11/11/2024, 12:00:00 AM ~ 11/12/2024, 12:00:00 AM (UTC)
Recent Announcements
Amazon OpenSearch Ingestion adds support for ingesting data from Amazon Kinesis Data Streams
Amazon OpenSearch Ingestion now allows you to ingest records from Amazon Kinesis Data Streams, enabling you to seamlessly index streaming data in Amazon OpenSearch Service managed clusters or serverless collections without the need for any third-party data connectors. With this integration, you can now use Amazon OpenSearch Ingestion to perform near- real-time aggregations, sampling and anomaly detection on data ingested from Amazon Kinesis Data Streams, helping you to build efficient data pipelines to power your event-driven applications and real-time analytics use cases.\n Amazon OpenSearch Ingestion pipelines can consume data records from one or more Amazon Kinesis Data Streams and transform the data before writing it to Amazon OpenSearch Service or Amazon S3. While reading data from Amazon Kinesis Data Streams via Amazon OpenSearch Ingestion, you have the option to use either enhanced fan-out or shared reads, giving you the flexibility to balance speed and cost. You can also check out this blog post to learn more about this feature. This feature is available in all the 15 AWS commercial regions where Amazon OpenSearch Ingestion is currently available: US East (Ohio), US East (N. Virginia), US West (Oregon), US West (N. California), Europe (Ireland), Europe (London), Europe (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Mumbai), Asia Pacific (Seoul), Canada (Central), South America (Sao Paulo), and Europe (Stockholm). To learn more, see the Amazon OpenSearch Ingestion webpage and the Amazon OpenSearch Service Developer Guide.
Amazon Kinesis Data Streams launches CloudFormation support for resource policies
Amazon Kinesis Data Streams now provides AWS CloudFormation supports for managing resource policies for data streams and consumers. You can use CloudFormation templates to programmatically deploy resource policies in a secure, efficient, and repeatable way, reducing the risk of human error from manual configuration.\n Kinesis Data Streams allows users to capture, process, and store data streams in real time at any scale. CloudFormation uses stacks to manage AWS resources, allowing you to track changes, apply updates automatically, and easily roll back changes when needed. CloudFormation support for resource policies is available in all AWS regions where Amazon Kinesis Data Streams is offered, including the AWS GovCloud (US) Regions and China Regions. To learn more about Amazon Kinesis Data Streams resource policies, visit the developer guide.
AWS IAM Identity Center now supports search by permission set name
Today, AWS IAM Identity Center announced support for permission set search, enabling you to filter existing permission sets based on their names. This simplifies managing access to AWS accounts via IAM Identity Center, allowing you to use any substring in the permission set name to quickly lookup a permission set.\n IAM Identity Center is where you create, or connect, your workforce users once and centrally manage their access to multiple AWS accounts and applications. Now, you can filter and find a permission set using any part of the name that you gave to the permission set, in addition to using the Amazon Resource Name (ARN). IAM Identity Center enables you to connect your existing source of workforce identities to AWS once and manage access to multiple AWS accounts from a central place, as well as access the personalized experiences offered by AWS applications, such as Amazon Q; and define and audit user-aware access to data in AWS services, such as Amazon Redshift. IAM Identity Center is available at no additional cost in all AWS Regions where it is supported. To learn more, see the AWS IAM Identity Center User Guide.
Get x-ray vision into AWS CloudFormation deployments with a timeline view
AWS CloudFormation now offers a capability called deployment timeline view that allows customers to monitor and visualize the sequence of actions CloudFormation takes in a stack operation. This capability provides visibility into the ordering and duration of resource provisioning actions for a stack operation. This empowers developers to optimize their CloudFormation templates and speed up troubleshooting of deployment issues.\n When you create, update, or delete a stack, CloudFormation initiates resource-level provisioning actions based on a resource dependency graph. For example, if you submit a CloudFormation template with an EC2 instance, Security Group, and VPC, CloudFormation creates the VPC, Security Group, and EC2 instance in that order. Previously, you could only see the chronological list of stack operation events, which provided limited visibility into dependencies between resources and the ordering of provisioning actions. Now, you can see a graphical visualization that shows the order in which CloudFormation provisions resources within a stack, color-coding the status of each resource, and the duration of each provisioning action. If a resource provisioning encounters an error, it highlights the likely root cause. This allows you to determine the optimal grouping of resources into templates, for minimizing deployment times and improving maintainability. The new capability is available in all AWS Regions where CloudFormation is supported. Refer to the AWS Region table for service availability details. Get started by initiating a stack operation and accessing the deployment timeline view from the stack events tab in the CloudFormation Console. To learn more about the deployment timeline view, visit the AWS CloudFormation User Guide.
AWS CloudTrail Lake announces enhanced event filtering
AWS enhances event filtering in AWS CloudTrail Lake, a managed data lake that helps you capture, immutably store, access, and analyze your activity logs, as well as AWS Config configuration items. Enhanced event filtering expands upon existing filtering capabilities, giving you even greater control over which CloudTrail events are ingested into your event data stores. This enhancement increases the efficiency and precision of your security, compliance, and operational investigations while helping reduce costs.\n You can now filter both management and data events by the following new attributes:
eventSource: The service that the request was made to
eventType: Type of event that generated the event record (e.g., AwsApiCall, AwsServiceEvent, etc)
userIdentity.arn: IAM entity that made the request
sessionCredentialFromConsole: Whether the event originated from an AWS Management Console session or not
For management events, you can additionally filter by eventName which identifies the requested API action. For each of these attributes, you can specify values to include or exclude. For example, you can now filter CloudTrail events based on the userIdentity.arn attribute to exclude events generated by specific IAM roles or users. You can exclude a dedicated IAM role used by a service that performs frequent API calls for monitoring purposes. This allows you to significantly reduce the volume of CloudTrail events ingested into CloudTrail Lake, lowering costs while maintaining visibility into relevant user and system activities. Enhanced event filtering is available in all AWS Regions where AWS CloudTrail Lake is supported, at no additional charge. To learn more, visit the AWS CloudTrail documentation.
Amazon Bedrock now available in the AWS GovCloud (US-East) Region
Beginning today, customers can use Amazon Bedrock in the AWS GovCloud (US-East) region to easily build and scale generative AI applications using a variety of foundation models (FMs) as well as powerful tools to build generative AI applications. Visit the Amazon Bedrock documentation pages for information about model availability and cross-region inferencing.\n Amazon Bedrock is a fully managed service that offers a choice of high-performing large language models (LLMs) and other FMs from leading AI companies like AI21 Labs, Anthropic, Cohere, Meta, Mistral AI, Stability AI, as well as Amazon via a single API. Amazon Bedrock also provides a broad set of capabilities customers need to build generative AI applications with security, privacy, and responsible AI built in. These capabilities help you build tailored applications for multiple use cases across different industries, helping organizations unlock sustained growth from generative AI while ensuring customer trust and data governance. To get started, visit the Amazon Bedrock page and see the Amazon Bedrock documentation for more details.
AWS Lambda supports Customer Managed Key (CMK) encryption for Zip function code artifacts
AWS Lambda now supports encryption of Lambda function Zip code artifacts using customer managed keys instead of default AWS owned keys. Using keys that they create, own, and manage can satisfy customer’s organizational security and governance requirements.\n AWS Lambda is widely adopted for its simple programming model, built-in event triggers, automatic scaling, and fault tolerance. Previously, Lambda supported customer-managed AWS Key Management Service (AWS KMS) key-based encryption for the configuration data stored inside Lambda, such as function environment variables and SnapStart-enabled function snapshots. With today’s launch, customers can provide their own key to encrypt function code in Zip artifacts, making it easy to audit or control access to the code deployed in the Lambda function. Customers can encrypt new or existing function Zip code artifacts by supplying a KMS key when creating or updating a function using AWS Lambda API, AWS Management Console, AWS Command Line Interface (AWS CLI), AWS SDK, AWS CloudFormation, or AWS Serverless Application Model (AWS SAM). When the KMS key is disabled, Lambda service and any users using GetFunction API to fetch deployment package will no longer have access to the Zip artifacts deployed with the Lambda function, thus, providing a convenient revocation control to the customers. If no key is provided, Lambda still secures the Zip code artifacts with AWS-managed encryption. This feature is available in all AWS Regions where Lambda is available, except the China Regions. To learn more, visit documentation.
YouTube
AWS Black Belt Online Seminar (Japanese)
- Introduction to Amazon Elastic Kubernetes Service (Amazon EKS) [AWS Black Belt]
- AWS IoT Core - Provisioning Edition [AWS Black Belt]
- AmazonBedrock BlackBelt Agents Toward Realization of Autonomous AI: Operation Understanding Edition [Amazon Bedrock Series #04b】【AWS Black Belt]
AWS Blogs
AWS Japan Blog (Japanese)
- [Event Report] Chugoku Newspaper/AWS Co-hosted Data Collaboration Workshop in Hiroshima
- Introduction of generative AI, audio, and video applications and sample sources for skill transfer in the manufacturing industry
- AIX migrates from self-managed Db2 on Windows to Amazon RDS for Db2 with nearly zero downtime using IBM Q Replication
- Analyzing Amazon SES Event Data Using AWS Analytics Services
- AWS Weekly — Week 11/2024/4
- Weekly Generative AI with AWS — Week 11/4/2024/4
- Amazon helps US Department of Justice stop the activities of international cybercrime group Anonymous Sudan
AWS News Blog
- AWS BuilderCards second edition at re:Invent 2024
- AWS Weekly Roundup: 20 years of AWS News Blog, Express brokers for Amazon MSK, Windows Server 2025 images on EC2, and more (Nov 11, 2024)
AWS Architecture Blog
- How an insurance company implements disaster recovery of 3-tier applications
- How to build custom nodes workflow with ComfyUI on Amazon EKS
AWS Big Data Blog
- Use Amazon Kinesis Data Streams to deliver real-time data to Amazon OpenSearch Service domains with Amazon OpenSearch Ingestion
- Achieve data resilience using Amazon OpenSearch Service disaster recovery with snapshot and restore
AWS Database Blog
- Building a GDPR compliance solution with Amazon DynamoDB
- Heterogenous data sources: Access your data in PostgreSQL from Amazon RDS for Oracle using Oracle Database Gateway
- Capture and diagnose I/O bottlenecks on Amazon RDS for SQL Server
AWS Developer Tools Blog
AWS DevOps & Developer Productivity Blog
AWS HPC Blog
AWS for Industries
The Internet of Things on AWS – Official Blog
AWS Machine Learning Blog
- Fine-tune Meta Llama 3.2 text generation models for generative AI inference using Amazon SageMaker JumpStart
- Discover insights with the Amazon Q Business Microsoft Teams connector