The Smart Choice would have been to go back to the room – Ep 50

Cloud Pod Header
The Smart Choice would have been to go back to the room - Ep 50
21 / 100


Your co-hosts are back from Thanksgiving and Re:Invent, and we’re running through all of it for you. In this episode, we cover the lead-up to opening day. Next week, we’ll release an episode fully devoted to Re:Invent coverage. 

This week’s highlights


  • CloudWatch has been growing quietly into a much more robust tool with 11 updates since the last episode.
  • Attribute-based access control comes to AWS. This should allow a finer control over your security privileges.
  • CloudTrail Insights launches with machine learning to help you separate the signal from the noise in your user activity and API usage.


Amazon EC2 introduces new API 

We’re one step closer to actually paying for what we use with the announcement that EC2 T2 instances will support Unlimited Mode at the account level. If your workload is spread out among multiple accounts, this will be something you should look at. But if you’re looking for load balancer updates, there’s a new batch of those for you too. We especially like the Weighted Target Groups, which have been needed for blue/green deployments for a while now.

Restores and Replicas

Migrating to the cloud has gotten a bit easier with differential and log restores on RDS for SQL servers. Like a lot of the recent announcements, simplicity was highlighted in the announcement of increased availability of DynamoDB tables using global table replicas

“It’ll only take a few clicks” makes it sound like Amazon thinks clicking things must be very taxing on us.

Secrets and Cents

CloudTrail Insights will alert you to unusual activity at a cost of 35 cents per 100,000 write management events analyzed. It’s hard to know yet whether how expensive that will end up being, but it sounds cheap. AWS Single Sign-On will connect to Azure AD, making it easier to migrate to Amazon, and AWS Secrets Manager will make it easier to rotate your secrets by handling it at the API level.

AWS is moving from role-based to attribute-based access control and will be implementing Tag Policies to allow you to control the standardization of your tags. Implementing these should serve to become better organized with less pain. WAF has grown up, having gained a number of improvements. With a threat research team maintaining the rules, you’ll have protection even before you customize your rules.

Devops and Devtools

AWS Service Catalog Connector for Service Desk has been announced, and it’s nice that it isn’t 10$ per user per month. Debugging got a little less painful with the new beta for visualizations in CodeBuild, and another beta for “Cloud Debugging” with JetBrains IDE. CDK now features Java and .Net, which will help developers most comfortable in those languages join CDK. CDK also has a new Toolkit to visualize CDK apps in a native sidebar. And speaking of native, Correto is now supported natively in Beanstalk.

Eye on CloudWatch

You now have access to a preview of Amazon CloudWatch that includes a way to set up automatic analysis of the top contributors to systems performance. Another preview for CloudWatch is Synthetics, a way to test for customer experience even when no customers are having experiences.

You’ll no longer have to poll an API to receive an event for ECS tasks and instances now those events are available as CloudWatch events. Another way CloudWatch has grown into a strong aggregation point.

Orderly by Default

Redshift will now automatically and by default sort tables where a sort key is specified.


AWS Chatbot can now run commands in Slack for you, and we’ll be happy to use it to generate support cases.

Other headlines mentioned: 

Infrastructure and Platform



Developer Operations and Tools




Big Data/ML



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.