact weren’t set properly on AWS’s side, open a support ticket, wait two full days with no response, then get a borderline insulting request insinuating that by raising the limit to what was published that they’re somehow doing you a favor. Can you tell I had a rough week with an ACM certificate limit?

Amazon CloudFront expands into Africa with a new Edge Location in Johannesburg and a new Edge Location in Bangalore - On my office wall I have a map of all of the Amazon regions and CloudFront edge locations. Until now Africa has been completely free of pins.

Introducing AWS Landing Zone - …really. “Landing Zone.” That’s the best name you came up with for a system that ensures proper controls are built around large-scale Organizations account? Not “Cloud Factory,” not “Account Ability,” but “Landing Zone?” I can only assume that you pronounce “Zone” as two syllables, emphasis on the second.

Access your Reserved Instance (RI) Savings Information using AWS Cost Explorer’s RI Utilization Report - “Here’s how much money we’re saving with our use of Reserved Instances” isn’t the sort of thing you’d think would be released this late in the RI game. The fact that you’re thinking like that tells me that you don’t work with RIs nearly often enough to have broken your thought patterns.

Tools

I played with this a bit this week– saw is a fast realtime CloudWatch Logs viewer. I’m a fan.

Since 0.0.0.0/0 is crappy, aws-access updates an AWS security group with your current IP.

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you’ve enjoyed reading this, tell your friends to sign up at lastweekinaws.com (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at https://snarkive.lastweekinaws.com/