In Cloud Computing This Week [May 20th 2022]

The Amazon Chime SDK lets developers add intelligent real-time audio, video, and screen share to their web applications. The Amazon Chime SDK client libraries for iOS and Android now include video background replacement and blur, which developers can use to reduce visual distractions and help increase visual privacy for mobile users.

Video is processed locally on each user’s device before it is shared into the meeting. The background can either be replaced with an image, or obscured with an adjustable strength blur effect. Users can preview and adjust how their video background is processed prior to joining a session, and at any time during a session.

Incident Manager, a capability of AWS Systems Manager, announced expanded support for runbook automation to speed up incident diagnosis and resolution. AWS Systems Manager is the operations hub for your AWS applications and resources, helping you automate reactive processes to quickly diagnose and remediate operational issues. Customers can now build incident runbooks that automatically run remediation actions on the involved resources, such as turning on auto-scaling on a DynamoDB table that is approaching capacity before engaging the on-call engineer. Customers can also invoke additional runbooks directly from the Incident Manager console to help resolve the incident faster.

When an incident is started, Incident Manager can now populate runbook parameter values, such as the incident ID or AWS resources specified in CloudWatch alarms and EventBridge events. This enables customers to automate additional diagnosis or mitigation actions from their AWS Systems Manager Automation documents. The Incident Manager console tracks runbook progress and additional runbook executions to help organize your response.

Starting this week, when you create a new predictive scaling policy, Amazon EC2 Auto Scaling goes back 14 days to generate capacity forecasts for the past dates, enabling you to see how predictive scaling would have scaled your Auto Scaling group. This allows you to quickly decide if the predictive scaling policy is accurate for your applications by comparing the demand and capacity forecasts against the actuals immediately after you create a predictive scaling policy. Previously, you would have had to wait at least a few days after creating the policy to build up sufficient forecast history for the same comparison to determine the forecast accuracy.

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Amazon customers can now use The Amazon Kendra Jira Cloud connector to index documents from Atlassian Jira.

Critical information can be scattered across multiple data sources in an enterprise. Organizations use agile project management platforms such as Atlassian Jira to enable teams to collaborate to plan, track, and ship deliverables. Amazon customers can now use the Amazon Kendra Jira Cloud connector to index issues, comments, and attachments in your Jira projects, and search this content using Amazon Kendra intelligent search. With this, organizations can now provide relevant search results to users seeking answers to their questions, or looking for issues that solve a certain customer issue.

Amazon MQ now provides support for RabbitMQ version 3.8.30, which includes several fixes to the previously supported version, RabbitMQ 3.8.27. Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easier to set up and operate message brokers on AWS. You can reduce your operational burden by using Amazon MQ to manage the provisioning, setup, and maintenance of message brokers. Amazon MQ connects to your current applications with industry-standard APIs and protocols to help you easily migrate to AWS without having to rewrite code.

If you are running RabbitMQ 3.8.27 or earlier, AWS encourage you to upgrade to RabbitMQ 3.8.30 or RabbitMQ 3.9.16. This can be accomplished with just a few clicks in the AWS Management Console. If your broker has automatic minor version upgrade enabled, AWS will automatically upgrade the broker to version 3.8.30 during a future maintenance window. To learn more about upgrading, please see - Managing Amazon MQ for RabbitMQ engine versions in the Amazon MQ Developer Guide.

Amazon MQ now provides support for RabbitMQ version 3.9.16, which includes several fixes to the previously supported version, RabbitMQ 3.9.13.

Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easier to set up and operate message brokers on AWS. You can reduce your operational burden by using Amazon MQ to manage the provisioning, setup, and maintenance of message brokers. Amazon MQ connects to your current applications with industry-standard APIs and protocols to help you easily migrate to AWS without having to rewrite code.

AWS Glue Visual Job APIs are now generally available, allowing AWS customers to programmatically create, read, update, and delete AWS Glue studio visual jobs. AWS Glue Studio provides an intuitive visual interface for users to author data integration jobs. Customers want to programmatically create visual jobs in AWS Glue Studio so that they could migrate from other ETL tools and copy jobs to other environments.

With the new API, customers can use the GetJob and CreateJob actions to copy AWS Glue Studio between accounts while retaining the job’s visual representation. Visual Job APIs also help customers create accelerators to migrate from other ETL tools to AWS Glue without manually re-coding jobs.

AWS App Mesh now supports IPv6 allowing customers to support workloads running in IPv6 networks and to invoke App Mesh APIs over IPv6. This helps customers to meet IPv6 compliance requirements, and removes the need for expensive networking equipment to handle address translation between IPv4 and IPv6. AWS App Mesh is a service mesh that provides application-level networking to make it easier for your services to communicate with each other across multiple types of compute infrastructure. AWS App Mesh standardizes how your services communicate, giving you end-to-end visibility and options to tune for high-availability of your applications.

With this new capability, you can configure your mesh to support workloads in IPv6 networks and use AWS App Mesh’s new dual-stack endpoints which support both IPv4 and IPv6. The new dual stack endpoints in AWS App Mesh have the format appmesh.region.api.aws. For example, the dual-stack endpoint in US East (N. Virginia) is appmesh.us-east-1.api.aws. When you make a request to a dual-stack App Mesh endpoint, the endpoint resolves to an IPv6 or an IPv4 address, depending on the protocol used by your network and client.

Developers can now use the AWS Encryption SDK for .NET to help protect their data. This open-source release makes it easier for developers to encrypt and decrypt their data when building applications using the .NET developer platform.

The AWS Encryption SDK is a client-side encryption library designed to make it easy to encrypt and decrypt data based on industry standards and best practices. With this release, the AWS Encryption SDK is now available in C, Java, JavaScript, Python, .NET and Command Line Interface implementations. All implementations of the AWS Encryption SDK are interoperable; you can encrypt data in one programming language and decrypt it with any other. The AWS Encryption SDK language implementations are developed in open source projects on GitHub where you can inspect the code and contribute to the project.

AWS Resilience Hub now supports Amazon Elastic Container Service (Amazon ECS), Amazon Route 53, AWS Elastic Disaster Recovery, AWS Backup, and the ability to use Terraform as a source to upload applications. With this expansion of supported resources, you can use Resilience Hub to prepare and protect even more of your applications from disruptions.  

Alongside the newly supported services, we have updated how your application’s resilience score is calculated. The new resilience score reflects a combination of operational recommendations and policy compliance. This gives you a more inclusive indicator of your application’s readiness for different disruption scenarios.

In addition, Resilience Hub now runs daily assessments on new applications automatically. You can manually activate this feature on existing applications and deactivate this feature at any time.

Resilience Hub provides you with a single place to define, validate, and track the resilience of your applications so that you can avoid unnecessary downtime caused by software, infrastructure, or operational disruptions. Resilience refers to the ability of your applications to maintain availability and recover from disruptions within a specified target measured in terms of recovery time objective (RTO) and recovery point objective (RPO). With Resilience Hub, you can identify and resolve issues before they occur in production.

AWS Backup now allows you to protect your Amazon FSx for OpenZFS file systems, helping you meet your centralized data protection and regulatory compliance needs. Using AWS Backup’s seamless integration with AWS Organizations, you can centrally create and manage immutable backups of Amazon FSx for OpenZFS file systems across all your accounts, protect your data from inadvertent or malicious actions, and restore the data with a few simple clicks. Additionally, you can generate unified auditor-ready reports to demonstrate compliance status of your organizational data protection policies.

Amazon FSx for OpenZFS is a fully managed file storage service that makes it easy to move data residing in on-premises ZFS or other Linux-based file servers to AWS without changing your application code or how you manage data. AWS Backup is a policy-based service that provides you a fully managed experience to centralize and automate data protection of your application data spanning across AWS services for compute, database, and storage, which now includes Amazon FSx for OpenZFS.

Amazon Redshift ML enables you to create, train, and deploy machine learning (ML) models using familiar SQL commands. With Amazon Redshift ML, you can leverage Amazon SageMaker, a fully managed machine learning service, without moving your data or learning new skills. Amazon Redshift now supports Amazon SageMaker Linear Learner algorithm for creating models with Amazon Redshift ML.

You can use linear learner algorithms for supervised training for either linear or logistic regression problems for use cases such as predicting sales of a product, determining marketing effectiveness, or to predict customer’s willingness to purchase a product or service. You can specify model_type as LINEAR_LEARNER with CREATE MODEL command to create a ML model with Linear Learner.

Amazon CloudWatch is introducing enhancements to the console experience, which improve dashboard data visualizations and console navigation. The enhancements include new dashboard widgets as well as more options to access frequently used dashboards, log groups and alarms.

At launch, customers can use three new or improved widgets to get an enhanced view of their system health. The gauge widget lets you visualize a number, such as memory utilization, in the context of minimum and maximum values. This allows you to easily see how close you are to a pre-determined threshold and proactively address any resulting issue, such as increasing memory capacity when you are close to a threshold representing capacity limits. We have also added a sparkline feature to the number widget, which helps you see the trend line of a number, so you can see how the latest value performs relative to recent history. And finally, with the new mini-map feature of the line widget, you can now zoom in within a line graph without losing the overall time range. This enables you to more easily navigate between different spikes and troughs without having to zoom out first.

AWS Glue can now connect to Apache Kafka using additional client authentication mechanisms. AWS Glue now supports SASL (Simple Authentication and Security Layer) using either SCRAM (Salted Challenge Response Authentication Mechanism) or GSSAPI (Kerberos).

AWS Glue supports data streams including Amazon Kinesis and Apache Kafka, applies complex transformations in-flight and loads it into a target data store for Analytics and Machine Learning. With this feature, you can now stream data from Apache Kafka producers that use SASL (SCRAM and GSSAPI) for client authentication. You can choose from these client authentication mechanisms when creating a Kafka connection in AWS Glue Studio or in AWS Console. 

This week, AWS announced new functionality in AWS Control Tower that provides you the flexibility to use your existing security and logging accounts, or to have AWS Control Tower create new accounts on your behalf when setting up Control Tower or extending Control Tower governance to your existing AWS environment. The Security account is used as a restricted account that’s designed to give your security and compliance teams read and write access to all accounts in your landing zone. The Logging account works as a repository, storing logs of API activities and resource configurations from all accounts in your landing zone. 

The use of your existing security and logging accounts makes it easier to extend Control Tower governance into your existing AWS Organizations, or to move to AWS Control Tower from an alternate landing zone. The option for you to use existing accounts is displayed during the initial landing zone setup. It includes checks during the setup process to ensure successful deployment. AWS Control Tower implements the necessary roles and controls on your existing accounts. It does not remove or merge any existing resources or data that is in these accounts.

Generally available: Easily manage your Azure IoT Central dashboards using a catalog

The new dashboard catalog feature in Azure IoT Central allows for easier search, management, and navigation of dashboards.

Public preview: Container Storage Interface extensible API for AKS

You can now disable and enable any of the AKS supported CSI drivers using this API.

Public preview: Key Management System integration

You can now store secrets in BYOK encrypted etcd using Key Management System (KMS).