In Cloud Computing This Week [Mar 5th 2021]

 

AWS Secrets Manager now enables you to replicate secrets across multiple AWS Regions. You can now give your multi-Region applications access to replicated secrets in the corresponding Regions and rely on AWS Secrets Manager to keep the replicas in sync with the primary secret. In scenarios such as disaster recovery, you can read replicated secrets from your recovery Region, even if your Primary Region is unavailable. You can use this functionality through the AWS Secrets Manager console , CreateSecret  and ReplicateSecretToRegions  API, or via AWS CloudFormation  to replicate secrets in one or more Regions.

Starting today, AWS Network Firewall is available in the US East (Ohio), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Stockholm) AWS Regions.

 

Amazon EC2 P4d instances which provide the highest performance for machine learning training and high performance computing in the cloud are now available in the US East (Ohio) and Asia Pacific (Tokyo) regions.

Amazon EventBridge now supports API Destinations, a simple and reliable way for customers to send events to any HTTP API, such as self-managed or Software-as-a-Service (SaaS) applications, allowing customers to easily extend their existing applications without writing code. Authorization is built in so customers don’t have to write or manage additional code to authorize their requests.

 

AWS Step Functions now supports YAML state machine definitions within the AWS Toolkit for Visual Studio Code and in AWS CloudFormation, making it possible to define workflows in the same language as your infrastructure as code.

 

Starting this week, you can view all operational issues (OpsItems) for an impacted resource in AWS Systems Manager OpsCenter. OpsCenter allows operations engineers and IT professionals to investigate, diagnose, and resolve operational issues related to AWS resources from a central place. This enables you to understand the greater context while troubleshooting an issue such as an instance failure, and helps you to resolve issues faster.

 

AWS Certificate Manager (ACM) now publishes certificate metrics and events through Amazon CloudWatch  and Amazon EventBridge . Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates are used to secure network communication and establish the identity of websites over the internet. Certificates have a defined lifetime and for continued use need to be renewed before they expire. These new metrics and events help administrators keep track of certificate expiration dates and take necessary action or configure automation to prevent certificate expiry and related outages.

You can now add four additional metadata fields in your Amazon Virtual Private Cloud (Amazon VPC) flow logs, namely flow-direction, traffic-path, pkt-src-aws-service and pkt-dst-aws-service. With these enriched fields you can derive insights into the AWS services that your workloads are communicating with, differentiate between ingress and egress traffic flows and identify the next hop of your egress traffic, such as an internet gateway, a VPC peering connection or a virtual private gateway.

 

 

AWS Glue DataBrew extends its datasets to support files without an explicit file extension or a header row. Often times, extensionless files are tricky to work with and require visually exploring the data to understand it. Similarly, customers often work with files without an explicit row that defines the header in the file. In both of these cases, you can now define both these configurations when you create a dataset in DataBrew.

 

Amazon Web Services (AWS) announces general availability of Ethereum on Amazon Managed Blockchain. Ethereum is a popular decentralized blockchain framework that establishes a peer-to-peer network allowing participants to transact without a trusted central authority. It enables popular use cases such as decentralized finance (DeFi), a network of financial applications built on top of blockchain networks. DeFi is different from existing financial networks because it is open and programmable, operates without a central authority, and enables customers to offer new methods for payments, investing, lending and trading. As customers build these Ethereum-based applications, they find it complicated and time-consuming to operate and manage their Ethereum infrastructure. Specific concerns include data reliability due to out-of-sync nodes, data storage scaling challenges, and time-sensitive Ethereum software upgrades.

 

Amazon Elasticsearch Service now supports tag-based authorization for easy management of access to configuration APIs that are used for operations such as creating, modifying, or updating Amazon Elasticsearch Service domains.

 

AWS reorganized features on the console based on key tasks such as, writing code, testing, monitoring and configuring. With this update, we reduced the amount of scrolling needed to access common configuration options by creating a dedicated configuration tab. In addition, the new navigation design orients your work on the Lambda console towards the tasks you want to complete and focuses your work around relevant features. This change will also help you find new features more easily when they are available in the console.

 

 

Amazon Elastic Kubernetes Service (EKS) now allows you to implement envelope encryption of Kubernetes secrets using AWS Key Management Service (KMS) keys for existing EKS clusters. Envelope encryption adds an addition, customer-managed layer of encryption for application secrets or user data that is stored within a Kubernetes cluster. Implementing envelope encryption is considered a security best practice for applications that store sensitive data and is part of a defense in depth security strategy .

Starting today, AWS CodePipeline supports 1,000 pipelines per account by default, an increase from the previous limit of 300. You can request a limit increase beyond 1,000 pipelines per Region/Account through the Support Center Console.

 

CloudWatch Synthetics now supports storing your canary run artifacts, including log files, screenshots, and HAR files, in an Amazon Simple Storage Service (S3) bucket in another Region with a new major runtime version, syn-nodejs-puppeteer-3.0. CloudWatch Synthetics now also supports upgraded major versions of the Puppeteer, Chromium, and Node.js dependencies.

Posted On: Mar 1, 2021

Amazon Web Services (AWS) is announcing the launch of Asia Pacific (Osaka) as a standard AWS Region, expanding Osaka from its design as a Local Region. The number of Availability Zones (AZs) in Asia Pacific (Osaka) is increasing from one to three, the service portfolio is expanding, and new pricing options are available.

 

 

AWS introduced four new digital training offerings that help you learn how to plan, deploy, secure, and manage cloud-based desktops and applications. The offerings are designed for desktop or virtual desktop infrastructure managers, IT administrators, and technical professionals interested in cloud-based virtualization. These free self-paced courses and curriculums include presentations, interactive e-learning modules, videos, demonstrations, and quizzes.

 

AWS were excited to announce a free new digital curriculum: Managing Amazon Simple Storage Service. This advanced 150-minute curriculum covers techniques to simplify the management of Amazon S3 storage. Designed for cloud architects, storage architects, developers, and operations engineers, it includes interactive lessons, video demonstrations, a self-paced lab, and quizzes. The self-paced lab costs up to 15 USD per lab (this cost is not included with free digital training on aws.training).

 

New digital class and lab on DevOps on AWS

AWS Training and Certification were excited to announce the launch of the updated AWS Cloud Practitioner Essentials digital course on Coursera and edX. If you’re new to the cloud or in a technical or non-technical role such as finance, legal, sales, or marketing, this course provides you with an understanding of fundamental AWS Cloud concepts to help you gain the confidence to contribute to your organization’s cloud initiatives.