SIGv4 means that every single request is authenticated. This is different from "encrypted." It makes sure that you are you.
"Starting last week, as part of S3 Multi-Region Access Points, we’re using a new version of AWS SIGv4, called SIGv4A"
An @awscloud product manager thought "sig vee four" flowed off the tongue too easily and would very much like to be promoted to Principal Namer.
The old things always knew what region a request was going to, which is part of how it works. AWS built a new thing that can field requests destined for multiple regions, which breaks the model.
Customers have an audit log because math. Like most math, it takes "doing the problem on the blackboard" kind of time to show up in the audit log because CloudTrail.
If you were making this request in a web browser, you would get the reassuring padlock in the address bar.
Some AWS customers find tin foil hats to be very fashionable.
The customer's request is turned into a long string that contains the request, the time, the algorithm, a copy of their AWS bill, etc.
"I could build a better @awscloud for less money" remains the rallying cry of fools.
If you get a (decrypted) packet capture of the request, you will almost certainly wish to curse God and die.
Instead of weakening security protections, @awscloud removed the region constraint and balanced it with additional cryptographic proof of who the customer is.
Your laptop might smell like burning metal even after you quit Slack and Chrome. AWS very much regrets not charging for IAM even more than they did at the start of this thread.
In conclusion @colmmacc is almost certainly better than you are at this, but is putting himself out there in public so that his technical peers at competitors can absolutely savage him if anything he has said is untrue.
That is not me, but nothing he has said is untrue.
In conclusion "this stuff is profoundly difficult and you generally don't have to think about it at all, but you might need to upgrade your laptop."
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Today's cloud marketing story is called "The Tale of Hot Rebecca," and is a truthful recounting of dinner last night.
Strap in; it's a fun ride.
Back in my early 20s, I had a number of friends / acquaintances in my (primarily Jewish) social circle named "Rebecca." It was kind of a problem.
("Can't we spray for them?"
"…not since the 1940s.")
So every Rebecca got an adjective, much like the seven dwarves. One of them asked me once what her adjective was, and I responded in a fit of unadulterated honesty, "you're Hot Rebecca" because honestly? Damn.
Made it to the #GoogleCloudNext keynote seating finally. Let's see how this goes now that the world is starting to wake up to a "much of the AI hype is unwarranted" reality.
Boeing: "HOW ARE THEY DOING IT?!"
Airbus: "We bought a torque wrench?"
Boeing: "No, how are you being a featured customer testimonial at #GoogleCloudNext?"
Airbus: "Oh, that? We made a strategic decision to not be walking poster children for corporate negligence."
And now, some DevOps / SRE / Sysadmin / Ops / ENOUGH already tips I learned from early in my career--brought to us by our friends at Chex™ Mix. All of these are great ideas that you should implement immediately...
DNS is notoriously unreliable, so use configuration management to sync all of the servers' /etc/hosts files. Boom, no more single point of failure.
Future-proofing is an early optimization, so don't do it. Every network should be a /24 because that's how developers think. I mean come on, what are the odds you'll ever have more than 253 hosts in a network?
And the Amazon earnings are out for Q4. A miss on @awscloud revenue by $20 million because analysts didn't expect one of you to turn off a single Managed NAT Gateway.
Let's explore deeper into their press release.
For 2023, AWS sold $90.8 billion of services, most of which were oversized EC2 instances because you all refuse to believe Compute Optimizer when it tells you there are savings to be had if you're just a smidgen more reasonable.
Word frequency in the earnings release:
Customer: 87
Employee: 11
Generative: 16
Cloud: 24
Serverless: 3
DynamoDB: 2
Union: 0
It's once again the most wonderful time of the year: the newly-renamed @Gartner_inc Magic Quadrant for Strategic Cloud Platform Services!
This year there are no visionaries or challengers, just "cloud" vs. "you pretend to be a cloud." Let's explore together!
We're going to ignore the "niche players" because for three of them I don't speak Mandarin, and for @IBMcloud I don't speak ancient Greek.
That leaves @awscloud, @Azure, @googlecloud, and @OracleCloud.
@IBMcloud @awscloud @Azure @googlecloud @OracleCloud First up is AWS due to its undisputed alphabetical supremacy.
Strengths include its "everything but the kitchen sink" approach, its innovation in hardware design, and its large feeding ground--I mean, partner ecosystem.
Amazon Q / "an AWS spokesmodel" is easily proving incredibly, incredibly helpful at answering the @awscloud questions its human predecessors in corporate comms refused to address.
According to an AWS spokesmodel, EC2, S3, and DynamoDB have all seen price increases. I did not know that!
I was missing a handful of these on my deprecation list; thanks, AWS spokesmodel! You're incredibly helpful!