5/21/2024, 12:00:00 AM ~ 5/22/2024, 12:00:00 AM (UTC)

Recent Announcements

Amazon OpenSearch Service now supports OpenSearch version 2.13

You can now run OpenSearch version 2.13 in Amazon OpenSearch Service. With OpenSearch 2.13, we have made several improvements to search performance and resiliency, OpenSearch Dashboards, and added new features to help you build AI-powered applications. We have introduced concurrent segment search that allows users to query index segments in parallel at the shard level. This offers improved latency for long-running requests that contain aggregations or large ranges. You can now index quantized vectors with FAISS-engine-based k-NN indexes, with potential to reduce memory footprint by as much as 50 percent with minimal impact to accuracy and latency. I/O-based admission control proactively monitors and prevents I/O usage breaches to further improve the resilience of the cluster. Finally, this release introduces tracking of high-latency queries with the top N queries feature.\n This launch also introduces several features that enable you to build and deploy AI-powered search applications. The new flow framework, helps you to automate the configuration of search and ingest pipeline resources required by advanced search features like semantic, multimodal, and conversational search. This adds to existing capabilities for automating ml-commons resource setup, allowing you to package OpenSearch AI solutions into portable templates. Additionally, we’ve added predefined templates to automate setup for models that are integrated through our connectors to APIs like OpenAI, Amazon Bedrock, and Cohere that enable you to build solutions like semantic search. For information on upgrading to OpenSearch 2.13, please see this documentation. OpenSearch 2.13 is now available in all AWS Regions where Amazon OpenSearch Service is available.

RDS Performance Insights provides fine grained access control

Amazon RDS (Relational Database Service) Performance Insights now provides fine-grained access control for the performance data that it collects. Customers can create new IAM policies or update existing IAM policies to enforce fine-grained access to Performance Insights data through the console or APIs.\n This launch allows customers to define an access control policy for specific dimensions of the database load metric of Performance Insights. For example, customers can define a policy that allows a certain user to view SQL statistics, but denies access to view the full SQL text. Before this launch, customers could define the access control policy at the level of individual actions and resources only. With this feature, customers can restrict access to potentially sensitive dimensions such as SQL text, and provide access to non-sensitive dimensions on the same API action within a single IAM policy. Amazon RDS Performance Insights is a database performance tuning and monitoring feature of RDS that allows you to visually assess the load on your database and determine when and where to take action. With one click in the Amazon RDS Management Console, you can add a fully-managed performance monitoring solution to your Amazon RDS database.

Amazon Kinesis Data Streams supports data plane logging to AWS CloudTrail

Today, Amazon Kinesis Data Streams announces support for logging data plane APIs using AWS CloudTrail, enabling customers to have greater visibility into data stream activity in their AWS account for best practices in security and operational troubleshooting. Amazon Kinesis Data Streams is a serverless data streaming service that enables customers to capture, process, and store data streams at any scale.\n CloudTrail captures API activities related to Amazon Kinesis Data Streams as events, including calls from the Amazon Kinesis Data Streams console and calls made programmatically using Amazon Kinesis Data Streams APIs. Using the information that CloudTrail collects, you can identify a specific request to an Amazon Kinesis Data Streams API, the IP address of the requester, the requester’s identity, and the date and time of the request. Logging Kinesis Data Streams APIs using CloudTrail helps you enable operational and risk auditing, governance, and compliance of your AWS account. Kinesis Data Streams APIs that are now supported for CloudTrail logging are:

GetRecords

GetShardIterator

PutRecord

PutRecords

SubscribeToShard

To opt-in for CloudTrail logging of the above mentioned data plane APIs, you can simply configure logging on your data stream using the AWS CloudTrail Console or by using CloudTrail APIs.

Amazon OpenSearch Service releases cross cluster alerting monitors

Amazon OpenSearch Service’s alerting plugin now supports cross-cluster monitoring, allowing you to create monitors that can query data across multiple OpenSearch clusters from a centralized location. Built on top of cross-cluster search, this feature eliminates the need to recreate redundant alerting monitors on each cluster in your environment. With cross-cluster monitoring, you define which remote indexes to monitor; and the alerting plugin executes the queries, and processes the results during each scheduled execution. In addition, cluster metrics monitors can be used to get alerted based on the responses from popular API such as cluster health, and CAT indices.\n Cross-cluster monitoring enables a variety of powerful use cases. You can now monitor an application that has data segregated across multiple clusters, such as separate clusters for live and historical data. Organizations with a distributed cluster architecture spanning availability zones or regions can get a unified view of issues affecting their full application footprint. Cross-cluster monitoring also allows you to have dedicated monitoring clusters that don’t store application data but can still execute monitors against your data clusters. For information on upgrading to OpenSearch 2.13, please see documentation. OpenSearch 2.13 is now available in all AWS regions globally where Amazon OpenSearch service is available. To learn more about Amazon OpenSearch Service, please visit the product page.

Amazon Verified Permissions improves support for Cognito tokens

Amazon Verified Permissions now enables customers using Cognito tokens for authorization, to write Cedar policies based on Cognito group memberships. The service has also added an additional API that enables developers to submit multiple token-based authorization requests, in a single API call.\n Verified Permissions provides fine-grained authorization for the applications that you build, allowing you to implement permissions as Cedar policies rather than application code. You can call Verified Permissions to authorize access to application APIs and resources, based on OIDC tokens generated by Amazon Cognito. Verified Permissions will evaluate Cedar policies using the claims in the token. Customers using the IsAuthorizedWithToken API, can now reference Cognito groups in their policies. Additionally, to help reduce latency and cost, Verified Permissions now supports a new API called batchIsAuthorizedWithToken. Using batch authorization, developers can modify the user experience based on permissions, for example, by making a single API request to determine which action buttons should be enabled on a page, or which resources to display in a list. More information on the batchIsAuthorizedWithToken API can be found in the API reference guide. These features are available in all AWS regions supported by Amazon Verified Permissions. Pricing is based on the number of API calls made, regardless of the number of authorization requests that are batched within each call. For more information on pricing visit Amazon Verified Permissions Pricing – AWS - Amazon Web Services. For more information on the service visit Fine-Grained Authorization - Amazon Verified Permissions - AWS

Amazon RDS for Db2 introduces hourly licensing from IBM through AWS Marketplace

Amazon RDS for Db2 customers can now subscribe to hourly Db2 licensing from IBM through AWS Marketplace.\n Customers can now choose to either use an existing license via Bring-Your-Own-License (BYOL), or obtain a new license instantly through AWS Marketplace. Customers with seasonal or unpredictable workloads can use the hourly license to avoid the cost of over-provisioning. For example, customers in retail industries can pay a simple hourly rate to deal with increased holiday traffic, rather than predict how much licensing they need and pre-purchase them for peak capacity. Db2 license fees are charged by IBM through AWS Marketplace and appear under the AWS Marketplace section on your AWS invoice, which are in addition to your RDS cost. Amazon RDS for Db2 makes it easy to set up, operate, and scale Db2 databases in the cloud. See the Amazon RDS for Db2 Pricing page for pricing and regional availability information. To learn more about the AWS Marketplace license option, visit the AWS Documentation or read this step-by-step blog to get started.

Announcing an improved private offer experience for AWS Marketplace sellers

AWS Marketplace has upgraded the private offer creation experience for sellers, making it easier for you to extend custom pricing and terms to your customers. The new experience provides step-by-step guidance through the offer creation process, and allows you to save unfinished progress as a draft offer. With this launch, you will also be able to price multiple instances at once and auto-split payments into multiple scheduled dates.\n You can now work on a draft private offer over multiple sessions with the new ‘save and resume’ function, enabling you to gather information and correct errors before submitting an offer. Within the experience, bulk pricing by instance groups and an auto payment scheduler help speed up your offer creation by reducing the need to repeat similar inputs. If you need more information during the offer workflow, each step in the creation experience is equipped with guidance to explain each selection in more detail. These improvements save you time when creating your private offer, increasing your sales velocity through AWS Marketplace. This new feature is available for direct and channel partner private offers for SaaS, Amazon machine images (AMI), containers, and professional services products. To learn more, visit the AWS Marketplace Seller Guide. To try the feature now, visit the Offers tab in the AWS Marketplace Management Portal.

Amazon Lightsail supports easy switching between dual-stack and IPv6-only instance bundles

Amazon Lightsail now supports switching between dual-stack and IPv6-only bundles by removing or adding dynamic public IPv4 addresses on instances.\n Previously, you would have to select an IPv6-only bundle and start a new instance from scratch to move from dual-stack to IPv6-only bundles. With this feature, you can switch between dual-stack and IPv6-only plans on a running instance using ‘change networking type’ feature instead of recreating your applications on a new Lightsail instance. This feature makes it easier to test if your application is supported on IPv6-only bundles and only use IPv4 addresses when needed.

You can use this feature on the the Lightsail Console (accessed from AWS Console), AWS Command Line Interface (CLI) and AWS SDKs in all AWS Regions supporting Lightsail. To learn more about this migration functionality, please see documentation here.

AWS Blogs

AWS Japan Blog (Japanese)

AWS Japan Startup Blog (Japanese)

AWS Big Data Blog

Business Productivity

Containers

AWS Database Blog

AWS for Industries

AWS Machine Learning Blog

AWS for M&E Blog

Networking & Content Delivery

AWS Security Blog

Open Source Project

AWS CLI

Amplify for iOS

Amplify UI

AWS Copilot CLI

Firecracker

Amazon EKS Anywhere