In Cloud Computing This Week [Jul 9th 2021]

AWS Updates and Releases

AWS Training and Certification is pleased to introduce a free digital course: Amazon Simple Storage Service (Amazon S3) Business Continuity and Disaster Recovery. This advanced, 50-minute course will help you learn how to implement a business continuity and disaster recovery plan for your Amazon S3 implementation. Designed for cloud architects, storage architects, developers, and operations engineers, it includes interactive lessons and a quiz to check your knowledge.

With this week's release, Amplify DataStore now supports multiple authorization modes, making it easy for developers to control how their users can access app data. DataStore provides frontend app developers the ability to build real-time apps with offline capabilities by storing data on-device (web browser or mobile device) and automatically synchronizing data to the cloud and across devices on an internet connection. Customers can configure authorization rules visually using Amplify Admin UI or by editing a GraphQL schema file using the Amplify CLI.

Following the announcement of updates to the PostgreSQL database , AWS have updated Amazon RDS for PostgreSQL to support PostgreSQL minor versions 13.3, 12.7, 11.12, 10.17, and 9.6.22. This release closes security vulnerabilities in PostgreSQL and contains bug fixes and improvements done by the PostgreSQL community.

AWS IoT Core for LoRaWAN is now available in the Asia Pacific (Sydney), Asia Pacific (Tokyo), and US West (Oregon) AWS Regions, extending the footprint to 5 AWS Regions. This is in addition to the IoT Core for LoRaWAN availability in US East (N. Virginia) and EU (Ireland) AWS regions.

Effective July 1, 2021, AWS is reducing data processing charges for VPC Interface Endpoints (powered by AWS PrivateLink). The new tiered pricing will reduce the costs for accessing high-volume, data intensive services over AWS PrivateLink. AWS PrivateLink enables customers to access AWS services or any other service hosted on AWS in a secure and scalable manner, while keeping all the network traffic within the AWS network. 

AWS Firewall Manager allows customers to centrally monitor route configurations for AWS Network Firewall, and get alerts on routes non-compliant with their configuration. With this launch, customers can now monitor VPC routes to ensure traffic egressing through Internet Gateway (IGW) is inspected by the Network Firewall deployed by Firewall Manager in each VPC. Customers get alerted on route configurations that are non-compliant, such as, routes that bypass firewall inspection, or routes that lead to asymmetric traffic, and get suggestions to remediate the routes.

Amazon AppStream 2.0 now supports real-time audio-video (AV) by seamlessly redirecting local webcam video input to AppStream 2.0 streaming sessions using a web browser. Previously, this feature was available only for the AppStream 2.0 client for Windows. With real-time AV support available in the web browser, your users can use AV collaboration and media applications within their AppStream 2.0 streaming sessions, and connect from a broad range of client devices, including Windows PCs, Macs, Chromebooks, and thin clients. Your users can collaborate without having to leave their AppStream 2.0 sessions, and without additional client software to manage.

AWS Storage Gateway adds support for AWS Privatelink for Amazon S3 and Amazon S3 Access Points.  If you use Amazon S3 File Gateway for your on-premises gateway (VMware, Microsoft Hyper V, Linux Kernel-based Virtual Machine (KVM) or AWS Storage Gateway Hardware Appliance), you can now create a private connection from your gateway directly to Amazon S3 without the need for an HTTP proxy.

Amazon CloudFront announces two new APIs, ListConflictingAliases and AssociateAlias, that help locate and move Alternate Domain Names (CNAMEs) if you encounter the CNAMEAlreadyExists error code. These new APIs let you see which distribution has the CNAME and move the CNAME to a target distribution as long as the source distribution is in the same account or if the source distribution in another account is disabled. To move a CNAME between accounts where the source distribution is still enabled, you must contact AWS Support and follow these steps.

This week, AWS announced a new feature of Application Manager, a capability of AWS Systems Manager, which customers can use to manage and provision their AWS CloudFormation templates and stacks without leaving the Application Manager console. With Application Manager, customers can discover and manage applications across multiple AWS services like AWS Launch Wizard, AWS Service Catalog App Registry, AWS Resource Groups, Amazon Elastic Kubernetes Service (Amazon EKS), and Amazon Elastic Container Service (Amazon ECS). This new feature provides customers with a ready-to-use solution to manage the lifecycle of CloudFormation templates and stacks without having to set up Amazon Simple Storage Service (Amazon S3) or version control systems for template management.

AWS Lambda now supports Amazon MQ for RabbitMQ  as an event source, allowing customers to quickly and easily build applications that are triggered from messages in their RabbitMQ queue. Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers in the cloud. Customers can build applications quickly and easily with Lambda functions that are invoked based on messages posted to Amazon MQ message brokers without needing to worry about provisioning or managing servers.

Today we are announcing the general availability of AWS Local Zones in Dallas and Philadelphia. Customers can now use these new AWS Local Zones to deliver applications that require single-digit millisecond latency to end-users or on-premises installations in Dallas and Philadelphia metro areas.

AWS Application Migration Service (AWS MGN) is now available in four additional AWS Regions: US West (Northern California), Asia Pacific (Osaka), Canada (Central), and South America (São Paulo).

The Amazon Chime SDK lets developers add real-time audio, video, screen share, and messaging capabilities to their web or mobile applications. Starting today, developers can capture the contents of their Amazon Chime SDK meeting and save them to an Amazon Simple Storage Service (Amazon S3) bucket of their choice with media capture pipelines. This new feature captures meeting audio, video, and content share streams in 5 second segments and directly delivers them, along with meeting events and data messages, to developer’s designated S3 bucket.

Workflow Studio is a new visual workflow designer for AWS Step Functions that makes it faster and easier to build workflows using a drag and drop interface in the AWS console.

AWS customers can now compare any two application configuration versions side by side within AWS AppConfig, a feature of AWS Systems Manager. This new functionality highlights the differences between the changed configuration values in the two versions, and helps Developers and Devops professionals to understand how their configuration data has changed over time. This adds additional safety features when deploying the intended configuration values to mitigate the risk of any application outages.

Starting today, Amazon EC2 M6g, C6g, R6g, and T4g instances are available in EU (Paris, Milan) regions. Additionally, Amazon EC2 M6g instances are also available in Middle East (Bahrain) regions.

VPC now supports resource identifiers and tags for security group rules. You can now manage VPC security group rules using the assigned rule IDs and resource tags.

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting today, AWS customers can use the Amazon Kendra web crawler to index and search webpages.

Amazon RDS for Oracle now supports Oracle Management Agent (OMA) version 13.5 for Oracle Enterprise Manager (OEM) Cloud Control 13c Release 5. OEM 13c  offers web-based tools to monitor and manage your Oracle databases. Amazon RDS for Oracle installs OMA, which then communicates with your Oracle Management Service (OMS) to provide monitoring information. Customers running OMS 13.5 can now manage databases by installing OMA 13.5.

Amplify Admin UI now supports importing existing Amazon Cognito User Pools and Identity Pools. This means you can link your Cognito User Pool and Identity Pool resources to your Amplify app to take advantage of authorization scenarios for your data model, and manage users and groups directly from the Admin UI.

Amazon CloudWatch Container Insights for Amazon Elastic Container Service (Amazon ECS) is now available in the AWS Middle East (Bahrain) region. Using Container Insights, DevOps and systems engineers can monitor, isolate, and diagnose containerized applications and microservices environments through automated dashboards. This helps you visualize the performance and health of Amazon ECS and AWS Fargate resources including clusters, tasks, containers, and services.

Amazon Athena users can now leverage the reusability, simplification, and security benefits of parameterized queries. Available today, analysts can save time and eliminate errors by converting queries that have frequently modified criteria, such as date filters or aggregation periods, into a parameterized query that serves multiple use cases. Application developers can use them to safeguard against SQL injection risks and simplify application integrations that generate SQL based on a user’s selections.

You can now use the consistent hash exchange type on your Amazon MQ for RabbitMQ brokers. This exchange type uses consistent hashing to uniformly distribute messages across queues. Consistent hash exchanges are useful in applications like transaction processing to maintain the order of dependent messages while scaling up the number of consumers.

General availability: Updates to secrets configuration options in App Service and Azure Functions

App Service and Azure Functions have been updated to better support management of secrets as part of your secure application development process.