In Cloud Computing This Week [Apr 21st 2023]

Amazon S3 compatible storage is now available on AWS Snowball Edge Compute Optimized devices. Amazon S3 compatible storage enables customers to store data and run highly available applications on AWS Snowball Edge Compute Optimized devices by delivering secure object storage with high resiliency, increased scale, an expanded S3 API feature-set to rugged, mobile edge, and disconnected environments.

Amazon S3 compatible storage is ideal for running applications that require real-time processing or are bound by data residency requirements in Denied, Disrupted, Interrupted and Limited (DDIL) network connectivity environments.

Previously, customers used PUT and GET object operations to manage data on Snow devices. Now, customers have an expanded set of Amazon S3 APIs and features such as CreateBuckets, BucketLifecycle, and an increased cluster range from 3-16 devices, making it easier to develop, deploy, and manage applications requiring object storage on premises.

Customers can streamline operations and reduce operational overhead, cost and complexity by using the same tools, such as AWS CLI/SDK, across AWS Regions and AWS Snow Family devices.

To start using Amazon S3 compatible storage, log in to AWS Snow Family console and select ‘Amazon S3 compatible storage’ at the time of ordering your AWS Snowball Edge Compute Optimized device. Customers can use AWS OpsHub or Amazon S3 SDK/CLI to manage object storage on the device(s) locally or remotely from a central location.

Amazon Elastic Container Services (Amazon ECS) launches a networking capability called Service Connect in the Middle East (UAE) and Europe (Zurich) Regions.

Amazon ECS is a fully managed container orchestration service that makes it easier for you to deploy, manage, and scale containerized applications. Customers can use Service Connect to easily configure service discovery, connectivity and traffic observability for services running in Amazon ECS.

This helps build applications faster by letting you focus on the application code and not on your networking infrastructure.

Amazon GuardDuty expands threat detection coverage to continuously monitor network activity logs, starting with VPC Flow Logs, generated from the execution of AWS Lambda functions to detect threats to Lambda such as functions maliciously repurposed for unauthorized cryptocurrency mining, or compromised Lambda functions that are communicating with known threat actor servers.

GuardDuty Lambda Protection can be enabled with a few steps in the GuardDuty console, and using AWS Organizations, can be centrally enabled for all existing and new accounts in an organization.

AWS Customers across many industries and geographies use Amazon GuardDuty, including more than 90% of AWS’s 2,000 largest customers. GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.

With GuardDuty Lambda Protection, you can now continuously monitor your Lambda execution environment without any configuration changes to the existing Lambda functions or new Lambda functions that are added. Current and new GuardDuty users can try GuardDuty Lambda Protection at no cost with a 30-day free trial.

Amazon Redshift announces support for MERGE command which enables you to apply source data changes unto Redshift warehouse tables with a simple SQL command. MERGE command allows you to combine a series of DML (Data Manipulation Language) statements into a single statement, .

When using multiple statements to update or insert data, there is a risk of inconsistencies between the different operations. Merge operation reduces this risk by ensuring that all operations are performed together in a single transaction.

For Amazon Redshift customers who are migrating from other data warehouse systems or who regularly need to ingest fast changing data into their Redshift warehouse, MERGE SQL command is an easier way to conditionally insert, update, and delete from target tables based on existing and new source data.

We are excited to announce the new AWS WAF Ready specialization for AWS Partners with software products that integrate with AWS Web Application Firewall (WAF). Ensuring websites and applications are protected from external threats that can lead to a loss of revenue, customer trust, and brand reputation has become a top concern for businesses of all shapes and sizes.

AWS WAF Ready specialization offers customers a simple solution to deploying and maintaining their application layer security solution with AWS WAF Ready Partner offerings.

AWS WAF Ready partner offerings provide robust WAF rule sets and mitigation tools that customers can choose depending on their specific application use case. In addition, AWS WAF Ready partners stay ahead of the attack curve and can help mitigate zero-day vulnerabilities so that customers do not have to worry about continually updating their rule sets based on novel or new attack vectors.

Beyond detection and mitigation, AWS WAF Ready partners provide customers with pre-built integrations to help ingest and analyze WAF event data. 

With the new AWS WAF Ready specialization, customers can quickly and confidently identify validated AWS Partner software products vetted by AWS Partner Solutions Architects for their sound architecture, adherence to AWS best practices, and demonstrated customer success. We invite you to learn more about AWS WAF Ready Partner offerings.

The AWS Serverless Application Model (SAM) Command Line Interface (CLI) announces the launch of local testing support for Amazon API Gateway Lambda authorizers making it easier for developers to locally test their applications containing API Gateway. The AWS SAM CLI is a developer tool that makes it easier to build, test, package, and deploy serverless applications.

Customers can now use the SAM CLI to locally emulate API Gateway Lambda authorizers on their machine using the sam local start-api command. Previously, customers had to use AWS Console or AWS CLI to test their API Gateway Lambda authorizers.

With this launch, SAM CLI users can speed up their iteration cycles by testing their authorizer code locally. sam local start-api command supports testing of both Lambda authorizers, and Lambda V2 authorizers.

This week, AWS announced the general availability of Amazon CodeCatalyst, a unified software development service that makes it easier for you to quickly build and deliver applications on AWS. CodeCatalyst provides everything you need to start planning, coding, building, testing, and deploying applications on AWS with a streamlined, integrated experience.

With CodeCatalyst, you can spend more time developing application features and less time setting up project tools, creating and managing continuous integration and continuous delivery (CI/CD) pipelines, provisioning and configuring development and deployment environments, and onboarding team members to their projects.

CodeCatalyst has additional new features, such as the ability to use AWS Graviton for CI/CD workflows and deployment environments, which can result in significant cost savings. If you have already established code and tooling in GitHub, you can create a project from a linked GitHub repository, which developers can then work in using Dev Environments.

Work can be tracked by linking issues with pull requests, making it easier to track and understand changes to code. You can choose from two new blueprints when creating projects: Intelligent Document Processing and Static Website frameworks.

CodeCatalyst is available in the US West (Oregon) AWS Region, but can deploy workloads to any public Region worldwide. Multiple AWS accounts can be connected to CodeCatalyst spaces in order to better manage and control access to deployments in different environments such as dev, test, staging, and production.

Amazon Redshift already supports role-based access control, row-level security, and column-level security to enable organizations to enforce fine-grained security on Redshift data. Amazon Redshift now extends these security features by supporting Dynamic Data Masking (DDM) that allows you to simplify the process of protecting sensitive data in your Amazon Redshift data warehouse.

With Dynamic data masking, you control access to your data through SQL based masking policies that determine how Redshift returns sensitive data to the user at query time.

With this capability, as a security administrator, you can create masking policies to define consistent, format preserving, and irreversible masked data values. You can apply masking on a specific column or list columns in a table.

Also, you have the flexibility of choosing how to show the masked data. For example, you can completely hide all the information about the data, you can replace partial real values with wildcard characters, or you can define your own way to mask the data using SQL Expressions, Python, or Lambda User Defined Functions.

Additionally, you can apply a conditional masking based on other columns, which selectively protects the column data in a table based on the values in other column(s). When you attach a policy to a table, the masking expression can be applied to one or more of its columns.

Amazon Web Services announces the general availability of Ubuntu Pro on Amazon EC2 in a subscription-included model. You can now easily deploy Ubuntu Pro on-demand instances and purchase Ubuntu Pro Compute Savings Plans from the AWS EC2 console, and get five additional years of Ubuntu security updates from Canonical.

You will be charged on a per-second basis for Ubuntu Pro EC2 AMI instances. For any new Ubuntu Pro EC2 AMI deployments, you will now see Ubuntu Pro charges in the Elastic Cloud Compute section of your AWS bill.

In addition to five more years (total ten years) of security maintenance, Ubuntu Pro provides security coverage for approximately 23000 packages in Ubuntu Universe repository, live kernel patching, etc. For example, Ubuntu 18.04 LTS will reach end of standard support on May 31 2023, however with Ubuntu Pro 18.04 LTS you can continue to receive security coverage until April 2028.

This week, AWS launched a redesigned opportunity management experience within the AWS Partner Central portal. This launch provides AWS Partners, using APN Customer Engagements (ACE), a faster, simpler and intuitive experience to securely collaborate and co-sell with AWS. The improved experience will enable our partners to drive successful customer engagements for their continued growth and profitability.

The enhanced opportunity management experience will improve AWS Partner digital experience through a modern look and feel of the ACE portal, consistent with other AWS tools. Partners will now experience faster load times on commonly used pages, including pipeline manager, opportunity creation and opportunity view/edit pages.

The new opportunity management experience introduces an opportunity overview dashboard to provide partners with key insights into their opportunity pipeline and enables them to apply specific criteria or conditions through custom filters so they can easily retrieve and focus on the data that is most relevant to their needs.

AWS have simplified the opportunity creation process by breaking it down into smaller, more manageable steps and have enhanced our view and management of an opportunity flow so partners can interact with it seamlessly. Additionally, they have structured the deal information by breaking it down into easy-to-understand sections, introduced intuitive notifications and have made it frictionless for a partner to launch their engagements.

The new experience will also have embedded in-app guidance to make it easier for our partners to navigate through our site and accomplish their goals.

AWS Amplify Flutter is announcing the launch of version 1.0.0, expanding support to web and desktop as target platforms. Amplify is a set of tools and services that help frontend web and mobile developers build secure, scalable, fullstack applications.

With this release, Flutter developers can target 6 platforms, including iOS, Android, web, MacOS, Linux, and Windows. Developers can build Authentication, API (GraphQL +REST), Storage, and Analytics experiences with Amplify targeting the platforms that matter most to their users. 

Developers using Amplify Flutter can now enjoy a consistent experience for all platforms they target, thanks to the complete re-writing of the Amplify Flutter libraries in Dart. This means that Flutter developers can use the same codebase and libraries for all the platforms they target, which significantly reduces developments times, allowing developers to deliver value faster to their customers.

Amazon Redshift data sharing enables you to share live data across Amazon Redshift data warehouses. Amazon Redshift now supports simplified governance of Amazon Redshift data sharing by using AWS Lake Formation to centrally manage permissions on data being shared across your organization.

With the new Amazon Redshift data sharing managed by AWS Lake Formation, you can manage permission grants, view access controls, and audit permissions on the tables and views in the Redshift datashares using Lake Formation APIs and the AWS Console.

Lake Formation managed data sharing improves the security of your data by enabling security administrators to use Lake Formation to manage granular entitlements such as table-level, column-level, or row-level access to tables and views being shared in Redshift data sharing.

Data is shared live from Redshift Managed Storage (RMS) and not copied or moved to Amazon S3, data consumers can detect the data directly in AWS Lake formation and start querying within a minutes. You now have better visibility and control of data shared within and across accounts in your organization. AWS Lake Formation managed data sharing also enables you to define policies once and enforce those consistently for multiple data consumers.

The Amazon Chime SDK now supports Hindi and Thai languages for live transcription of WebRTC media sessions. Amazon Chime SDK lets developers add real-time audio, video, and screen share to their web and mobile applications. Live transcription integrates with Amazon Transcribe to generate live audio transcription for use as subtitles or transcripts. 

The expanded language coverage of live transcription enables customers to reach a broader global audience with a consistent experience in their communication-enabled applications. The Hindi and Thai languages can be selected explicitly or automatically through automatic language detection.  

Hindi and Thai languages are available for live transcription with any WebRTC media session in any Amazon Chime SDK meeting media Region, including the AWS GovCloud (US) Regions.

Starting this week, Amazon Virtual Private Cloud (VPC) customers can create their own Prefix Lists in three additional AWS Regions: Asia Pacific (Hyderabad), Asia Pacific (Melbourne) and Europe (Spain).

A prefix list allows you to group multiple CIDR blocks into a single object, and use it as a reference to simplify network configuration. You can share your prefix list with other AWS accounts using AWS Resource Access Manager (RAM) and use it to configure VPC route tables and security groups.

A prefix list makes it easier for you to roll out changes and maintain consistency in security groups and route tables across multiple VPCs and accounts. For example, you can create a prefix list to represent all your branch office CIDR blocks and use it to configure your security groups and route tables. When you add a new branch office, you simply add its CIDR block to the prefix list, and this automatically establishes connectivity from all corresponding VPCs and accounts.

Amazon GuardDuty is now available in the Asia Pacific (Melbourne) Region. You can now continuously monitor and detect security threats in this additional region to help protect your AWS accounts, workloads, and data.

Customers across many industries and geographies use Amazon GuardDuty, including more than 90% of AWS’s 2,000 largest customers. GuardDuty continuously monitors for malicious or unauthorized behavior to help protect your AWS resources, including your AWS accounts, EC2 workloads, access keys, EKS clusters, and data stored in Amazon S3 and Amazon Aurora. GuardDuty can identify unusual or unauthorized activity like crypto-currency mining, access to data stored in S3 from unusual locations, or unauthorized access to Amazon Elastic Kubernetes Service (EKS) clusters. 

GuardDuty Malware Protection adds file scanning for workloads utilizing Amazon Elastic Block Store (EBS) volumes to detect the presence of malware. GuardDuty continually evolves its techniques to identify indicators of compromise, such as updating machine learning (ML) models, adding new anomaly detections, and growing integrated threat intelligence to identify and prioritize potential threats.

This week, AWS Control Tower is available in 7 additional AWS Regions: US West (N. California), Asia Pacific (Hong Kong, Jakarta, and Osaka), Europe (Milan), Middle East (Bahrain), and Africa (Cape Town).

With this launch, AWS Control Tower is now available in 22 AWS Regions and 2 AWS GovCloud (US) Regions. AWS Control Tower offers the easiest way to set up and govern a secure, multi-account AWS environment. It simplifies AWS experiences by orchestrating multiple AWS services on your behalf while maintaining the security and compliance needs of your organization. You can set up a multi-account AWS environment within 30 minutes or less.

If you are new to AWS Control Tower, you can launch it today in any of the supported regions, and you can use AWS Control Tower to build and govern your multi-account environment in all supported Regions.

If you are already using AWS Control Tower and you want to extend its governance features to the newly supported regions in your accounts, you can go to the settings page in your AWS Control Tower dashboard, select your regions, and then update your landing zone. You must then update all accounts that are governed by AWS Control Tower. Then your entire landing zone, all accounts, and OUs will be under governance in the new region(s).

Amazon WorkSpaces Web Access is now available in the AWS GovCloud (US-West) Region. You can deploy Amazon WorkSpaces using WorkSpaces Streaming Protocol (WSP), without having to install a native client application and your users can now access Amazon WorkSpaces from supported web browsers on devices running Windows, macOS, and Linux.

The new Amazon WorkSpaces Web Access experience is powered by the WorkSpaces Streaming Protocol (WSP), a cloud-native streaming protocol that enables a consistent user experience when your users access WorkSpaces across global distances and unreliable networks.

Web Access with WSP helps users to remain productive when connecting from computers where a web browser experience may be optimal, for example on personally-owned or locked-down devices where installing and maintaining a client application can be challenging.

You can get started with WSP by selecting WSP from the protocol drop down in the AWS management console and choosing a Windows 10 Value, Standard, Performance, Power, or PowerPro bundle when creating a WorkSpace. To learn more, visit the Amazon WorkSpaces Administration Guide to Enable and configure Amazon WorkSpaces Web Access.

Amazon SageMaker Studio Lab deployed CAPTCHA, (Completely Automated Public Turing test to tell Computers and Humans Apart), to deter automated bots and scripts, from absorbing compute capacity that is meant for customers experimenting with machine learning.

Customers are now enjoying more CPU and GPU capacity with Amazon SageMaker Studio Lab, which is a free service, that enables customers to experiment with machine learning code in a Jupyter IDE, hosted on the AWS cloud.

SageMaker Studio Lab leverages AWS WAF CAPTCHA JS API, which challenges customers with simple puzzle images, that are easy for humans but hard for bots to solve. This has enabled Studio Lab to reclaim compute that bots were using, and redistribute it to the ML learners who need it.

Amazon Inspector now supports deep inspection of EC2 instances when the continual EC2 scanning feature is activated. With this expanded capability, Inspector now identifies software vulnerabilities in application programming packages including Python, Java, and Node.js packages in addition to operating system packages.

Inspector discovers these application programming packages installed in default directory paths, and also allows customers to provide additional custom directory paths for Inspector discovery. This feature is activated by default for all new customers, and existing customers can activate this feature across their organization with a single click in the console. Deep inspection of EC2 instances is offered at no additional cost to Inspector customers.

Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure across your entire AWS Organization.

Once activated, Amazon Inspector automatically discovers all of your Amazon Elastic Compute Cloud (EC2) instances, container images in Amazon Elastic Container Registry (ECR), and AWS Lambda functions, at scale, and continuously monitors them for known vulnerabilities, giving you a consolidated view of vulnerabilities across your compute environments.

Amazon Inspector also provides a highly-contextualized vulnerability risk score by correlating vulnerability information with environmental factors such as external network accessibility to help you prioritize the highest risks to address.

This week, we are announcing the availability of AWS Backup for Amazon S3 in AWS GovCloud (US-East, US-West) Regions. AWS Backup is a policy-based, fully managed and cost-effective solution that enables you to centralize and automate data protection of Amazon S3 along with other AWS services (spanning compute, storage, and databases) and third-party applications.

Together with AWS Organizations, AWS Backup enables you to centrally deploy policies to configure, manage, and govern your data protection activity. 

With this launch Amazon S3 backups are now available in the following Regions: US East (Ohio, N. Virginia), US West (N. California, Oregon), Canada (Central), Europe (Frankfurt, Ireland, London, Milan, Paris, Stockholm), Asia Pacific (Hong Kong, Jakarta, Mumbai, Osaka, Seoul, Singapore, Sydney, Tokyo), Middle East (Bahrain, UAE), Africa (Cape Town) and AWS GovCloud (US-East, US-West). For more information on regional availability and pricing, see AWS Backup pricing page. 

AWS Amplify is announcing support for Push Notifications for Swift, Android, Flutter, and React Native applications. This means that developers can now use Amplify to set up push notifications when targeting iOS and Android platforms, providing developers and businesses with a way to engage with users and send them timely and relevant information.

Developers can now set up campaigns to segment and target specific users. Personalizing push notifications with AWS Amplify allows mobile and cross-platform developers to target specific users with important updates, promotions, and new features, resulting in higher engagement and increased user satisfaction.

AWS Lake Formation and the Glue Data Catalog now extend data cataloging, data sharing and fine-grained access control support for customers using a self-managed Apache Hive Metastore (HMS) as their data catalog.

Previously, customers had to replicate their metadata into the AWS Glue Data Catalog in order use Lake Formation permissions and data sharing capabilities. Now, customers can integrate their HMS metadata within AWS, allowing them to discover data alongside native tables in the Glue data catalog, manage permissions and sharing from Lake Formation, and query data using AWS analytics services.

To get started, customers using this feature will need to connect their HMS databases and tables as federation objects into their AWS Glue Data Catalog. Customers can then grant Lake Formation column, tag, and data filter permissions on tables as if they were native AWS Glue Data Catalog tables.

These permissions are then applied whenever those tables are queried by Lake Formation supported AWS services, simplifying the management of unified data access controls. Finally, customers can audit access and permissions on their HMS resources using AWS CloudTrail logs generated on all data and metadata access events.

Amazon Comprehend announced that Amazon Comprehend APIs for Document Classification will now use layout of the document in addition to text, to provide higher accuracy. 

Amazon Comprehend is a Natural Language Processing (NLP) service that provides pre-trained and custom APIs to derive insights from textual data. At re:Invent 2022, Comprehend simplified document classification by adding support for inference on common document types.

At that time, customers did not have the ability to train custom document classification models for PDF/Word/Image files with layout data for higher accuracy. Now, using the same document classification APIs, customers will be able to train custom classification models with PDF documents, Microsoft Word files, and images, to support using layout information and get higher accuracy for classification.

This higher accuracy is beneficial for various scenarios such as insurance claims and mortgage document classification. Customers can use the new capability for asynchronous processing or real-time use cases.

Amazon CodeCatalyst (Preview) has added an administrative dashboard for Dev Environments. This dashboard enables users with the Space administrator role to centrally view and manage Dev Environments across projects.

CodeCatalyst is a unified software development service that makes it faster to build and deliver software on AWS. Dev Environments, a feature of CodeCatalyst, are preconfigured, scalable cloud development environments accessible from popular IDEs.

A space represents your company, or department, which contains projects, team members, and the associated cloud resources you create in CodeCatalyst. Using the new dashboard, you can view, stop, or delete Dev Environments belonging to your space. You can also modify configuration settings such as inactivity timeout and compute configurations of Dev Environments belonging to your team members.

The owners of the Dev Environments receive email notifications whenever a space administrator performs update or delete operations on these configurations. The new dashboard also supports filtering of Dev Environments using properties such as projects, users, alias, IDE, resource, and status. To use the new UI, navigate to your space, choose Settings, and then choose Dev Environments.

With preconfigured Dev Environments, you can onboard developers faster by avoiding lengthy setup process and work with supported IDEs such as AWS Cloud9, Visual Studio Code, and JetBrains IDEs including IntelliJ IDEA Ultimate, PyCharm Professional and GoLand.

Amazon EMR on EC2 now provides contextual error details that makes it easier to troubleshoot cluster provisioning failures. EMR lets you provision your EMR on EC2 cluster without worrying about managing compute infrastructure or open-source application setup. However, there can be circumstances when your cluster provisioning fails, such as an insufficient EC2 instance capacity error, bootstrap action failure or a VPC-subnet misconfiguration error.

With today’s launch, you will now find additional error details in the new EMR console, AWS Command Line Interface (AWS CLI), and the AWS SDK. These additional error details are automatically enabled for all EMR versions and no further action is needed.

Previously when users encountered a provisioning error, such as a bootstrap failure, they would receive an error message that the cluster failed but with no further context. Identifying whether the root cause was an invalid or conflicting bootstrap action or a misconfigured bootstrap source file location took multiple steps.

With today’s launch, you will get specific error details for cluster provisioning failures along with detailed root cause, and recommendations to resolve the failure. You can find these details in the Cluster list view in the new console and via APIs.

AWS Lambda now supports Python 3.10 as both a managed runtime and a container base image. Developers creating serverless applications in Lambda with Python 3.10 can take advantage of numerous Python language enhancements to make code more readable and maintainable.

These include pattern matching for data structures, parenthesized context managers to simplify managing resources such as file handles or database connections, and better error handling. For more information on Lambda’s support for Python 3.10, see our blog post at Python 3.10 runtime now available in AWS Lambda.

To deploy Lambda functions using Python 3.10, upload the code through the Lambda console and select the Python 3.10 runtime. You can also use the AWS CLI, AWS Serverless Application Model (AWS SAM) and AWS CloudFormation to deploy and manage serverless applications written in Python 3.10.

Additionally, you can also use the AWS-provided Python 3.10 base image to build and deploy Python 3.10 functions using a container image. To migrate existing Lambda functions running earlier Node versions, review your code for compatibility with Node.js 18 and then update the function runtime to Python 3.10.

AWS will automatically apply updates to the Python 3.10 managed runtime and to the AWS-provided Python 3.10 base image, as they become available.

AWS IoT Core for LoRaWAN announces public network support (preview) for LoRaWAN-based Internet of Things (IoT) systems. With this update, customers can now easily connect their IoT devices to the cloud using publicly available LoRaWAN networks provided by Everynet, a global LoRaWAN network operator offering carrier grade networks.

Using AWS IoT Core for LoRaWAN, customers can simply register their devices to the cloud and opt for public network support in the AWS IoT console. Within minutes, they will be able to receive data from registered LoRaWAN devices in their AWS account. 

AWS IoT Core for LoRaWAN is a fully managed LoRaWAN Network Server (LNS) that enables customers to connect their LoRaWAN-enabled wireless devices, typically used for low-power, long-range wide area network connectivity, to AWS. IoT system operators now do not need to deploy and maintain their own private LoRaWAN network, resulting in development, management, and operational cost savings. It also streamlines billing processes as system operators do not need to interface with individual network provider for managing network subscription costs.

AWS Backup now offers a simple, cost-effective, and application-consistent backup and restore solution for SAP HANA databases running on Amazon EC2. With this launch, you can centrally automate backup and restore of your SAP HANA application data, in addition to the currently supported AWS services.

Using AWS Backup’s seamless integration with AWS Organizations, you can create and manage immutable backups of SAP HANA databases across all your accounts, help protect your data from inadvertent or malicious actions, and restore the data.

To get started with AWS Backup for SAP HANA on Amazon EC2, you can use the AWS Management console, CLI, or SDK to create backup policies to start protecting your SAP HANA databases. AWS Backup leverages AWS Systems Manager (SSM) for SAP to register these SAP HANA systems and AWS Backint Agent to take backups.

Once you define your backup policies and assign SAP HANA resources to the policies, AWS Backup automates the creation of SAP HANA backups that are application-consistent and stores those backups in an encrypted backup vault that you designate.

You can now take continuous backups with PITR (Point-In-Time Recovery) support, automatically set lifecycle policies to cold storage, and restore your data with a few clicks.

Amazon EMR Serverless is a serverless option that makes it simple for data analysts and engineers to run open-source big data analytics frameworks like Apache Spark and Apache Hive without configuring, managing, and scaling clusters or servers.

Starting this week, you can view the aggregated Billed resource utilization for each job within an EMR Serverless application, simplifying the cost calculation per job run.

When running Spark or Hive workloads, it is useful to see the resources used by individual job runs to help understand and manage your total costs. With this feature, you can get a detailed view of the vCPU-hours, memoryGB-hours, and storageGB-hours consumed by an EMR serverless job on completion.

Using this data and the pricing in each Region, you can accurately calculate the cost per job run. You can view these values both in the EMR Studio UI and the GetJobRun API.

Amazon Relational Database Service (Amazon RDS) events now include tags in the message body, which provide metadata about the resource that was affected by the service event. The message receiver can use these tags to do payload-based parsing with rule matching, enabling workflows such as routing, filtering, and down stream automation.

Now that Amazon RDS events include tags, you can simplify your application architecture, remove the need for describe API calls and enable downstream automation via services like Amazon Lambda and AWS Systems Manager.

Amazon RDS events including tags, combined with message body filtering, and routing logic from subscribing systems like Amazon Simple Notification Service (SNS), Amazon Simple Queuing Service (SQS), or Amazon EventBridge can also get your events to your preferred communication channel like email, chat or paging systems. 

Amazon Personalize is integrating with Amazon SageMaker Data Wrangler to make it easier for customers to import and prepare their data. Amazon Personalize enables developers to improve customer engagement through personalized product and content recommendations – no ML expertise required.

The quality of data used for model training affects the quality of the recommendations, which makes data aggregation and preparation a critical step to get high-quality recommendations using Amazon Personalize. With this launch, Amazon Personalize gives you the ability to prepare your data through Amazon SageMaker Data Wrangler before using it in Amazon Personalize.

Customers can use Amazon SageMaker Data Wrangler to import data from 40+ supported data sources and perform end-to-end data preparation (including data selection, cleansing, exploration, visualization, and processing at scale) in a single user interface using little to no code.

This allows customers to rapidly prepare their users, items or interactions dataset using Amazon SageMaker Data Wrangler by leveraging over 300 built-in data transformations, retrieving data insights, and quickly iterating by fixing data issues.

Getting started with the Amazon SageMaker Data Wrangler integration is easy. Simply visit the Amazon Personalize console, open a Dataset from within your Dataset groups, select “Import and Prepare Your Data,” and then choose “Prepare Data with Data Wrangler”.

Please note that customers using Amazon SageMaker Data Wrangler will incur additional charges as per their usage, checkout their pricing page.

Amazon DynamoDB now supports up to 50 concurrent table restores per AWS account. The default service quota for table restores increased from 4 to 50, and is applicable to restores performed using point-in-time recovery and on-demand backups managed by DynamoDB and AWS Backup.

With the increased default service quota, customers who have a large number of tables can now run up to 50 concurrent table restore operations, reducing the delays associated with restoring four tables at a time.

The new default quotas are now effective in all AWS Regions, except AWS GovCloud (US) Regions. Start taking advantage of these quotas by using the DynamoDB console, the AWS Command Line Interface (AWS CLI), or AWS APIs. 

We are excited to announce the launch of our AWS Manufacturing and Industrial Competency. Previously known as the AWS Industrial Software Competency, the updated AWS Manufacturing and Industrial Competency has expanded to include new categories to further differentiate partners and help customers find the right solution for their unique business needs.

As the manufacturing industry experiences an increase in cloud adoption, the Manufacturing and Industrial Competency helps align validated and differentiated AWS Partner solutions to customers seeking to modernize their business through Engineering and Design, Smart Manufacturing (Robotics, Worker Safety, and Productivity), Smart Product and Services, Enterprise Solutions, Operational Technology Security, Supply Chain Management, Sustainability, and Operational Technology for an end-to-end value chain.

Aligning to these categories helps customers accelerate their time to results, optimize operations, seek new revenue streams, and generate sustainable business operations while reducing their carbon footprint.

Amazon Elastic File System (Amazon EFS) has increased the maximum throughput per file system by 3x to 10 GiB/s of read throughput and 3 GiB/s of write throughput.

Amazon EFS provides serverless, fully elastic file storage that makes it simple to set up and run file workloads in the cloud. With these new throughput limits, you can easily run more performance-intensive workloads on AWS using Amazon EFS, such as machine learning, genomics, and data analytics applications.

Using Amazon Connect Customer Profiles inside the agent workspace, agents can now see cases from 3P case management solutions and Connect Cases inside a particular customer profile. Having both customer profile information together with case details in the same window makes it easier for agents to understand the customer context and reduces wasted time switching between applications.

Using the cases table inside the Customer Profile, agents can see case information such as status, date last updated, title, and source system. If agents need more detail, they can click on the case to access additional information from the source system. For example, agents handling transfers, can now see the caller’s open case regarding license renewal, quickly assist them without needing to gather more information, and help provide faster issue resolution.

As another example, agents can now see repeat callers’ open cases regarding late deliveries and quickly give them an update on the delivery status.

With Amazon Connect Customer Profiles, companies can help deliver faster and more personalized customer service by providing access to relevant customer information for agents and automated experiences.

Companies can bring customer data from multiple SaaS applications and databases into a single customer profile, and pay only for what they use based on the number of customer profiles.

Amazon Connect Customer Profiles is available in US East (N. Virginia), US West (Oregon), Africa (Cape Town), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Seoul), Canada (Central), Europe (Frankfurt), and Europe (London). 

Amazon SageMaker announced Collections, a new capability to organize your machine learning models in the Amazon SageMaker Model Registry. You can use Collections to group registered models that are related to each other and organize them in hierarchies to improve model discoverability at scale.

Amazon SageMaker Model Registry is a purpose-built tool for machine learning operations (MLOps) to help you centrally manage your ML models. You can track models and metadata, compare model versions, and review and approve them for deployment through the Amazon SageMaker Model Registry.

When you register a model, Amazon SageMaker Model Registry creates a Model Package and stores all successive versions of the model under one Model Package Group.

With Collections you can organize registered models that are associated with one another. For example, you could categorize your models based on the domain of the problem they solve under Collections titled ‘NLP-models, ’CV-models’, and ‘Speech-recognition-models’.

To organize your registered models in a tree structure you can nest Collections within each other. Any operations you perform on a Collection (create/read/update/delete) will not alter your registered models. You can use the Amazon SageMaker Studio UI or the Python SDK to manage Collections.

AWS Glue is a serverless data integration service that makes it easy to discover, prepare, and combine data for analytics, machine learning (ML), and application development. Similar to other AWS services, AWS Glue has service limits to protect customers from an unexpected increase in their bill caused by excessive provisioning.

Customers can view their current resource limits and request an increase (where appropriate) by logging into the AWS Service Quota console. Today, we are pleased to announce a new capability on Glue that will allow customers to monitor the utilization of certain Glue resources in Cloudwatch and configure the appropriate CloudWatch alarms. 

With the new feature, customers can monitor account level limits such as, number of Glue workflows, triggers, jobs, concurrent job runs, Blueprints, and number of Interactive Sessions. For more details, please refer to the AWS Glue documentation. The feature is available in all regions where Glue is available except the AWS GovCloud (US-East) and China Regions.

AWS Elastic Disaster Recovery (AWS DRS) now supports additional capabilities to help simplify managing the launch settings for your source servers. The launch settings you define using Elastic Disaster Recovery determine how to launch your source servers on AWS as drill and recovery instances.

Elastic Disaster Recovery minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications using affordable storage, minimal compute, and point-in-time recovery.

With this launch, you can now use Elastic Disaster Recovery to define default launch settings to apply to new source servers, and you can modify launch settings in bulk for multiple source servers. These additional management capabilities allow a simplified process to modify your launch settings at scale.

For applications running on AWS, you can also modify the recovery Availability Zone for multiple source servers, which helps simplify cross-Availability Zone recovery.

The additional launch settings management capabilities are available in all of the AWS Regions where Elastic Disaster Recovery is supported. See the AWS Regional Services List for the most up-to-date availability information.

Amazon DocumentDB (with MongoDB compatibility) is a scalable, highly durable, and fully managed database service for operating mission-critical MongoDB workloads. 

Today, Amazon DocumentDB announced an ODBC connector that enables connectivity from BI applications like Microsoft Excel and PowerBI to Amazon DocumentDB clusters. Using the ODBC connector, you can also now query and visualize data stored in DocumentDB from applications that support ODBC connectivity. You can access the source code and download the driver here.

The ODBC driver is open source and available for the user community under the Apache-2.0 license. You can use the GitHub repository to gain enhanced visibility into the driver implementation and contribute to its development.

This week, AWS announced the preview release of the AWS CloudFormation Template Sync Controller for Flux, a new open source project that automates the process of syncing changes from CloudFormation templates to CloudFormation stacks.

Flux CD is an open source, Cloud Native Computing Foundation (CNCF) graduated project that keeps Kubernetes clusters in sync with sources of configuration including Git repositories, S3 buckets, and Open Container Initiative (OCI) compatible repositories (such as Amazon Elastic Container Registry). AWS CloudFormation is a service that helps you model and set up your AWS resources so that you can spend less time managing those resources and more time focusing on your applications that run in AWS.

You create a template that describes all the AWS resources that you want, and CloudFormation takes care of provisioning and configuring those resources for you.

The AWS CloudFormation Template Sync Controller for Flux is an extension to Flux that lets you store your CloudFormation templates in a Git repository and automatically deploy them as CloudFormation stacks in your AWS account.

After installing the CloudFormation Template Sync controller into your Kubernetes cluster, you can configure Flux to monitor your Git repository for changes to CloudFormation template files. When a CloudFormation template file is updated in a Git commit, the CloudFormation controller is designed to automatically deploy the latest template changes to your CloudFormation stack.