January News Roundup: What’s new with AWS?
Haven’t had time to check through weeks of AWS announcements? Here’s all the top AWS news headlines from January 2023.
Jun 15, 2023 • 11 Minute Read
Hello Cloud Gurus! Wondering what’s changed with AWS this month, but haven’t found the time to check through weeks of headlines? Here’s everything you need to know to keep in the loop.
Quick-jump to the news
- S3 encrypts by default
- Accelerate your career
- Train Sagemaker Canvas models 3x faster
- Two new Kendra connectors - S3 and Google Drive
- AWS Clean Rooms available in preview
- AWS Network Firewall now has IPv6 support
- New maximum concurrency feature for Lambda & SQS
- Serverless Application Model integrates with CloudFormation Linter
- OpenSearch Serverless now GA
- Dry run for OpenSearch configuration changes
- Porting Advisor for Graviton
- Contiguous IPv6 CIDR Blocks
- Want to keep on top of weekly AWS news?
S3 encrypts by default
S3 now automatically encrypts all new files by default. It uses S3-managed, server-side encryption also known as SSE-S3 to all new objects that you upload, at no additional cost and with no impact on performance.
Now this type of encryption uses AES-256 bit encryption, which is an industry standard for server side encryption. And this is will be applied to all new, and existing, buckets. New objects that are uploaded will be encrypted, but existing objects will not change.
You will still be able to specify other types of encryption, for instance SSE-C, which uses customer-provided encryption keys, or SSE-KMS, which uses KMS-managed encryption keys, but you will not be able to disable automatic encryption for new objects.
Accelerate your career
Get started with ACG and transform your career with courses and real hands-on labs in AWS, Microsoft Azure, Google Cloud, and beyond.
Train Sagemaker Canvas models 3x faster
Sagemaker Canvas can now train machine learning models up to 3 times faster than before.
And if you aren’t familiar with Sagemaker Canvas, it is a service that allows business analysts to generate Machine Learning predictions, using a visual interface, without needing any machine learning expertise. It provides a drag and drop interface which means you can easily generate predictions without having to wrote any code.
And with this announcement, they have made some significant performance optimizations, enabling you to build machine learning models that are able to train up to 3 times faster than before. This is going to be great for companies who need to experiment rapidly with different models, quickly create prototypes, and achieve their business outcomes much faster.
Two new Kendra connectors - S3 and Google Drive
Amazon Kendra now has 2 new connectors that allow you to easily index and search documents that are hosted in S3 and in Google Drives well.
And of you haven’t used Kendra before, it is an intelligent search service, powered by machine learning, that allows you to search structured and unstructured data using natural language processing. So this means you can ask it questions using normal language instead of having to write complex code or queries.
For instance you could ask Kendra to search an FAQ document that you have provided, and ask it questions like “How do I configure a VPN?” and it will find that information for you in the document provided.
Now there are 2 new connectors, the first one is for S3, and this allows you to securely index and search documents stored in S3, including the metadata that is stored for each object. This new connector enables Kendra to use a VPC to connect to your S3 data source, which means you do not need to access the data using the public internet.
The second new connector is for Google drives and this allows you to index and search documents that are stored in your own Google Drive, and in drives that are shared with you. This includes documents like HTML files, Powerpoint presentations, PDFs, Word documents, and structured documents like CSV files.
AWS Clean Rooms available in preview
One of the many data security announcements from last year's re:Invent was a first look at a new service called AWS Clean Rooms. This month, AWS announced that you can get hands-on with clean rooms, as it's now available for preview in 11 different regions.
Clean rooms are designed to keep your business data secret and safe, while still allowing analysts to draw insights from your collective data. Invite collaborators and finely control what data and queries can be used by each clean room participant. This is a great new secure way to collaborate on data insights while making sure your sensitive data remains secure and encrypted during analysis.
This will be great for marketing and advertising campaign analysis, or any case where you want to collaborate on data analysis without exposing all of the underlying data.
AWS Network Firewall now has IPv6 support
In other security news, AWS announced this month that AWS Network Firewall now has full IPv6 support.
Network Firewall is a managed firewall service that allows you to filter traffic to and from your VPCs or on-premesis network. You can now enable Network Firewall endpoints to filter both ipv4 and ipv6 traffic in any of your dual stack subnets. On top of that, this feature comes at no extra cost to those who want to use this new functionality.
Get the Cloud Dictionary of Pain
Speaking cloud doesn’t have to be hard. We analyzed millions of responses to ID the top concepts that trip people up. Grab this cloud guide for succinct definitions of some of the most painful cloud terms.
New maximum concurrency feature for Lambda & SQS
Also this month, AWS announced a quality of life update that's sneaky-exciting for serverless developers.
Scaling out Lambda invocations to ingest events from an SQS queue has always been an extremely powerful serverless pattern. However, some customers run into an issue with maximum Lambda concurrency when they scale out to too many concurrent invocations, hitting their account limit. This causes events from an SQS queue to be sent back to the queue or dropped to a dead letter queue. You can set a maximum concurrency limit for your Lambda, but this doesn't fix the issue of dropped messages.
AWS has now announced per-source maximum concurrency limits for your Lambda functions when ingesting messages from SQS. This means that you can define a limit of concurrent lambda invocations for a given SQS queue, and excess messages will be held in the queue until there is capacity for more concurrent lambda invocations.
This means no more fiddling with returned messages or dead letter queues, and a greater degree of control over your account's Lambda concurrency limit.
Serverless Application Model integrates with CloudFormation Linter
One of our predictions at the top of the year was that AWS would continue to invest in the Serverless Developer Experience in 2023. AWS has already started to deliver, announcing an update to the serverless application model command line interface that is sure to make developer's lives easier.
The Serverless Application model, or SAM for short, is an Infrastructure-as-Code platform that allows you to define and reuse AWS architecture in simple JSON/YAML format. This month AWS announced a new lint tool that will speed up development processes by checking your SAM template against a set of CloudFormation-based rules.
Now, whenever you run the sam validate
command, you can optionally lint your template against this set of rules. This will make it much easier for SAM users to validate their SAM templates before deploying it, saving users lots of time and money.
OpenSearch Serverless now GA
Amazon OpenSearch Serverless is now generally available. And if you haven’t used OpenSearch before, it is a service that allows you to perform interactive log analytics and real time application monitoring, and you can also use it to visualize your application data and create dashboards to really understand what is going on inside your applications. And it is based on Elasticsearch.
Now before this announcement, using Amazon OpenSearch involved creating an OpenSearch cluster consisting of multiple EC2 instances running worker nodes and master nodes. And when designing a cluster like this, you need to understand your capacity requirements.
But with this announcement, there is now a serverless option, which is a much simpler way to get started. It means you don’t need to think about infrastructure requirements. And this is also great for variable and unpredictable workloads, because being serverless, it will scale automatically and it will even allow you to run petabyte-scale workloads.
But the best thing about it is that being serverless, you will only pay for what you are using, instead of paying for multiple large EC2 instances.
Dry run for OpenSearch configuration changes
Another cool announcement for OpenSearch is that it now allows you to perform an enhanced dry run of any configuration changes to your OpenSearch cluster before you go ahead and apply the changes. This applies to OpenSearch clusters that of course consist of multiple EC2 instances.
So you can now validate configuration changes before applying them, and the OpenSearch service will check for validation errors, and it will also let you know if the change would require a blue / green deployment. So it’s going to tell you if you would need to deploy new instances in order to apply the new configuration, or if the configuration can be applied to the exiting instances in your cluster.
This feature is going to be great for those of us who are a little risk averse when it comes to making changes to the configuration of an OpenSearch cluster, and it’s gonna help us avoid applying changes that are going to break our cluster.
Porting Advisor for Graviton
Porting Advisor for Graviton is generally available, and Graviton is of course the name of the latest AWS processors, that are custom-built by AWS, optimised to deliver the best price and performance for AWS based workloads.
Graviton processors are available in a variety of different EC2 instance types, however as these processors utilise the Arm64 instruction set - which is the language used to tell the processor what to do - there can occasionally be additional steps required for applications that have been developed to run on x86 processors, because x86 uses a different instruction set.
It's great that AWS have acknowledged that for some people there are additional considerations that need to be addressed. And they have provided a step-by-step transition guide to help support customers who are planning to port existing applications to Graviton-based instances.
Start building your cloud skills with these 10 fun hands-on projects to learn AWS.
Contiguous IPv6 CIDR Blocks
But what does that actually mean? Well you can now use the IP Address Manager (or IPAM) in your AWS account, to create contiguous IPv6 CIDR blocks that can be associated with your VPC. This allows you to create sequential CIDR ranges for your VPCs, so that you can implement CIDR ranges that make logical sense for your environment.
And if you no longer need your VPC and you delete it, you will still own the CIDR block and you’ll be able to re-allocate it to another VPC.
Now previously, the only way to get contiguous IPv6 CIDR ranges like this was to bring your own, so this new announcement is going to make it a lot easier for customers who are looking to utilise IPv6.
That’s all the biggest January headlines for AWS!
Want to keep on top of weekly AWS news?
Check out AWS This Week for your weekly news roundup for all things AWS. Join our expert hosts as they cover everything you need to know about the past week’s developments, keeping it short, fun and informative.
Whether you’re just beginning your cloud journey, or you know your stuff, there’s something for everyone!