#686: AWS News Updates, September 23, 2024

A

This is episode 686 of the AWS podcast, released on September 23rd, 2024. Hello everyone. Welcome back to this episode of the AWS Podcast. We have a really interesting update show for you. However, once again we are missing our fearless leader Simon and so it's just going to be me here, Shruti Kopakar, and my awesome, brilliant co host Jillian. Jillian, how are you doing?

B

Always excited for an update show with you, Shruti.

A

Awesome. All right, let's kick it off. Actually, I think you you are going to kick off analytics.

B

That's right, we're going to talk about analytics first. So Amazon Quicksight is announcing the general availability of Direct Query feature for its Google BigQuery data source. Amazon Redshift Serverless now allows you to set a higher data warehouse base capacity configuration up to 1024 redshift processing units. Amazon Redshift now lets you alter sort keys of tables replicated through Xero ETL integration. Sort keys play a crucial role in determining the physical sorting order of rows within a table, and optimizing them can significantly enhance query performance, especially for queries using range bound filters on sort key columns. Amazon Redshift launches Session Reuse feature in Data API that enables you to access data efficiently from Amazon Redshift data warehouses by eliminating the need to manage database drivers, connections, network configurations, data buffering, and more Data API session reuse. This allows you to retain the context of a session from one query execution to another, which reduces connection setup latency on repeated queries to the same data warehouse and Amazon RDS for MySQL. 0ETL integration with Amazon Redshift is now generally available. 0ETL integration makes it simpler to analyze data from Amazon RDS to Amazon Redshift by removing the need for you to build and manage complex data pipelines. So within seconds you can now write data to RDS for MySQL and that data then is replicated to Redshift. AWS Glue now provides job queuing. AWS Glue Data Catalog now supports storage optimization for Apache Iceberg tables by automatically removing data files that are no longer needed. Amazon EMR on EC2 improves cluster launch experience with intelligent subnet selection with this feature. EMR on EC2 reduces cluster launch failures caused due to IP address shortages. You can now run petabyte scale data analytics and machine learning on Amazon EMR Serverless directly from Amazon SageMaker Studio Notebooks. Amazon MSK Replicator now supports a new configuration that enables you to preserve original Kafka topic names while replicating streaming data across Amazon Managed Streaming for Apache Kafka Amazon MSK Replicator is a feature of Amazon MSK that lets you reliably replicate data across MSK clusters in the same or different AWS regions with just a few clicks. The new configuration reduces the need for you to reconfigure client applications during setup, and it makes it even more simple to operate multi cluster streaming architectures while continuing to benefit from MSK Replicators reliability. You can now run OpenSearch version 2.15 in Amazon OpenSearch service.

A

Awesome. We have two updates under application integration. Amazon EventBridge pipes now supports customer managed KMS keys and AWS announces the addition of debug and info logging levels for AWS AppSync GraphQL APIs. These new logging levels provide more granular control over log verbosity and make it easier to troubleshoot your APIs while optimizing readable and costs.

B

Up next we've got Artificial Intelligence Amazon Bedrock Knowledge Bases now supports Cross region Inference by using cross region inference, Amazon Bedrock Knowledge based customers can use the RAG API and they'll be able to get higher throughput limits and enhanced resilience during periods of peak demand. By opting in, developers no longer have to spend time and effort predicting demand fluctuations and instead cross region Inference dynamically routes traffic across multiple regions, ensuring optimal availability for each request and smoother performance during higher usage periods. Amazon Bedrock Customers in The Northern Virginia, Oregon, Frankfurt, Tokyo, Singapore regions can leverage Claude 3.5 Sonnet with their bedrock agents. Claude 3.5 Sonnet is Anthropic's latest foundation model and ranks among the best in the world. Claude 3.5 Sonnet delivers improved speed, performance and agentic reasoning compared to Claude 3 Opus Stability AI's top three text to image models are now available in Amazon Bedrock. All of these models are capable of generating stunningly photorealistic images with exceptional detail, color accuracy and life like lighting. Each model caters to diverse use cases so stable images Ultra produces the highest quality photorealistic outputs, making it perfect for professional print media and large format applications. This model excels at rendering exceptional detail and realism. Contrast that with stable diffusion three large where this strikes an ideal balance between generation speed and output quality, so this makes it ideal for high volume, high quality digital app assets like websites, newsletters and marketing materials. And then the other one is Stable Image Core which is optimized for fast and affordable image generation. So this is great for rapidly iterating on concepts during the iteration phase. Amazon SageMaker now has the SageMaker Core. This is a new Python SDK that provides an object oriented interface for interacting with SageMaker resources such as training, job model and endpoint resource classes. The resource chaining feature in SageMaker Core lets developers pass resource objects as parameters, eliminating the need to manually specify complex parameters. The SDK also abstracts low level details like resource state transitions and polling logic. We're also announcing the availability of sticky session routing on Amazon SageMaker Inference, which helps customers improve the performance and user experience of their generative AI applications by leveraging their previously processed information. By enabling sticky sessions, all requests for the same session will be routed to the same instance, allowing for your ML application to reuse previously processed information to reduce latency and improve user experience. So this is really valuable when customers want to use large data payloads or they have the need for seamless interactive experiences. We're also excited to announce the general availability of Amazon eks support in SageMaker HyperPod. So SageMaker HyperPod this is purpose built infrastructure for foundation model development and it reduces the time to train models by up to 40%. Amazon CloudWatch Container Insights now auto discovers the health status of your SageMaker Hyperpod nodes running on EKS and visualizes them in curated dashboards to help you monitor your node availability for operational excellence. Using out of the box dashboards, you can identify unhealthy notes easily and mitigate quickly to achieve efficient training durations.

A

Next up we have a few updates under compute. Amazon EBS direct APIs now support the Internet Protocol version 6 or IPv6 protocol when you connect your virtual private cloud to EBS Direct APIs using AWS Private Link. EBS Direct APIs can help customers to simplify their backup and recovery flows by directly creating and reading EBS snapshots via APIs. Through AWS PrivateLink, customers can access EBS Direct APIs as if it were in your VPC. This change can support customers with their IPv6 compliance needs, integrate with existing IPv6 based on premises applications and remove the need for expensive networking equipment to handle the address translation between IPv4 and IPv6. AWS Elastic Beanstalk adds support for IPv6 inbound traffic to service endpoints. AWS announces the general availability of EC2 P5E instances powered by the latest Nvidia H200 tensor core GPUs. These instances, which are available via EC2 capacity blocks, deliver the highest performance in Amazon EC2 for deep learning and generative AI inference. Amazon Elastic Container Service or Amazon ECS now supports AWS graviton based compute with AWS Fargate Spot. This capability helps you run fault tolerant ARM based applications with up to 70% discount compared to Fargate prices. AWS Graviton processors are custom built by AWS to deliver the best price performance for cloud workloads. That's an exciting one.

B

I was just thinking that too. Yeah, I mean when I talk to customers about cost optimization, this is always one of the areas that I see has dividends long term in their architecture is can you switch to Graviton if it applies to your use case? Case can you use Spot if it applies to your use case? And then the two of these together in one I think is even better.

A

That's absolutely right. That's awesome.

B

Now we're going to talk about customer engagement. Amazon Connect now supports AWS cloudformation for agent status. So in addition to other resources used to configure a contact center like routing profiles, queues, Amazon S3 buckets and AWS Lambda, you can use cloudformation templates to programmatically deploy Amazon Connect agent statuses in a secure, efficient and repeatable way. Amazon Connect now provides AWS cloudformation for configuring agent hierarchy structures. You can use cloudformation templates to programmatically deploy Amazon Connect hierarchy levels in a secure, efficient and repeatable way, reducing the risk of human error from manual configuration. Amazon Connect now provides a weekly view of agent schedules, making it easier for contact center managers to get an at a glance view of staffing for an entire week. With this launch, you can now ensure there is required coverage each day via daily aggregated metrics including service level, occupancy and forecasted versus scheduled hours. So one example from the weekly view you can easily identify if there's over staffing or understaffing. Sounds super useful. Amazon Connect Forecasting Capacity Planning and agent scheduling now includes machine learning powered interday forecast capabilities available with the Amazon Connect Contact Lens dashboards. Amazon Connect Contact Lens can now generate transcriptions in 10 new languages. Amazon Connect Contact Lens now supports new ways to automate agent performance evaluations. Amazon SES has launched enhancements to its onboarding experience to help customers easily discover and activate key SES features. The SES console now features an adaptive setup page that brings recommendations for optimal setup to the forefront. Additionally, the update introduces the option to enable the Virtual Delivery Manager within the initial onboarding wizard, offering maximum guidance from the beginning of the setup process. Now we have databases. Amazon Dynamodb announces support for Attribute Based Access Control With Attribute Based Access Control you can now use your tags to configure access permissions and policies. Tag based access conditions can be used to allow or deny specific actions when IAM principles tags match the tag on an Amazon DynamoDB table. With this flexibility of using tag based conditions, you can now set more granular access permissions based on your organizational structures. So ABAC allows you to scale your tag based permissions to new employees and changing resource structures without rewriting policies. As organizations grow, we're also excited to announce the launch of enhanced management options for Amazon timestream for InfluxDB. This allows you to scale your instance sizes up or down as needed and update your deployment configuration between single and multi availability zones, giving you greater flexibility and control over your time series. Data and analysis Amazon RDS Custom for SQL Server now supports copying database snapshots either created automatically or manually across commercial regions. This enables you to seamlessly move database snapshots from your RDS custom for SQL Server instances to different regions, which can be used to build a robust disaster recovery solution for your mission critical data. Amazon RDS for SQL Server now supports minor versions 2019 CU28 and 2022 CU14. Amazon RDS for Postgres 17 release candidate 1 is now available in the Amazon RDS Preview environment. This allows you to evaluate the pre release of Postgres 17 on Amazon RDS. For Postgres. You can deploy Postgres 17 RC1 in the Amazon RDS preview environment that has the benefits of a fully managed database. Amazon RDS for MariaDB now supports MariaDB minor versions 10.1, 1.9, 10.6.19 and 10.5.26. Amazon RDS for Oracle now supports OEM and OLS options with multi tenant configuration.

A

Okay, we are onto developer tools and we have one quick update. AWS fault Injection service now provides additional safety control with a safety lever that when engaged, stops all running experiments and prevents new experiments from starting. Customers can now prevent fault injection during certain time periods such as sales events or product launches or in response to application health alarms.

B

Now we've got one quick update in end user computing. Amazon Workspaces Pools now allows you to bring your Windows 10 or Windows 11 licenses. Workspace pools simplifies management across a customer's workspaces environment by providing a single console and set of clients to manage the various desktop hardware configurations, storage and applications for their users with bring your own license. The operating system is hosted on hardware that is dedicated to administer the AWS account, and they can automatically scale a pool of virtual desktops based on real time usage metrics or predefined schedules Workspaces Pools offers a pay as you go hourly pricing that includes any operating system fees providing significant savings.

A

Couple of Quick Updates under Internet of Things Secondary sensor Support for AWS IoT Sitewide Edge through Cloudrail is now available. AWS announces the general availability of expanded industrial protocol Support for AWS IoT sitewise. Through a new integration with AWS partner Litmus, customers can now ingest data from 100 plus additional industrial protocols, including proprietary protocols from companies like Allen Bradley, Beckhoff, Emerson, Fanuc, Mitsubishi, Omron and Yaskawa, along with many others. Previously ingesting data from these protocols required acquiring, provisioning and configuring infrastructure and middleware for data collection, resulting in additional cost and time to value. Now of course with this expanded support it's going to become far more easier. One quick update under management and governance, CloudWatch application signals now supports request based service level objectives and we have some.

B

Quick updates in Media services AWS Elemental Media Services now supports live AV1 encoding. This launch enables live streaming and packaging of AV1 encoded content, preparation of AV1 video on demand assets and ads and ad insertion into AV1 encoded videos. AV1 provides a lower bitrate with a similar viewing experience when compared to HEVC and avc, which reduces both the bandwidth required to deliver live events and CDN costs. AV1 can also deliver better video quality for viewing on mobile devices and in network constrained environments. AWS announces the general availability of AWS Elemental Media Live Anywhere which allows you to run live video transcoding on your on premises hardware. You can now monitor your sources and get instant visual feedback for AWS Elemental Media Connect flows with thumbnail images through the AWS Management Console or API. You can use Real time Messaging protocol and the encrypted version rtmps to broadcast to your Amazon Interactive Video Service stages. This new protocol complements the currently supported WebRTC HTTP Ingestion Protocol. RTMP Ingest enhances compatibility with a wide range of software and hardware encoders for increased flexibility in your broadcasting.

A

We have one update under Migration and Modernization. AWS Application Migration Service provides an action for installing the trend microvision1 server and workload Protection agent on your migrated instances. For each migrated server, you can choose to automatically install the agent to support your security needs. Moving on to networking and content delivery. AWS Network Firewall now supports AWS PrivateLink customers can now access and manage their network firewalls privately without going through the public Internet. AWS PrivateLink provides private connectivity between VPCs, AWS services and on premises applications securely over the Amazon network when AWS PrivateLink is used with AWS Network Firewall, all management and control traffic between clients and network firewall flows over a private network. AWS Resource Access Manager now supports AWS PrivateLink. AWS Gateway Load Balancer launched a new capability that allows you to align the TCP idle timeout value of Gateway Load Balancer with clients and target appliances. Using this capability you can now perform uninterrupted stateful inspection and fine tuning of the applications that are long lived flows such as financial applications, databases and ERP systems when using the Gateway Load balancer. AWS Network Load Balancer launched a new capability that allows you to align the TCP idle out time value of network load balancer with clients and target applications. Using this capability, you can now reduce TCP connection retries and latency in applications that use long live flows such as telemetry, reporting devices, databases, streaming services and ERP systems when using the Network load balancer.

B

Now on to security AWS WAF introduces a new version of Bot Control Manage Rule Group with enhanced features to help customers better manage and protect their web applications from bot activity. Really excited for this one. Being able to secure your applications from bots is definitely challenging, so I'm always excited to see what other innovations there are in this area. So the specific innovations here are Number one, Token reuse detection. So this identifies the reuse of WAF tokens across autonomous systems, numbers, ASNs and geographic locations. In addition to existing IP based detection, customizable sensitivity levels are included like high, medium and low and so this enables you to take mitigation actions based on your use cases. For example, customer merged with mobile users who frequently change IPs may allow higher token reuse, while those with more static applications can enforce stricter controls at lower thresholds. So the second is expanded bot categories. There's now 19 new bots including several verified AI bots added to other categories. So third one is there's cloud Service Provider labels. These new labels allow customers to selectively allow for or block traffic from specific cloud service providers. So number four is automated browser extension labels. These labels detect the presence of browser extensions that assist in web automation such as the Selenium ide, and they complement the existing automated browser in signals. And the last is improved CloudWatch visibility. The WAF label is now omitted for each matched rule and this enhances visibility in CloudWatch logs. This change is also included in the new 1.1 versions of the AWS WAF Fraud Control Rule groups. Amazon Cognito has expanded the MFA functionality to include Email. As an additional factor, AWS IAM Identity center now supports language and visual mode preferences in the AWS Access Portal. When customers need to access AWS applications and resources through the AWS Access Portal, they now have the ability to work with their preferred language and visual mode, which improves their efficiency and comfort.

A

Well, we have the last section which is a few updates under storage. Amazon S3 is announcing the alpha release of storage browser for S3, an open source component that you can add to your web applications to provide your end users with a simple interface for data stored in S3. That is really cool. I mean S3 is such a foundational functionality and to be able to allow this sort of browser based access so easily, that's really cool.

B

Yeah, I agree.

A

Amazon S3 access grants introduce the list Caller Access Grants API AWS Backup Audit Manager adds new control to audit resources inside logically air gapped vault and that's it for the updates today. Any updates that caught your eye Jillian, that you're excited about?

B

Totally. So the 2 is definitely the Fargate ECS Spot 1 and the WAF Managed Rule Groups with the extended bot detection capabilities. Yeah, security is always something that's like a constant, never ending moving target. And so I think it's really exciting that there's just additional security capabilities that you can get with waf. What about you?

A

Well, I am a little biased because I was part of the launch of the EC2 P5E instances that are powered by the H200 tensor core GPUs. They are essentially the same hopper generation as H100 which are the P5 instances, but they do pack in a lot more accelerator memory, a lot more GPU memory. So that makes P5E really well suited for inference, especially on much larger models because now you can fit them with access to this higher memory. So that is one. And then the other one was the eks support in SageMaker Hyperpart. You know SageMaker Hyperpod is such a well loved service because it kind of allows customers to use these self healing performance clusters. And now with EKS support they can combine that sort of very resilient cluster with Amazon EKS capabilities which you know again, EKS is so well loved for its portability, scalability. It's you know, such a huge rich ecosystem with kubernetes. So it's like these two really cool services coming together to simplify model training for our customers. So yeah, those two stand out.

B

Agree. Agree.

A

Awesome. All right, well that is it for today's update show. Until next time, keep on building.