AWS update of Week 24 (12Jun - 18Jun)
Ankur Patel
3x AWS? certified | AWS Community Builder | Cloud Enabler and Practitioner | Solutions Architect | FullStack | DevOps | DSML | 6x Sisense certified | Blogger | Photographer & Traveller
Published Date: 2023-06-16 18:29:58+00:00
AWS Partners now have deeper insights into their Amazon Web Services (AWS) business through?AWS Partner Analytics Dashboard, accessible from AWS Partner Central. The dashboard provides Alliance Leads for partners at the Validated or Differentiated with a 360-degree view of their AWS business, including opportunity pipeline, funding benefits, and pipeline revenue.
Published Date: 2023-06-16 17:00:58+00:00
AWS announces the preview of Amazon Elastic Compute Cloud (Amazon EC2) M7a instances. M7a instances are designed to deliver the best x86 performance and price performance within the Amazon EC2 general purpose family, based on SPECint benchmarks. M7a instances are powered by fourth-generation AMD EPYC processors (code named Genoa) with an all-core turbo frequency of up to 3.7GHz. These instances deliver up to 50% greater performance on average compared to M6a instances.
Published Date: 2023-06-16 17:02:58+00:00
AWS CloudShell is now generally available in the Asia Pacific (Hong Kong), Asia Pacific (Seoul), US West (N. California), Asia Pacific (Osaka), Asia Pacific (Jakarta), Europe (Stockholm), Asia Pacific (Singapore), Europe (Paris), Africa (Cape Town), Europe (Milan), Middle East (UAE), and Middle East (Bahrain) regions.
Published Date: 2023-06-16 19:20:58+00:00
Amazon Connect Contact Lens now provides screen recording capabilities, making it easy for you to help agents improve their performance. With screen recording, you can identify areas for agent coaching (e.g., long contact handle duration or non-compliance with business processes) by not only listening to customer calls or reviewing chat transcripts, but also watching agents’ actions while handling a contact (i.e., a voice call, chat, or task). Screen recording is Payment Card Industry Data Security Standard (PCI) compliant and in scope for System Organization Controls (SOC 1 and SOC 2).
Published Date: 2023-06-16 17:14:58+00:00
Today, we are announcing two new AWS Clean Rooms capabilities to help business and technical users collaborate more easily and at scale. Analysis Builder is a guided UI that helps business users to generate insights without writing any code. Business users can use analysis builder to create and edit queries in their AWS Clean Rooms collaboration, and specify their desired metrics, segments, and filters to get insights in a few steps. AWS Clean Rooms customers can also now use AWS CloudFormation templates to create, update, and delete their collaborations, as well as manage resources such as Configured Tables and Table associations. With support for CloudFormation templates, customers can more easily scale their collaborations for additional partners and use cases.
Published Date: 2023-06-16 21:53:58+00:00
Amazon Relational Database Service (Amazon RDS) for MySQL?now supports MySQL minor versions 5.7.42 and 8.0.33. We recommend that you upgrade to the latest minor versions to fix known security vulnerabilities in prior versions of MySQL, and to benefit from the bug fixes, performance improvements, and new functionality added by the MySQL community.?
Published Date: 2023-06-15 21:06:40+00:00
Amazon AppFlow announces the release of 4 new data connectors for Software-as-a-Service (SaaS) applications. The new data connectors enable you to transfer your data from Adobe Analytics, Blackbaud Raiser’s Edge, Coupa, and Google BigQuery, providing connectivity to business planning solutions. These Amazon AppFlow integrations make it easier for you to enrich or hydrate your data lakes, gain actionable insights, and streamline analysis and reporting.
Published Date: 2023-06-15 22:04:08+00:00
Amazon Relational Database Service (Amazon RDS) for MariaDB?now supports MariaDB minor versions 10.6.13, 10.5.20, 10.4.29, and 10.3.39. We recommend that you upgrade to the latest minor versions to fix known security vulnerabilities in prior versions of MariaDB, and to benefit from the bug fixes, performance improvements, and new functionality added by the MariaDB community.
Published Date: 2023-06-15 21:01:50+00:00
Starting today,?Amazon Elastic Compute Cloud (Amazon EC2)?M6i and R6i instances are available in AWS Region Middle East (UAE). These instances are built?on?AWS Nitro System, a?collection of AWS designed hardware and software innovations that enables the delivery of efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage.
Published Date: 2023-06-16 21:20:58+00:00
AWS Step Functions expands its AWS SDK integrations with support for 7 additional AWS services including Amazon VPC Lattice, Amazon CloudWatch Internet Monitor, AWS IoT TwinMaker, and Amazon OpenSearch Ingestion.
Published Date: 2023-06-15 21:30:25+00:00
Amazon Web Services (AWS) announces expansion in Nigeria by launching a new edge location in Lagos. Customers in Nigeria can expect up to 20% improvement in latency, on average, for data delivered through the new edge location. The new AWS edge location brings the full suite of benefits provided by?Amazon CloudFront, a highly?distributed and scalable content delivery network (CDN) that delivers static and dynamic content, APIs, and live and on-demand video with low latency and high performance.
Published Date: 2023-06-15 19:36:38+00:00
Starting today,?AWS Global Accelerator?supports application endpoints in Asia Pacific (Jakarta) Region, expanding the number of?supported AWS Regions?to twenty-four.?
Published Date: 2023-06-15 17:52:05+00:00
Today,?Amazon Location Service?added support for places categories, allowing developers to request, filter, or group places based on specific categories such as coffee shops or restaurants. Developers can use places categories to improve the relevance of their searches, increase the accuracy of their location-based insights, and improve their customer experience. For example, a developer working on a food delivery website can build a search box that filters on restaurants, autocompletes user inputs, and only suggests results relevant to their customers.?
Published Date: 2023-06-15 22:27:50+00:00
Amazon Relational Database Service (Amazon RDS) for Oracle?now supports physical data migration via Oracle Recovery Manager cross-platform Transportable Tablespaces (RMAN XTTS). As of today, you can migrate sets of tablespaces to RDS for Oracle using Oracle RMAN XTTS to simplify movement of large amounts of data and reduce application downtime for a physical data migration.
Published Date: 2023-06-15 21:31:35+00:00
Amazon Location Service?now supports geofence metadata, allowing customers to associate up to three types of additional information (metadata) to a virtual perimeter of a real-world geographical area known as a geofence. With metadata, developers can enrich their applications with properties about each geofence, such as building floor, area designation, route ID, etc., to address use cases such as finding a different floor inside the same geographic boundary.
Published Date: 2023-06-14 19:19:16+00:00
Amazon Relational Database Service (Amazon RDS)?for PostgreSQL, MySQL, and MariaDB now supports AWS Graviton2-based T4g database instances in Asia Pacific (Hyderabad), Europe (Spain), and Middle East (UAE) Regions. T4g database instances provide a baseline level of CPU performance, with the ability to burst CPU usage at any time for as long as required. Depending on the database engine, version, and workload, T4g database instances provide up to 36% better price performance over comparable x86-based T3 database instances.
Published Date: 2023-06-14 17:39:16+00:00
AWS Security Hub?has released 6 new security controls, increasing the overall number of controls Security Hub offers to 264. The new controls conduct fully-automatic security checks against services such as Amazon CloudFront and Amazon Simple Storage Service (Amazon S3). To use these controls, you should first turn on the standard they belong to - either?Foundational Security Best Practices (FSBP)?or?National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5. If you are already using those standards and have Security Hub set to automatically turn on new controls, these new controls will run without having to take any additional action.
Published Date: 2023-06-13 16:32:42+00:00
Today, AWS is announcing the general availability of Amazon Verified Permissions, service for fine-grained authorization and permissions management?for applications that you build. Verified Permissions uses Cedar, an open-source language for access control, allowing you to define permissions as easy-to-understand policies. Use Verified Permissions to support role - and attribute-based access control in your applications.
Published Date: 2023-06-13 18:21:40+00:00
We're excited to announce the ability to control container log rotation when running Apache Spark jobs in EMR on EKS.?Amazon EMR on EKS?enables customers to run open-source big data frameworks such as Apache Spark on Amazon EKS. Customers can now enable container log rotation to avoid excessive log files impacting pod execution.
Published Date: 2023-06-13 19:20:40+00:00
Amazon Connect now provides new contact lifecycle events for callbacks, including when a callback was queued, answered, or disconnected. Contact events can be used to create analytics dashboards to monitor and track contact activity, integrate into workforce management (WFM) solutions to better understand contact center performance, or take follow up actions such as updating your customer databases with a record of the callback attempt. Amazon Connect contact events are published in near real-time via Amazon EventBridge, and can be set up in a couple of clicks by going to the Amazon EventBridge AWS console and creating a new rule.
Published Date: 2023-06-13 18:09:40+00:00
Amazon Personalize now supports Amazon Virtual Private Cloud (VPC) endpoints, allowing Amazon Personalize to communicate with your resources on your VPC without going through the open internet. Amazon VPC is a service that you use to launch AWS resources in a private virtual network that you define and manage. To connect your VPC to Amazon Personalize, you define a VPC endpoint for Amazon Personalize. An endpoint is an elastic network interface with a private IP address that serves as an entry point for traffic destined to a supported AWS service. The endpoint provides reliable, scalable connectivity to Amazon Personalize, and doesn’t require an internet gateway or VPN connection. For more information, see?What is Amazon VPC?in the Amazon VPC User Guide.
Published Date: 2023-06-13 16:34:40+00:00
Amazon Inspector now supports code scanning of Lambda functions, expanding the existing capability to scan Lambda functions and associated layers for software vulnerabilities in application package dependencies. With this expanded capability, Amazon Inspector now also scans your custom proprietary application code within a Lambda function for code security vulnerabilities such as injection flaws, data leaks, weak cryptography, or missing encryption based on AWS security best practices. Upon detecting code vulnerabilities within the Lambda function or layer, Amazon Inspector generates actionable security findings that provide several details, such as security detector name, impacted code snippets, and remediation suggestions to address vulnerabilities. All findings are aggregated in the?Amazon Inspector console?and seamlessly routed to AWS Security Hub, and pushed to Amazon EventBridge to automate workflows.
Published Date: 2023-06-13 19:29:45+00:00
Starting today, Amazon Elastic Container Registry (ECR)?basic scanning?feature will use?Common Vulnerability Scoring System (CVSS)?version 3 information when determining the severity for new Common Vulnerabilities and Exposures (CVEs). This enables customers to get the most recent severity information for vulnerabilities in their ECR container images. We use CVSS information to determine the severity of a vulnerability when the upstream distribution source does not have this information.
Published Date: 2023-06-13 17:26:40+00:00
Today, AWS announces the preview release of Amazon CodeGuru Security, a static application security testing (SAST) tool that uses Machine Learning to help you identify code vulnerabilities and provide guidance you can use as part of remediation. CodeGuru Security also provides in-context code patches for certain classes of vulnerabilities, helping you reduce the effort required to fix code vulnerabilities.
Published Date: 2023-06-13 17:15:40+00:00
AWS Well-Architected introduces Profiles, which allows customers to tailor their Well-Architected reviews based on their business goals. This feature creates a mechanism for continuous improvement by encouraging customers to review their workloads with certain goals in mind first, and then complete the remaining Well-Architected review questions.
Published Date: 2023-06-13 18:48:40+00:00
Customers can now connect their Google Workspace to AWS IAM Identity Center (successor to AWS Single Sign-On) once and manage access to AWS accounts and applications centrally, in IAM Identity Center. This integration enables end users to sign in using their Google Workspace identity to access all their assigned AWS accounts and applications. The integration helps administrators simplify AWS access management across multiple accounts while maintaining familiar Google Workspace experiences for end users as they sign in. IAM Identity Center and Google Workspace use Google auto-provisioning to securely provision users into IAM Identity Center, saving administrative time.
Published Date: 2023-06-13 17:04:40+00:00
Amazon Detective has expanded finding groups to include Amazon Inspector network reachability and software vulnerability findings alongside Amazon GuardDuty findings. The combined threats and vulnerabilities help security analysts prioritize where they should focus their time by answering questions like “was this EC2 instance compromised because of a software vulnerability?” or “did this GuardDuty finding occur because of unintended network exposure?”
Published Date: 2023-06-13 18:04:40+00:00
Today,?AWS Audit Manager?announces?expanded support for third-party risk assessments with the launch of two new features: a third-party questionnaire and the ability to export evidence as a comma-separated values (CSV) file. Customers can already share custom frameworks with vendors on AWS, so that vendors can create assessments on these frameworks and automatically collect evidence from their environments. Together, these features make it easier for enterprises to customize their third-party vendor risk assessments on AWS.?
Published Date: 2023-06-13 16:44:40+00:00
Amazon Inspector now offers the ability to export a consolidated Software Bill of Materials (SBOMs) for all Amazon Inspector monitored resources across your organization in industry standard formats, including CycloneDx and SPDX. With this new capability, you can use automated and centrally managed SBOMs to gain visibility into key information about your software supply chain. This includes details about software packages used in the resource, along with associated vulnerabilities. After Amazon Inspector exports the SBOMs to an Amazon S3 bucket, you have the option to download the SBOM artifacts and use Amazon Athena or Amazon QuickSight to analyze and visualize software supply chain trends. This capability in Amazon Inspector is available with a few clicks in the Amazon Inspector console or using Amazon Inspector APIs.?SBOM exports are offered at no additional cost.
Published Date: 2023-06-13 18:12:40+00:00
Today, AWS launched a new capability that significantly improves face search accuracy by leveraging multiple face images of a user. Currently, Amazon Rekognition allows customers to search users represented by individual face vectors. Face vectors are mathematical representations of faces from images. Now, customers can create user vectors, which aggregate multiple face vectors of the same user. User vectors offer higher face search accuracy with more robust depictions, as they contain varying degrees of lighting, sharpness, pose, appearance, etc.
Published Date: 2023-06-13 16:58:40+00:00
Today, AWS announces the AWS Global Security Initiative which provides Global System Integrators (GSI) partners the opportunity to jointly develop innovative and transformational security and compliance services with AWS, delivering on the promise of actionable security data leveraging the power of Generative AI. This initiative focuses on security services and managed services for multi-cloud enterprises seeking cyber-resilient environments to reduce risk and meet regulatory obligations.
Published Date: 2023-06-13 17:12:40+00:00
Customers can now apply two independent layers of server-side encryption to objects in Amazon S3. Dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS) is designed to meet National Security Agency CNSSP 15 for FIPS compliance and Data-at-Rest Capability Package (DAR CP) Version 5.0 guidance for two layers of CNSA encryption. Amazon S3 is the only cloud object storage service where customers can apply two layers of encryption at the object level and control the data keys used for both layers. S3 features such as DSSE-KMS are vetted and accepted for use on top-secret workloads, which benefits all customers globally.?
Published Date: 2023-06-13 17:51:40+00:00
Today, AWS announces a new summary page in the?Amazon GuardDuty?console to help you more quickly identify and take action on the highest-priority findings across your AWS environment. The summary page presents trends of findings over time, a breakdown of findings by severity and finding type, and top finding volume resources such as Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Simple Storage Service (Amazon S3) buckets, Amazon Relational Database Service (Amazon RDS) databases, AWS Lambda functions, or Amazon Elastic Kubernetes Service (Amazon EKS) clusters. If you are operating in a multi-account environment, the new summary page consolidates findings from across the organization, and helps you to more quickly identify top-impacted accounts.?
Published Date: 2023-06-13 16:59:40+00:00
We are excited to highlight AWS Partner software solutions with AWS built-in, including new infrastructure as code (IaC) that integrates automatically with AWS foundational services to help customers achieve their long-term goals in the cloud. AWS built-in software uses a well-architected Modular Code Repository (MCR) designed to add value to partner software solutions. AWS built-in partner solutions leverage key building blocks called Cloud Foundational Services across multiple domains such as identity, security, and operations.?
Published Date: 2023-06-13 20:05:40+00:00
Amazon OpenSearch Service now supports a new ‘skip unavailable’ setting for cross cluster search connections. If skip unavailable is enabled on connections, cross-cluster search ignores any remote cluster that might not available during the search.
Published Date: 2023-06-13 18:22:40+00:00
With EC2 Instance Connect Endpoint (EIC Endpoint), customers now have SSH and RDP connectivity to their EC2 instances without using public IP addresses. In past, customers assigned public IPs to their EC2 instances for remote connectivity. With EIC Endpoints, customers can have remote connectivity to their instances in private subnets, eliminating the need to use public IPv4 addresses for connectivity.
Published Date: 2023-06-13 17:15:43+00:00
AWS CloudTrail Lake, a managed data lake that lets organizations aggregate, immutably store, and query their audit and security logs for auditing, security investigations and operational troubleshooting, announces the general availability of CloudTrail Lake dashboards. CloudTrail Lake dashboards provide out-of-the-box visibility for top trends from your CloudTrail data directly within the CloudTrail Lake console. It also offers the flexibility to drill down into additional details such as specific user activity for further investigation needs using CloudTrail Lake SQL queries. Auditing and compliance engineers can use the CloudTrail Lake dashboards to track progress of compliance mandates such as migration to TLS 1.2 and beyond. CloudTrail Lake dashboards will help security engineers closely track sensitive user activities such as deletion of trails or repeated access denied errors. Cloud operation engineers can get visibility to issues such as top service throttling errors from the curated dashboard.
Published Date: 2023-06-16 15:49:58+00:00
AWS Elastic Disaster Recovery?(AWS DRS)?now allows you to replicate and recover your AWS network components and configurations to maintain the readiness and security of your AWS recovery site. These components includes subnet CIDR, security groups, route tables, Internet gateways, and network ACLs.
Published Date: 2023-06-13 17:14:40+00:00
AWS Security Hub, a cloud security posture management service that performs security best practice checks, aggregates alerts, and facilitates automated remediation, now features a capability to automatically update or suppress findings in near-real time. You can now use automation rules to automatically update various fields in findings, suppress findings, update finding severity and workflow status, add notes, and more.?
Published Date: 2023-06-13 17:15:47+00:00
AWS WAF Fraud Control announces Account Creation Fraud Prevention, a managed protection for AWS WAF that is designed to prevent creation of fake or fraudulent accounts. Fraudsters use fake accounts to initiate activities, such as abusing promotional and sign-up bonuses, impersonating legitimate users, and carrying out phishing attacks. These activities can lead to several direct or indirect costs such as damaged customer relationships, reputational loss, and exposure to financial fraud. Account Creation Fraud Prevention protects your account sign-up or registration pages by allowing you to continuously monitor requests for anomalous digital activity and automatically block suspicious requests based on request identifiers and behavioral analysis.?
Published Date: 2023-06-12 17:01:40+00:00
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R6id instances are available in the AWS Asia Pacific (Mumbai, Seoul, Singapore), and Europe (London) regions. These instances are powered by 3rd generation Intel Xeon Scalable Ice Lake processors with an all-core turbo frequency of 3.5 GHz and up to 7.6 TB of local NVMe-based SSD block-level storage.
Published Date: 2023-06-12 20:19:40+00:00
Today, we are launching preview of the AWS Database Encryption SDK, an upgrade to the existing Amazon DynamoDB Encryption Client, which enables you to include client-side encryption in your DynamoDB workloads. With this launch, you can more easily perform attribute-level encryption, enabling you to encrypt specific attribute values before storing them in your DynamoDB table. This lets you protect sensitive data in-transit and at-rest, as data cannot be exposed unless decrypted by your application. This new release also lets you easily search on encrypted attributes without decrypting the entire database beforehand. This lets you find the right information quickly to download to your application while your data remains securely encrypted within the database.
Published Date: 2023-06-12 21:26:40+00:00
We are excited to announce the addition of 10 new AWS Security Hub detective controls to the AWS Control Tower controls library. These new controls target services such as Amazon APIGateway, AWS CodeBuild, Amazon Elastic Compute Cloud, Amazon Elastic Load Balancer, Amazon Redshift, Amazon SageMaker, and AWS WAF. These new controls help you meet control objectives, such as establish logging and monitoring, limiting network access and encrypting data at rest, enhancing your governance posture.?
Published Date: 2023-06-12 16:05:40+00:00
Today, AWS is announcing a new service,?AWS Payment Cryptography. This service simplifies your implementation of cryptography operations used to secure data in payment processing applications for debit, credit, and stored-value cards in accordance with various payment card industry (PCI), network, and American National Standards Institute (ANSI) standards and rules. Financial service providers and processors can replace their on-premises hardware security modules (HSMs) with this elastic service and move their payments-specific cryptography and key management functions to the cloud.
Published Date: 2023-06-12 20:16:40+00:00
AWS GovCloud (US) Regions are designed to host sensitive data, regulated workloads, and address the most stringent U.S. government security and compliance requirements. With today’s release, Route 53 now enables customers in the AWS GovCloud (US-East and US-West) Regions to define AWS Identity and Access Management (IAM) create, edit, and delete policies for individual or groups of DNS record sets within a Route 53 private hosted zone.
Published Date: 2023-06-12 18:50:40+00:00
Amazon Connect now provides APIs to search for three additional resources in your Amazon Connect instance: prompts, quick connects and hours of operation. These new APIs provide a programmatic and flexible way to search by name, resource ID, description, or tags. For example, you can now search for quick connects with “finance” in the description, prompts matching a group of IDs, or hours of operation for a specific time zone. The results include details such as ARN, status and related resource IDs. To learn more about the new search APIs, see the?API documentation.
Published Date: 2023-06-12 18:27:40+00:00
Amazon EventBridge Archive and Replay is now available in the Europe (Spain), Europe (Zurich), and Asia Pacific (Hyderabad) AWS Regions, making event-driven applications more durable and extensible by providing an easier way to replay past events. Archive and Replay enables you to build applications that can more easily recover from errors and also allows you to more easily validate new functionality in your applications.
Published Date: 2023-06-12 17:14:41+00:00
AWS Transfer Family now supports quantum-safe public-key exchange for SFTP file transfers. Quantum-safe public-key exchange helps protect your file transfers from threats such as?“harvest now, decrypt later“?attacks that record present day traffic for decrypting once cryptographically relevant quantum computers become available.
Published Date: 2023-06-12 17:59:40+00:00
Today, we are excited to announce that?Amazon EMR?now supports the price-capacity-optimized allocation strategy for Amazon EC2 Spot Instances for clusters launched with Instance Fleets. Allocation strategies let you determine how EMR selects from your specified instance types and Availability Zones to fulfill your desired capacity. Price-capacity-optimized allocation strategy makes Spot allocation decisions based on both spare capacity availability and Spot Instance price. As a result, you can run Spot Instances at a lower price and with a lower interruption rate.