AWS Morning Brief

Links:Ben Kehoe has left iRobot. And where's he going next? Presumably to re:Invent! I am too, with my re:Quinnvent nonsenseAmazon Athena announces Query Result Reuse to accelerate queriesAmazon EC2 enables you to opt out of directly shared Amazon Machine ImagesAmazon EC2 placement groups can now be shared across multiple AWS accounts Amazon EC2 now supports specifying list of instance types to use in attribute-based instance type selection for Auto Scaling groups, EC2 Fleet, and Spot Fleet Amazon Lightsail announces support for domain registration and DNS autoconfigurationAmazon RDS now supports new General Purpose gp3 storage volumesAnnouncing recurring custom line items for AWS Billing ConductorAWS Lambda announces Telemetry API, further enriching monitoring and observability capabilities of Lambda ExtensionsAWS Cost Explorer’s New Look and Common Use CasesA New AWS Region Opens in Switzerland - eu-central-2 is now available.Introducing AWS Resource Explorer – Quickly Find Resources in Your AWS Account Overview of building resilient applications with Amazon DynamoDB global tables Publish Amazon DevOps Guru Insights to Slack ChannelUncompressed Media over IP on AWS: Read the whitepaper Enable cross-account queries on AWS CloudTrail lake using delegated administration from AWS OrganizationsNASA and ASDI announce no-cost access to important climate dataset on the AWS Cloud 

Links:I really like this idea of an AWS account solely for getting into other AWS accounts. Amazon accidentally exposed an internal server packed with Prime Video viewing habits.How to use trust policies with IAM roles - "It's an older post sir, but it checks out." OpenSSL Security Advisories - November 2022Tool of the week: s3crets_scanner

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/an-alternat-future-we-now-have-a-nat-gateway-replacement/Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:Amazon MSK now offers a new low-cost storage tier that scales to virtually unlimited storageAmazon Virtual Private Cloud (VPC) now supports the transfer of Elastic IP addresses between AWS accountsAWS IoT Core announces Location Action to route location data from IoT devices to Amazon Location ServiceAmazon Connect Customer Profiles now surfaces additional customer information in the Amazon Connect Agent Application Keeping Pace with FinServ Regulatory Compliance Demands with Smarsh and AWS Use Alexa devices to initiate customer service with Amazon ConnectHow USAA built an Amazon S3 malware scanning solution  Vela Games Cuts Game Build Times by 60% Using Infrastructure on AWSAmazon Simple Email Service (SES) helps improve inbox deliverability with new featuresIncreasing sustainability for your Microsoft workloads on AWSHow Nomad uses Amazon IVS to scale public court livestreamsExport historical Security Hub findings to an S3 bucket to enable complex analytics How to control non-HTTP and non-HTTPS traffic to a DNS domain with AWS Network Firewall and AWS Lambda 

Links:SOCRadar demonstrated a significant leak that spanned the world; it distills down to an Azure equivalent of an open S3 bucket.This security recap of 2022 Google Next and Microsoft Ignite is worth reading if you're doing things in that particular side of the ecosystem.IAM Access Analyzer findings now support Amazon SNS topics and five other AWS resource types to help you identify public and cross-account access DNS Analysis Server is a tool that can be used to demonstrate vulnerabilities in your DNS configuration. A very reasonable API Security Checklist of things to consider before releasing your API to the world.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/aws-re-invent-what-you-actually-need-to-know-before-you-go/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/lZPDfTXmfI4Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:Amazon Aurora supports cluster export to S3 Amazon Cognito now provides user pool deletion protection Amazon Connect adds real-time schedule adherenceAmazon EC2 enables easier patching of guest operating system and applications with Replace Root Volume Amazon Neptune Serverless is now generally available Introducing the Amazon OpenSearch Service delivery programAmazon SageMaker Canvas supports tags to track and allocate costs incurred by users AWS Console Mobile Application adds support for AWS CloudShell AWS Fault Injection Simulator now supports network connectivity disruptionAWS Nitro Enclaves is now supported on AWS GravitonAWS Organizations console now allows users to centrally manage primary contact information on AWS accounts AWS Private Certificate Authority introduces a mode for short-lived certificates Announcing dark mode support in the AWS Management Console EC2 High Memory instances with 18TiB and 24TiB of memory are now available with On-Demand and Savings Plan purchase options How to take advantage of the AWS Free TierGoldman Sachs, a legacy financial services firm, transforms its operations on AWS Reduce food waste to improve sustainability and financial results in retail with Amazon Forecast Cost Optimization recommendations for AWS Config Optimize your Amazon EC2 instances cost at scale by migrating from Intel to AMD using AWS Systems Manager Automation 

Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/the-real-reason-cloud-ide-adoption-is-laggingWant to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/fRc0maN0Z_INever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:Go to snark.cloud/shirt to get your limited edition S3 8th Wonder of the World t-shirt to benefit our friends at 826 NationalAmazon CloudFront adds fields for origin latency and ASN in real-time logs for more granular insightsAmazon EC2 adds Service Quotas for Amazon Machine Images (AMIs)Amazon WorkDocs adds support for Apple Silicon MacBooksAWS Control Tower now available in GovCloud (US) Regions Announcing increased AWS IAM Identity Center default quota valuesAnnouncing AWS Parameters and Secrets Lambda ExtensionAnnouncing Camera Stream Pause and Resume on AWS PanoramaAnnouncing Red Hat Enterprise Linux (RHEL) Workstation on AWSAnnouncing Remote Reboot for AWS PanoramaHow can I get insights into my portfolio with AWS Cost Explorer?Migrate Google Cloud for MySQL to Amazon Aurora MySQLHost code-server on Amazon SageMakerWorking backwards from Vision Zero to improve road safety Changes to AWS Certification exam delivery

Links:A walkthrough that takes us on a whirlwind tour of AWS Secrets Manager and the principle of least-privilege. Azure Arc-enabled Kubernetes privilege escalation vulnerabilityDatadog has an report out on the The State of AWS SecuritySimplifying serverless permissions with AWS SAM Connectors Tool of the week: trailscraper gets signal from noise when it comes to CloudTrail logs.