In Cloud Computing This Week [Oct 7th 2022]

AWS Customers using Atlassian Jira Service Management (JSM), Data Center version can respond, investigate and resolve incidents affecting their AWS-hosted applications via AWS Systems Manager Incident Manager and the AWS Service Management Connector. AWS Systems Manager is the operations hub for AWS applications and resources, that helps to automate reactive processes to quickly diagnose and remediate operational issues. With the Incident Manager integration with JSM, customers can now automate their incident response plans in Incident Manager and automatically synchronize their incidents into JSM. This feature enables faster resolution of critical application availability and performance issues without disrupting existing workflows in JSM.

In addition to the Incident Manager integration, the connector also provides existing integrations with AWS Support, AWS Service Catalog, AWS Config, AWS Systems Manager OpsCenter, AWS Systems Manager Automation and AWS Security Hub which helps simplify cloud provisioning, operations and resource management as well as streamlined Service Management governance and oversight over AWS services.

It’s easy to get started. The AWS Service Management Connector for JSM is available at no charge in the Atlassian Marketplace. These new features are available in all AWS Regions where AWS Support, AWS Service Catalog, AWS Config, AWS Systems Manager and AWS Security Hub services are available.

Amazon Connect has reduced prices for Mexico in US East (N. Virginia) and US West (Oregon) regions by 69% for DID Inbound calls from $0.0070 to $0.0022 per minute, 61% for Toll Free Inbound calls from $0.055 to $0.021 per minute and 77% for Outbound calls from $0.033 to $0.0075 per minute.

Additionally, in Argentina Amazon Connect has reduced prices in US East (N. Virginia) and US West (Oregon) regions by 82% for DID Inbound calls from $0.0112 to $0.0020 per minute, 97% for Toll Free Inbound calls from $0.192 to $0.0054 per minute and 83% for Outbound calls from $0.1866 to $0.0320 per minute.

Finally Amazon Connect has reduced prices for Outbound calls in EU Central (Frankfurt) and EU West (London) in Italy by 51% from $0.0405 to $0.020 per minute, in Ireland by 57% from $0.0699 to $0.030 per minute, in Spain by 28% from $0.0250 to $0.0181 per minute and in United Kingdom by 30% reduction from $0.0158 to $0.0110 per minute.

The new Telephony Rates are now available as part of the standard pricing for Amazon Connect service usage for US East (N. Virginia), US West (Oregon), Europe (Frankfurt) and Europe (London). To see all AWS Regions where Amazon Connect is available, see the AWS Region table. Visit the Amazon Connect website for more information.

Amazon DevOps Guru now provides you controls over the SNS notifications for issues impacting your applications allowing you to limit the notifications you receive. Along with this, DevOps Guru Console will show only ‘High’ and ‘Medium’ severity issues by default. These changes allow you to focus on higher severity issues.

You can choose to receive notifications for issues of High and Medium severity only OR issues with any severity - High, Medium or Low. By default, customers will receive notifications for High and Medium severity issues only. You can also control the types of updates you receive for these issues. You can receive SNS Notifications for all updates to the issue OR only when the issue is Opened, Closed or has a change in Severity from Low or Medium to High. By default, you will receive notifications for all updates.

If you have setup DevOps Guru SNS notifications, you are currently receiving notifications for all updates for issues for all severities - High, Medium or Low. You will need to adjust your DevOps Guru SNS notification settings by October 14, 2022 to continue to receive all these notifications. If you do not adjust your settings, you will only receive Medium and High Severity notifications going forward.

In addition, DevOps Guru Console will show only ‘High’ and ‘Medium’ severity issues by default. You will be able to adjust the Console filter settings to view issues at all severity levels.

Amazon DevOps Guru is a ML-powered service that gives you a simpler way to measure and improve an application’s operational performance and availability and reduce expensive downtime. By analyzing application metrics, logs, events, and traces, DevOps Guru identifies behaviors that deviate from normal operating patterns and creates an insight that alerts developers with issue details and remedial steps via Amazon Simple Notification Service (SNS), and EventBridge. Amazon DevOps Guru for RDS is designed to empower you to quickly detect, diagnose, and remediate a wide variety of database-related issues in Amazon RDS and Amazon DevOps Guru for Serverless helps you to quickly resolve issues impacting your serverless applications.

AWS Storage Gateway increases Tape Gateway throughput performance by up to 2x for backing up data to and restoring data from the cloud, helping you to meet application backup and recovery times of your business. With this launch, your on-premises Tape Gateway can backup data to the cloud up to 2x faster than before, up to 5.2 Gbps, and read data from the cloud up to 2x faster than before, up to 8 Gbps. This enhancement enables you to upload more data per gateway to the cloud in your backup window, accelerate restore times of your data stored in the cloud, and optimize on-premises storage used by the gateway.

Tape Gateway supports all leading backup applications and enables you to replace physical tapes on premises with virtual tapes in AWS without changing existing workflows. Tape Gateway caches data on premises for low-latency access, compresses and encrypts data in transit to AWS, and transitions virtual tapes from Amazon S3 Standard to Amazon S3 Glacier Flexible Retrieval or Amazon S3 Glacier Deep Archive to help you minimize storage costs. AWS Snowball with Tape Gateway supports offline migration of data stored on physical tapes to AWS.

This performance enhancement is available on new gateways starting today and will be made available on existing gateways through a software update starting October 13, 2022. This new performance enhancement is available at no additional cost. For best practices on achieving higher throughput performance, visit the AWS Storage Gateway User Guide. To get started, visit the AWS Storage Gateway console.

AWS Config now supports 15 more resource types including AWS DataSync, Amazon GuardDuty, Amazon Simple Email Service (Amazon SES), AWS AppSync, AWS Cloud Map, Amazon EC2, and AWS AppConfig. For the full list of newly supported resource types see below.

With this launch, you can now use AWS Config to monitor configuration data for the newly supported resource types in your AWS account. AWS Config provides a detailed view of the configuration of AWS resources in your AWS account, including how resources were configured and how the configuration changes over time.

Get started by enabling AWS Config in your account using the AWS Config console or the AWS Command Line Interface (AWS CLI). Select the newly supported resource types for which you want to track configuration changes. If you previously configured AWS Config to record all resource types, then the new resources will be automatically recorded in your account. AWS Config support for the new resources is available to AWS Config customers in all regions where the underlying resource type is available. To view a complete list of all supported types, see supported resource types page.

Newly supported resource types:

1. AWS::DataSync::LocationSMB
2. AWS::DataSync::LocationFSxLustre
3. AWS::DataSync::LocationS3
4. AWS::DataSync::LocationEFS
5. AWS::DataSync::Task
6. AWS::DataSync::LocationNFS
7. AWS::GuardDuty::ThreatIntelSet
8. AWS::GuardDuty::IPSet
9. AWS::SageMaker::Workteam
10. AWS::SES::ContactList
11. AWS::AppSync::GraphQLApi
12. AWS::ServiceDiscovery::Service
13. AWS::ServiceDiscovery::PublicDnsNamespace
14. AWS::AppConfig::Application
15. AWS::EC2::NetworkInsightsAccessScopeAnalysis

AWS Lambda functions powered by AWS Graviton2 processors are now available in 12 additional regions - Africa (Cape Town), Asia Pacific (Seoul), Asia Pacific (Jakarta), Asia Pacific (Hong Kong), Asia Pacific (Osaka), Canada (Central), Europe (Paris), Europe (Stockholm), Europe (Milan), Middle East (Bahrain), South America (Sao Paulo) and US West (N. California). With up to 34% better price-performance, functions running on AWS Graviton2 are ideal for powering mission critical Serverless applications.

AWS Lambda functions on AWS Graviton2, using an Arm-based processor architecture, are designed to deliver up to 19% better performance at 20% lower cost for a variety of Serverless workloads, such as web and mobile backends, data, and media processing. Customers can configure existing x86-based functions to target the AWS Graviton2 processor or create new functions powered by AWS Graviton2 using the Console, API, AWS CloudFormation, and AWS CDK.

For more information on getting started with Arm-based AWS Lambda functions, please refer to this blog post. Complete details on pricing and regional availability can be found on the AWS Lambda pricing page.

Amazon GuardDuty is now available in the Middle East (UAE) Region. You can now continuously monitor and detect security threats in this additional region to help protect your AWS accounts, workloads, and data. 

Available globally, Amazon GuardDuty continuously monitors for malicious or unauthorized behavior to help protect your AWS resources, including your AWS accounts, EC2 workloads, access keys, container applications, and data stored in Amazon S3. GuardDuty can identify unusual or unauthorized activity like crypto-currency mining, access to data stores in S3 from unusual locations, infrastructure deployments in a region that has never been used, or unauthorized access to Amazon Elastic Kubernetes Service (EKS) clusters.

GuardDuty Malware Protection adds file scanning for workloads utilizing Amazon Elastic Block Store (EBS) volumes to detect malware that can be used to compromise resources, modify access permissions, and gain unauthorized access to your data. GuardDuty continually evolves its techniques to identify indicators of compromise, such as updating machine learning (ML) models, adding new anomaly detections, and growing integrated threat intelligence to identify and prioritize potential threats.

AWS Storage Gateway increases the maximum supported virtual tape size on Tape Gateway from 5 TiB to 15 TiB, enabling you to store more data on a single virtual tape and reducing the number of tapes you need to manage. Additionally, this enhancement makes migrating long-term retention data stored on physical tapes to AWS easier by enabling you to copy data from Linear Tape-Open (LTO) generation 1 to generation 7 tapes to a virtual tape in AWS.

Tape Gateway supports all leading backup applications and enables you to replace physical tapes on premises with virtual tapes in AWS without changing existing workflows. Tape Gateway caches data on premises for low-latency access, compresses and encrypts data in transit to AWS, and moves virtual tapes from Amazon S3 Standard to Amazon S3 Glacier Flexible Retrieval or Amazon S3 Glacier Deep Archive to help you minimize storage costs. AWS Snowball with Tape Gateway supports offline migration of data stored on physical tapes to AWS.

The new capability is available on new gateways starting today, and will be made available on existing gateways through a software update starting October 13, 2022

AWS Storage Gateway makes it simpler and faster for you to start setting up and managing your hybrid-cloud storage workflows. Now, using the Storage Gateway console, you can easily create an Amazon EC2 instance for your cloud-based gateway in just a few clicks. In the updated Create Gateway wizard, simply enter the VPC network, VPC subnet, and key pair for your EC2 instance and select Launch instance to automatically create and launch an EC2 instance with minimally required settings including instance type, cache storage, upload buffer, and inbound security ports.

In addition, you can now automatically configure recommended Amazon CloudWatch alarms for your gateway, helping you proactively monitor your gateway’s health in one click. In the updated Create Gateway wizard, select Create Storage Gateway’s recommended alarms and Storage Gateway automatically configures a set of best practice alarms for your new gateway. You can also add recommended or custom alarms to your existing gateway by navigating to your gateway’s detail page and selecting this option from the Monitoring tab. Once you have configured your alarms, you can easily monitor the alarm state of your gateways from the Gateway overview page.

AWS Storage Gateway is a hybrid-cloud storage service that provides on-premises applications access to virtually unlimited storage in the cloud. You can use Storage Gateway for backing up and archiving data to AWS, providing on-premises file shares backed by cloud storage, and providing on-premises applications low-latency access to in-cloud data.

Amazon Relational Database Service (Amazon RDS) for Oracle now supports the July 2022 Patch Set Update (PSU) for Oracle Database 12.1 and Release Updates (RU) for Oracle Database 19c.

To learn more about the Oracle RUs supported on Amazon RDS for each engine versions, see the Amazon RDS for Oracle Release notes. If the auto minor version upgrade (AmVU) option is enabled, the DB instance is upgraded to the latest quarterly PSU or RU six to eight weeks after it is made available by Amazon RDS for Oracle in your AWS region. These upgrades will happen during the maintenance window. To learn more, see the Amazon RDS maintenance window documentation.

Amazon Redshift Serverless now supports tagging of resources such as namespace and workgroup. Tagging allows you to assign a key-value pair to your resources and organize them by business departments, billing groups, and production environments.

With resource tagging in Amazon Redshift Serverless, you can create simplified views of your data warehouse resources and more easily manage billing across teams and projects. This is imperative as you grow your data warehouse usage across numerous accounts and regions. Tagging for Amazon Redshift Serverless is available in all AWS commercial regions where Amazon Redshift Serverless is generally available.

Amazon WorkMail now offers Impersonation Roles, a secure way to more easily grant programmatic access to mailboxes. Customers can use Impersonation Roles with Exchange Web Services (EWS) to perform impersonated actions in other users’ mailboxes. Administrators have the ability to limit the scope of Impersonation Roles to specific users, including choosing whether actions have full or read-only access.

The Impersonation Roles feature provides administrators an alternative to having to share and securely store user credentials, since authentication is done by using the short lived bearer tokens from each role. In addition, Impersonation Roles help administrators provide an extra layer of security by allowing them to restrict the actions that can be performed by impersonated calls. Administrators can choose to create impersonation roles with type “Read only”, which will only allow read actions in the impersonated user’s mailbox.

The WorkMail administrator can create an impersonation role for the service or programmatic user that will be making impersonated calls. This service will then call AssumeImpersonationRole via the WorkMail API to get a bearer token. This token can then be passed as an Authorization header in subsequent EWS impersonation calls along with the primary email address of the user being impersonated.

Starting this week, you can now budget by two new dimensions, invoicing entity and legal entity, in AWS Budgets. This additional granularity allows you to setup specific budget thresholds according to your invoice issuer using invoicing entity or AWS Marketplace seller using legal entity. Once you’ve saved your budget, you can then receive alerts when your actual costs exceed (or are forecasted to exceed) your budget thresholds. AWS Budgets is generally available in all public AWS Regions.

If you are a multinational organization leveraging consolidated billing, you can separately track costs originating from your Sellers of Records (SoRs) around the world, such as Amazon Web Services, Inc., Amazon Web Services EMEA SARL, or Amazon Web Services Korea LLC by filtering by invoicing entity in your budgets. Using legal entity, you can easily track and alert on costs by individual AWS Marketplace sellers which helps you quickly identify and manage costs associated with specific AWS Marketplace seller, because you can now view the seller names in AWS Budgets.

Amazon Translate is a neural machine translation service that delivers fast, high-quality, affordable, and customizable language translation. Today, we are adding formality customization support for Dutch, Korean, and Mexican Spanish. We are also adding support for asynchronous batch translation. Now you can customize the formality of your translated output to suit your communication needs.

With Amazon Translate’s formality customization, customers have three options - default, formal and informal - to control the level of formality in the output. The default option does not change the formality of the neural machine translation output. The formal option has a higher level of formality compared to the default option, and can be used by customers in Insurance and Healthcare industry who need highly formal translations. The informal option has a lower level of formality, and can be used by customers in Gaming and Social Media who prefer informal translations

Formality customization is now available in both the real-time and asynchronous batch operations in commercial AWS regions where Amazon Translate is available.

AWS Local Zones are now available in Delhi and Taipei. You can now use these AWS Local Zones to deliver applications that require single-digit millisecond latency or local data processing.

AWS Local Zones allow you to run applications that require low latency for use cases such as online gaming, hybrid migrations, media and entertainment content creation, live video streaming, engineering simulations, augmented reality (AR), virtual reality (VR), and machine learning inference at the edge. AWS Local Zones can also help you meet data residency requirements in regulated industries such as healthcare, financial services, and the public sector.

At the beginning of this year, AWS announced plans to launch AWS Local Zones in an additional 33 metro areas across 27 countries. This first international expansion of AWS Local Zones brings AWS infrastructure closer to millions of end users. AWS Local Zones are also generally available in 16 metro areas in the US (Atlanta, Boston, Chicago, Dallas, Denver, Houston, Kansas City, Las Vegas, Los Angeles, Miami, Minneapolis, New York City, Philadelphia, Phoenix, Portland, and Seattle).

Amazon Aurora Serverless v2, the next version of Aurora Serverless, now supports AWS CloudFormation. You can use AWS CloudFormation templates to deploy and modify Aurora Serverless v2 along with the rest of your AWS infrastructure in a secure, efficient, and repeatable manner. To learn more, read the AWS CloudFormation user guide.

Aurora Serverless is an on-demand, automatic scaling configuration for Amazon Aurora. Aurora Serverless v2 scales instantly to support even the most demanding applications, delivering up to 90% cost savings compared to provisioning for peak capacity. It is available for the MySQL 8.0-, PostgreSQL 13- and PostgreSQL 14-compatible editions of Amazon Aurora. To learn more, read the documentation, and get started by creating an Aurora Serverless v2 database using only a few steps in the AWS Management Console or by using CloudFormation. 

Amazon Virtual Private Cloud (VPC) has introduced two new networking metrics; 1) Network Address Usage and 2) Peered Network Address Usage. These new metrics will help network administrators plan for expansion of their VPC architecture while proactively managing service quotas.

As one of AWS's foundational services, Amazon Virtual Private Cloud (VPC) lets you launch AWS resources in a logically isolated virtual network that you define. Each resource in a VPC uses one or more network addresses to communicate with other resources within and across VPCs. With these metrics, you can now monitor the Network Address Usage in your VPCs and set alarms in CloudWatch.

You can also plan for your growth by either requesting more quota in Service Quotas or create a new VPC for additional resources. Each VPC can grow up to 256,000 network addresses in a single VPC and 512,000 network addresses when peered within a region.

AWS Backup now offers a new Backup Vault Lock console experience that provides you a more intuitive way to configure your vault lock details. AWS Backup Vault Lock allows you to deploy and manage your vault’s immutability policies, protecting your backups from accidental or malicious deletions.

Depending on your data retention needs, with AWS Backup Vault Lock, you can set governance mode or compliance mode to configure your vault’s immutability policies with greater flexibility and multiple levels of security. Under governance mode, users with the appropriate role-based permissions can test and change retention policies or even remove the lock completely.

In compliance mode, the user can specify a lock date after which the vault is locked immutably. Once locked, the acceptable retention periods cannot be changed and the lock cannot be disabled even by the root user. With this feature, the console also provides you with visibility into into your vaults’ lock status and facilitates reporting across all locked vaults. 

To get started with AWS Backup Vault Lock, you can select the backup vault you want to lock. Then, you can select your desired retention period and specify the acceptable retention periods for your vault lock configuration. With AWS Backup, you can set up multiple layers of data protection, including independent copies of backups across multiple AWS Regions and accounts, separate resource access policies, and long-term data retention. 

AWS Backup Vault Lock is available in the US East (Ohio, N. Virginia), US West (N. California, Oregon), Canada (Central), Europe (Frankfurt, Ireland, London, Paris, Stockholm), South America (São Paulo), Asia Pacific (Hong Kong, Mumbai, Seoul, Singapore, Sydney, Tokyo), Middle East (Bahrain), and AWS GovCloud (US) Regions. 

AWS IoT SiteWise has increased quota limits for Assets and Asset Models to support larger and more complex equipment representations, and allow customers to perform bulk operations on resources.

The increase in asset model limits enables customers to create larger and more complex Asset and Asset Model hierarchies without requesting a limit increase.

The following quotas were increased: number of parent asset models per child asset model, number of child assets per parent asset, number of asset models per hierarchy tree, number of asset models, number of asset model hierarchy definitions per asset model and depth of asset model hierarchy tree.

Additionally, we removed the quota limit for number of parent asset models per child asset model. For example, in the past a customer who needed to create more than 200 properties per asset model would have been required to request a quota limit increase. With the new changes customers can create up to 500 properties per asset model without requesting a limit increase.

The AWS IoT SiteWise quota increase on Asset Model APIs also enables developers who require higher rates to perform bulk operations on asset models, assets, and asset hierarchies. For example, previously, an application developer was able to retrieve information from 30 assets in 1 second with the DescribeAsset API. Now, the developer can retrieve information from 100 assets in 1 second.

For more details on the new quota limits for Asset Models refer to AWS IoT SiteWise quotas.

Starting this week, Amazon EC2 High Memory instances with 3TiB (u-3tb1.56xlarge), 6TiB (u-6tb1.56xlarge, u-6tb1.112xlarge), 9TiB (u-9tb1.112xlarge), and 12TiB of memory (u-12tb1.112xlarge) are available in Asia Pacific (Tokyo) region. AWS customers can start using these new High Memory instances with On Demand and Savings Plan purchase options.

Amazon EC2 High Memory instances are certified by SAP for running Business Suite on HANA, SAP S/4HANA, Data Mart Solutions on HANA, Business Warehouse on HANA, and SAP BW/4HANA in production environments. For details, see the Certified and Supported SAP HANA Hardware Directory.

With this regional expansion, High Memory instances with 3TiB, 6TiB, 9TiB, and 12TiB of memory are now all available in Europe (Ireland), Europe (Frankfurt), US East (N. Virginia), US West (Oregon), and Asia Pacific (Tokyo). Instances with 3TiB of memory are also available in the South America (Sao Paulo), Asia Pacific (Sydney) and Europe (Milan) regions. Instances with 6TiB of memory are also available in Europe (Stockholm), Asia Pacific (Mumbai), Europe (Paris), US East (Ohio), South America (Sao Paulo), Asia Pacific (Seoul), AWS GovCloud (US-East), AWS GovCloud (US-West), Asia Pacific (Singapore), and Asia Pacific (Sydney) regions. Instances with 9TiB of memory are also available in AWS GovCloud (US-West) and Asia Pacific (Singapore) regions. Instances with 12TiB of memory are also available in US East (Ohio), AWS GovCloud (US-West), and Asia Pacific (Singapore) regions.

Amazon S3 Object Lambda now supports adding your own code to S3 HEAD and LIST API requests, in addition to S3 GET requests. With S3 Object Lambda, you can modify the data returned by S3 GET requests to filter rows, dynamically resize images, redact confidential data, and much more.

Now, you can also use S3 Object Lambda to modify the output of S3 LIST requests to create a custom view of all objects in a bucket and S3 HEAD requests to modify object metadata such as object name and size. With this update, S3 Object Lambda now uses AWS Lambda functions to automatically process the output of S3 GET, HEAD, and LIST requests.

Previously, S3 Object Lambda supported processing the output of an S3 GET request, making it ideal for converting data formats (for example, XML to JSON), resizing and watermarking images, and redacting confidential data. Other S3 API calls, such as HEAD and LIST requests, made to S3 Object Lambda would return the standard S3 API response. Now, you can use S3 Object Lambda to enrich your object lists by querying an external index that contains additional object metadata, filter and mask your object lists to only include objects with a specific object tag, or add a file extension to all the object names in your object lists.

For example, if you have an S3 bucket with multiple discrete data sets, you can use S3 Object Lambda to filter an S3 LIST response depending on the requester. With S3 Object Lambda, you can save on storage costs by easily presenting multiple views of your data for different applications, without having to run complex software and infrastructure.

With just a few clicks in the AWS Management Console, you can configure a Lambda function and attach it to a S3 Object Lambda Access Point. From that point forward, S3 will automatically call your Lambda function to process any data retrieved through the S3 Object Lambda Access Point, returning a transformed result back to the application. You can also now author a Lambda function that is specific to each supported S3 API (GET, HEAD, and LIST).

You can get started with S3 Object Lambda through the AWS Management Console, AWS Command Line Interface (CLI), Application Programming Interface (API), or AWS Software Development Kit (SDK) client.

Amazon Connect Cases provides built-in case management capabilities that make it easy for your contact center agents to create, collaborate on, and quickly resolve customer issues that require multiple customer conversations and follow-up tasks, all without having to build custom applications or integrate with third-party products. Cases provides your agents with a unified timeline view of all activities and customer information associated with a case, including individual tasks that can be assigned and tracked across multiple agents. Additionally, case information can be used to answer customer questions in self-service IVR and chatbot interactions.

With Cases, businesses have the tools and information they need to be more productive, resolve issues faster, and improve customer satisfaction. For example, when a call or chat comes in, the flow can identify the customer, find the relevant case, and provide an update to the customer without agent interaction. Contact center managers can access these capabilities and configure case templates, case fields, and permissions from the Amazon Connect administrator website.

You can now set an EC2 Amazon Machine Image (AMI) to use Instance Metadata Service Version 2 (IMDSv2) by default. IMDSv2 is an enhancement to instance metadata access that requires session-oriented requests to add defense in depth against unauthorized metadata access. IMDSv2 requires a PUT request to initiate a session to the instance metadata service and retrieve a token. To set your instances as IMDSv2-only, you previously had to configure Instance Metadata Options during instance launch or update your instance after launch using the ModifyInstanceMetadataOptions API.

Now, by using the IMDS AMI property, you can set all new instances launched from the AMI to be IMDSv2-only by default. When you set this property to IMDSv2 supported, any instance launched with the AMI will use IMDSv2-only and your default hop limit will be set to 2 to allow for containerized workload support..

To get started, register your AMI to set this property to IMDSv2. You can still manually override these settings and enable IMDSv1 using Instance Metadata option launch properties. You can also still use IAM controls to enforce different IMDS settings.

AWS Security Hub now publishes announcements through Amazon Simple Notification Service (SNS) in AWS GovCloud (US), helping you stay up to date with the latest feature releases and announcements. To receive announcements about new AWS Security Hub features, subscribe to the AWS Security Hub SNS topic in your preferred Region.

You can also use an AWS Lambda function to trigger events when notifications are received. For more information, see Invoking Lambda functions using Amazon SNS notifications.

Available globally, AWS Security Hub gives you a centralized and comprehensive view of your security posture across all of your AWS accounts and across all Regions. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 65 AWS Partner Network (APN) solutions.

You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. You can also take action on these findings by investigating findings in Amazon Detective and by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or custom remediation playbooks.

Amazon SageMaker Canvas now supports quicker set up of time-series forecasting models with simplified administration of required permissions. SageMaker Canvas is a visual point-and-click service that enables business analysts to generate accurate machine learning (ML) models for insights and predictions on their own — without requiring any machine learning experience or having to write a single line of code.

SageMaker Canvas supports a number of use cases, including time-series forecasting used for inventory management in retail, demand planning in manufacturing, workforce and guest planning in travel and hospitality, revenue prediction in finance, and many other functions where highly-accurate forecasts are important. As an example, time-series forecasting allows retailers to predict future sales demand and plan for inventory levels, logistics, and marketing campaigns. Time-series forecasting models in SageMaker Canvas use advanced technologies such as Amazon Forecast to ensemble model statistical and machine learning algorithms, and deliver highly accurate forecasts.

Previously, setting up time-series forecasting models in Canvas required IT administrators to manually configure Identity and Access Management (IAM) policies in the AWS management console and add explicit permissions for time-series forecasting. Starting today, time-series forecasting permissions are enabled by default making it intuitive for IT administrators while setting up a SageMaker domain. This allows Canvas users to quickly set up time-series forecasting models, train these models, and generate predictions to achieve effective business outcomes.

AWS is excited to announce the launch of a new hands-on course on Coursera for business analysts - “Practical Decision Making using No-Code ML on AWS," featuring Amazon SageMaker Canvas.

Today, Artificial Intelligence (AI) is experienced everywhere, be it personalized recommendations while shopping online, suggestions to watch your favorite TV show, or predicting future demand for retail sales. To understand AI and related topics such as machine learning (ML) better, we’ve designed a new course on Coursera that will teach you the fundamentals of AI/ML, how to extract value from AI/ML, and make better business decisions. The course uses real-life examples and provides practical hands-on exercises to address business challenges using Amazon SageMaker Canvas, a visual, no-code ML tool.

No-code ML is becoming popular especially with companies looking to democratize machine learning through the enterprise. This 5-hour course is designed to help non-ML experts such as business analysts explore their data better and shape the data into the right format to address business problems, build and evaluate a machine learning model without writing code, generate predictions, and make practical business decisions.

AWS are pleased to announce that AWS IoT TwinMaker has released a new Application Kit that will help IoT application developers build customized web applications for their digital twins. This Application Kit is a part of the open-source UI components library for IoT application developers - AWS IoT Application Kit.

AWS IoT TwinMaker Application Kit improves the flexibility and options in creating dashboard experiences, in addition to the already supported integration with Grafana. It introduces three components for visualizing and managing digital twins: the Scene Viewer for 3D model visualization and interaction, the Video Player component for displaying video streams, and the Data Source component to retrieve data from various data sources — including Amazon Simple Storage Service(AmazonS3), Amazon Kinesis Video Stream and AWS IoT SiteWise. Using the provided three components, developers can embed AWS IoT TwinMaker experience into their existing web applications or they can create a fully customized experience.

You can now explore query results in Colab using Python libraries. This feature is now in preview.

Concurrent connections quotas are now based on the project that initiates the Storage Write API request, not the project containing the BigQuery dataset resource.

For auto mode VPC networks, added a new subnet 10.208.0.0/20 for the Tel Aviv me-west1 region. For more information, see Auto mode IP ranges.

Accessing managed services using Private Service Connect with consumer HTTP(S) controls is available in General Availability for the global external HTTP(S) load balancer.

Microsoft Azure Releases And Updates
Source: azure.microsoft.com

Azure Machine Learning—Public preview updates for September 2022

Includes the ability to control access to sensitive data, the capability to contrast differences to assess their performance, and the functionality to stop idle compute instances automatically.

General availability: Smart tiering to vault-archive tier for Azure Backup

You can now configure your backup policy to move all your eligible and recommended recovery points to vault-archive tier for Azure Virtual Machines, SQL Server/SAP HANA in Azure Virtual Machines.