This week at AWS
New appointment in the “This week at AWS” series, let’s see what AWS has done this week for its customers, what’s new and what customers can rely on to focus on their business and be successful:
AWS Security Hub launches announcements notification topic
AWS Security Hub now publishes announcements through Amazon Simple Notification Service (SNS), helping you stay up to date with the latest feature releases and announcements. To receive announcements about new AWS Security Hub features, subscribe to the AWS Security Hub SNS topic in your preferred Region.
Introducing AWS Application Discovery Service Agentless Collector, a new discovery tool for AWS Application Discovery Service
AWS Application Discovery Service now includes the Application Discovery Service Agentless Collector to support enterprise customers gathering information for their migration projects. Deployment occurs via a virtual appliance installed within the user’s on-premises data centers, allowing one install to monitor hundreds of servers.
Amazon AppFlow now supports Jira Cloud as a source
Amazon AppFlow, a fully managed integration service that helps customers to securely transfer data between AWS services and software-as-a-service (SaaS) applications in just a few clicks, now supports Jira Cloud as a source.
Amazon ElastiCache for Memcached is now HIPAA eligible
Amazon ElastiCache for Memcached is now a HIPAA (Health Insurance Portability and Accountability Act) eligible service. You can now use ElastiCache for Memcached to store, process, and access protected health information (PHI) and power secure healthcare and life sciences applications. ElastiCache for Memcached is a fully managed, Memcached-compatible, in-memory, key-value store service that delivers sub-millisecond latency to power real-time applications.
Amazon SageMaker Data Wrangler accelerates onboarding with sample dataset and guided feature discovery
Amazon SageMaker Data Wrangler reduces the time it takes to aggregate and prepare data for machine learning (ML) from weeks to minutes in Amazon SageMaker Studio, the first fully integrated development environment (IDE) for ML. With SageMaker Data Wrangler, you can simplify the process of data preparation and feature engineering, and complete each step of the data preparation workflow, including data selection, cleansing, exploration, and visualization, from a single visual interface. Customers using Data Wrangler can import data from Amazon S3, Amazon Athena, Amazon Redshift, Snowflake, Databricks Lakehouse Platform and more coming.
Amazon Route 53 Resolver Endpoints announces 99.99% Service Level Agreement and updates its Service Level Agreement for Route 53 hosted zones
AWS has published a service level agreement (SLA) for Amazon Route 53 Resolver Endpoints, which provides availability guarantees for this service. AWS will use commercially reasonable efforts to make Amazon Route 53 Multi-AZ Resolver Endpoints available with a Monthly Uptime Percentage, during any monthly billing cycle, of at least 99.99% (the “Service Commitment”). In the event Amazon Route 53 Resolver Endpoints does not meet the Service Commitment, you will be eligible to receive a Service Credit as described in the Amazon Route 53 Resolver Endpoints Service Level Agreement.
Amazon Personalize expands the number of events considered by filters to make recommendations even more relevant
Amazon Personalize has extended the capabilities of its filters, increasing limits and providing control over the number of interactions considered by each filter. Amazon Personalize filters improve the relevance of recommendations by removing products that users have already purchased, videos they have already watched, or other digital content they have already consumed in their recent interactions. Receiving repeated recommendations may be frustrating for users, which could lead to lower user engagement and lost revenue opportunities. Amazon Personalize now offers the option to extend the number of interactions considered by the filters to better capture users’ historical activity, particularly for use-cases where customers have a high volume of interactions. Filters now consider up to 100 interactions per user per event type.
A new sign-in experience is now generally available for Amazon QuickSight
Amazon QuickSight is changing the way users sign in to the service with a new look and feel that aligns the sign-in experience with existing AWS application sign-in patterns. The QuickSight sign-in process is now a three-step experience: 1) the first page requires your QuickSight account name, 2) the second page asks for your user name, 3) the third page varies depending on your sign in configuration: native QuickSight or Active Directory user, AWS root user, or IAM user. This change does not affect users who use single sign on (SSO.)
Announcing VMware Cloud on AWS integration with Amazon FSx for NetApp ONTAP
AWS and VMware now offer a supplemental, jointly-engineered network file system (NFS) datastore option for VMware Cloud on AWS so you can reduce costs and accelerate your migration to the cloud. Amazon FSx for NetApp ONTAP is a fully managed service that allows you to run NetApp ONTAP filesystems on AWS. With this integration, you can attach scalable, high-performance storage, independent from your compute resources, to your VMware Cloud on the AWS Software Defined Data Center (SDDC).
Amazon QuickSight launches a new user interface for dataset management
Amazon QuickSight launches a new user interface for dataset management. Previously, the dataset management experience was a popup dialog modal with limited space and all functionality shown up in one small modal. The new dataset management user interface replaces the existing popup dialog modal with a full-page experience, providing a clearer breakdown of dataset management categories, including Summary, Refresh, Permissions and Usage. This update also lays the foundation for future enhancement and features. For further details, visit here.
Amazon RDS for Oracle now supports M6i and R6i instances in new regions
Amazon Relational Database Service (Amazon RDS) for Oracle now supports M6i and R6i instances in new regions. In April 2022, Amazon RDS for Oracle has already launched the support of M6i and R6i instances in some regions.
Amazon Macie adds ability to tune findings with allow lists, and enhances machine learning models to better identify sensitive data
We are pleased to announce a new capability to create allow lists in Amazon Macie. You can now create and use allow lists to specify text or text patterns that you don’t want Macie to report as sensitive data. For example, an allow list might include corporate addresses, names of executives, or sample data that is used for testing. When you create a sensitive data discovery job, you can configure the job to use one or more of your allow lists, in addition to choosing from a growing list of Macie managed data identifiers (MDI).
AppFlow now supports Salesforce version 55.0 and additional AWS PrivateLink regions
Amazon AppFlow, a fully managed integration service that helps customers to securely transfer data between AWS services and software-as-a-service (SaaS) applications in just a few clicks, now supports Salesforce API version 55.0 which is the latest API in the Salesforce Summer ’22 release.
AWS announces open-sourced credentials-fetcher to simplify Microsoft AD access from Linux containers
AWS announces the general availability of the credentials-fetcher open source project. As you modernize your .NET applications to Linux containers, you no longer need to worry about Microsoft Active Directory (AD) dependency. You can use credentials-fetcher to access AD from services hosted on Linux containers using the service account authentication model. This package makes it possible to create kerberos tickets specific to group managed service accounts (gMSAs) in applications running on Linux containers. As part of our launch, we have packaged credential-fetcher in RPM format and added it to Fedora Linux. You can install this package by using dnf install credentials-fetcher.
AWS Step Functions adds 14 new intrinsic functions so you can process data more efficiently in workflows.
AWS Step Functions expands support for manipulation of your input and output data with the addition of 14 new intrinsic functions so you can simplify data processing, reduce calls to downstream services, and write less code. Step Functions is a low-code, visual workflow service that supports integrations with over 220 AWS services, 10,000 API actions, and now 18 intrinsic functions.
AWS Fargate announces availability of Microsoft Windows Server 2022 images for Amazon ECS
AWS Fargate launches support for the Microsoft Windows Server 2022 runtime platform for applications running on Amazon Elastic Container Services (Amazon ECS). This adds to the list of already supported Windows Server 2019 runtime platforms for AWS Fargate, and helps customers take advantage of the latest Windows features on AWS Fargate.
EBS Recycle Bin is now available in the Asia Pacific (Jakarta) Region
EBS Recycle Bin is now available in the Asia Pacific (Jakarta) Region. You can use Recycle Bin for EBS Snapshots and EBS-backed AMIs to recover from accidental deletions to meet business continuity needs. Previously, if you accidentally deleted a snapshot, you would have to roll back to a snapshot from an earlier point in time, increasing your recovery point objective. It was also not possible to recover accidentally deregistered AMIs. With Recycle Bin, you can specify a retention time period and recover a deleted snapshot or a deregistered AMI before the expiration of the retention period. A recovered snapshot or AMI retains its attributes such as tags, permissions, and encryption status, which it had prior to deletion. Snapshots and AMIs that are not recovered from the Recycle Bin are permanently deleted upon expiration of the retention time.
EBS Recycle Bin is now available in AWS GovCloud (US) regions
EBS Recycle Bin is now available in the AWS GovCloud (US) Regions with Federal Information Processing Standards (FIPS) 140–2 validated endpoints to protect sensitive information.
Workload Consolidation for Karpenter
Starting with v0.15.0, Karpenter will automatically consolidate Kubernetes cluster workloads onto new EC2 instances to help increase utilization and lower cluster compute costs. Karpenter is a flexible, high-performance Kubernetes cluster autoscaler that helps improve application availability, operational overhead, and cluster compute utilization by launching new EC2 instances that are best fit to the scale, scheduling, and resource requirements of the workloads in a cluster. Customers can use Karpenter with Amazon Elastic Kubernetes Service (EKS) or any conformant Kubernetes cluster.
AWS Directory Service for Microsoft Active Directory and AD Connector are now available in the AWS Asia Pacific (Jakarta) Region
AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, and AD Connector are now available in the AWS Asia Pacific (Jakarta) Region.
Announcing new AWS IAM Identity Center (successor to AWS SSO) APIs to manage users and groups at scale
AWS is launching additional APIs to create, read, update and delete users and groups in AWS IAM Identity Center (successor to AWS Single Sign-On). The new APIs expand existing capabilities to help reduce administrative effort and save time, and provide greater visibility into the users and groups that are available in IAM Identity Center. You can use the APIs for provisioning, de-provisioning or updating users and groups programmatically in a scalable manner. The new Identity Center directory APIs enable you to retrieve users and their group memberships from the Identity Center directory for audit and reconciliation purposes.
Amazon Polly NTTS voices now available in Asia Pacific (Mumbai)
Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of all Neural Text-to-Speech (NTTS) voices in the Asia Pacific (Mumbai) Region.
Amazon RDS for PostgreSQL supports new minor version 14.4
Amazon Relational Database Service (Amazon RDS) for PostgreSQL now supports PostgreSQL minor version 14.4. We recommend you upgrade to this latest minor version to fix known security vulnerabilities and bugs from prior versions of PostgreSQL. Please refer to the PostgreSQL community announcement for more details about the release.
Amazon Athena is now available in the AWS Asia Pacific (Jakarta) Region
Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.
Amazon Inspector now supports Windows operating system (OS) for continual software vulnerability scanning of EC2 workloads
Inspector has added Windows Server 2012, 2012 R2, 2016, and 2019, 2022 support for continual EC2 vulnerability scanning. Customers that have Inspector EC2 scanning already enabled and the AWS Systems Manager (SSM) agent installed and configured, do not need to take any additional actions. Windows instances will now automatically and continually be scanned for software vulnerabilities and unintended network exposure. New customers can get started with Inspector with a single click in the AWS Management Console to start assessing for software vulnerabilities in their EC2 instances, both Windows and Linux, along with their container images in the Amazon Elastic Container Registry (ECR). A complete list of operating systems supported by Inspector can be found here.
Enterprise On-Ramp Support is now supported with AWS Outposts
Starting today, customers now have the option of using Enterprise On-Ramp Support or Enterprise Support to satisfy the prerequisite for ordering AWS Outposts. With the addition of Enterprise On-Ramp Support, customers now have more flexibility in selecting the AWS Support plan that best suits their Outposts workloads and support needs.
Amazon EBS adds the ability to take crash-consistent snapshots of a subset of EBS volumes attached to an Amazon EC2 instance
In May 2019, Amazon Elastic Block Store (EBS) launched the ability for customers to take crash-consistent snapshots of all Amazon EBS volumes attached to an Amazon EC2 instance with a single API call. Now you can choose to take crash-consistent snapshots of a subset of Amazon EBS data volumes attached to an Amazon EC2 instance. You can also use Amazon Data Lifecycle Manager (DLM) to automate taking crash-consistent snapshots of the same subset of Amazon EBS volumes on a retention schedule defined by DLM policies.
AWS SAM CLI esbuild support is now generally available
The AWS Serverless Application Model (SAM) Command Line Interface (CLI) announces general availability of esbuild support in SAM CLI. The AWS SAM CLI is a developer tool that makes it easier to build, test, package, and deploy serverless applications. Esbuild, “an extremely fast JavaScript bundler”, links JavaScript ( js , jsx , ts , and tsx ) and CSS dependencies as deployable assets for the web. Starting today, you can now use esbuild in the SAM CLI build workflow for your JavaScript applications.
AWS Config conformance pack templates can now be stored in AWS Systems Manager
AWS Config conformance pack templates can now be stored in and deployed from AWS Systems Manager documents (SSM documents). Conformance packs are collections of AWS Config rules and remediation actions that can be easily deployed as a single entity in an account and a Region or across an organization in AWS Organizations. Conformance packs are defined through a YAML-based template and deployed by AWS Config. As templates are offline files, customers had to maintain manual processes for version control and sharing across accounts.
Amazon QuickSight Q Authors can now identify questions that Q did not answer or required user disambiguation to generate an answer
QuickSight Authors can now better analyze user activity; new enhancements to user activity in Topics make it easy for authors to — a. Identify questions that required user disambiguation to generate an answer, b. Filter questions based on whether they were answered or required user disambiguation and c. Filter questions based on the User who submitted the question. Authors can navigate to the User Activity section of a Topic and identify questions that required disambiguation with specific phrase highlighted, they can also filter the list of questions by choosing either “unanswered”, “has user disambiguations” or by typing in a specific User ID.
Amazon SageMaker Autopilot now provides custom data split options along with an improved experience for creating an AutoML experiment
SageMaker Autopilot automatically builds, trains and tunes the best machine learning models based on your data, while allowing you to maintain full control and visibility. Starting today, when creating Autopilot experiment to train a machine learning model, you can customize the splits of data used for training and validation of models. By default Autopilot splits the specified dataset into 80–20 percent splits reserved for training and validation respectively. With this release, you can customize the training and validation data split percentages or alternatively provide two datasets, one for training and another for validation. This feature is available for use in both Amazon SageMaker Studio and SageMaker Autopilot API.
Custom forecast frequencies now supported in Amazon Forecast
Today, Amazon Forecast is excited to announce the ability to customize the forecast frequency, enabling you to more closely align forecast intervals with your demand cycles. Amazon Forecast is a fully managed service that uses machine learning (ML) algorithms to deliver highly accurate time series forecasts.
AWS GameKit adds Unity Support
We are excited to announce AWS GameKit is now available for the Unity game engine. AWS GameKit allows game developers to deploy and customize game backend features directly from a game engine. AWS GameKit launched on March 23, 2022 with support for Unreal Engine and with today’s release for Unity, game developers can integrate the following cloud-based game features into Win64, MacOS, Android, or iOS games from both the Unreal and Unity engines with just a few clicks: * Identity and Authentication: Create unique identities for each player and allow players to sign into the game. Verify player identities and manage player sessions.
* Achievements: Create and track game-related rewards earned by players.
* Game State Cloud Saving: Maintain a synchronized copy of player game progress in AWS to allow players to resume gameplay across sessions.
* User Gameplay Data: Maintain game-related data for each player, such as inventory, statistics, and cross-play persistence.
Automate AWS Control Tower guardrail management through APIs
AWS Control Tower customers can now programmatically manage controls, also known as guardrails, across their organization at scale. Customers can programmatically enable, disable, and view application status of controls available in the AWS Control Tower library. Control APIs include AWS CloudFormation support, allowing customers to manage AWS resources as infrastructure as code (IaC). AWS Control Tower provides optional preventive and detective controls that customers can use to express their policy intentions to an entire organizational unit (OU), and every AWS account within the OU. These rules remain in effect as customers create new accounts or make changes to their existing accounts.
