In Cloud Computing This Week [Sept 10th 2021]

With this week's  launch, AWS customers can execute custom scripts before, during, and after Amplify CLI commands (“amplify push”, “amplify api gql-compile”, and more). This allows you to extend Amplify’s best-practice defaults to meet your organization’s specific security guidelines and operational requirements. AWS Amplify CLI is a command line toolchain that helps frontend web and mobile developers create cloud backends and connect them to their app for common use cases. To create a command hook, customers place their bash shell scripts into the “amplify/hooks" folder with the associated Amplify CLI command as the script file name, such as "post-push.sh" or "pre-add-function.sh”. Command hooks support bash scripts by-default but customers can extend it with their preferred scripting runtime.

Manage and monitor your applications on AWS seamlessly and easily with new service integrations for AWS Systems Manager Application Manager and CloudWatch Application Insights. AWS Systems Manager Application Manager is a service in AWS Systems Manager which brings together operations information from multiple AWS services so customers can investigate and remediate issues. CloudWatch Application Insights is a service that helps customers easily setup monitoring and troubleshoot their enterprise applications running on AWS resources. Together, the two services provide a combined view of your application health and an ability to dive deep into problems to quickly resolve issues

Amazon EC2 now supports Hibernation for On-Demand Nitro-based instances running Red Hat Enterprise Linux (RHEL) version 8, CentOS version 8, and Fedora version 34 onwards. Hibernation allows you to pause your EC2 Instances and resume them at a later time, rather than fully terminating and restarting them. Resuming your instance lets your applications continue from where they left off so that you don’t have to restart your OS and application from scratch. Hibernation is useful for cases where rebuilding application state is time-consuming (e.g., developer desktops) or an application’s start-up steps can be prepared in advance of a scale-out.

AWS Gateway Load Balancer (GWLB) is now a Payment Card Industry Data Security Standard (PCI DSS) compliant service. GWLB helps you deploy, scale, and manage third-party virtual network appliances such as firewalls, intrusion detection and prevention systems, analytics, and traffic visibility systems. As an addition to the Elastic Load Balancer family, GWLB combines a transparent network gateway (that is, a single entry and exit point for all traffic) and a load balancer that distributes traffic and scales your virtual appliances horizontally based on demand.

Amazon EC2 now offers increased instance bandwidth from AWS region to traffic destined towards Internet Gateway, Direct Connect and between regions for the current generation of instances .

Starting this week, the ability to customize reverse DNS for Elastic IP addresses for Virtual Private Clouds (VPC) is available in 16 additional regions. These AWS Regions are US East (N. Virginia), US West (N. California, Oregon), Asia Pacific (Hong Kong, Osaka, Seoul, Singapore, Sydney, Tokyo), Europe (Frankfurt, Ireland, London, Paris, Stockholm), Middle East (Bahrain), and South America (São Paulo). With today’s launch, this feature is available in all commercial regions.

This week, AWS Marketplace announced a new feature the enables Consulting Partners the ability to easily view and create offers from Independent Software Vendors' (ISV) resell authorization opportunities in the AWS Marketplace Management Portal (AMMP). With this launch, Consulting Partners can now review all resell Opportunities ISVs have granted them, and quickly create a Consulting Partner Private Offer (CPPO)  from the Opportunity. A CPPO allows customers to purchase software solutions in AWS Marketplace directly from Consulting Partners with custom terms and pricing not publicly available. With the improved transparency of resell opportunities and streamlined private offer creation process, Consulting Partners can reduce operational load while accelerating deal delivery.

AWS Cloud Map is now available in both AWS GovCloud (US) Regions.

Starting this week, Amazon EC2 I3en Instances are Now Available in Amazon Web Services regions in the Middle East (Bahrain), South Africa (Cape Town), and Europe (Milan). I3en instances offer up to 60 TB of low latency NVMe SSD instance storage and up to 50% lower cost per GB over I3 instances.

Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now supports index transforms that enables customers to extract significant information from large data sets and store summarized views in new indices. Customers can derive new insights, further analyze, and visualize trends from the new summary index.

Amazon OpenSearch Service now supports data streams to help simplify management of time-series data such as logs, metrics, and traces. Data streams abstract the underlying indexes required for your time-series data, the rollover process, and the optimizations required to efficiently manage and query time-based data, reducing operational overhead. You can move your older rolled-over indexes that are part of a data stream to UltraWarm and beyond that to cold storage, helping you retain data for longer, cost-effectively.

AWS Managed Services (AMS) is excited to announce Operations on Demand, a flexible and scalable option to gain access to additional skilled AMS operations capacity, skills, and experience. Operations on Demand gives customers access to a full range of operational capabilities above and beyond the extensive scope provided by AMS Operations Plans . Customers choose from a curated and continually expanding catalog of operational offerings which are delivered by a combination of automation and highly skilled AMS resources. The catalog includes a mix of short-term and ongoing operational use cases and can be used to supplement your existing operations or fill a knowledge or capacity gap. Examples of catalog offerings include assisting with the maintenance of Amazon Elastic Kubernetes Service (EKS), operations of AWS Control Tower, management of SAP clusters, and performing in-place upgrades of instances running out-of-support operating systems. Customers pay for what they use in blocks of hours, and can unsubscribe from a catalog offering at any time. Please see our public documentation for a listing of current catalog offerings . The Operations on Demand feature is available for both the AMS Advanced and Accelerate Operations Plans in all regions where AMS is available.

During August, 2021, 4 new versions of the AWS Cloud Development Kit (CDK) for JavaScript, TypeScript, Java, Python, .NET and Go were released (v1.117.0 through v1.120.0). These releases include multiple additions to the Kinesis Firehose Construct Library , including compression and prefixes on S3 delivery stream destinations, delivery stream metrics, S3 source backups, AWS Lambda-based data processors and more. Additionally, CloudFront Construct Library  now supports Origin Shield, CloudWatch  supports defining alarms across AWS accounts, and Cognito User Pools  support Device Tracking. These releases resolve 28 issues and introduce 37 new features that span 30 different modules across the library. Many of these changes were contributed by the developer community.

Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to connect any conformant Kubernetes cluster to AWS and visualize it in the Amazon EKS console. You can connect any conformant Kubernetes cluster, including Amazon EKS Anywhere clusters running on-premises, self-managed clusters on Amazon Elastic Compute Cloud (Amazon EC2), and other Kubernetes clusters running outside of AWS. Regardless where your cluster is running, you can use the Amazon EKS console to view all connected clusters and the Kubernetes resources running on them.

This week AWS are announcing the general availability of AWS Local Zones in Chicago, Kansas City, and Minneapolis. Customers can now use these new Local Zones to deliver applications that require single-digit millisecond latency to end-users or for on-premises installations in these three metro areas.

The AWS Firewall Manager Automations for AWS Organizations solution allows you to centrally configure, manage, and audit firewall rules across all your accounts and resources in AWS Organizations. This solution is a reference implementation to automate the process to setup AWS Firewall Manager security policies. This solution supersedes AWS Centralized WAF and VPC Security Group Management solution.

This week, AWS were excited to announce the general availability of Amazon Elastic Kubernetes Service (Amazon EKS) Anywhere, a new deployment option for Amazon EKS that allows customers to create and operate Kubernetes clusters on customer-managed infrastructure, supported by AWS. Customers can now run Amazon EKS Anywhere on their own on-premises infrastructure using VMware vSphere starting today, with support for other deployment targets in the near future, including support for bare metal coming in 2022.

You can now launch RabbitMQ 3.8.22 brokers on Amazon MQ. This release includes a fix for an issue with queues using per-message TTL (time to live) , identified in the previously supported version, RabbitMQ 3.8.17, and we recommend upgrading to RabbitMQ 3.8.22.

This week, AWS announced that customers can use aliases to refer to Amazon Machine Images (AMI) purchased from AWS Marketplace. AMI aliases are unique identifiers that be used instead of an AMI ID in deployment scripts. Starting today, aliases are available for all single AMI products on AWS Marketplace. This simplifies launching new AMIs as customers don’t have to change AMI IDs for each region every time there is a version update. Customers can rather use a single alias that will auto-resolve to current AWS region. Additionally, customers can always refer to the latest version by using the ‘latest’ alias for a given AMI product. This will automate deployment pipelines and reduce the manual steps required to upgrade to a new version of AMI purchased from AWS Marketplace.

Amazon OpenSearch Service now supports OpenSearch Dashboards Notebooks, a new feature that enables OpenSearch users to interactively and collaboratively develop rich reports backed by live data and queries. A notebook is a document made up of cells or paragraphs that can combine markdown, SQL and Piped Processing Language (PPL) queries, and visualizations with support for multi-timelines so that users can easily tell a story. Notebooks can be developed, shared as an OpenSearch Dashboards link, PDF or PNG, and refreshed directly from OpenSearch Dashboards to foster data driven exploration and collaboration among OpenSearch users and their stakeholders. Common use cases for notebooks includes creating postmortem reports, designing run books, building live infrastructure reports, or even documentation.

Amazon Elasticsearch Service has a new name: Amazon OpenSearch Service. This change, which was previously announced here, coincides with the addition of support for OpenSearch 1.0. You can now run and scale both OpenSearch and Elasticsearch (until version 7.10) clusters on Amazon OpenSearch Service and get all of the same benefits you have enjoyed so far from Amazon Elasticsearch Service.

Change Calendar, a capability of AWS Systems Manager, now supports importing of third-party calendars, such as Microsoft Outlook calendars, thereby enabling you to view all your events centrally and control what changes can be made to your AWS resources during those events.

Amazon Pinpoint now supports encrypted SNS topics as destinations for incoming SMS text messages. This enables you to add another layer of protection when using Amazon Pinpoint for two-way SMS text messaging. When you enable two-way SMS messaging, you can publish inbound messages to encrypted SNS topics for retrieval and processing. Amazon SNS uses an AWS Key Management Service (AWS KMS) key to encrypt the messages that it sends to these topics.

AWS Elemental MediaPackage now supports version 2.0 of the Secure Packager and Encoder Key Exchange (SPEKE) API. SPEKE v2 makes it possible to use native Content Protection Information Exchange Format (CPIX) 2.3 documents which allows for the use of multiple encryption keys for different media tracks. With MediaPackage and SPEKE v2 you can now use two keys, one for audio tracks and one for video tracks with live DASH and CMAF streams, with support for more complex encryption models for content protection requirements to follow.

Starting today, AWS Network Firewall is a HIPAA eligible service. This means you can use AWS Network Firewall to secure and inspect protected health information (PHI) stored in your accounts.

Amazon CodeGuru Reviewer is a developer tool that leverages automated reasoning and machine learning to detect potential code defects that are difficult to find and offers suggestions for improvements. Today, we are announcing the addition of a new set of detectors that can identify inconsistencies within a code repository. These inconsistency detectors are a new type of machine learning based detector that analyzes coding patterns within a developer’s repository and helps detects when there is an anomaly that deviates from their standard pattern.

Amazon Detective, in coordination with the Splunk Trumpet project, has released the ability to pivot from an Amazon GuardDuty finding in Splunk directly to an Amazon Detective entity profile so that customers can quickly identify the root cause of potential security issues or suspicious activities.

AWS Cloud9 is now available in Asia Pacific (Osaka) and Africa (Cape Town). AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser.

Amazon RDS for SQL Server now supports MSDTC JDBC XA transactions. With MSDTC you can either execute the transaction using SQL Server as the Transaction manager using linked servers, or you can promote MSDTC running on the same host as the Client application to the role of Transaction manager.