In Cloud Computing This Week [Apr 6th 2023]

AWS App Runner adds 7 new compute configurations to the App Runner service settings. App Runner makes it easier for developers to quickly deploy containerized web applications and APIs to the cloud, at scale, and without having to manage infrastructure. With App Runner, you do not have to manage any load balancers and auto-scaling groups.

When you create an App Runner service, you select a compute configuration, a combination of vCPU and compute memory, for your web application or API, and define maximum concurrency, the maximum number of concurrent requests one application instance can process. App Runner automatically scales your application instances based on concurrent requests that your App Runner service receives.

Until now, App Runner supported 4 compute configurations at 1 vCPU with 2 GB, 3 GB, and 4 GB compute memory, and 2 vCPU with 4 GB compute memory. Starting today, you can pick from 11 compute configurations starting at 0.25 vCPU (512 MB memory) and up to 4 vCPU (12 GB memory).

You can now save cost by choosing a lower compute configuration for applications that are not compute intensive such as a single threaded application that does not need a full vCPU. You can also choose a larger compute configuration such as 4 vCPU (12 GB memory) for compute intensive applications such as data processing and ML inference applications.

Amazon S3 adds a new Amazon CloudWatch metric that can be used to diagnose and correct S3 Replication configuration issues more quickly. The OperationFailedReplication metric, available in both the S3 console and in Amazon CloudWatch, gives you per-minute visibility into the number of objects that did not replicate to the destination bucket for each of your replication rules.

You can use Amazon CloudWatch alarms with this metric to notify you when failures occur, so that you can quickly take corrective action. For example, S3 Replication relies on permissions that are granted by customers via AWS Identity and Access Management (IAM) roles. If an IAM role is set up incorrectly, customers may see objects that do not replicate as expected, due to insufficient permissions.

S3 Replication will mark these objects as failed, and will now generate a metric and alarm so that you can quickly correct your IAM role and reinitiate replication for the objects to keep your source and destination buckets in sync.

The AWS Controllers for Kubernetes (ACK) service controller for Amazon MemoryDB for Redis is now generally available. Customers can provision and manage MemoryDB resources using the ACK service controller.

Amazon MemoryDB for Redis is a Redis-compatible, durable, in-memory database service that is purpose built for modern applications with microservices architectures. It is well suited for applications requiring ultra-fast performance, high availability, durability and security making it ideal for containerized workloads.

ACK service controller for MemoryDB aims to simplify provisioning and managing your database by enabling you to define and use MemoryDB resources directly from your Kubernetes cluster. This lets you take advantage of MemoryDB to support your Kubernetes applications without needing to define MemoryDB resources outside of the cluster or run and manage in-memory database capabilities within the cluster.

AWS are happy to announce that AWS Glue, a serverless data integration service, is now available in the AWS Europe (Spain) and AWS Europe (Zurich) Regions.

AWS Glue is a serverless data integration service that makes it simple to discover, prepare, and combine data for analytics, machine learning, and application development. AWS Glue provides both visual and code-based interfaces to make data integration simpler so you can analyze your data and put it to use in minutes instead of months.

Amazon AppStream 2.0 is now available in the AWS GovCloud (US-East) Region, an isolated AWS Region designed to host sensitive data and regulated workloads in the cloud for customers who have U.S. federal, state, or local government compliance requirements.

With this launch, you can deploy general purpose, compute-optimized, memory-optimized, accelerated computing, storage optimized, graphics pro, graphics-g4, and graphics pro-g4 streaming instances in both the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions to help meet the needs of your users.

AppStream 2.0 is a fully managed non-persistent desktop (Windows or Linux) and application virtualization service that allows you to stream applications and desktops from AWS to users without acquiring, provisioning, and operating hardware or infrastructure. AppStream 2.0 can help you provide users with secure, instant-on access to the applications they need with a responsive, fluid user experience from anywhere on the device of their choice.

Amazon AppStream 2.0 offers you pay-as-you-go pricing for the streaming resources that you provision plus a small monthly fee per streaming user depending on the operating system chosen. See Amazon AppStream 2.0 Pricing for more information.

AWS Network Firewall now supports IPv6-only subnets, in addition to dual stack (IPv4 and IPv6) subnets. Starting today, you can filter IPv6 traffic to and from the public internet, on-premises network, or any endpoint in your IPv6-enabled Amazon Virtual Private Cloud (VPC) with IPv6-only subnets.

AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. IPv6-only subnet support allows you to enforce your AWS Network Firewall rules and policies consistently across your entire network, making it easier to manage your network security posture. Additionally, with this launch, you will be able to meet business or regulatory requirements for adoption of IPv6-only network environments on AWS.

IPv6 is supported in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions. For more information about the AWS Regions where AWS Network Firewall is available, see the AWS Region table.

Starting this week, you can build, train, and deploy machine learning (ML) models in Asia Pacific (Hyderabad) Region.

Amazon SageMaker is a fully managed platform that provides every developer and data scientist with the ability to build, train, and deploy machine learning (ML) models quickly. SageMaker removes the heavy lifting from each step of the machine learning process to make it easier to develop high quality models.

This week, AWS are pleased to announce that AWS Resource Explorer now supports export and download of search results in comma-separated values (CSV) format. You can use this new capability to export resource search results from the AWS Resource Explorer console and continue your workflow in third-party applications that support CSV import.

When exported, the CSV file includes the resource identifier, service, resource type, Region, AWS account ID, the total number of tags, and a column for each unique tag key in the collection. Exporting and analyzing your search results can help you maintain an offline record of search query results, determine where there are overlaps or inconsistencies across resources, or develop a tagging strategy for resources in your organization based on gaps in current tags.

Amazon Kinesis Data Analytics for Apache Flink is now available in three additional AWS regions: Europe (Spain), Europe (Zurich), and Asia Pacific (Hyderabad).

Amazon Kinesis Data Analytics makes it easier to transform and analyze streaming data in real time with Apache Flink. Apache Flink is an open source framework and engine for processing data streams. Amazon Kinesis Data Analytics reduces the complexity of building and managing Apache Flink applications.

Amazon Kinesis Data Analytics for Apache Flink integrates with Amazon Managed Streaming for Apache Kafka (Amazon MSK), Amazon Kinesis Data Streams, Amazon OpenSearch Service, Amazon DynamoDB streams, Amazon Simple Storage Service (Amazon S3), custom integrations, and more using built-in connectors.

You can learn more about Amazon Kinesis Data Analytics for Apache Flink here.

Starting this week, Amazon CloudFront supports the use of S3 Object Lambda Access Points as origins. This means that you can now use S3 Object Lambda Access Point aliases to configure an S3 bucket-style CloudFront origin, and take advantage of CloudFront's 480+ global edge locations to accelerate the delivery of data transformed by your S3 Object Lambda function.

S3 Object Lambda allows you to add your own code to S3 GET, HEAD, and LIST requests to modify and process data as it is returned to an application. Prior to this launch, you were required to use Lambda@Edge as the signing principal with AWS Signature Version 4 (SigV4) for authentication with the origin.

You can now use CloudFront as the signing principal for SigV4 authentication with the S3 Object Lambda Access Point origin. This makes it simpler to use CloudFront to accelerate the distribution of data that the S3 Object Lambda function has transformed, such as filtered rows, dynamically resized images, data with confidential information redacted, and much more.

Amazon CloudFront's support for S3 Object Lambda Access Points origin is now available worldwide. To get started, obtain the S3 Object Lambda Access Points alias in your S3 Console or through an API and create your S3 bucket-style domain as your CloudFront origin. There are no additional fees associated with this feature. For more information, please refer to the CloudFront Developer Guide.

Today, AWS CloudFormation has expanded the availability of StackSets to Middle East (UAE) and Asia Pacific (Hyderabad) Regions. With this launch, customers can deploy their stack sets to and from these newly supported AWS Regions.

You use AWS CloudFormation StackSets to model, provision, and manage your cloud applications and infrastructure across multiple AWS accounts and Regions in a single operation. You can use StackSets for bootstrapping AWS account, deploying cross account applications, setting up disaster recovery with AWS Backup, and solving use cases around deploying cloud infrastructure at scale.

For example, you can use service-managed StackSets to deploy IAM roles and AWS Config policies to your AWS Organizations or an Organizational Unit (OU), and use the auto-deploy feature. With automatic deployment enabled, StackSets automatically deploys to accounts that are added to the target organization or organizational units (OUs) in the future. 

StackSets is generally available in the following AWS Regions: US East (Ohio and N. Virginia), US West (N. California and Oregon), Africa (Cape Town), Asia Pacific (Hong Kong, Hyderabad, Jakarta, Mumbai, Osaka, Seoul, Singapore, Sydney, and Tokyo), Canada (Central), Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD, operated by NWCD, Europe (Frankfurt, Ireland, London, Milan, Paris, and Stockholm), Middle East (Bahrain, and UAE), South America (São Paulo), and AWS GovCloud (US-East) and (US-West) Regions. 

Amazon Polly is a service that turns text into lifelike speech, allowing you to create applications that talk, and build entirely new categories of speech-enabled products. Today, we are excited to announce the general availability of the entire portfolio of Amazon Polly's Neural and Standard voices in the Asia Pacific (Osaka) Region.

Amazon Polly uses advanced deep learning technologies to synthesize natural sounding human speech. NTTS voices can be applied to a diverse set of use cases to increase customer engagement. For example, giving interactive voice response (IVR) or virtual assistant agents’ natural sounding voices or producing spoken versions of text-based content.

For eLearning, audiobooks, newsreaders, and other content, you can also provide audio/visual experiences by synchronizing speech with facial animation or karaoke-style word highlighting.

Starting this week, Bring Your Own IP (BYOIP) is available in two additional AWS Regions: Asia Pacific (Jakarta) and Middle East (UAE).

BYOIP allows you to bring your own IPv4 and IPv6 addresses to AWS and advertise them on the internet. You can create Elastic IP addresses from your BYOIPv4 addresses and use them with AWS resources such as EC2 instances, Network Load Balancers, and NAT gateways.

The Elastic IP addresses you create from BYOIPv4 addresses work in the same way as the Elastic IP addresses you get from AWS. The BYOIPv6 addresses also work in the same way as AWS provided IPv6 addresses. For example, you can associate these IPv6 addresses to subnets, Elastic Network Interfaces (ENI), and EC2 instances within your VPC.

Additionally, you can use your BYOIPv6 for private connectivity to your on-premises networks by advertising them over Direct Connect.

This week, AWS announced the general availability of AWS CodePipeline in Middle East (Bahrain), Africa (Cape Town), and Europe (Zurich).

AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process when there is a code change, based on the release model you define.

This week, AWS announces the general availability of AWS CodePipeline in Middle East (Bahrain), Africa (Cape Town), and Europe (Zurich).

AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process when there is a code change, based on the release model you define.

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting today, AWS customers can use the Amazon Kendra Microsoft OneDrive Connector to index and search messages from Microsoft OneDrive.

Critical information can be scattered across multiple data sources in an enterprise, including messaging platforms like Microsoft OneDrive. Amazon Kendra customers can now use the Kendra Microsoft OneDrive Connector to index messages and search for information across this content using Kendra Intelligent Search.

The Amazon Kendra Microsoft OneDrive connector is available in all AWS regions where Amazon Kendra is available. To learn more about the connector, visit the documentation page or the Amazon Kendra connector library. To explore Amazon Kendra, visit the Amazon Kendra website.

Starting this week, Amplify Studio is available in the Europe South (Milan) region. Customers building Amplify applications with Studio can now deploy applications to Europe South (Milan) region, improving performance for end users in the region.

AWS Amplify is a complete solution that lets frontend web and mobile developers easily build, ship, and host full-stack applications on AWS, with no cloud expertise needed. Use Amplify Studio to design your app backend, manage your data, and build cloud-connected UI, all with AWS resources that scale with you.

With today's launch, AWS Amplify Studio is now available in 18 AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), US West (N. California), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Milan), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Middle East (Bahrain), and South America (São Paulo).

Amazon SageMaker Feature Store now supports the ability to permanently delete records from the online store. The online store contains the most recent features and is used for low latency model serving. With this launch, you can now chose between soft delete and hard delete when deleting records, so you have more flexibility when it comes to managing online store data.

When a record is permanently deleted from the online store, Feature Store will also write a tombstone record to the offline store. The offline store contains historic features and is used for training and batch inference.

Tombstone records can then be identified and removed from the offline store, for example to provide more accurate or more recent data for model training, or to reduce storage costs.

This week, AWS are announcing general availability of macOS support for AWS Amplify for Swift (v2.7.1)! This launch allows developers to build cloud-connected apps for iOS and macOS apps. Developers can now leverage the power of the AWS Amplify across iOS and macOS platforms for production workloads. AWS will be announcing support for watchOS and tvOS in future releases of the library.

Developers can use Amplify Library for Swift via the Swift Package Manager to build apps for iOS and macOS platforms with Auth, Storage, Geo and more features. Developers will continue to have access to the same Amplify Command Line Interface (CLI) tools to configure and manage their cloud resources. With the Amplify Library for Swift, developers will also have direct access to the underlying AWS SDK for Swift through the escape hatch to unlock additional capabilities from AWS services.

With Amazon Athena, you can use your SQL knowledge to query nearly 30 popular AWS and third-party data stores - in addition to data stored in an Amazon S3 data lake - all without learning a new language, developing scripts to extract and duplicate data, or managing infrastructure.

Starting today, you can now create and query views on these data sources, which include relational databases, streaming sources, and cloud object stores, for use cases such as interactive analysis and business intelligence reporting.

In Athena, views are logical tables that retrieve data from one or more physical tables when the view is queried. Views are often used to limit access to sensitive data, hide complex joins and data transformation logic, and simplify queries that run on multiple distributed datasets.

With today’s launch, you get these benefits with all of Athena’s data source connectors. For a complete list of available data source connectors, see Using Athena Data Source Connectors.

AWS Migration Hub Orchestrator now supports migration of SAP HANA based systems configured with High Availability configurations, as well as the standalone migration of SAP HANA databases.

AWS Migration Hub Orchestrator simplifies and automates the migration of servers and enterprise applications to AWS. It provides a single location to run and track your migrations. AWS Migration Hub Orchestrator offers predefined and customizable workflow templates that offer a prescribed set of migration tasks, leverages application specific migration tools to streamline and automates your enterprise applications migration to AWS. 

The “Rehost applications on Amazon EC2” template in AWS Migration Hub Orchestrator allows customers to streamline migration of SAP applications running on non-HANA databases with minimal downtime using AWS Application Migration Service.

This launch expands the capabilities of the existing “Migrate SAP NetWeaver based SAP applications to AWS” template by supporting HANA database only migrations and SAP HANA based systems to High Availability configurations.

This HANA database and SAP application-aware migration methodology assists in migrating HANA-based applications to AWS while modernizing their architectures to improve resilience, upgrade OS type, or meet other application migration goals.

Amazon Managed Workflows for Apache Airflow (MWAA) now supports shell launch scripts for environments version 2.x and later.

Amazon MWAA is a managed service for Apache Airflow that lets you use the same familiar Apache Airflow platform as you do today to orchestrate your workflows and enjoy improved scalability, availability, and security without the operational burden of having to manage the underlying infrastructure.

Amazon MWAA now adds the ability to customize the Apache Airflow environment by launching a customer-specified shell launch script at start-up to work better with existing integration, infrastructure, and compliance needs. Customers can use shell launch script to install custom runtimes, set environment variables, and update configuration files.

You can launch or upgrade an Apache Airflow environment with a shell launch script on Amazon MWAA with just a few clicks in the AWS Management Console in all currently supported Amazon MWAA regions. To learn more about custom images visit the Amazon MWAA documentation.

Amazon Textract is a managed machine learning service that automatically extracts text, handwriting, and data from scanned documents. We regularly improve the accuracy of the underlying machine learning models and add new features based on customer feedback.

This week, AWS are pleased to announce new features and accuracy enhancements for the AnalyzeDocument - Tables feature to help customers automate their document processing workflows. 

The new tables model update adds support for four new elements commonly found within tabular structures in documents: table title, section titles, table footers and summary cells. Customers will be able to directly extract these elements from tabular structures and save time writing and maintaining complex post-processing code.

Additionally, it also provides a way to identify the type of table. Lastly, we are pleased to announce overall accuracy improvements on documents commonly found in the insurance, financial services, mortgages and manufacturing industries. 

This update will be available in US East (Ohio, N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai, Seoul, Singapore, Sydney), Canada (Central), Europe (Frankfurt, Ireland, London, Paris), and the AWS GovCloud (US-East, US-West) Regions.

This week, AWS are announcing an improvement for Amazon Elastic Block Store (EBS) performance on Amazon EC2 compute-optimized C6a and general purpose M6a instance types, with similar improvement on R6a in the coming weeks.

EC2 C6a and M6a instances are powered by 3rd generation AMD EPYC processors and are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor. With the latest enhancements to the Nitro system, AWS have increased the maximum EBS-optimized IOPS by 60% on the 32xlarge instance size and 50% on all other instance sizes for the C6a and M6a instance types.

The largest 48xlarge and metal sizes now have a maximum IOPS of 240,000, up from prior 160,000. Additionally, we have increased the maximum EBS-optimized bandwidth by 50% for instance sizes up to 32xlarge. With these improvements, the large to 4xlarge instance sizes can now achieve burst performance of 10Gbps and 40,000 IOPS.

This performance increase enables you to speed up sections of your workflows and handle unplanned spikes in EBS-optimized instance demand without impact to your application performance. For storage-intensive workloads, you will have an opportunity to use smaller instance sizes and still meet your performance requirements, thereby saving costs. 

All new C6a and M6a instances starting today will utilize this performance increase at no additional cost, with support for R6a in the coming weeks. For existing instances, you can simply stop and start your instances to enable this performance increase.

This change is available in all AWS regions where C6a and M6a are available. Please visit the EBS-optimized instance page for more details on the performance increase.

AWS Trusted Advisor fault tolerance checks for Amazon ECS are now generally available. AWS Trusted Advisor evaluates your AWS account with automated checks and provides cloud optimization recommendations to reduce costs, improve performance, increase security, increase fault tolerance, and monitor service quotas.

The first fault tolerance check, Amazon ECS service using a single Availability Zone (AZ) examines if your service configuration uses a single Availability Zone. By launching instances in multiple AZs in the same region, you can protect applications from a single point of failure. The second fault tolerance check, Amazon ECS Multi-AZ placement strategy evaluates if your service is configured to use the spread placement strategy to spread tasks across multiple AZs.

The Amazon ECS fault tolerance checks for Trusted Advisor are available in the following regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Osaka), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), South America (São Paulo), AWS GovCloud (US-East), and AWS GovCloud (US-West).

App Engine standard environment Node.js

App Engine standard environment PHP

GKE