AWS Morning Brief

‌

Episodes

‌

AWS Morning Brief

The latest in AWS news, sprinkled with snark. Posts about AWS come out over sixty times a day. We filter through it all to find the hidden gems, the community contributions--the stuff worth hearing about! Then we summarize it with snark and share it with you--minus the nonsense.

Episodes

Rated R for Ridiculousness

AWS Morning Brief for the week of June 5, 2023 with Corey Quinn. Links: Corey is off to Washington DC tomorrow for the Public Sector summit. If you're in town, hes hosting a drink up at Highline RxR from 6-8 PM tomorrow (Tuesday) evening. Let him buy you a drink! AWS Pricing Calculator now offers visibility of point in time cost estimations Invoice Summary is now available Optimize your x86-based Amazon EC2 Workloads New AWS DMS Serverless: Automatically Provisions and Scales Capacity for Migrat...

Jun 05, 2023•3 min•Ep 533•Transcript available on Metacast

The Wages of TLS

Last week in security news: Faster AWS cloud connections with TLS 1.3, Belkin is crappy in many ways, the Tool of the Week, and more! Links: Amazon bought Pillpack, since they wanted to get into being our pharmacy. Now Pillpack reports a data breach affecting more than 19,000 people . Belkin is crappy in many ways AWS partners bring choice of temporary elevated access capabilities to IAM Identity Center Exclude cipher suites at the API gateway using a Network Load Balancer security policy Faster...

Jun 01, 2023•4 min•Ep 532•Transcript available on Metacast

Batman's Customer Testimonials

AWS Morning Brief for the week of May 30, 2023 with Corey Quinn. Links: Bloomberg reported this week that I referred to AWS's hyped generative AI offerings that nobody I know has been able to access as vaporware Amazon Aurora PostgreSQL improves availability of read replicas AWS Copilot announces Static Site pattern to host single-page web applications Developing a serverless Slack app using AWS Step Functions and AWS Lambda How Broadridge used Amazon Managed Blockchain to build a private equity...

May 30, 2023•3 min•Ep 531•Transcript available on Metacast

Bad Behavior And Doing Things Right

Last week in security news: The ex-Ubiquiti engineer who stole a giant pile of their data gets a six year prison term, Bitbucket will be updating their SSH host keys, AWS Reported a GuardDuty Finding Issue, and more! Links: The ex-Ubiquiti engineer who stole a giant pile of their data gets a six year prison term Bitbucket will be updating their SSH host keys Google has decided to free up inactive accounts after two years. Okay, that's their policy, but then they have the audacity to lie to our f...

May 25, 2023•4 min•Ep 530•Transcript available on Metacast

A Hidden Serverless Peril

Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/a-hidden-serverless-peril Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work w...

May 24, 2023•7 min•Ep 529•Transcript available on Metacast

RedShift Costs a Peloton

AWS Morning Brief for the week of May 22, 2023 with Corey Quinn. Links: Corey is speaking at Tailscale Up in San Francisco next week; his talk is called "The Managed NAT Gateway Time Machine" AWS announces Amazon Aurora I/O-Optimized AWS Cost Categories now supports Usage Type dimension Retiring the AWS Documentation on GitHub Peloton embraces Amazon Redshift to unlock the power of data during changing times Motivations for migration to Amazon DynamoDB Neo Financial achieves Zero Trust goals and...

May 22, 2023•4 min•Ep 528•Transcript available on Metacast

SCPs Are Not For Me..s?

Last week in security news: Amazon CloudFront announces one-click security protections, SCPkit helps you manage your SCPs, A walk through AWS Verified Access policies, and more! Links: Aetonix was nominated for a potential S3 Bucket Negligence Award Google has launched its Passkey implementation A story about MSI leaking its own signing keys Kentik once again has a marvelously unhinged video that you're going to want to watch. This AWS IAM Wishlist is a great place to start if you're an AWS IAM ...

May 18, 2023•2 min•Ep 527•Transcript available on Metacast

EC2 Wars 1: The Phantom NAT Gateway

AWS Morning Brief for the week of May 15, 2023 with Corey Quinn. Links: Introducing Amazon EC2 I4g storage-optimized instances Amazon RDS for PostgreSQL now supports pgvector for simplified ML model integration Amazon VPC IP Address Manager (IPAM) is now available in two additional AWS Regions Private Access to the AWS Management Console is generally available AWS Systems Manager now allows customers to optimize the compute costs of their applications Introducing Cedar, an open-source language f...

May 15, 2023•4 min•Ep 526•Transcript available on Metacast

Humoring the Parenthetical

Last week in security news: Containing Compromised EC2 Credentials Without (Hopefully) Breaking Things, How to scan your AWS Lambda functions with Amazon Inspector, AWS IAM Actions, And More! Links: The parenthetical in Containing Compromised EC2 Credentials Without (Hopefully) Breaking Things says it all. Amazon S3 now applies two security best practices to all new buckets by default How to scan your AWS Lambda functions with Amazon Inspector AWS IAM Actions...

May 11, 2023•3 min•Ep 525•Transcript available on Metacast

My 9 Favorite Things About AWS

AWS Morning Brief Extras edition for the week of May 10, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/9-things-I-love-about-aws Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@quin...

May 10, 2023•7 min•Ep 524•Transcript available on Metacast

Digital Home Depot

AWS Morning Brief for the week of May 8, 2023 with Corey Quinn. Links: Announcing Provisioned Capacity for Amazon Athena Amazon EFS Replication is now available in all AWS Regions Amazon Redshift launches ra3.xlplus instances in additional Middle East, Europe and Asia Pacific Regions AWS Compute Optimizer now supports filtering by tags AWS Console Mobile Application launches push notifications Announcing AWS User Notifications general availability Process price transparency data using AWS Glue P...

May 08, 2023•6 min•Ep 523•Transcript available on Metacast

A Quiet But Bad Week

Last week in security news: Tailscale now offers network flow logs, Google had a GhostToken flaw, AWS reported an issue with IAM supporting multiple MFA devices, and more! Links: Tailscale now offers network flow logs Google had a GhostToken flaw that let attackers backdoor Google accounts. The folks at SADA found a major bug in Google Cloud; apparently it had the potential to expose the private keys for Google Cloud Service Accounts Issue With IAM Supporting Multiple MFA Devices This week in To...

May 04, 2023•2 min•Ep 522•Transcript available on Metacast

Implementing Search For Google Docs in Google Docs

AWS Morning Brief for the week of May 1, 2023 with Corey Quinn. Links: Condolences to my AWS friends affected by last week's layoffs ; if I can help, please let me know. Amazon CloudWatch Logs data protection is now available in all AWS Commercial Regions AWS Firewall Manager adds support for multiple administrators AWS Systems Manager now supports AWS Cloud Development Kit (CDK) applications Working with percolators in Amazon OpenSearch Service AWS Lambda now supports Java 17 Optimizing Amazon ...

May 01, 2023•4 min•Ep 521•Transcript available on Metacast

Shrieking Like a Toddler

Last week in security news: Dealing with Ransomware in the Cloud, Pen Testing AWS, How to prioritize IAM Access Analyzer findings, and more! Links: Last Week in AWS job board AWS had two (minor) Cross-Tenant Vulnerabilities within AWS App Runner. Some company called Invictus has practical experience dealing with ransomware in the cloud Chris Farris has a post on Pen Testing AWS . Dark Reading posits that Security Is a Revenue Booster, Not a Cost Center . An Attacker's Perspective on AWS Account ...

Apr 27, 2023•3 min•Ep 520•Transcript available on Metacast

Why AWS Might Be the Next Backbone Provider

AWS Morning Brief Extras edition for the week of April 26, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/why-aws-might-be-the-next-backbone-provider Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Cor...

Apr 26, 2023•6 min•Ep 519•Transcript available on Metacast

RSA Beckons to Sell You a Firewall

AWS Morning Brief for the week of April 24, 2023 with Corey Quinn. Links: If you're around tomorrow night (Tuesday) at 6PM, I'll be at The Ramp in SF ; let me buy you a drink. Announcing Dev Environment dashboard for Amazon CodeCatalyst (Preview) Amazon DynamoDB now supports up to 50 concurrent table restores Amazon EC2 supports Ubuntu Pro operating system in a subscription-included model Amazon EFS now supports up to 10 GiB/s of throughput Increased visibility of your carbon emissions data with...

Apr 24, 2023•5 min•Ep 518•Transcript available on Metacast

Screwing Up the Messaging and Also the RSA Dates

Last week in security news: Creating an AWS Backup Account, Azure had another cross-tenant access vulnerability, Security Hub Hurts My Self-Esteem, and more! Links: Corey hosted a partner panel at AWS Container Day at KubeCon This post on using OIDC to secure your CI/CD pipelines mirrors what I did with GitHub actions a year or so ago. Teri Radichel has a piece on Creating an AWS Backup Account Slack is conducting an absolute masterclass in how to screw up messaging to your target audience. Azur...

Apr 20, 2023•5 min•Ep 517•Transcript available on Metacast

Barest Metal Instances

AWS Morning Brief for the week of April 17, 2023 with Corey Quinn. This week is RSA in San Francisco; I'll be haunting the expo hall at some point, so if you're in town say hi. Links: The Last Week in AWS Job Board continues to thrive; thanks for your ongoing support. Amazon Chime SDK updates Service Level Agreement Amazon CodeWhisperer is now generally available Amazon Connect now enables agents to handle voice calls, chats, and tasks concurrently Amazon EC2 Serial Console is now available on E...

Apr 17, 2023•6 min•Ep 516•Transcript available on Metacast

"A Quiet Week" He Says, Tempting Fate

Last week in security news: Logging strategies for security incident response, A Department of Energy report shows some rather serious gaps in security monitoring, A dedicated repository of winners of the S3 Bucket Negligence Awards, and more! Links: Zoom took an outage and the message was clearly AWS generated. Root cause? Misconfigured SCP . A Department of Energy report shows some rather serious gaps in the security monitoring of their cloud environments. Logging strategies for security incid...

Apr 13, 2023•4 min•Ep 515•Transcript available on Metacast

LocalStack: Why Local Development for Cloud Workloads Makes Sense

AWS Morning Brief Extras edition for the week of April 12, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/localstack-why-local-development-for-cloud-workloads-makes-sense Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Co...

Apr 12, 2023•7 min•Ep 514•Transcript available on Metacast

Your Network Bill is Now Diamonds

AWS Morning Brief for the week of April 10, 2023 with Corey Quinn. Links: Console Toolbar is now generally available for AWS CloudShell Announcing CSV Export for AWS Resource Explorer Search Results Announcing Utilization Notifications for EC2 On-Demand Capacity Everything you need to know about AWS Billing Conductors new pricing model How to use Amazon CloudWatch to monitor Amazon DynamoDB table size and item count metrics Implement resource counters with Amazon DynamoDB AWS Organizations, movi...

Apr 10, 2023•6 min•Ep 513•Transcript available on Metacast

A Repository of AWS Customer Breaches

Last week in security news: Gain insights and knowledge at AWS re:Inforce 2023, InvalidClientTokenId, a repository of AWS customer breaches, and more! Links: If you're in New York City proper, I hope to see you tonight at 7PM at Vol de Nuit We're hiring an Account Exec to handle media sales for this very podcast. Should you be the person who refers the successful candidate, we'll give you a $3K USD referral fee. Nick Frichette has found an undocumented Amplify API and used it to leak AWS Account...

Apr 06, 2023•3 min•Ep 512•Transcript available on Metacast

Friendship Started with Microservices

AWS Morning Brief for the week of April 3, 2023 with Corey Quinn. Links: Amazon Kendra launches Featured Results AWS Chatbot now supports search of AWS resources and AWS content AWS Copilot adds support for full customization with AWS CDK or YAML overrides AWS re:Post now includes AWS Knowledge Center articles New Cost Explorer users now get Cost Anomaly Detection by default Introducing Data on EKS Modernize Data Workloads on Amazon EKS Friend microservices using Amazon DynamoDB and event filter...

Apr 03, 2023•4 min•Ep 511•Transcript available on Metacast

GitHub's Bad Key Week

Last week in security news: Github accidentally published its RSA host keys for SSH, Automate IAM credential reports for large AWS Organizations, The Tool of the Week, and more! Links: Sad news; infosec luminary Kelly Aloria Lum has regrettably passed away. Automate IAM credential reports for large AWS Organizations Github accidentally published its RSA host keys for SSH. How to use Amazon Macie to reduce the cost of discovering sensitive data Use backups to recover from security incidents Tool ...

Mar 30, 2023•4 min•Ep 510•Transcript available on Metacast

S3 as an Eternal Service

AWS Morning Brief Extras edition for the week of March 29, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/s3-as-an-eternal-service Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@qui...

Mar 29, 2023•7 min•Ep 509•Transcript available on Metacast

Amazon Snizz Bug Gets Fixed

AWS Morning Brief for the week of March 27, 2023 with Corey Quinn. Links: Allow Listing tool for testing new Billing, Cost Management and Account console permissions Amazon CloudWatch Logs adds support for new Amazon VPC Flow Logs metadata Amazon EC2 C6in, M6in, M6idn, R6in, and R6idn metal instances are now available Amazon SNS (pronounced "Snizz") announces support for setting content-type request headers for HTTP/S notifications AWS CodeBuild now supports a small GPU machine type Configuring ...

Mar 27, 2023•5 min•Ep 508•Transcript available on Metacast

Y'allbikey Configuration Guide

Last week in security news: The Many Ways to Access DynamoDB, a Yubikey configuration cheatsheet, and more! Links: The Many Ways to Access DynamoDB Scott Pipers post on redacting AWS account IDs from public posts How to use Google Workspace as an external identity provider for AWS IAM Identity Center Yubikey configuration cheatsheet...

Mar 23, 2023•5 min•Ep 507•Transcript available on Metacast

Mining Your Data/Currency/Minerals

AWS Morning Brief for the week of March 20, 2023 with Corey Quinn. Links: jobs.lastweekinaws.com Amazon EC2 M1 Mac instances now support in-place operating system updates Announcing Amazon Linux 2023 AWS Chatbot now available in Microsoft Teams Announcing cross-account support for Amazon S3 Multi-Region Access Points Talk about cloud with a non-cloud audience New Use Amazon S3 Object Lambda with Amazon CloudFront to Tailor Content for End Users Implementing an event-driven serverless story gener...

Mar 20, 2023•5 min•Ep 506•Transcript available on Metacast

The Government Gets It

Last week in security news: U.S. Officials are frustrated with cloud providers, Best Practices For Securing Your Home Network, The Tool of the Week, and more! Links: U.S. officials express significant frustration that cloud providers often up-charge customers to add security protections Lightspin has a guide to SecDataOps and Vulnerability Management on AWS Best Practices For Securing Your Home Network . IAM Identity Center for AWS environments spanning AWS GovCloud (US) and standard Regions Est...

Mar 16, 2023•5 min•Ep 505•Transcript available on Metacast

AWS's Anti-Competitive Move Hidden in Plain Sight

AWS Morning Brief Extras edition for the week of March 15, 2023. Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/awss-anti-competitive-move-hidden-in-plain-sight/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follo...

Mar 15, 2023•7 min•Ep 504•Transcript available on Metacast