AWS Week in Review #24

I've been closely following AWS announcements for years. So I thought, why not make it a habit to share a weekly summary of all the AWS news I consider relevant with you weekly. So here is my first try.

AWS Adopts FOCUS: New Cloud Billing Standard

AWS has introduced Data Exports for FOCUS 1.0, a preview feature aligning with the new open-source cloud billing standard supported by major cloud providers. FOCUS aims to simplify cloud financial management through a unified billing format, benefiting various stakeholders in the cloud ecosystem. This development suggests a trend towards cloud computing becoming more commoditized, potentially shifting competition towards pricing. While offering significant benefits, there's currently limited awareness of cost analysis tools supporting FOCUS.

AWS CodeArtifact Adds Rust Support

AWS CodeArtifact now supports Cargo, the Rust package manager, allowing developers to store and manage Rust crates alongside other artifacts. This update, released on June 20, 2024, enables automatic fetching of crates from crates.io and is available in all 13 CodeArtifact regions. CodeArtifact has expanded its coverage to include a wide range of package managers, making it a mature and comprehensive solution for artifact management. We believe this development is significant, as it addresses the challenges of poorly managed self-hosted package management systems often encountered in consulting work.

Amazon OpenSearch Adds JWT Authentication

Amazon OpenSearch Service now supports JWT authentication and authorization. This allows users to authenticate without credentials or an internal user database, and easily integrate with their preferred identity providers. JWT support improves tenant isolation in multi-tenant applications and can be set up via console, CLI, or APIs. The feature is available in all AWS regions where Amazon OpenSearch Service is offered.

AWS CodeBuild Introduces Organization-Level GitHub Webhooks

AWS CodeBuild now supports organization and global webhooks for GitHub and GitHub Enterprise Server, allowing users to configure a single webhook at the organization or enterprise level instead of creating individual webhooks for each repository. This feature enables automatic detection of changes in repositories and triggers new builds for events like GitHub Actions workflow runs, commit pushes, releases, and pull requests. For managed GitHub Action self-hosted runners, it provides centralized control of the runner environment at the organization or enterprise level. We've tested the webhooks on organizations and found them to be working well, with runners typically taking about 40 seconds to start executing a job. While this announcement potentially impacts our HyperEnv product for deploying self-hosted GitHub runners on AWS, we have concerns about the use of personal access tokens for CodeBuild with GitHub Enterprise Server, which we believe doesn't align with security best practices.