Major AWS Updates &Announcements of 2023 - March

With the endless flood of new products, features and changes from AWS and its surrounding ecosystem, it can be easy to miss an update. Our monthly quick highlights on interesting launches from this month including IAM Roles, Amazon Linux & AWS Cost Explorer.

Amazon EC2’s IAM Roles now offer Credential Management Capabilities

Amazon EC2’s IAM Roles now have new Credential Control Properties features that make it easier to control where the roles can be used. IAM Roles give temporary access permissions to the instance metadata service, which are automatically updated.

In the past, you had to list specific network locations like VPC IDs or IP addresses in the role policy or VPC Endpoint policy to limit where these permissions could be used. This was a lot of work and could result in many different policies.

Now, with the new properties for VPC ID and the instance’s main private IP address, IAM policies can be set up to compare the network location where the credential was created with the location where it is being used. This allows for more flexible and broadly applicable policies that can limit the use of the credentials to their original location.

Learn more about this here

Amazon Aurora MySQL 3.03 is now available (Compatibility with MySQL 8.0.26)

Amazon Aurora has updated its MySQL-compatible edition to version 3, which now supports MySQL 8.0.26. This new version includes several enhancements, bug fixes, and security updates to improve performance and security.

Users can upgrade manually or use the “Auto minor version upgrade” feature to upgrade to Aurora MySQL 3.03 automatically. This updated version provides features such as improved tablespace file segment page configuration and new aliases for identifier names.

Aurora offers many benefits, including high performance, availability, built-in security, continuous backups, serverless computing, automated multi-region replication, and compatibility with MySQL and PostgreSQL. This updated release is available in all AWS regions with Aurora MySQL.

Read more about the update here.

Introducing Amazon Lightsail for accelerating Research

Amazon Lightsail has launched a new service called “Lightsail for Research”. This service allows users to access analytical applications such as Scilab, RStudio, and Jupyter with a few clicks. These applications run on powerful virtual computers.

With Lightsail for Research, users can move large data sets and time-consuming analyses from their laptops onto virtual computers. Users can also run numerous analyses simultaneously and continue computations even when their laptops are off or used for other activities.

The service comes with pre-installed research software and bundled pricing, which makes it easy to understand costs before starting work. Additionally, there is no need for computer setup and technical support to perform these tasks.

Find out how Lightsail for Research works here.

Amazon Kendra releases Confluence Cloud Connector

Amazon Kendra is an intelligent search service that uses machine learning to help organizations provide the correct information to customers and employees. Critical information is stored in different places in an enterprise, including platforms like Confluence Cloud.

Now, AWS customers can use the Amazon Kendra Confluence Cloud Connector to search for and index documents from Confluence Cloud. The Amazon Kendra Confluence Cloud Connector is available in all regions where Amazon Kendra is known.

Learn the process of setting up your Amazon Kendra connector for the Confluence Server.

Introducing Amazon Linux 2023

Amazon has launched Amazon Linux 2023 (AL2023), a new operating system based on Linux. The purpose of the OS is to provide a secure and high-performance environment for building and running cloud applications on AWS.

AL2023 is fully integrated with various AWS services and development tools, offering optimized performance for Amazon Elastic Compute Cloud (EC2) Graviton-based instances. Plus, there are no additional licensing costs for AWS Support.

The new release features several improvements over Amazon Linux 2, such as a security-by-default approach, deterministic upgrades, and kernel live patching. Amazon Linux 2023 is generally available in all AWS Regions, and a new major release will be available every 2 years, with up to 5 years of support provided.

Learn more about Amazon Linux

Accelerate Your Builds with AWS CodeBuild’s New Small GPU Machine Type

AWS CodeBuild has announced the addition of a new 4vCPU 1 GPU machine type to its GPU-based workload support, providing customers with a more cost-effective option for less resource-intensive workloads.

Previously, only a 32vCPU 1 GPU machine was available for CodeBuild customers. The new small GPU machine type is ideal for workloads that require a balance between speed and cost. This new feature is available in multiple regions, including U.S. East (N. Virginia), U.S. West (Oregon), Europe (Frankfurt), Europe (London), Europe (Ireland), Asia Pacific (Tokyo), and Canada (Central).

To learn more about how to get started, visit the AWS CodeBuild page.

Application Auto Scaling now enables Resource Tagging

Application Auto Scaling has added a new feature that allows using tags to manage AWS Identity and Access Management (IAM) permissions for auto-scaled resources. This makes it easy for customers to centrally manage resource permissions with the same tag key-value pairs.

Customers can categorize resources using custom tags based on their purpose, owner, or environment. For instance, selected users need permission to register or deregister a resource from Application Auto Scaling based on tag values in specific settings.

Application Auto Scaling offers a standardized scaling experience for 13 different AWS services across all public regions.

Learn how to manage AWS Auto Scaling with Tag-Based Plans.

Application Load Balancer now supports TLS 1.3

AWS Application Load Balancer (ALB) now supports version 1.3 of the Transport Layer Security (TLS) protocol, allowing customers to improve the performance of their backend application servers while maintaining security.

Enabling TLS 1.3 on ALB allows the encryption and decryption of TLS traffic to be moved from application servers to the load balancer. This is possible through optimized 1-RTT TLS handshakes and support for ciphers that ensure perfect forward secrecy.

ALB provides tools for managing application security, such as centralized SSL certificate deployment using AWS Certificate Manager and IAM and analyzing TLS traffic patterns using metrics and access logs. Additionally, ALB offers predefined security policies for controlling ciphers and protocols presented to clients.

Read More for the details.

Amazon Route 53 Resolver Endpoints for Hybrid Clouds Now Support IPv6

Amazon Route 53 Resolver endpoints now support IPv6, which means you can forward and resolve traffic from on-premises DNS servers with IPv6 addresses. This cloud DNS service is both scalable and highly available. Using Resolver endpoints makes it easy to manage hybrid cloud setups by allowing seamless resolution of DNS queries throughout the hybrid cloud.

You can set up inbound endpoints to receive DNS requests from your network or outbound endpoints to send requests from Amazon VPCs to an IPv6-addressed DNS server on your network.

You can choose from IPv4, IPv6, or dual-stack endpoints that support both IPv4 and IPv6 resolution. This feature is available in all AWS Regions, including AWS GovCloud (US). It can be configured using various methods such as AWS Management Console, AWS CLI, AWS SDK, or Amazon Route 53 API.

Read More for the details.

Automatic Configuration of AWS Cost Anomaly Detection for New Cost Explorer Users

AWS has announced that from now on, all new users of Cost Explorer will receive the benefits of Cost Anomaly Detection through automation. This service uses machine learning to monitor, detect, and alert users whenever unexpected costs increase.

Before, users followed manual procedures to enable Cost Explorer and set up monitors and alert preferences. However, with the new automatic configuration, AWS service monitors and daily email subscriptions will be created for new users to improve cost controls with no extra effort. Users can drop out if they are not interested in Cost Anomaly Detection.

Get started on the AWS Cost Management console or read more at Enabling Cost Explorer.

Do you like this article? Share it