8. ANALYTICS
• AWS Glue adds new transforms (Purge, Transition and Merge) for Apache Spark applications to work with datasets in
Amazon S3 (drop some tables, merge data frames into 1 single file, and transition old files to Glacier)
Serverless ETL
11. BUSINESS APPLICATIONS
• Bring your own IP to SES (in the case that some companies have built algorithmic
reputation for their IP’s and don’t want to switch them and maybe get blacklisted)
*Brand = email IP
12. COMPUTE
• Amazon EC2 Spot instances can now be stopped and started similar to On-Demand
instances (before: terminate only)
• 50% price reduction in EKS
• Everything on the EC2 will be backed up (not just EBS volume) like a golden image and it
can be done on-demand AND scheduled BACKUP and restore. (What was it before?)
• Stop and start EC2 spot instances (use case?), provided Spot capacity is available within
your maximum price requirements.
• Lightsail more blueprints!!!!
• ElasticBeanstalk’s roadmap is on GitHub (so you can star stuff)
13. DATABASE
• 80% price reduction in CloudEndure (service for backing up cloud data) - $20/month per server
• RDS MySQL snapshots export to S3 in parquet format, which is friendly for
EMR/SageMaker/Athena & 2x faster & 6x cheaper
• RDS MySQL now supports authentication via Microsoft Active Directory (e.g. SSO)
• EFS - managed network file system for Linux — now has IAM, which you can do client specific
permissions, like Read Only for certain roles, and log all access requests to cloudtrail
• AWS BackUp to back data in EBS, RDS
• Back up data to a different region (for DR compliance)
• Restore a single file from EFS without having to restore the entire system
14. ALERT!
Urgent & Important – Rotate Your Amazon RDS, Aurora,
and Amazon DocumentDB (with MongoDB compatibility)
Certificates
WHO: anyone using SSL/TLS certificate validation to connect to your database instances
STEPS: do the following:
1. Download & install a fresh cert
2. Rotate the CA for the instances
3. Reboot instances
>>>>>the actual steps <<<<<<
15. DEVELOPER TOOLZ
• The Amazon Builders’ Library is Now Available in 16
Languages (e.g. Turkish, Russian, Chinese Traditional,
Indonesian)
16.
17. INTERNET OF THINGS
AWS IoT Greengrass Core SDK for Node.js (v1.6.0) now supports Stream Manager!
18. MACHINE LEARNING
• Translate - fully managed neural machine translation tool- 1 million text/html Docs
asynchronously- “Batch” - one single API call! Good if you don’t need real-time
translation. Each doc can’t exceed 1 MB.
19. MANAGEMENT & GOVERNANCE
• Systems Manager (visibility and control, and do operational tasks over infra)
• “change calendar” allows you to allow, prohibit, or schedule executions E.g.
lambda function trying to change resources.
20. SECURITY
• 50% price reduction in GuardDuty, for continually monitoring your account for things
like bitcoin mining
21.
22. AWS Key Management Service expands support for
asymmetric keys
Decrypt w/ private key in AWS w/ KMS
Encrypt w/ public key
Random customer
Trusted customer
TOO MANY CARROTSYOU
By using AWS PrivateLink, EMR can keep your network traffic within the Amazon network using interface VPC endpoints. Your network architecture is significantly simplified as you no longer need to use an Internet Gateway, Network Address Translation (NAT) devices, or firewall proxies to connect to EMR.
EventBridge connects applications using events. An event is a signal that a system’s state has changed, such as a change in the status of a customer support ticket. To write code to react to events, you need to know the event’s schema, which includes information such as the title, format, and validation rules for each piece of event data.
Amazon MQ - high volume order processing, stock trading, text processing and many more
In addition to Amazon CloudWatch, you now have the option to monitor your Amazon Managed Streaming for Apache Kafka (Amazon MSK) clusters using Prometheus, an open source monitoring system for time-series metrics. Open Monitoring with Prometheus enables you to monitor Amazon MSK using solutions like Datadog, Lenses, New Relic, Sumo logic, or a Prometheus server, and easily migrate your existing monitoring dashboards to Amazon MSK.
What’s Happening?The SSL/TLS certificates for RDS, Aurora, and Amazon DocumentDB expire and are replaced every five years as part of our standard maintenance and security discipline. Here are some important dates to know:
September 19, 2019 – The CA-2019 certificates were made available.
January 14, 2020 – Instances created on or after this date will have the new (CA-2019) certificates. You can temporarily revert to the old certificates if necessary.
https://aws.amazon.com/blogs/aws/urgent-important-rotate-your-amazon-rds-aurora-and-documentdb-certificates/
The Amazon Builders’ Library is a collection of living articles that take readers under the hood of how Amazon architects, releases, and operates the software underpinning Amazon.com and AWS. The Builders’ Library articles are written by Amazon’s senior technical leaders and engineers, covering topics across architecture, software delivery, and operations. For example, readers can see how Amazon automates software delivery to achieve over 150 million deployments a year or how Amazon’s engineers implement principles such as shuffle sharding to build resilient systems that are highly available and fault tolerant.
FreeRTOS is a real-time operating system kernel[3][4][5] for embedded devices that has been ported to 35 microcontroller platforms. It is distributed under the MIT License.
Amazon FreeRTOS extends the FreeRTOS kernel, a popular open source operating system for microcontrollers, with software libraries that make it easy to securely connect your small, low-power devices to AWS cloud services like AWS IoT Core or to more powerful edge devices running AWS IoT Greengrass.
AWS IoT Greengrass Stream Manager makes it easier to collect, process, and export data streams from IoT devices, and manage the life cycle of that data on the device to reduce development time.
AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. (Released in June)
AWS Firewall Manager’s integration with Security Hub will send four types of findings to Security Hub: (1) resources that are not properly protected by WAF rules; (2) resources that are not properly protected by Shield Advanced; (3) Shield Advanced findings that indicate a Distributed Denial of Service attack is underway; and (4) security groups that are being used incorrectly.
This Week AWS
EFS - managed network file system for Linux — now has IAM, which you can do client specific permissions, like Read Only for certain roles, and log all access requests to cloudtrail 3 AWS BackUp to back data in EBS, RDS, 1. Back up data to a different region (for DR compliance)2. Restore a single file from EFS without having to restore the entire system 3. Everything on the EC2 will be backed up (not just EBS volume) like a golden image and it can be done on-demand AND scheduled BACKUP and restore. (What was it before?)4. Stop and start EC2 spot instances (use case?), provided Spot capacity is available within your maximum price requirements.
Week before:
1. Systems Manager (visibility and control, and do operational tasks over infra) - “change calendar” allows you to allow, prohibit, or schedule executions E.g. lambda function trying to change resources.2. Bring your own IP to SES (in the case that some companies have built algorithmic reputation for their IP’s and don’t want to switch them and maybe get blacklisted)3. Translate - fully managed neural machine translation tool- 1 million text/html Docs asynchronously- “Batch” - one single API call! Good if you don’t need real-time translation. Each doc can’t exceed 1 MB.