Introduction
Amazon Web Services (AWS) is a cloud powerhouse approaching its 20-year mark. While this maturity brings impressive stability, it also means that much of what once defined AWS has quietly—and profoundly—evolved. Whether you’re a seasoned “AWS veteran” or just exploring, outdated blog posts can leave you stuck on how things used to be instead of how they are now. This pillar post rounds up the evolution of AWS’s foundational building blocks—EC2, S3, Lambda, networking, cost tools, authentication, and beyond—so you can confidently build and modernize.
Modern EC2: Smarter, Safer, Nimbler
- No more reboots for changes
- You can now add/remove security groups and modify IAM roles on running instances—no shutdown needed. (Reddit, AWS Documentation)
- Similarly, attach, detach, or resize EBS volumes on live instances effortlessly.
- Forceful stops & live migrations
- New features let you stop or terminate EC2 instances immediately—no waiting for graceful shutdowns.
- Live migration across physical hosts is now supported, reducing incidence of performance degradation.
- Reliability has transformed
- Gone are the days of anticipation over disappearances—modern instances are far more stable and dependable.
- Spot instances tamed
- Spot pricing is now far smoother and predictable — less like a competitive auction, more like a consistent cost-benefit tool.
- Dedicated instances: mostly obsolete
- Once essential for HIPAA compliance, dedicated EC2 instances are no longer required under modern AWS BAAs.
- Securing AMIs is now safer
- “AMI Block Public Access” is enabled by default in new accounts, and retroactively applied to unused public AMIs as of 2023.
S3’s Bright New Chapter
- Consistency is immediate
- S3 provides read-after-write consistency—no more glitches from eventually consistent behavior.
- Better key distribution
- No need to shuffle object key prefixes to avoid hotspots—AWS handles that behind the scenes.
- Stricter default access control
- ACLs are deprecated and turned off by default; Block Public Access now defaults to enabled.
- Encryption built-in
- New buckets automatically encrypt data at rest.
- Glacier is now part of S3
- No more fragmented architecture—Glacier storage is now a class within S3.
- Restore fees are now predictable and fair, and restore times are no longer agonizingly slow.
Networking: Simplified, Faster, More Efficient
- EC2-Classic is gone for good
- Public IPv4 = Elastic IP pricing
- Public IPv4 addresses now incur Elastic IP charges, so costs are more transparent.
- Better connectivity tools
- VPC peering is no longer the only option—you also get Transit Gateway, VPC sharing, Cloud WAN, and more.
- VPC Lattice & Tailscale
- VPC Lattice simplifies cross-service networking.
- Tailscale offers an effortless overlay for secure, cross-environment networking.
- Faster CloudFront updates
- Deployments now propagate in ~5 minutes, a vast improvement over the ~45-minute waits of old.
- Reduced cross-AZ charges
- ALBs now handle cross-AZ load balancing without extra data transfer fees (except with Network Load Balancers).
- NLB gains security group support
- Static AZ alignment
- Resource Access Manager lets multiple accounts map AZ IDs consistently, avoiding “us-east-1a vs. 1c” mismatches.
Lambda: Power-Packed and Flexible
- Timeouts and memory have grown
- Lambda now supports up to 15-minute invocations (up from 5 minutes) and 10,240 MB (10 GB) memory. (Amazon Web Services, Inc., AWS Documentation, AWS Documentation)
- More local storage
/tmpstorage has expanded to up to 10 GB, configurable beyond the original 512 MB. (Amazon Web Services, Inc.)
- Container images & EFS mounting
- Lambda supports Docker containers and can integrate with EFS for durable storage.
- Cold starts tamed, VPC access improved
- Lambdas now launch much quicker even inside VPCs, and cold-start latency is significantly reduced.
EFS & EBS: Smarter Storage Control
- EFS: QoS over size
- No longer tied to massive data uploads—IO performance is now tunable separately from capacity.
- EBS: Full speed, smart snapshot use
- Fresh volumes perform at full speed immediately. But volumes created from snapshots load lazily, so read-first access may be slow unless pre-warmed.
- Multiple-attach support
- Certain EBS types (like io1) now support attachments to multiple instances—but be cautious about concurrency.
DynamoDB: Cleaner, Faster, More Predictable
- Empty attributes allowed
- No more awkward workarounds for missing fields—DynamoDB now supports empty values.
- Predictable performance
- Tools to diagnose hot keys are now more accessible and reliable—no more NDA-locked options.
- Pricing clarity favors On-Demand
- For most use cases, running everything On-Demand is simpler and more cost-effective unless you’re operating at massive predictable scale.
Cost Management That Works with You
- RIs are fading; Savings Plans now dominate
- Savings Plans offer flexible usage; while discounts may be shallower than legacy Reserved Instances, the flexibility often outweighs the difference.
- Hourly billing is history
- EC2 now bills by the second—short tasks cost exactly as long as they run.
- Cost monitoring tools are sharper
- Cost Anomaly Detector is robust and free.
- Compute Optimizer now covers EBS volumes, EC2, and more—and is generally more trustworthy than Trusted Advisor. Some Advisor checks now defer to Optimizer.
IAM & Authentication: Cleaner and More Secure
- IAM roles encouraged for services
- IAM users should largely stay retired—roles (especially via IAM Identity Center, the new “AWS SSO”) are how humans should access AWS.
- Root account resilience
- You can now configure multiple MFA devices for the root account, and you no longer need root credentials for each organization member account.
Miscellaneous But Significant Shifts
- us-east-1 is stable now
- The infamous core region is far more reliable today—outages are now news, not routine.
- Deprecation awareness
- While still rare, deprecations are happening more often—especially for niche services. Always have your exit plan ready.
- CloudWatch graphs are now truthful
- No more phantom zero readings at the end of your graphs—that got fixed. If you see a drop, your app likely crashed, not the metrics.
- Coordinated org-level account closures
- You can now close AWS accounts directly from the organization’s root account—no need to log into each one individually.
Why This Matters
AWS’s foundational services have matured—but not always in headline-grabbing ways. This post helps:
- Modern builders avoid costly, outdated advice.
- Architects design with current AWS capabilities in mind.
- Teams re-evaluate tool choices—some legacy paths are now obsolete.
- Everyone stay agile in the face of silent, powerful infrastructure changes.
TL;DR Table
| Service | What’s New / Improved |
|---|---|
| EC2 | Live SG/IAM updates, live margin, force stops, better spot reliability |
| S3 | Read-after-write consistency, no ACLs, auto-encryption |
| Networking | Fast CloudFront, new transit tools, better AZ mapping |
| Lambda | 15 min runtime, 10 GB RAM, 10 GB /tmp, VPC improvements |
| EFS / EBS | EFS performance independent of capacity; insane I/O control |
| DynamoDB | Empty fields allowed, better diagnostics, On-Demand pricing |
| Cost tools | Savings Plans, per-second billing, better spend analytics |
| Auth | Roles & Identity Center over IAM users; safer root control |
| Misc | Region stability, better CloudWatch accuracy, org-level controls |
AWS isn’t just older—it’s wiser. And as AWS grows up, it’s these subtle but powerful shifts that redefine what it means to “do things the AWS way,” today.
Looking for help navigating these ever changing waters? Lets talk.
