8/30/2024, 12:00:00 AM ~ 9/2/2024, 12:00:00 AM (UTC)
Recent Announcements
Organizational Units in AWS Control Tower can now contain up to 1,000 accounts
AWS Control Tower now allows you to register Organizational Units (OUs) containing up to 1,000 accounts. With this launch, you can implement governance best practices and standardize configurations across the accounts in your OUs at greater scale. When you register an OU or enable the AWS Control Tower baseline on an OU, member accounts receive best practice configurations, controls, and baseline resources such as AWS IAM roles, AWS CloudTrail, AWS Config, AWS Identity Center, required for AWS Control Tower governance.\n Until today, you could only register OUs with 300 accounts or less. Now, you can enroll up to 1,000 AWS accounts under AWS Control Tower governance in a single OU. This allows greater flexibility to preserve your existing OU structure when migrating to AWS Control Tower, and increased ability to scale in-place. Performance enhancements to the OU registration and re-registration processes also enable you to deploy AWS Control Tower baseline resources into your member accounts more efficiently. The maximum number of accounts in an OU may differ depending on the number enabled controls and the number of regions you have under governance. To learn more, visit Limitations based on underlying AWS services in the AWS Control Tower User Guide. For a full list of AWS regions where AWS Control Tower is available, see AWS Region Table.
Amazon Redshift Serverless now supports AWS PrivateLink
Amazon Redshift Serverless now supports AWS PrivateLink (interface VPC endpoint) to connect to Amazon Redshift Serverless. You can now connect directly to the Amazon Redshift Serverless and Amazon Redshift Serverless API services using AWS PrivateLink in your virtual private cloud (VPC) instead of connecting over the internet.\n When you use an AWS PrivateLink, communication between your VPC and Amazon Redshift Serverless is conducted entirely within the AWS network, which can provide greater security and protecting your sensitive information. An AWS PrivateLink endpoint connects your VPC directly to Amazon Redshift Serverless. The instances in your VPC don’t need public IP addresses to communicate with the Amazon Redshift Serverless API. To use Amazon Redshift Serverless through your VPC, you have two options. One is to connect from an instance that is inside your VPC. The other is to connect your private network to your VPC by using an AWS VPN option or AWS Direct Connect. You can create an AWS PrivateLink to connect to Amazon Redshift Serverless using the AWS Management Console or AWS Command Line Interface (AWS CLI) commands. For more information, see Creating an Interface Endpoint. Amazon Redshift Serverless support for AWS PrivateLink is available in all AWS regions where Amazon Redshift Serverless is available.
AWS IoT SiteWise models now support versioning
AWS IoT SiteWise now supports asset model and component model versioning. This new capability is designed to help industrial customers and integrators manage the evolution of their asset models and component models more effectively.\n With asset model and component model versioning, industrial customers can now fetch the active version of their asset model and component model. This helps them recover from failed states and avoid losing changes due to conflicting updates. The versioning feature also enables optimistic locking when updating to safely make changes to models without the risk of overwriting each other’s work. The asset models and component models versioning feature is available in all regions where AWS IoT SiteWise is available. AWS IoT SiteWise is a managed service that makes it easy to collect, store, organize, and monitor data from industrial equipment at scale to help you make data-driven decisions. To learn more about this new feature and how it can benefit your business, please visit the developer guide.
AWS Security Hub launches 8 new security controls
AWS Security Hub has released 8 new security controls, increasing the total number of controls offered to 423. With this release, Security Hub now supports controls for additional AWS services such as Amazon WorkSpaces and AWS DataSync . Security Hub also released new controls against previously supported services like AWS CodeBuild and Amazon Athena. For the full list of recently released controls and the AWS Regions in which they are available, visit the Security Hub user guide.\n To use the new controls, turn on the standard they belong to. Security Hub will then start evaluating your security posture and monitoring your resources for the relevant security controls. You can use central configuration to do so across all your organization accounts and linked Regions with a single action. If you are already using the relevant standards and have Security Hub configured to automatically enable new controls, these new controls will run without taking any additional action. To get started, consult the following list of resources:
Learn more about Security Hub capabilities and features in the AWS Security Hub user guide
Subscribe to the Security Hub SNS topic to receive notifications about new Security Hub features and controls
Try Security Hub at no cost for 30 days
AWS Config conformance packs now available in 12 additional AWS Regions
AWS Config conformance packs and organization-level management capabilities for conformance packs and individual AWS Config rules are now available in 12 additional Regions. Conformance packs allow you to bundle AWS Config rules and their associated remediation actions into a single package, simplifying deployment at scale. You can deploy and manage these conformance packs throughout your AWS environment. With this launch, these capabilities have been added to the following Regions: Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), and Europe (Zurich).\n Conformance packs provide a general-purpose compliance framework designed to enable you to create security, operational, or cost-optimization governance checks using managed or custom AWS Config rules and AWS Config remediation actions. This allows you to monitor compliance based on your own groupings and also apply remediation automatically. With this launch, you can also manage the AWS Config conformance packs and individual AWS Config rules at the organization level which simplifies the compliance management across your AWS Organization. To get started, you can either use the provided sample conformance pack templates or craft a custom YAML file from scratch based on a custom conformance pack. Conformance pack deployment can be done through the AWS Config console, AWS CLI, or via AWS CloudFormation. You will be charged per conformance pack evaluation in your AWS account per AWS Region. Visit the AWS Config pricing page for more details. To learn more about AWS Config conformance packs, see our documentation.
AWS Backup extends support for Cross-Region backup with Amazon Neptune
Today, we are announcing the availability of AWS Backup support for cross-Region backup of Amazon Neptune backups in Asia Pacific (Hong Kong), Israel (Tel Aviv), and Middle East (Bahrain, UAE). Cross-Region backup enables customers to copy backups from one AWS Region to a different AWS Region, helping increase data resiliency. AWS Backup is a policy-based, fully managed and cost-effective solution that enables you to centralize and automate data protection of Amazon Neptune along with other AWS services (spanning compute, storage, and databases) and third-party applications.\n With Cross-Region backup, customers can copy data from a source backup vault to a destination backup vault in another AWS Region, either on-demand or as part of a scheduled backup plan. Cross-Region backup helps customers meet their compliance requirements and disaster recovery needs by storing copies of backup data in a separate Region to their production data. Customers can also recover from backups in the new Region, reducing the risk of downtime and ensuring business continuity requirements are met. AWS Backup for Amazon Neptune is available in all Regions where Amazon Neptune is available except for Africa (Cape Town) and Asia Pacific (Osaka). With today’s launch, cross-Region backup is available for Amazon Neptune backups in all Regions where AWS Backup supports Amazon Neptune. For more information on regional availability, feature availability, and pricing, see the AWS Backup pricing page and the AWS Backup Feature Availability page. To learn more about AWS Backup support for Amazon Neptune, visit AWS Backup’s technical documentation. To get started, visit the AWS Backup console.
Amazon EMR Managed Scaling is now Application Master placement aware
Today, we are excited to announce a new enhancement in EMR Managed Scaling that improves application resiliency and scales the cluster based on executor and ApplicationMasters demand by adding support for Yarn Node Labels. Amazon EMR by default ensures that the processes that controls running jobs and needs to stay alive for the life of the job (ApplicationMasters) can run on both core and task nodes. However, many customers specially who use Spot Instances to run task nodes choose to run ApplicationMasters only on On-Demand core nodes to ensure running jobs do not fail if application masters running on Spot Instances are interrupted. With today’s launch, EMR Managed Scaling will now scale the clusters based on the demand for the individual AM’s or executors requests as defined by YARN node labels. Intelligently scaling the cluster based on AM’s or executors demand leads to better performance, utilization and lower cost.\n As part of today’s launch, with EMR release 7.2 and later, Amazon EMR will also let you specify application level YARN node labels expressions by market type i.e. On-Demand vs Spot. Previously, customers were only able to specify YARN node labels expressions by node type level i.e. Core vs Task. Now, with this new enhancement customers will have the additional flexibility to better suit the needs of your cluster workloads. This feature is available with Amazon EMR release 7.2 and above in all the AWS Regions where Amazon EMR Managed Scaling is available. Review our Managed Scaling documentation to learn more.
Amazon Personalize enhances automatic solution training
Amazon Personalize is excited to introduce the ability for developers to modify automatic training configurations after a Personalize solution has been created. With this launch, developers gain greater flexibility over the automatic training process for both new and existing solutions. Previously, changing configurations like training frequency required re-creating the solution entirely. Now, you can easily modify automatic training settings of any solution via API or console. When updating a solution’s configuration, you can choose to enable or disable automatic retraining, as well as adjust the training frequency as needed.\n Automatic training mitigates model drift and makes sure recommendations align with users’ evolving behaviors and preferences. Modifying the configuration of solution training allows you to adapt model retraining to your evolving business needs and data volumes. For example, you can increase training cadence during peak seasons to further optimize the relevance of recommendations. This saves time and resources by making incremental adjustments as needed, rather than re-creating the entire solution. The automatic training will continue at the new cadence until you make another update or disable automatic training entirely. Existing solutions will remain unchanged unless you modify the training configuration. Amazon Personalize helps companies elevate the customer experience with AI-powered personalization and deliver hyper- personalized user experiences in real-time with precision and scale to improve user engagement, customer loyalty, and business results. Modifications for automatic solution training is supported in all service regions. To learn more, visit our documentation.
AWS WAF enhances rate-based rules to support lower rate limits
AWS WAF now supports setting lower rate limit thresholds for rate-based rules. Customers can now configure rate-based rules with rate limits as low as 10 requests per evaluation window, compared to the previous minimum of 100 requests.\n With AWS WAF rate-based rules, customers can count incoming requests and limit traffic that exceeds a defined request rate. Now, in addition to existing threshold options, customers can set rate-based rule thresholds as low as 10 requests per the evaluation time window. This granular control allows customers to more effectively detect and respond to traffic spikes targeting sensitive applications and APIs, enabling quicker mitigation of sudden usage increases or malicious activity. To use lower rate thresholds, simply set the ‘Rate limit’ to any value between 10 and 100 when configuring rate-based rules. Existing rules will remain unchanged. To customize, edit your rule to select a lower threshold then save. To learn more, see the AWS WAF developer guide. There is no additional cost for using this feature, however standard AWS WAF charges still apply. For details, visit the AWS WAF Pricing page. This feature is available in all AWS Commercial Regions, except Asia Pacific (Hyderabad), Europe (Spain), Australia (Melbourne), Europe (Zurich), Israel (Tel Aviv), US-GovCloud and China Regions.
AWS Amplify introduces new function capabilities with scheduled cron jobs and streaming logs
AWS Amplify now offers two new features for its Functions capability: Scheduled Cron Jobs and Streaming Logs. Cron Jobs allow developers to configure serverless functions to run at specific intervals, while Streaming Logs enable developers to quickly iterate and test function execution by streaming logs directly to their terminal.\n The scheduling feature allows developers to use natural language or cron expressions to configure their serverless functions to run automatically at specified intervals or times. This is particularly useful for tasks such as data processing, batch operations, or scheduled maintenance. Additionally, streaming logs provides real-time visibility into function execution logs, enabling developers to monitor and debug their functions more effectively. To learn more about Scheduling and Streaming Logs, visit the Amplify documentation. Explore the comprehensive guides, code samples, and best practices to get started with these new features.
AWS Blogs
AWS Japan Blog (Japanese)
- AWS Supply Chain’s Prescriptive Approach to Proving Value Experiments (PoVs)
- AWS Innovate — Migrate. Modernize. Build. Announcement of the event
- Hardening RAG chatbot architectures with Amazon Bedrock: blueprints for secure design and mitigation strategies against anti-patterns
- Announcing AWS Parallel Computing Service to run HPC workloads at virtually any scale
- Introducing the AWS-generated AI case “97% reduction in specialized man-hours using a cross-search system using Amazon Bedrock” by JDSC Co., Ltd.
AWS Japan Startup Blog (Japanese)
Front-End Web & Mobile
AWS Machine Learning Blog
- Best practices for prompt engineering with Meta Llama 3 for Text-to-SQL use cases
- Implementing advanced prompt engineering with Amazon Bedrock