to our monthly newsletter
"A Tour of New AWS Features"
AWS delivered a slew of new features and functionality in Jan, and the sheer pace makes its easy to miss an update. This post captures Jan 2019 additions to AWS, categorized by interest group plus an executive summary for some of the the newer the services. We filtered out incremental improvements and “X service is now available in Y region” type updates.
Application Development and Serverless
Amazon Corretto 8 is now Generally Available for production use
Amazon Corretto == Open JDK + improvements. It is a no-cost, multiplatform, production-ready distribution of OpenJDK 8. Amazon runs Corretto internally on thousands of production services. Corretto 11 builds corresponding to Open JDK 11 scheduled for before April, 2019.
Why would you use this instead of OpenJDK?
Because it comes with long term support from Amazon that will include performance enhancements and security fixes. The list of patches applied on top of OpenJDK is here
Docs | Blog post | Github repo
Database and Storage
Amazon DocumentDB is Generally available (New!)
Amazon DocumentDB is a MongoDB compatibile, fast, scalable, highly available, and fully managed document database service. Developers can use the same MongoDB application code, drivers, and tools to run, manage, and scale workloads on Amazon DocumentDB
Docs | Pricing | Supported MongoDB APIs
AWS Database Migration Service (DMS) supports migrations to DocumentDB
AWS DMS adds support for Amazon DocumentDB as a target. You can use AWS DMS to migrate data to Amazon DocumentDB from any of the source data engines that AWS DMS supports. The source engine can be on an Amazon-managed service such as Amazon RDS, Aurora, or Amazon S3. Alternatively, the engine can be on a self-managed database, such as MongoDB running on Amazon EC2 or on-premises.
Background: What is AWS Database Migration Service (DMS)? It helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. It supports homogenous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle or Microsoft SQL Server to Amazon Aurora.
Compute and Infrastructure as Code:
AWS Fargate price reduction - upto 50% off
“Effective Jan 07, 2019, we are reducing the price for AWS Fargate by 20% for vCPU and 65% for memory across all regions “
Amazons open source Firecracker project gives them lightweight micro virtual machines “microVMs” which can initiate code faster, with less overhead, and allow AWS to improve the efficiency of Fargate and pass on cost savings to customers.
Blog post | Firecracker github
Introducing AWS CloudFormation UpdateReplacePolicy Attribute
When you update a CloudFormation stack and replace a resource, CloudFormation creates the new resource and deletes the old one by default. Now you can use the UpdateReplacePolicy attribute to delete, retain or snapshot the existing physical instance of a resource when it is replaced during a stack update operation.
Amazon EKS Achieves ISO and PCI Compliance
Amazon Elastic Container Service For Kubernetes (EKS) now meets the criteria for ISO and PCI DSS Level 1 compliance in AMER, EMEA, and APAC.
Background: What is EKS? Amazon EKS runs the Kubernetes management infrastructure for you across multiple AWS availability zones to eliminate a single point of failure. Amazon EKS is certified Kubernetes conformant. It automatically detects and replaces unhealthy control plane nodes, and provides on-demand upgrades and patching. You simply provision worker EC2 nodes and connect them to the provided Amazon EKS endpoint.
AWS Services and Compliance Program map
Networking and Content Delivery
Elastic Container Service (ECS) and Elastic Container Registry (ECR) now support AWS PrivateLink
So far if your Amazon EC2 instances had to download Docker images stored in ECR or communicate to the ECS control plane, traffic would go over the public internet. When you create AWS PrivateLink endpoints for ECR and ECS, these service endpoints appear as elastic network interfaces with a private IP address in your VPC, and your traffic doesn’t traverse the Internet
Background: What is AWS PrivateLink? AWS PrivateLink provides private connectivity between VPCs, AWS services, SaaS services on AWS Marketplace, and on-premises applications, securely on the Amazon network. To use AWS PrivateLink, create an interface VPC endpoint for a service in your VPC. This creates an Elastic Network Interface (ENI) in your subnet with a private IP address that serves as an entry point for traffic destined to the service. Service endpoints available over AWS PrivateLink will appear as ENIs with private IPs in your VPCs.
Blog post | AWS PrivateLink
AWS Device Farm Now Supports Appium Node.js and Appium Ruby
You can now run Appium tests written in Ruby or Node.js against your native, hybrid and browser-based apps on AWS Device Farm. Support for frameworks such as Mocha and RSpec.
Background: What is AWS DeviceFarm? AWS Device Farm is an app testing service that lets you run automated tests and interact with your Android, iOS, and web apps on real devices.
Docs for Node | Docs for Ruby
AWS Glue supports Python Shell Jobs
A job is the business logic that performs the extract, transform, and load (ETL) work in AWS Glue. So far, AWS Glue jobs were Apache Spark programs. With this update, there is a second type of job called a Python Shell job. you can run Python 2.7 scripts in an environment pre-loaded with libraries such as the Boto3, NumPy, SciPy, pandas, and others.
Background: What is AWS Glue? AWS Glue is a fully managed ETL (extract, transform, and load) service. Typical use case is to take semi-structured data on S3 and transform and load it into a Redshift data warehouse. AWS Glue offers schema discovery of your source data and can generate ETL code in Scala or Python to extract data from the source, transform the data to match the target schema, and load it into the target. In an event driven ETL pipeline, a lambda is triggered on write to S3, and this lambda triggers the Glue ETL job.
Docs - Python Shell Jobs
Elastic Inference offers EIPredictor
Amazon Elastic Inference (Amazon EI) on AWS Deep Learning AMIs now provides EIPredictor, a new, easy-to-use Python API function for deploying TensorFlow models using EI accelerators to enable easier experimentation. EIPredictors are an altenernative to TensorServing.
Background: What is Amazon Elastic Inference? You can launch an Amazon SageMaker or Amazon EC2 instance with an Elastic Inference (EI) resource to accelerate your deep learning (DL) inference workloads. EI accelerates operations defined by TensorFlow, Apache MXNet, and the Open Neural Network Exchange (ONNX) format on low-cost, GPU-based, DL inference accelerators. An Amazon EI accelerator is not part of the hardware that makes up your instance. Instead, the accelerator is attached through the network using an AWS PrivateLink endpoint service. EI allows you to add inference acceleration to an Amazon SageMaker hosted endpoint or Jupyter notebook for a fraction of the cost of using a full GPU instance.
Docs | Blog post
Amazon Rekognition Video supports Object Bounding Boxes
A bounding box is a set of coordinates that precisely indicates a specific object location in a video frame. Customers can use the bounding box information to count objects (“3 cars”), and to understand the relationship between objects (“person next to a car”) at a particular timestamp in a video.
Also updated to provide significantly improved accuracy for all existing labels for Object and Scene detection.
Docs | 10 Minute Tutorial |
Introducing Amazon WorkLink (New!)
AWS WorkLink lets your employees access web content your internal corporate network using their mobile phones.
Why: because vpns on phones suck and are also insecure because the data is left on the device browser cache.
How it works: the page is rendered in a headless browser in a secure container in AWS Worklink then sent to the phone as vector graphics. So the actual files are never transferred or cached locally and the device is never VPN’ed into your network.
Use cases: access your internal jira/confluence on your phone, bring your own device, secure access for remote workers/partners without VPN and network access.
Docs | Pricing
Introducing AWS Backup (New!)
AWS Backup lets you centrally manage backups in the cloud. You create a backup plan (frequency etc) to automatically backup DynamoDB, EFS, RDS, EBS etc. to s3, which as you recall has 11 9’s of durability.
Use cases: Cloud native backup, On premise backup, hybrid backup.
AWS Single Sign On offers email-based verification
AWS Single Sign-On (AWS SSO) now enables you to configure additional settings that allow you to enable email-based verification for the improved security of your users when they sign in to the user portal. You can enable email-based verification in a user-friendly context-aware mode or a compliance-friendly always-on mode.
In context-aware mode, your users are prompted to enter a verification code sent to their email only when there is a change in their sign-in context such as an unknown location or device. In always-on mode, your users are prompted for the code every time they sign in to the user portal.
IoT and Embedded
Amazon FreeRTOS adds another support board
The Renesas Starter Kit+ for RX65N-2MB available from Renesa
AWS IoT Core introduces Persistent SessionS
Persistent Sessions store subscription information and pending Quality of Service (QoS) messages should the devices become disconnected. When a device reconnects and resumes a Persistent Session, its subscriptions will be automatically reinstated and any stored messages will be delivered.
Docs - MQTT Persistent Sessions