Bored? See the AWS Job Board

AWS Morning Brief for the week of March 13, 2023 with Corey Quinn. Links: jobs.lastweekinaws.com Amazon EC2 announces the ability to create Amazon Machine Images (AMIs) that can boot on UEFI and Legacy BIOS AWS Application Composer is now generally available AWS CloudShell now supports the modular variant of AWS Tools for PowerShell AWS Config now supports 18 new resource types AWS Lambda now supports up to 10 GB of ephemeral storage for Lambda functions in 6 additional regions AWS announces new...

LastPass, LastHope, LostPass, LostHope

Last week in security news: Audit Log Wall of Shame, More info on the LastPass breach, the Tool of the Week, and more! Links: Audit Log Wall of Shame Saudi social media app Fayvo apparently had an unsecured database More information has come to light about the LastPass breach Three ways to boost your email security and brand reputation with AWS Tool of the week: Trailscraper is an open source project to get useful information out of CloudTrail logs....

Happy Fun Podcast That Tells It Like It Is

AWS Morning Brief for the week of March 6, 2023 with Corey Quinn. Links: Amazon Aurora Serverless v1 now supports customer configurable maintenance windows Amazon CloudWatch Internet Monitor is now generally available AWS Lambda Powertools for .NET is now generally available Amazon Neptune Serverless now scales down to 1 NCU to save costs AWS Control Tower announces a progress tracker for landing zone setup and upgrades In the Works AWS Region in Malaysia New Amazon Lightsail for Research with A...

Corey Invades Seattle

Last week in security news: US Military emails leaked on an exposed server, How to monitor and query IAM resources at scale, the Tool of the Week, and more! Links: If you're in Seattle, come to Outer Planet Brewing this Sunday at 7PM and let Corey buy you a drink. Aiden Steele writes at length about using a recent enhancement to Systems Manager to pass out a role to all of your EC2 instances. US Military emails leaked on an exposed server Amazon Detective launches an interactive workshop for inv...

AWS is Asleep at the Lambda Wheel

AWS Morning Brief Extras edition for the week of March 1, 2023. Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/aws-is-asleep-at-the-lambda-wheel Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitte...

Listening to This Podcast Will Improve Your Hiring Diversity

AWS Morning Brief for the week of February 27, 2023 with Corey Quinn. Links: Amazon OpenSearch Service now lets you schedule service software updates during off-peak hours AWS App Runner now supports HTTP to HTTPS redirect Announcing the ability to enable AWS Systems Manager by default across all EC2 instances in an account New: AWS Telco Network Builder Deploy and Manage Telco Networks Developing portable AWS Lambda functions Using Porting Advisor for Graviton Query data with DynamoDB Shell a c...

A Little Security for Everyone

Last week in security news: More security woes for Azure, the AWS Survival Kit, CloudGPT, and more! Links: A security researcher reported a potential account compromise vector to Azure back in 2021 . I once again want to draw your attention to the open source AWS Survival Kit . How to visualize IAM Access Analyzer policy validation findings with QuickSight Updated ebook: Protecting your AWS environment from ransomware ChatGPT is all the rage, and of course here's CloudGPT to analyze AWS policies...

Amazon's Snowball Edge Frustrates This User

AWS Morning Brief Extras edition for the week of February 22, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/amazons-snowball-edge-frustrates-this-user Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow C...

Technical Debt Cash-Out Refinance

Attacked S3s and Guilty Pleas

Last week in security news: Ubiquiti inside attacker pleads guilty, Wiz 2023 State of the Cloud report, the tool of the week, and more! Links: That inside attacker who worked at jackass company Ubiquiti pleads guilty Datadog's security folk discovered an AWS Console rate limit bypass Wiz 2023 State of the Cloud report The anatomy of ransomware event targeting data residing in Amazon S3 Tool of the week: aws-firewall-factory...

The Dumbest Dollars a Cloud Provider Can Make (Replay)

AWS Morning Brief Extras edition for the week of February 15, 2023. Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/the-dumbest-dollars-a-cloud-provider-can-make/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follo...

Santa's EKS Workshop Massacre

AWS Morning Brief for the week of February 13, 2023 with Corey Quinn. Links: Amazon Chime SDK now offers a Windows client library Amazon CloudWatch now supports high resolution metric extraction from structured logs AWS SAM CLI introduces sam list command to inspect AWS SAM resources Get cost estimates faster with AWS Pricing Calculator bulk import New Visualize Your VPC Resources from Amazon VPC Creation Experience Introducing the AWS ProServe Hadoop Migration Delivery Kit TCO tool Introducing ...

Wait did you say "Drone Manufacturer?!"

Links: In this down market, it's good to know that jobs paying six (and rarely, seven!) figure salaries, giving bonuses, and of course including paid time off are still out there. Unfortunately they're working for cybercrime groups . Ian McKay is great--but given his history of creating awesome-yet-horrifying things in AWS I read this piece on Cedar (AWS's new policy language) Popular drone manufacturer CrowdStrike reports on how Adversaries Can Persist with AWS User Federation , How to set up o...

The AWS Community Isn't for Amazonians

Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/the-aws-community-isnt-for-amazonians Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group App...

Telling Customers What They Want To Hear

Links: Amazon announced its fourth quarter and FY 2022 results last week; Tim Bray has an analysis that's absolutely worth reading. Amazon CloudWatch now simplifies metric extraction from structured logs Amazon MemoryDB for Redis Announces 99.99% Availability Service Level Agreement AWS CloudTrail Lake now supports ingestion of activity events from non-AWS sources AWS announces access of Simple Monthly Calculator estimates in the AWS Pricing Calculator Amazon increases NAT Gateways capacity to s...

Azure Improves Slowly

Links: Azure messed up a regular expression GitHub's blog has a piece on passwordless deployments to the cloud LastPass has now admitted that the attackers stole customers' backups and encryption key Deploy a dashboard for AWS WAF with minimal effort Thinkst's free service now supports credit card tokens . precloud is a suite of dynamic tests for infrastructure as code....

S3 Encryption at Rest Does NOT Solve for Bucket Negligence

Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/s3-encryption-at-rest-does-not-solve-for-bucket-negligence/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at ...

Timecode Burn-In, Employee Burn-Out

This episode is sponsored in part by the Google for Startups Cloud Program Links: AWS Purity Test Amazon Detective adds Amazon VPC Flow Logs visualizations for Amazon EKS workloads AWS Elemental MediaLive adds timecode burn-in AWS Pricing Calculator now supports optimized pricing estimation for EC2 Dedicated Hosts Announcing Porting Advisor for Graviton Now Open AWS Asia Pacific (Melbourne) Region in Australia Amazon OpenSearch Serverless is now generally available! AWS Lambda: Resilience under-...

Aspirational Audit Logs

Links: Datadog reports that an undocumented API allowed CloudTrail bypass MailChimp was breached and had customer data exposed Folks can use GitHub Codespaces to host and deliver malware . How to revoke federated users active AWS sessions The worst backup software known to humankind...

1000 Access Points of Light

Links: Amazon CloudFront now supports the request header order and header count headers Amazon ECS announces the new default console experience Amazon EFS Supports 1,000 Access Points per File System AWS Nitro Enclaves announces support for multiple enclaves AWS Network Optimization Tips Introducing multi-function packager, allowing more than one function per event trigger on Amazon CloudFront Winning the Cat-and-Mouse Race: Staying One Step Ahead of Streaming Free-Riders with GeoGuard and AWS...

Wait Did You Say Root API Keys?

Links: Join Corey in Phoenix next Sunday at 1PM at Zuzu for a community meet-up. Rackspace continues to trickle the truth out; it's now admitting that attackers accessed customer data Tom Forbes scanned--wait, holy hell, he scanned every package on PyPi and found 57 live AWS keys . In one year we're going to come back and see how accurate the heads of AWS security are with their predictions for cybersecurity in 2023 Today's tip of the week is to go fire up your important AWS account(s) and valid...

Four Announcements of the Boring Apocalypse

Links: Join Corey in Phoenix next Sunday at 1PM at Zuzu for a community meet-up. AWS Config supports 22 new resource types Changes to AWS Billing, Cost Management, and Account Consoles Permissions Run a popular benchmark on Amazon Redshift Serverless easily with AWS Data Exchange How to optimize costs for grant-based research projects with AWS...

Computers Checking Compliance Boxes

This episode is sponsored in part by the Google for Startups Cloud Program Links: CircleCI came out with a security alert urging you to rotate any secrets stored in CircleCI . Another bite at the craptastic LastPass breach response, this article parses their weak-sauce PR statement Over the holidays Slack had some private GitHub code repositories stolen. ACSESSED is another Azure vulnerability Amazon S3 Encrypts New Objects By Default Updated whitepaper available: AWS Security Incident Response ...

The Work of Sober Minds

Links: Amazon CloudFront now supports the removal of response headers Amazon SageMaker is now available in AWS Middle East (UAE) Region Amazon Neptune announces graph-explorer, an open-source visual exploration tool for low-code users An elastic deployment of Stable Diffusion with Discord on AWS Measure the Business Impact of Personalize Recommendations How Heinekens Connected Brewery Ecosystem fuels automation...

LastStrawPass

inks: AWS Lambda Security Threats and Mitigations LastPass now admits that hackers stole customers password vaults . Google WordPress Plug-in Bug McGraw Hill earned this weeks S3 Bucket Negligence Award for exposing 100K students' grades Announcing the new security widget on AWS Console Home Introducing the Security Design of the AWS Nitro System whitepaper Please +1 my request to add support for an ~/.aws/config.d/ directory to the AWS cli....

Holiday Replay: Why I Turned Down an AWS Job Offer

This episode originally aired on October 13, 2021 Check out a related YouTube Video here: https://youtu.be/BCiUulzr9f8 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Grou...

Soaking the US Navy

Links: Amazon Connect now allows contact center managers to join ongoing calls Amazon OpenSearch Service now supports Amazon Graviton2 (M6g, C6g, R6g, and R6gd) instances in four additional regions AWS IQ launches public profiles for companies AWS Organizations console adds support to centrally manage region opt-in settings on AWS accounts ROSA now provides an AWS Management Console experience for satisfying ROSA prerequisites Amazon EMR Serverless cost estimator AWS Multi-Region Fundamentals - ...

A Bunch of Vulnerabilities is Called an Embarrassment

Links: Azure's VP of Security Engineering published a post describing their approach to cloud vulnerabilities Panther deployed Yubikeys internally and blogged about it . LastPass has (yet again) suffered a breach, and published a no-content advisory that TechCrunch took the time to parse through . Apparently Wiz decided to poke around a bit into IBM "Cloud" and found a bunch of security issues. Prepare for consolidated controls view and consolidated control findings in AWS Security Hub Reported ...

Holiday Replay: The Right and Wrong Way to Interview Engineers

This episode originally aired on July 17, 2020. Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/the_right_and_wrong_way_to_interview_engineers/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter ...

Screwing Up the Cloud Economics Math

Links: Introducing concurrent account provisioning operations for AWS Control Tower AWS Cost Anomaly Detection now supports percentage-based thresholds AWS Trusted Advisor adds new fault tolerance checks Heads-Up: Amazon S3 Security Changes Are Coming in April of 2023 LaunchDarklys journey from ingesting 1 TB to 100 TB per day with Amazon Kinesis Data Streams Visualizing the impact of AWS Lambda code updates New: AWS CLI v2 Docker images available on Amazon ECR Public...