AWS Customers Build to Create, Entertain, and Make History - 2021

https://youtu.be/0fEZABac-LU

​​Weekly Summary on AWS (March 20-26)

🔸 ACM Private CA + custom subject names, extensions, and name constraints
🔸 Amplify + @mapsTo to rename models while retaining data
🔸 Billing + detailed break down of costs for RDS 👀
🔸 Chime SDK + 10 000 live participants
🔸 Comprehend + extract custom entities from images and Textract JSON files
🔸 Connect forecasting, capacity planning, and scheduling
🔸 Cost Anomaly Detection + resource and tag based access management
🔸 Cost Categories + resource and tag based access controls
🔸 EC2 Metadata + autoscaling/target-lifecycle-state
🔸 ECS + warm pools for EC2 Auto Scaling
🔸 GameKit for Unreal Game Engine 🎉
🔸 GameSparks 💥
🔸 Kendra + Slack Connector
🔸 Lambda + /tmp ephemeral storage: 512 MB → 10 GB 👍
🔸 Lex + grammar slot type
🔸 Panorama
➖ CloudWatch alarms
➖ Receiving inbound messages over the local area network
➖ TensorFlow, PyTorch, and OpenCV
🔸 Proton + Terraform GA
🔸 QuickSight + Groups Management UI
🔸 RDS for PostgreSQL + tds_fdw to connect to a SQL Server
🔸 RDS Service APIs + IPv6 👈
🔸 Service Management Connector for JSM (Jira) + AWS Support
🔸 Transcribe Call Analytics + call summarization

🔹 Corretto 18
🔹 Free Tier + db.t3.micro/db.t4g.micro for RDS 💪

#AWS_week

Закрытие AWS account через AWS SDK & AWS CLI:

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html#aws-cli-&-aws-sdks

aws organizations close-account --account-id 123456789012

Не прошло и пять лет. Ан нет, прошло.

Нужно учитывать следующие особенности закрытия (на самом деле сначала приостановки - SUSPENDED) AWS аккаунтов в Organizations:

▫️ Закрыть можно любой аккаунт (member account, иногда называются как sub-account) кроме главного (management account, ранее master account).
▫️ Пока команда выполнения закрытия аккаунта находится в процессе (обычно несколько минут), аккаунт будет в состоянии PENDING_CLOSURE. По её отработке он переходит в состояние SUSPENDED, в котором будет висеть ещё три месяца, прежде, чем окончательно удалится.
▫️ Закрыть сразу все аккаунты не получится. Можно закрыть лишь 10% от общего количества в течение месяца.
▫️ Случайно закрытый нужный аккаунт можно восстановить в течение 90 дней через Support (пока аккаунт находится в состоянии SUSPENDED).

Подробности API для Organizations - CloseAccount:

https://docs.aws.amazon.com/organizations/latest/APIReference/API_CloseAccount.html

Особенности закрытия аккаунтов для AWS GovCloud (US):

https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/Closing-govcloud-account.html

⚠️ На момент публикации документация на команду AWS CLI close-account пока ещё не доступна.

#Organizations

The official AWS blog about closing AWS accounts using the AWS CLI or AWS SDK:

https://aws.amazon.com/blogs/mt/aws-organizations-now-provides-a-simple-scalable-and-more-secure-way-to-close-your-member-accounts/

You can use the AWS Organizations console, CLI or API/SDK to efficiently and more securely close the member accounts in your organization, saving you significant overhead in managing these administrative tasks while ensuring resource efficiency and overall security.

#Organizations

Reduce encryption costs by using S3 Bucket Keys on existing objects:

https://aws.amazon.com/blogs/storage/reduce-encryption-costs-by-using-amazon-s3-bucket-keys-on-existing-objects/

In this blog, we’ve walked through the steps to implement S3 Bucket Keys for objects with different KMS keys within same bucket. By doing so, we were able to significantly reduce request traffic from S3 to KMS, decreasing KMS costs by 80 percent.

#S3 #KMS

Новое видео от Михаила Голубева:
Добавление компьютерного зрения в ваше приложение используя Amazon Rekognition
https://youtu.be/SrW_rG9IrfI

​​Weekly Summary on AWS (March 27 - April 2)

🔸 Aurora PostgreSQL + TDS Protocol
🔸 Backup
➖ Restore individual VMware virtual disks
➖ VMware Cloud on AWS Outposts
🔸 CloudFront + Server Timing headers
🔸 Connect + Contact Lens
🔸 EC2 + automatic recovery of instances by default 👈
🔸 EC2 AMI + reducing visibility of public AMIs older than two years ⚠️
🔸 ECS + container instances per cluster 2000 → 5000
🔸 EKS + EBS CSI Driver add-on GA 👀
🔸 EMR Managed Scaling + Spark shuffle data awareness
🔸 EventBridge Schema Registry + Golang 👍
🔸 Firewall Manager + Palo Alto Networks Cloud NGFW 💥
🔸 FSx for NetApp ONTAP + change the throughput capacity
🔸 Glue 2.0 + fuzzy matching and deduplication
🔸 Glue DataBrew + ORC file format
🔸 Lambda console + bulk update of layers
🔸 License Manager + AWS Marketplace
🔸 Organizations + central AWS account closure 🎉
🔸 SageMaker Data Wrangler + Databricks
🔸 Security Hub 👇
➖ 12 controls for security posture monitoring
➖ Company and product names for custom integrations
🔸 Storage Gateway + VMware ESXi 7.0 and Microsoft Hyper-V 2022 and 2019 hypervisors
🔸 Well-Architected Tool + Sustainability Pillar
🔸 WorkSpace + branding 👀

🔹 Aurora PostgreSQL 13.6, 12.10, 11.15, 10.20 and Babelfish for Aurora PostgreSQL 1.2.0
🔹 Hadoop S3A connector + S3 Access Points
🔹 RDS for Oracle + January 2022 PSU for 12.1 and RU for 12.2 and 19c

#AWS_week

​​Kubernetes 1.22 для EKS, EKS Distro и EKS Anywhere:

https://aws.amazon.com/blogs/containers/amazon-eks-now-supports-kubernetes-1-22/

Спустя официального релиза 1.22 прошло 8 месяцев и в результате сделанный в прошлый раз прогноз на эту версию был неточен аж на четыре с половиной месяца! Что лишь подчёркивает, как много изменений в новой версии:

https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-1.22

Точней уже не новой, т.к. ещё четыре месяца назад вышла 1.23. 😐

Несмотря на такую задержку, всё же, предположу, что 1.23 появится на AWS ещё летом, поставлю на 15 августа.

Отдельно стоит отметить, что поддержка версии EKS 1.18 была совсем недавно прекращена - 31 марта.

#EKS

Напомню, куча бесплатных тренингов AWS находится тут - https://explore.skillbuilder.aws/learn

​​Lambda Function URL: 🎉

https://aws.amazon.com/blogs/aws/announcing-aws-lambda-function-urls-built-in-https-endpoints-for-single-function-microservices/

Each function URL is globally unique and can be associated with a function’s alias or the function’s unqualified ARN, which implicitly invokes the $LATEST version.

For example, if you map a function URL to your $LATEST version, each code update will be available immediately via the function URL.

Lambda Function URL vs. API Gateway

Function URLs are best for use cases where you must implement a single-function microservice with a public endpoint that doesn’t require the advanced functionality of API Gateway, such as request validation, throttling, custom authorizers, custom domain names, usage plans, or caching.

Pricing

Function URLs are included in Lambda’s request and duration pricing. (So it's FREE!💪)

▪️ Rest API (first 333 mil) = $3.5
▪️ HTTP API (first 300 mil) = $1.0
▫️ Lambda URL = Free
▪️ CloudFront proxying to Lambda URL = ~ $1.0 to $1.2

Timeout (seconds)

▪️ Rest API = 29
▪️ HTTP API = 30
▫️ Lambda URL = 900
▪️ CloudFront proxying to Lambda URL = 60 (by default)

#Lambda

​​New design of AWS Certifications Badges:

https://aws.amazon.com/certification/

#AWS_Certification

​​Weekly Summary on AWS (April 3-9)

🔸 Amplify Geo for iOS
➖ Amplify Geo + React Component for Maps
➖ Amplify Hosting + GitHub App
➖ Amplify Studio + file storage
🔸 AppConfig Feature Flags + Jira
🔸 AppSync + enhanced subscriptions filtering
🔸 Athena
➖ ACID transactions GA
➖ Amazon Ion format
🔸 Backup + FSx for Lustre Persistent_2
🔸 CloudFormation + RStudio on SageMaker
🔸 CloudWatch Metrics Insights GA
🔸 Connect + playing voice prompts from S3
➖ Connect Wisdom + Zendesk
➖ Updated UI
🔸 Console
➖ New EC2 Console launch page 👀
➖ Unified AWS Console settings + Region/language/service 👈
🔸 DocumentDB + Performance Insights
🔸 EC2 m6a.metal & c6a.metal instances 💥
🔸 ECS Exec + Windows containers on Fargate
🔸 EKS 1.22 🎉
🔸 EventBridge + global endpoints 👍
🔸 IoT Device Management & Device Defender + ListMetricValues API GA
🔸 Lambda Function URL 🔥
🔸 MemoryDB for Redis + ACK (AWS Controllers for Kubernetes)
🔸 OpenSearch
➖ Custom dictionaries with IK Analysis plugin
➖ Cross-cluster Replication
➖ Cross-cluster Search
➖ Observability
➖ Version 1.2 👈
🔸 Pinpoint API 2.0
🔸 PrivateLink + FSx API
🔸 RDS Proxy + PostgreSQL 13 🎉
🔸 Route 53 + usage-based pricing
🔸 Redshift
➖ Microsoft Azure AD & Power BI
➖ RBAC
🔸 RDS for SQL Server + SQL Server Agent job replication
🔸 Shield Advanced + automatic DDoS mitigation for ALB

🔹 Data transfer + FREE cross-AZ for PrivateLink, TGW, and Client VPN 💪
🔹 OpsWorks for Configuration Management + Puppet Enterprise LTS 2019.8
🔹 Compute Optimizer + 66 new instance types
🔹 RDS for Oracle + M6i / R6i instances
🔹 Security Hub + 5 new controls & Data Theorem

#AWS_week

​​Weekly Summary on AWS (April 10-16)

🔸 AppStream 2.0 + session scripts for Elastic fleets
🔸 App Runner + X-Ray 👈
🔸 CloudWatch Metric Streams + additional statistics
🔸 DataSync + FSx for OpenZFS
🔸 EC2 Console launch page + EFS & FSx 👀
🔸 Fargate + 20X faster scaling 💪
🔸 FSx for NetApp ONTAP + single AZ deployment 💥
🔸 Kinesis Data Firehose + Coralogix
🔸 Personalize + resource tagging
🔸 PrivateLink + Connect Wisdom
🔸 SSO + synchronization from AD 👍
🔸 WorkSpaces + G4dn instances

🔹 Aurora MySQL + cipher suites
🔹 Chime SDK for JavaScript 3.0 and React Components 3.0
🔹 Registry of Open Data + 16 new or updated datasets

#AWS_week

​​Security Overview of AWS Fargate:

https://d1.awsstatic.com/whitepapers/AWS_Fargate_Security_Overview_Whitepaper.pdf

#Fargate #security

​​Aurora Serverless v2:

https://aws.amazon.com/blogs/aws/amazon-aurora-serverless-v2-is-generally-available-instant-scaling-for-demanding-workloads/

Aurora Serverless v2 enables you to scale your database to hundreds of thousands of transactions per second and cost-effectively manage the most demanding workloads. It scales database capacity in fine-grained increments to closely match the needs of your workload without disrupting connections or transactions.

If you have an existing Aurora cluster, you can create an Aurora Serverless v2 instance within the same cluster. This way, you’ll have a mixed configuration cluster where both provisioned and Aurora Serverless v2 instances can coexist within the same cluster.

Aurora Serverless v2 capacity scales up and down within the minimum 0.5 ACUs and maximum 128 ACUs configuration.

Versions supported:
🔹 PostgreSQL 13
🔸 MySQL 8.0

#Aurora #Serverless

​​Weekly Summary on AWS (April 17-23)

🔸 ACK (AWS Controllers for Kubernetes) + EKS, ECR, DynamoDB, S3, Autoscaling and API Gateway v2 + GA 👀
🔸 Amazon Linux 2022 + ECS-optimized AMI
🔸 Amplify Geo for Android + GA
🔸 Amplify Studio + GA 💪
🔸 Athena + 10 new data sources 🔥
🔸 Aurora Serverless v2 + GA 🎉
🔸 Batch + dynamically update configuration
🔸 CloudFormation + 35 new resources
🔸 Connect + API for phone numbers
🔸 DevOps Guru Proactive Insights for Serverless Applications
🔸 EC2 Auto Scaling + default instance warm-up time
🔸 EKS + OpenTelemetry Operator addon
🔸 Glue
➖ Auto Scaling + GA
➖ Interactive Sessions + GA
➖ Glue Studio Detect PII + GA
➖ Glue Studio Job Notebooks + GA
🔸 IoT TwinMaker + GA 👍
🔸 Kendra
➖ Box Connector
➖ Quip Connector
🔸 Keyspaces + Spark Cassandra connector
🔸 KMS + HMAC 👀
🔸 Macie + discovering more types of sensitive data
🔸 Migration Hub Orchestrator
🔸 Neptune
➖ Free trial 👈
➖ IAM global condition keys
➖ openCypher GA
🔸 Personalize + starting and stopping recommender
🔸 PrivateLink + Batch
🔸 QuickSight + 1-click public embedding
🔸 RDS + Multi-AZ for Outposts
🔸 Redshift Audit Logging + CloudWatch
🔸 SageMaker Serverless Inference + GA
🔸 Security Hub + cross-Region security scores and compliance statuses
🔸 Step Functions + 20 new AWS SDK integrations
🔸 Textract + Queries

🔹 Corretto 18.0.1, 17.0.3, 11.0.15, and 8u332
🔹 Launch Wizard
➖ IIS
➖ Microsoft Exchange Server
🔹 MQ + ActiveMQ 5.16.4

#AWS_week