6/10/2024, 12:00:00 AM ~ 6/11/2024, 12:00:00 AM (UTC)
Recent Announcements
Amazon ECS on AWS Fargate now allows you to encrypt ephemeral storage with customer-managed KMS keys
Amazon Elastic Container Service (Amazon ECS) and AWS Fargate now allow you to use customer managed keys in AWS Key Management Service (KMS) to encrypt data stored in Fargate task ephemeral storage. Ephemeral storage for tasks running on Fargate platform version 1.4.0 or higher is encrypted with AWS owned keys by default. This feature allows you to add a self-managed security layer which can help you meet compliance requirements.\n Customers who run applications that deal with sensitive data often need to encrypt data using self-managed keys to meet security or regulatory requirements and also provide encryption visibility to auditors. To meet these requirements you can now configure a customer-managed KMS key for your ECS cluster to encrypt the ephemeral storage for all Fargate tasks in the cluster. You can manage this key and audit access like any other KMS key. Customers can use this feature to configure encryption for new and existing ECS applications without changes from developers.
Amazon CloudWatch Application Signals, for application monitoring (APM) is generally available
Today, AWS announces the general availability of Amazon CloudWatch Application Signals, an OpenTelemetry (OTeL) compatible application performance monitoring (APM) feature in CloudWatch, that makes it easy to automatically instrument and track application performance against their most important business or service level objectives (SLOs) for applications on AWS. With no manual effort, no custom code, and no custom dashboards, Application Signals provides service operators with a pre-built, standardized dashboard showing the most important metrics for application performance – volume, availability, latency, faults, and errors – for each of their applications on AWS.\n By correlating telemetry across metrics, traces, logs, real-user monitoring, and synthetic monitoring, Application Signals enables customers to speed up troubleshooting and reduce application disruption. For example, an application developer operating a payment processing application can see if payment processing latency is spiking and drill into the precisely correlated trace contributing to the spike to establish cause in application code or dependency. Developers that use Container Insights to monitor container infrastructure, can further identify root cause such as a memory shortage or a high CPU utilization on the container pod running the application code causing the spike. Application Signals is generally available in 28 commercial AWS Regions, except CA West (Calgary) Region, AWS GovCloud (US) Regions and China Regions. For pricing, see Amazon CloudWatch pricing. Try Application Signals with the AWS One Observability Workshop sample application. To learn more, see documentation to enable Amazon CloudWatch Application Signals for Amazon EKS, Amazon EC2, native Kubernetes and custom instrumentation for other platforms.
Amazon Security Lake is now available in the the AWS GovCloud (US) Regions
Amazon Security Lake is now available in the AWS GovCloud (US) Regions. You can now centralize security data from AWS environments, SaaS providers, on premises, and cloud sources into a purpose-built data lake stored in your Amazon S3 account.\n Security Lake makes it easier to analyze security data, gain a more comprehensive understanding of security across your entire organization, and improve the protection of your workloads, applications, and data. Security Lake automates the collection and management of your security data across accounts and AWS Regions so that you can use your preferred analytics tools while retaining control and ownership over your security data. For more information about the AWS Regions where Security Lake is available, see the AWS Region table. You can enable your 15-day free trial of Amazon Security Lake with a single-click in the AWS Management console To get started, see the following list of resources:
Democratizing Security Data with Amazon Security Lake and Industry Leaders for Improved Protection eBook
Amazon Security Lake User Guide
Amazon Security Lake console
Amazon RDS for PostgreSQL announces Extended Support minor 11.22-RDS.20240509
Amazon Relational Database Service (RDS) for PostgreSQL announces Amazon RDS Extended Support minor version 11.22-RDS.20240509. We recommend that you upgrade to this version to fix known security vulnerabilities and bugs in prior versions of PostgreSQL.\n Amazon RDS Extended Support provides you more time, up to three years, to upgrade to a new major version to help you meet your business requirements. During Extended Support, Amazon RDS will provide critical security and bug fixes for your MySQL and PostgreSQL databases on Aurora and RDS after the community ends support for a major version. You can run your PostgreSQL databases on Amazon RDS with Extended Support for up to three years beyond a major version’s end of standard support date. Learn more about Extended Support in the Amazon RDS User Guide. You are able to leverage automatic minor version upgrades to automatically upgrade your databases to more recent minor versions during scheduled maintenance windows. Learn more about upgrading your database instances, including minor and major version upgrades, in the Amazon RDS User Guide. Amazon RDS for PostgreSQL makes it simple to set up, operate, and scale PostgreSQL deployments in the cloud. See Amazon RDS for PostgreSQL Pricing for pricing details and regional availability. Create or update a fully managed Amazon RDS database in the Amazon RDS Management Console.
AWS CloudFormation accelerates dev-test cycle with adjustable timeouts for custom resources
AWS CloudFormation launches a new property for custom resources called ServiceTimeout. This new property allows customers to set a maximum timeout for the execution of the provisioning logic in a custom resource, enabling faster feedback loops in dev-test cycles.\n CloudFormation custom resources allow customers to write their own provisioning logic in CloudFormation templates and have CloudFormation run the logic during a stack operation. Custom resources use a callback pattern where the custom resource must respond to CloudFormation within a timeout of 1 hour. Previously, this timeout value was not configurable, so code bugs in the customer’s custom resource logic resulted in long wait times. With the new ServiceTimeout property, customers can set a custom timeout value, after which CloudFormation fails the execution of the custom resource. This accelerates feedback on failures, allowing for quicker dev-test iterations. The new ServiceTimeout property is available in all AWS Regions where AWS CloudFormation is available. Refer to the AWS Region table for details. Refer to the custom resources documentation to learn more about the ServiceTimeout property.
Amazon CloudWatch announces AI-Powered natural language query generation
Amazon CloudWatch announces the general availability of natural language query generation powered by generative AI for Logs Insights and Metrics Insights. This feature enables you to quickly generate queries in context of your logs and metrics data using plain language. By simplifying the query generation process, you can accelerate gathering insights from your observability data without needing extensive knowledge of the query language.\n Query Generator simplifies your CloudWatch Logs and Metrics Insights experience through natural language querying. You can ask questions in plain English, such as “Show me the 10 slowest Lambda requests in the last 24 hours” or “Which DynamoDB table is most throttled” and it will generate the appropriate queries or refine any existing queries in the query window, as well as now, automatically adjust the time ranges for queries that require data within a specified period. It also provides line-by-line explanations of the generated code, helping you learn query syntax. This feature is now supported in US East (N. Virginia), US West (Oregon), and Asia Pacific (Tokyo) To access the feature, click on “Query generator” in the CloudWatch Logs Insights or Metrics Insights console pages. In the help panel, select “Info” for more information. There is no charge for using Query generator. Any queries executed in Logs Insights or Metrics Insights are subject to standard CloudWatch pricing. To learn more about Query generator in CloudWatch Logs Insights or Metrics Insights, visit our getting started guide.
Amazon EC2 M6in and M6idn instances are now available in Asia Pacific (Mumbai)
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) M6in and M6idn instances are available in AWS Regions Asia Pacific (Mumbai), Canada (Central). These sixth-generation network optimized instances, powered by 3rd Generation Intel Xeon Scalable processors and built on the AWS Nitro System, deliver up to 200Gbps network bandwidth, 2x more network bandwidth, and up to 2x higher packet-processing performance over comparable fifth-generation instances. Customers can use M6in and M6idn instances to scale the performance and throughput of network-intensive workloads such as high-performance file systems, distributed web scale in-memory caches, caching fleets, real-time big data analytics, and Telco applications such as 5G User Plane Function.\n
M6in and M6idn instances are available in 10 different instance sizes including metal, with up to 128 vCPUs and 512 GiB of memory. They deliver up to 100 Gbps of Amazon Elastic Block Store (EBS) bandwidth and up to 400K IOPS, the highest Amazon EBS performance across EC2 instances. M6in and M6idn instances offer Elastic Fabric Adapter (EFA) networking support on 32xlarge and metal sizes. M6idn instances offer up to 7.6 TB of high-speed, low-latency instance storage. With this regional expansion, M6in and M6idn instances are available in the following AWS Regions: US East (Ohio, N. Virginia), US West (N. California, Oregon), Europe (Ireland, Frankfurt, Spain, Stockholm), Asia Pacific (Mumbai, Singapore, Tokyo, Sydney), Canada (Central), and AWS GovCloud (US-West). Customers can purchase the new instances through Savings Plans, Reserved, On-Demand, and Spot instances. To learn more, see M6in and M6idn instances page.
AWS Blogs
AWS Japan Blog (Japanese)
- Introducing the highlights of the AWS Summit Japan exhibition for the manufacturing industry!
- Would you like to participate in the Cloud Quest tournament to be held at the AWS Summit Japan in June 2024?
- AWS Weekly — Week 06/2024/3
- Weekly Generative AI with AWS — Week of 2024/6/3
AWS News Blog
AWS Cloud Operations & Migrations Blog
- Solving License Management Challenges during Mergers & Acquisitions with AWS License Manager
- Best practices to optimize costs after mergers and acquisitions with AWS Organizations
AWS Big Data Blog
- How Cloudinary transformed their petabyte scale streaming data lake with Apache Iceberg and AWS Analytics
- Design a data mesh pattern for Amazon EMR-based data lakes using AWS Lake Formation with Hive metastore federation
AWS Compute Blog
AWS Database Blog
AWS for Industries
- Capita Transforms Customer Service with Amazon Connect’s AI-Powered Solutions
- How manufacturers are leveraging Amazon Q Business to increase productivity
- Amazon Fresh saves shoppers time and drives satisfaction with Dash Cart
- Roaming Optimization using Global Presence of AWS: SK Telecom Roaming Edge Cloud