In Cloud Computing This Week [Nov 19th 2021]

Starting today, AWS customers can make change requests for AWS resources/services based on templates in ServiceNow via AWS Systems Manager Change Manager. Upon approval in ServiceNow, these change requests will execute the AWS Systems Manager Automation runbooks associated to the change template. AWS Systems Manager Change Manager simplifies the way you request, approve, implement, and report on operational changes to your application configuration and infrastructure on AWS . This integration enables customers to streamline and align the maintenance, management and governance of AWS resources/services with their familiar IT Change Management (enablement) processes and tools.

EMR Studio is an integrated development environment (IDE) that makes it easy for data scientists and data engineers to develop, visualize, and debug  big data and analytics applications written in R, Python, Scala, and PySpark. This week AWS are excited to announce that EMR Studio is now available in the Europe (Paris), and South America (Sao Paulo) regions.

With Amazon Interactive Video Service (Amazon IVS) you can now monitor the health of your live stream inputs using four new Amazon CloudWatch metrics and two new APIs. These metrics and APIs can help you diagnose and troubleshoot issues with live streams either as they happen or after the streams have ended. You can also use APIs from Amazon IVS and Amazon CloudWatch to embed data into your own dashboard or application.

Contact Lens for Amazon Connect has now been included on the list of AWS Services in Scope for the FedRAMP Moderate baseline. The security and compliance of Contact Lens is assessed as part of multiple AWS compliance programs. Contact Lens is compliant with PCI and SOC, while also being a HIPAA eligible service. For a list of AWS services in scope of specific compliance programs, see AWS Services in Scope by Compliance Program. For general information, see AWS Compliance Programs.

Amazon Rekognition Custom Labels is an automated machine learning (AutoML) service that allows you to build custom computer vision models to detect objects and scenes specific to your business needs without the need of in-depth machine learning expertise. Starting today, we have updated the Amazon Rekognition Custom Labels console to introduce step-by-step directions on how to manage, train, and evaluate your custom models. This revamped guided experience makes it even easier for you to train your own computer vision models in four simple steps with just a few clicks.

Amazon Redshift now simplifies the use of other services such as Amazon S3, Amazon SageMaker, AWS Lambda, Amazon Aurora, and AWS Glue by allowing customers to create an IAM role from the Redshift console and assigning it as the default IAM role while creating an Amazon Redshift cluster. The default IAM role helps simplify SQL operations such as COPY, UNLOAD, CREATE, EXTERNAL FUNCTION, CREATE EXTERNAL TABLE, CREATE EXTERNAL SCHEMA, CREATE MODEL, or CREATE LIBRARY that accesses other AWS services by eliminating the need to specify the Amazon Resource Name (ARN) for the IAM role .

AWS Glue DataBrew now has native console integration with Amazon AppFlow, allowing users to connect to data from Salesforce, Zendesk, Slack, ServiceNow, and other Software-as-a-Service (SaaS) applications, as well as AWS services like Amazon S3 and Amazon Redshift. When creating a new dataset in DataBrew, you can now create a flow via Amazon AppFlow that loads data (by schedule, event, or on-demand) into Amazon S3. Once the flow has been established to Amazon S3, you can easily clean, normalize, and transform this data in DataBrew and join it with datasets from other data stores or SaaS applications. DataBrew also provides information about when your flow was last refreshed and allows you to trigger flows directly from the DataBrew console. Learn more about supported AppFlow sources and destinations here .

AWS Audit Manager now offers a dashboard to simplify your audit preparations with at-a-glance views of your evidence collection status per control. You can instantly track the progress of your audit assessments relative to common control domains. These control domains are general categories of controls, not specific to any one framework that allow customers to quickly assess status on common themes (E.g.- track overall issues in Identity and Compliance control domain).

AWS Glue DataBrew users can now create data quality rules, which are customizable validation checks that define business requirements for specific data. You can create rules to check for duplicate values in certain columns, validate that one column does not match another, or define many more custom checks and conditions based on your specific data quality use cases. You can group rules for a given dataset into a ruleset for efficiency and apply these checks as part of a standard data profile job. Results are populated in a data quality dashboard and validation report, helping you to quickly view rule outcomes and determine whether your data is fit for use.

Amazon Aurora MySQL-Compatible Edition now supports MySQL major version 8.0. MySQL 8.0 includes improved performance functionality from enhancements such as instant DDL to speed up the overall process of creating and loading a table and its associated indexes and SKIP LOCKED and NOWAIT options to avoid waiting for other transactions to release row locks. MySQL 8.0 adds developer productivity features such as window functions to more easily solve query problems and common table expressions to enable use of named temporary result sets. It also includes JSON functionality additions, new security capabilities, and more. MySQL 8.0 on Aurora MySQL-Compatible Edition supports popular Aurora features including Global Database, RDS Proxy, Performance Insights, and Parallel Query.

AWS Glue DataBrew customers are now able to create datasets by writing Structured Query Language (SQL) statements to retrieve data from Amazon Redshift and Snowflake using Java Database Connectivity (JDBC) connections. You can use a purpose-built query to select the data you want and limit the data returned from large tables before cleaning, normalizing, and transforming that data with DataBrew. For a list of supported input formats, please see the AWS Glue DataBrew input formats list .

Amazon S3 on Outposts now delivers strong read-after-write and list-after-write consistency for any storage request at no additional cost. 

To help you quickly troubleshoot your permissions in Amazon Web Services (AWS), AWS Identity and Access Management (IAM) now includes the policy type that’s responsible for the denied permissions in access denied error messages. Amazon Sagemaker, AWS CodeCommit and AWS Secrets Manager are among the first AWS services that now offer this additional context, with other services following in the next few months. When you troubleshoot access-related challenges, the identified policy type in the access denied error message helps you to quickly identify the root cause and unblock your developers by updating relevant policies.

Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of the Neural Text-to-Speech (NTTS) version of Léa, a French Polly voice. Now, Amazon Polly customers can enjoy Léa either as an NTTS or a Standard voice. With this launch, we now offer 23 NTTS voices across 13 languages.

Starting this week, AWS customers can install the AWS Service Management Connector via a guided setup in ServiceNow. This guided setup simplifies the ServiceNow scoped app configurations tasks, minimizing the expertise needed to establish the connection between AWS and ServiceNow. ServiceNow administrators, or power users with permissions to the Connector scoped app, simply follow the guided steps and mark each task complete or skipped where applicable. The AWS Service Management Connector documentation also includes an AWS CloudFormation baseline permissions  template that sets up the AWS environment. Thus, the ServiceNow Guide Setup and AWS baseline permissions give customers the ability to focus on developing guardrails and detective controls via integrated AWS services and validating that connection between AWS and ServiceNow.

Amazon Simple Notification Service (Amazon SNS) now supports message batching for the publish action, which let’s you publish up to 10 messages in a single batch request to either Standard Topics or FIFO Topics. Batching messages into a single API request is intended for those who want to reduce their costs associated with connecting decoupled applications with Amazon SNS. Previously, Amazon SNS required individual API requests for every published message.

Bottlerocket, a Linux-based operating system designed to run container workloads is now available in AWS GovCloud (US) Regions.

Amazon Cognito now offers a new console experience that makes it even easier for customers to manage Amazon Cognito user pools and add sign-in and sign-up functionality to their applications. Customers that wish to opt in to the new and streamlined experience can do so by navigating to the Amazon Cognito console.

This week, AWS are announcing the launch of the Amazon Monitron Web App. The Web App joins the existing Amazon Monitron Android App and iOS App, giving customers more options for using Amazon Monitron. Customers can now use the Amazon Monitron Web App from their desktops, laptops or tablets to monitor equipment and receive reports on operating behavior and alerts to potential failures in those equipment. They can access the Web app in a browser by clicking on the Amazon Monitron project link that can be found on the Amazon Monitron console. To commission the sensors and gateways, users will still need the Amazon Monitron Android App or iOS App since the commissioning process requires their phone’s Near Field Communication (NFC) and Bluetooth (BT) capabilities.  

Amazon Elastic Container Service (Amazon ECS) now supports Amazon ECS Exec for workloads running on Windows operating systems. Amazon ECS Exec, launched in March 2021, makes it easier for customers to troubleshoot errors, collect diagnostic information, interact with processes in containers during development, or get “break-glass” access to containers to debug critical issues encountered in production.

This week AWS are announcing the launch of AWS AppConfig Feature Flags, which will enable you to move faster and safer while releasing new features to your customers. Feature flags allow you to release features to your applications, independent of code deployments. Development teams often coordinate application feature releases along with a large-scale marketing event and are required to release features gradually to the users. Similarly, DevOps teams often respond to operational events by enabling existing functionality in their application. This launch enables Developers and DevOps teams to use AWS AppConfig to create and validate feature flag configuration data and deploy single or multiple features flags to their application in a monitored and controlled way. AWS AppConfig, a feature of AWS Systems Manager, is used as a best practice by thousands of teams within Amazon to deploy feature flags and application configuration changes to applications at run-time.

You can now use Amazon Pinpoint to send push notifications to your website users on their Mac desktop using Apple Push Notification service. Safari push notifications display your website icon and notification text that users can click to go to your website. This allows you to reach your end users right on their desktop to inform them of new product launches, engage them in upcoming promotions, and share events as they unfold.

Starting November 9, 2021, Amazon Rekognition Image APIs pricing has been reduced by up to 38% in all 14 supported regions . This price reduction will automatically reflect in customer bills starting from November 2021.

Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now offers AWS Graviton2 general purpose - M6g instance family. Customers can enjoy up to 38% improvement in indexing throughput, 50% reduction in indexing latency, and 30% improvement in query performance when compared to the corresponding x86-based instances from the current generation M5.

AWS Application Migration Service (AWS MGN) is now available in four additional AWS Regions: Africa (Cape Town), Europe (Milan), Europe (Paris), and Middle East (Bahrain).

We are excited to announce the support for AWS Organizations nested organizational units (OUs) in AWS Control Tower. An organization is an entity that you create to consolidate a collection of AWS accounts so that you can administer them as a single unit. Within each organization, you can create organizational units which help manage and govern groups of accounts in an organization. Nested OUs provide further customization between groups of accounts within OUs, giving you more flexibility when applying policies for different workloads or applications. For example, you can separate production workloads and non-production workloads within an OU. With support for nested OUs, you can now easily organize accounts in your Control Tower environment in a hierarchical, tree-like structure that best reflects your business needs.

AWS Glue DataBrew now provides customers the ability to mask Personally Identifiable Information (PII) data during data preparation. With just a few clicks, you can detect PII data as part of a data profiling job and gather statistics such as number of columns that may contain PII and potential categories, then use built-in data masking transformations including substitution, hashing, encryption, decryption, and more, all without writing any code. You can then use the cleaned and masked datasets downstream for analytics, reporting, and machine learning tasks. 

AWS Application Migration Service (AWS MGN) now supports agentless replication from VMware vCenter versions 6.7 and 7.0 to the AWS Cloud. AWS Application Migration Service is the primary service for lift-and-shift migrations to AWS.

You can now easily setup workload specific monitoring and view the health of these workloads via Amazon CloudWatch Application Insights problems directly from the Amazon CloudWatch Container Insights console, making it easier to dive deep into issues, troubleshoot problems and reduce mean time to resolution.

This week, AWS are excited to announce the general availability of Amazon Elastic Kubernetes Service (EKS) Connector. With EKS Connector, you can now extend the EKS console to view your Kubernetes clusters outside of AWS. You can use the EKS console to visualize Kubernetes clusters including your on-premises Kubernetes clusters, self-managed clusters running on Amazon Elastic Compute Cloud (EC2), and clusters from other cloud providers. Once connected, you can see all of your clusters’ statuses, configurations, and workloads in one place on the EKS console.

Starting this week, AWS Network Firewall is compliant with the ISO 9001, ISO 27001, ISO 27017, ISO 27018 and ISO 27701 standards. AWS maintains certifications through extensive audits of its controls to ensure that information security risks that affect the confidentiality, integrity, and availability of company and customer information are appropriately managed.

This week, AWS announced that customers can purchase Amazon Machine Image (AMI) and Container products from AWS Marketplace with one, two, or three-year contracts on supported products. 

The FindMatches ML transform in AWS Glue now includes an option to output match scores, which indicate how closely each grouping of records match each other. The FindMatches transform allows you to identify duplicate or matching records in your dataset, even when the records do not have a common unique identifier and no fields match exactly. FindMatches helps automate complex data cleaning and deduplication tasks.

Amazon Rekognition can detect and read text in an image, and return bounding boxes for each word found. Starting today, Amazon Rekognition supports text detection in images in 7 new languages - Arabic, Russian, German, French, Italian, Portuguese and Spanish. Amazon Rekognition automatically detects and extracts text in images in all supported languages, without requiring a language parameter. In addition, Amazon Rekognition delivers higher overall accuracy, with improvements for vertical and curved text in images.

This week AWS are announcing the general availability of AWS Elastic Disaster Recovery (AWS DRS), a new service that enables organizations to minimize downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications. AWS Elastic Disaster Recovery is the recommended service for disaster recovery to AWS.

Starting this week, Bring Your Own IP (BYOIP) is available in seven additional AWS Regions. These AWS Regions are Africa (Cape Town), Asia Pacific (Osaka, Seoul), Europe (Milan, Paris, Stockholm), and Middle East (Bahrain). This launch makes BYOIP available in all commercial regions, AWS GovCloud (US-East), and AWS GovCloud (US-West).

Starting this week, cellular LTE-M interface library is generally available in FreeRTOS. With this launch, developers will find it easier to build IoT devices that use the cellular LTE-M protocol to connect to the cloud. The main FreeRTOS download  includes AWS IoT reference integrations with cellular modules from vendors such as Sierra Wireless, u-blox, and Quectel.

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. 

Amazon Translate is a neural machine translation service that delivers fast, high-quality, affordable, and customizable language translation. This week, AWS are excited to announce the general availability of Active Custom Translation (ACT) to customize your translation between any currently supported languages . For example, you can now use ACT between German and French.

This week, Amazon Location Service added five new parameters to help developers filter and process search results for points of interest, addresses (known as geocoding), and geographical positions (known as reverse geocoding). With these new parameters, they can tailor and optimize location results to meet the needs of their specific applications. For example, developers can choose to only select the closest search result, personalize the results to the end-user's preferred language, or enable time-related features such as turning lights on and off in a home automation application.

Amazon Rekognition content moderation is a deep learning-based feature that can detect inappropriate, unwanted, or offensive images and videos, making it easier to find and remove such content at scale. Amazon Rekognition provides a detailed taxonomy across 35 sub-categories and 10 distinct top-level moderation categories . Starting this week, Amazon Rekognition content moderation comes with an improved model for image moderation that significantly reduces false positive rates across all of the moderation categories, particularly ‘explicit nudity’, without reduction in detection rates for truly unsafe content. Lower false positive rates imply lower volumes of flagged images to be reviewed further, leading to a better experience for human moderators and more cost savings.

Amazon AppStream 2.0 adds support for Amazon Linux 2. With this launch, you can now stream Linux applications and desktops to your users, and greatly lower the total streaming cost by migrating Matlab, Eclipse, Firefox, PuTTY, and other similar applications from Windows to Linux on Amazon AppStream 2.0.

This week, AWS Amplify announced a new “amplify add custom” command to add any of the 175+ AWS services to an Amplify-created backend using the AWS Cloud Development Kit (CDK) or AWS CloudFormation. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud. The new ability to add custom resources enables developers to add additional resources beyond Amplify’s built-in use cases with a single command.

Starting this week, you can use AWS Lambda with your AWS Transfer Family server to integrate an identity provider of your choice. This results in easier ways to authenticate and authorize your users. Additionally, you can now monitor your file transfers using a centralized CloudWatch metrics dashboard in the AWS Transfer Family Management Console.

Amazon CloudWatch Application Insights  now supports observability for SAP HANA databases so you can troubleshoot and resolve problems impacting your SAP HANA-based workloads more easily.

You can now launch RabbitMQ 3.8.23 brokers on Amazon MQ. This patch update to RabbitMQ contains several fixes and enhancements compared to the previously supported version, RabbitMQ 3.8.22.

The FindMatches ML transform in AWS Glue now allows you to match newly arrived data against existing matched datasets. The FindMatches transform allows you to identify duplicate or matching records in your dataset, even when the records do not have a common unique identifier and no fields match exactly. It makes it faster and easier to clean and deduplicate data sets.

AWS Network Firewall is now SOC 1, SOC 2, and SOC 3 compliant. You can now use AWS Network Firewall for use cases that are subject to System and Organization Controls (SOC) reporting. AWS SOC reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives.

Amazon Athena’s redesigned console is now generally available in all AWS commercial and GovCloud regions where Athena is available. The new and improved console brings a modern, more personalized experience to all of the features you enjoy in the current console and includes several new features which make analyzing data with Athena more powerful and productive.

AWS Snow Family now supports external Network Time Protocol (NTP) server configuration on Snowball Edge and Snowcone devices. By providing external NTP support, customers are able to synchronize device time with the NTP servers they provide.

Amazon Connect now provides an API to programmatically create and manage security profiles. Security profiles help you manage who can access and perform actions in Amazon Connect, such as using the Contact Control Panel (CCP), adding a new agent, or viewing the built-in reports. Using this API, you can programmatically update security profiles as your Amazon Connect access control needs change. To learn more, see the API documentation .

Amazon Connect Customer Profiles now offers a contact block that enables contact center managers to personalize the contact center experience without the need to write code. Using Amazon Connect’s contact flow builder’s graphical user interface and the new Customer Profiles contact block, contact center managers can create personalized experiences that leverage customer information such as name and address. For example, you can play a personalized greeting by using the customer name from the Customer Profiles block or route customers to different queues based on their address. The new flow block also enables you to update customer information using inputs customer provide, helping you keep profiles up to date with the latest customer information.

AWS Launch Wizard supports Amazon Elastic Block Store (EBS) gp3, io2, and io2 Block Express volumes for Microsoft SQL Server deployments. Now you can take full advantage of the new generations of EBS volumes when you use Launch Wizard for the high availability or single node deployments of SQL Server on Amazon EC2.

AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software. With this release, AWS IoT Greengrass version 2.5 adds support for Microsoft Windows devices. Windows gateway devices are commonly used in industrial IoT scenarios to automate manufacturing operations by collecting local sensor and equipment data and triggering local actions using application business logic. For example, consider an automotive assembly line where a steel stamping press creates a complex part that is prone to defects. Quality Control (QC) automation can be built using a video camera stream fed to a gateway device that uses local ML inference to check part dimensions and find cosmetic defects. The gateway could then notify operators if defects are identified.

AWS App Runner now supports using the AWS Cloud Development Kit (AWS CDK) to build and deploy applications. AWS CDK enables you to compose your infrastructure across AWS from a single source using familiar programming languages such as Python and Node.js. With the AWS CDK integration, you can create App Runner services by defining your source code location as Amazon Elastic Container Registry (Amazon ECR) Public, Amazon ECR private, or GitHub. You can also create the required Identity and Access Management (IAM) roles using the AWS CDK for other services your application uses, such as Amazon DynamoDB and AWS Lambda.

AWS Amplify announces the ability for developers to override Amplify-generated IAM, Cognito, and S3 configuration to best meet app requirements. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud. With the new override capability, developers can easily configure their backend with Amplify-provided defaults but still customize fine-grained resource settings.

AWS Step Functions’ Synchronous Express Workflows now supports AWS PrivateLink allowing you to start a Synchronous Express Workflow from your Virtual Private Cloud (VPC) without traversing the public internet.

We are excited to announce that AWS IoT Device Management resources are now supported on AWS CloudFormation. With a few clicks, you can now use a CloudFormation template to pre-configure and deploy IoT fleet management infrastructure like Job Templates , Fleet Metrics , and IoT Logging settings  in a standardized and repeatable way across multiple regions and accounts.

AWS released an open source Java (JDBC) driver to connect to Amazon Neptune. This makes it easy for customers to connect to Neptune with tools and libraries that support JDBC, such as popular Business Intelligence (BI) tools.

FreeRTOS now contains an example code that demonstrates a method of minimizing the time an application spends in privileged mode in FreeRTOS ports on microcontrollers (MCU) with Memory Protection Unit (MPU) support. FreeRTOS ports with MPU support  enable MCU applications to be more robust and secure by running application tasks in unprivileged mode, where they have access only to their own stacks and pre-configured memory regions. The only application code that runs in privileged mode on these MPU enabled MCUs are Interrupt Service Routines (ISRs). The example code demonstrates an approach to keep ISRs short and defer most of the application work to unprivileged FreeRTOS tasks, which helps improve security of the application by minimizing the time it spends in privileged mode.

Generally available: You can now monitor health state change logs for VM instances in a managed instance group when you use application-based health checking.

Generally available: N2D machine types running on third generation AMD EPYC Milan processors. These machine types are only available in specific regions and zones. See VM instance pricing for details.

Generally available: T2D Tau machine types are available in select regions and zones. Tau T2D VMs offer excellent price-performance for a wide range of scale-out workloads. See VM instance pricing for details.

Dialogflow CX webhooks now support custom CA certificates.

Dialogflow CX now supports agent backup.

The southamerica-west1 region in Santiago, Chile is now available.

Google Cloud Managed Service for Prometheus is now available in Preview.