This week at AWS
The holidays are approaching but at AWS they continue to work tirelessly to provide new services and features to their customers. Here is the menu of the week:
Use Result Fragment Caching with EMR runtime for Apache Spark to boost query performance by up to 15x
The Amazon EMR runtime for Apache Spark is a performance optimized runtime environment for Apache Spark, available and turned on by default on Amazon EMR clusters 5.28 onward. Amazon EMR runtime for Spark is up to 32x faster with 100% API compatibility with open source Spark.
Amazon CloudFront supports header names of up to 1024 characters in CloudFront policies
Amazon CloudFront now supports a maximum of 1024 characters across all header names in cache, origin request, and origin response policies. With 1024 characters, customers now have 512 extra characters to add header metadata to their policies.
AWS re:Post introduces profile pictures and inline images
re:Post has launched a new functionality for community members to add a profile picture or avatar to their account. re:Post members will now be able to better personalize their accounts by uploading a photo or image of their choice. The ability to add a profile image creates a visual identifier for the account and helps members form connections, build relationships, and foster learning in the community.
Amazon Athena enhances console and API support for parameterized queries
Today, Amazon Athena announced enhancements to its console and API which provide more flexibility when using parameterized queries. You can now run parameterized queries directly from the Athena console and an enhanced API that no longer requires you to prepare SQL statements in advance. With today’s launch, it is now easier than before to take advantage of the reusability, simplification, and security benefits of parameterized queries.
AWS Firewall Manager now supports VPC security group tag distribution with common security group policies
AWS Firewall Manager now supports centrally distributing VPC security group tags when creating a common security group policy.
Introducing Nimble Studio seamless IAM access for studio components
Amazon Nimble Studio now supports seamless AWS Identity Access Management (IAM) profile access for studio components, and custom studio components, directly to workstation sessions, available immediately. This allows Nimble Studio admins to set up and control additional properties of their streaming workstations via seamless IAM role permissions, ensuring artists have the right level of access for the tasks they’re working on, without the need to switch profiles. Custom components use PowerShell scripts for Windows, and shell scripts for Linux instances. These configurations can then be added to Nimble Studio Launch Profiles for easy retrieval. With custom configurations, you can add resources to your workstations and run custom scripts on your instance, system, and user initialization with greater flexibility than before with seamless IAM role permissions.
AWS Security Hub adds four new integration partners
AWS Security Hub has added four new integration partners to help customers with their cloud security posture monitoring. Integrations from Lacework, Juniper Networks, SentinelOne, and K9 Security bring Security Hub to 79 integrations. Lacework sends findings from their Polygraph Data Platform (PDP) to Security Hub to help manage AWS posture and compliance events. Juniper Networks’ vSRX Virtual Next Generation Firewall sends security events observed by the firewall to Security Hub. SentinelOne sends security findings, identified by SentinelOne endpoints running in your AWS environment, to Security Hub. K9 Security sends findings to Security Hub related to important access changes within your AWS Identity and Access Management (IAM) configuration.
Announcing the general availability of AWS Cloud WAN
Today, AWS announced the general availability of AWS Cloud WAN, a wide area networking (WAN) service that helps you build, manage, and monitor a unified global network. The service manages traffic running between your AWS resources and your on-premises environments.
Announcing general availability (GA) of Automated Materialized View for Amazon Redshift
Amazon Redshift announces GA of Automated Materialized View (AutoMV) that helps you to lower query latency for repeatable workloads. AutoMV minimizes your effort for manually creating and managing materialized views and provides you the same performance benefits of user-created materialized views. Dashboard queries used to provide quick views of key performance indicators (KPIs), events, trends, and other metrics are some examples of workloads that can benefit from AutoMV. Reporting queries scheduled at various frequencies may also benefit from AutoMV.
Amazon Redshift Serverless is now generally available
Amazon Redshift Serverless, which allows you to run and scale analytics without having to provision and manage data warehouse clusters, is now generally available. With Amazon Redshift Serverless, all users — including data analysts, developers, and data scientists — can now use Amazon Redshift to get insights from data in seconds. Amazon Redshift Serverless automatically provisions and intelligently scales data warehouse capacity to deliver high performance for all your analytics. You only pay for the compute used for the duration of the workloads on a per-second basis. You can benefit from this simplicity without making any changes to your existing analytics and business intelligence applications.
Amazon Redshift announces support for Row-Level Security (RLS)
Amazon Redshift now supports Row-Level Security (RLS), a new enhancement that simplifies design and implementation of fine-grained access to the rows in tables. With RLS, you can restrict access to a subset of rows within a table based on the users’ job role or permissions and level of data sensitivity with SQL commands. By combining column-level access control and RLS, Amazon Redshift customers can provide comprehensive protection by enforcing granular access to their data.
Introducing Log Anomaly Detection and Recommendations for Amazon DevOps Guru
Today, we are announcing the general availability of a new feature, Log Anomaly Detection and Recommendations for Amazon DevOps Guru. As part of this feature, DevOps Guru will ingest Amazon CloudWatch Logs for AWS resources that make up your application, with Lambda being first. Logs will provide new enrichment data in an insight to enable more accurate understanding of the root cause behind an application issue, and provide more precise remediation steps.
AWS announces AWS AppConfig Extensions
AWS announces AWS AppConfig Extensions, a new capability that allows customers to enhance and extend the capabilities of feature flags and dynamic runtime configuration data. AWS AppConfig, a capability of AWS Systems Manager, allows customers to configure, validate, and deploy configuration data to more safely and quickly update application behavior. The AppConfig Extensions framework exposes action points along the lifecycle of feature flags and configuration data; customers can hook new functionality onto each action point. Action points are exposed during the creation, validation, deployment, and rollback of feature flag and configuration data.
Amazon Redshift improves cluster resize performance and flexibility of cluster restore
Amazon Redshift has improved the performance of Redshift’s classic resize feature and increased the flexibility of the cluster snapshot restore operation. Redshift classic resize is used to resize a cluster in scenarios where you need to change the instance type or transition to a configuration that cannot be supported by elastic resize. Previously, this can take the cluster offline for many hours during resize, but now the cluster can typically be available to process queries in minutes. Clusters can also be resized when restoring from a snapshot and in those cases there could be restrictions.
Amazon QuickSight support for IE11 is ending by July 31, 2022
Effective July 31, 2022, Amazon QuickSight is ending support for IE11. After that date, we can no longer guarantee that the features and webpages of Amazon QuickSight will function properly on IE 11. We recommend customers use one of our supported browsers: Microsoft Edge (Chromium), Google Chrome, or Mozilla Firefox.
Amazon VPC Flow Logs adds Transit Gateway support for improved visibility and monitoring
Starting today, Amazon VPC Flow Logs adds support for Transit Gateway. With this feature, Transit Gateway can export detailed telemetry information such as source/destination IP addresses, ports, protocol, traffic counters, timestamps and various metadata for all of its network flows. This feature provides you with an AWS native tool to centrally export and inspect flow-level telemetry for all network traffic that is traversing between Amazon VPCs and your on-premises networks via your Transit Gateway.
AWS Firewall Manager now supports AWS Network Firewall strict rule order with alert and drop configurations
AWS Firewall Manager now enables you to centrally deploy AWS Network Firewalls with additional strict rule order, default deny, and default drop configurations.
AWS Fault Injection Simulator is now available in AWS GovCloud (US) Regions
AWS Fault Injection Simulator (FIS) is now available in the AWS GovCloud (US-East and US-West) Regions. The expansion of AWS FIS into the AWS GovCloud (US) Regions allows US government agencies and contractors to create and run fault injection experiments that reveal how their applications respond to stress under real world conditions.
