Kong Data Plane Life Cycle With AWS Cloud Development Kit

https://konghq.com/blog/aws-cloud-development-kit

#k8s #kubernetes #aws #tool #ingress #kong

​​Replicate Existing Objects with S3 Batch Replication:

https://aws.amazon.com/blogs/aws/new-replicate-existing-objects-with-amazon-s3-batch-replication/

When to Use Amazon S3 Batch Replication
◻️ Replicate existing objects – use S3 Batch Replication to replicate objects that were added to the bucket before the replication rules were configured.
◻️ Replicate objects that previously failed to replicate – retry replicating objects that failed to replicate previously with the S3 Replication rules due to insufficient permissions or other reasons.
◻️ Replicate objects that were already replicated to another destination – you might need to store multiple copies of your data in separate AWS accounts or Regions. S3 Batch Replication can replicate objects that were already replicated to new destinations.
◻️ Replicate replicas of objects that were created from a replication rule – S3 Replication creates replicas of objects in destination buckets. Replicas of objects cannot be replicated again with live replication. These replica objects can only be replicated with S3 Batch Replication.

#S3 #Batch

App Runner теперь поддерживает VPC (да, раньше не поддерживал😀):

https://aws.amazon.com/blogs/containers/deep-dive-on-aws-app-runner-vpc-networking/

Очень полезный пост с подробностями, которые не так часто бывают при появлении новых фич сервисов — как устроено под капотом, как было и как стало, сетевая часть, амазоновская часть. Очень стоит почитать, даже если не планируете использовать AppRunner.

Кто пропустил, AppRunner — рекомендуемый AWS сервис для запуска контейнеров, условно (не точно, но по смыслу точно 😁) замена давно устаревшему Beanstalk.

#AppRunner

​​Terraform AWS Provider 4.0:

https://www.hashicorp.com/blog/terraform-aws-provider-4-0-refactors-s3-bucket-resource

Version 4.0 of the Terraform AWS provider brings four major updates:
1️⃣ Updating the Amazon S3 bucket resource, creating additional resources for S3 bucket management
2️⃣ Implementing the full CRUD lifecycle for default resources
3️⃣ Ensuring all plural data sources can return zero results
4️⃣ Updating the provider configuration

#Terraform

​​Weekly Summary on AWS (February 6-12)

🔸App Runner + VPC
🔸CloudFormation Hooks
🔸CloudFront + AWS-managed prefix list
🔸Connect + CloudWatch for Chat metrics
🔸Control Tower + updated support for AWS best practices and Region deny
🔸Fraud Detector Variable Geolocation enrichment
🔸Glue DataBrew
➖ E.164 phone number standardization
➖ Multi-column and custom sort as transformations
🔸Migration Hub Refactor Spaces
🔸Neptune
➖ 128 TiB of storage per cluster (up from 64 TiB)
➖ Custom models and SPARQL
🔸Organizations + centrally manage alternate contacts on AWS accounts in AWS Console
🔸PrivateLink
➖ Forecast
➖ Elemental MediaConnect
➖ SSM Incident Manager
🔸Redshift + Streaming Ingestion for Kinesis Data Streams
🔸S3 Batch Replication
🔸SageMaker Autopilot + new Model Insights for classification problems
🔸SSM Distributor + deploy Alert Logic MDR Agent
🔹ParallelCluster v3.1.1 with multi-user environments through AWS Directory Service

#AWS_week

​​Sustainability, часть 2

Переписываем всё на Rust

Начал было писать статью в продолжение важной темы Sustainability (кто ещё не понял — Sustainability важный/устойчивый тренд и не только для AWS) по теме энергоэффективности языков, чтобы обосновать шуточное определение, данное в посте про Sustainability Pillar, как AWS уже всё сделал за меня:

https://aws.amazon.com/blogs/opensource/sustainability-with-rust/

Если коротко, то AWS вкладывается в Rust как наиболее энергоэффективный из современных языков, переписывая критические элементы инфраструктуры на него. И, в частности, уже не один год нанимает Rust-разработчиков, разгоняя совместно с криптой их зарплаты до кратных зарплат девопсов.

Так что если вы лишь раздумываете, какой язык изучать ради денег — смело зачёркивайте Go помещайте Rust на первую позицию. 😁

#Sustainability #Rust

​​NoCode/LowCode сервисы на AWS

Про сложность AWS сервисов рассказывать не нужно, особенно здесь, да. 😀 Однако стоит учитывать, что это хорошо понимают и в AWS. И в последние годы пытаются что-то с этим сделать, чтобы снизить порог входа для использования AWS сервисов.

Возможно вы не заметили этих попыток со стороны AWS, даже, думаю, наверняка. И считаете, что нельзя просто так вот взять и использовать AWS сервисы. Что обязательно нужно программировать и много, настраивать и много чего другого знать. Значит этот пост как раз для вас.


Amazon Honeycode (2020-06)

Писал про Honeycode и даже пользовался сам. Реально без программирования можно получить готовый продукт.

У Honeycode есть много моментов и ограничений, однако для своей ниши хорошая вещь. Сервис был куплен Амазоном, потому находится "сбоку" и отсутствует привычная интеграция в экосистему AWS сервисов (плюс по-прежнему доступен лишь в Oregon).


AWS Glue Studio (2020-09)

Следующая попытка — поиграть на поле ETL сервисов:

Glue Studio is a new graphical interface that makes it easy to create, run, and monitor extract, transform, and load (ETL) jobs in Glue. You can visually compose data transformation workflows and seamlessly run them on Glue’s Spark-based serverless ETL engine.

https://aws.amazon.com/blogs/big-data/making-etl-easier-with-aws-glue-studio/

Не всё получилось совсем просто и для тех, кто не работал раньше с AWS, в результате получилось не так очевидно, однако интеграция со всей экосистемой позволяет сервису прогрессировать быстрыми темпами.


AWS Glue DataBrew (2020-11)

DataBrew provides a visual interface that quickly connects to your data stored in S3, Redshift, RDS, any JDBC accessible data store, or data indexed by the Glue Data Catalog. You can then explore the data, look for patterns, and apply transformations.

https://aws.amazon.com/blogs/aws/announcing-aws-glue-databrew-a-visual-data-preparation-tool-that-helps-you-clean-and-normalize-data-faster/


Amazon Nimble Studio (2021-04)

Не совсем сочетается с AWS сервисами в привычном смысле этого слова, но таки это именно он — крутая штука для создателей контента:

https://aws.amazon.com/blogs/media/amazon-nimble-studio-the-story-so-far/

Nimble Studio is a new service that empowers creative studios to produce visual effects, animation, and interactive content from storyboard sketch to final deliverable, entirely in the cloud.


AWS Step Functions Workflow Studio (2021-06)

https://aws.amazon.com/blogs/aws/new-aws-step-functions-workflow-studio-a-low-code-visual-tool-for-building-state-machines/

Step Functions Workflow Studio is a low-code visual tool that helps you learn Step Functions through a guided interactive interface and allows you to prototype and build workflows faster.


Amazon SageMaker Canvas (2021-11)

https://aws.amazon.com/blogs/aws/announcing-amazon-sagemaker-canvas-a-visual-no-code-machine-learning-capability-for-business-analysts/

SageMaker Canvas is a new visual, no code capability that allows business analysts to build ML models and generate accurate predictions without writing code or requiring ML expertise.


AWS Amplify Studio (2021-12)

https://aws.amazon.com/blogs/mobile/aws-amplify-studio-figma-to-fullstack-react-app-with-minimal-programming/

Самый последний на момент написания и самый крутой в этом плане сервис — Amplify Studio:

Amplify Studio is a visual development environment that offers frontend developers new features to accelerate UI development with minimal coding, while integrating Amplify’s powerful backend configuration and management capabilities.

Назвать его LowCode можно лишь с натяжкой, но это реально крутая штука, обязательная к тому, чтобы попробовать всем Frontend/FullStack разработчикам.


Итого

Как вы заметили, маркетологи в AWS решили использовать словечко Studio для маркировки подобных сервисов. Но главное другое — NoCode/LowCode сервисы у AWS есть, их стоит попробовать самому и порекомендовать другим! 😀

#NoCode #LoCode

S3 POST Policy:

https://apptrail.com/blog/2022/02/14/s3-post-policy

p.s. Link to official documentation:

https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html

#S3

​​EC2 C6a instances powered by AMD Zen3:

https://aws.amazon.com/blogs/aws/new-amazon-ec2-c6a-instances-powered-by-3rd-gen-amd-epyc-processors-for-compute-intensive-workloads/

Compared to C5a instances, this new instance type provides:
▫️ Up to 15 percent improvement in compute price performance.
▫️ Up to 40 Gbps for Amazon Elastic Block Store (Amazon EBS).
▫️ Up to 50 Gbps for network bandwidth.

🔸 C6a instances are cheaper than C5a!
c5a.large $0.077 2 4 GiB EBS Only Up to 10 Gigabit
c6a.large $0.0765 2 4 GiB EBS Only Up to 12.5 Gigabit

#EC2 #AMD

Sub-Millisecond Read Latency for EFS:

https://aws.amazon.com/blogs/aws/amazon-elastic-file-system-update-sub-millisecond-read-latency/

◻️ Up until today, EFS latency for read operations (both data and metadata) was typically in the low single-digit milliseconds. Effective today, new and existing EFS file systems now provide average latency as low as 600 microseconds for the majority of read operations on data and metadata.
◻️ This performance boost applies to One Zone and Standard General Purpose EFS file systems. New or old, you will still get the same availability, durability, scalability, and strong read-after-write consistency that you have come to expect from EFS, at no additional cost and with no configuration changes.

#EFS

How To Verify Cosigned Container Images In Amazon ECS

https://blog.chainguard.dev/cosign-verify-ecs/

#ecs #aws #amazon #container

​​New AWS Local Zones

Europe has received 12 new AWS Local Zones, South America - 5, India - 4, North America - 3, Africa - 2, Australia - 2, Canada - 2:

https://aws.amazon.com/about-aws/global-infrastructure/localzones/locations/

And we have three AWS Local Zones without an AWS Region, so we can expect a new AWS Region to appear in Vietnam, as it was in my prediction about the new CloudFront Edges.

AWS Region related to the new AWS Local Zone
🔸 City, Country

Canada Central
🔸 Toronto, Canada
🔸 Vancouver, Canada

Cape Town
🔸 Johannesburg, South Africa
🔸 Nairobi, Kenya

Frankfurt
🔸 Amsterdam, Netherlands
🔸 Berlin, Germany
🔸 Munich, Germany
🔸 Prague, Czech Republic
🔸 Vienna, Austria
🔸 Warsaw, Poland

Hyderabad
🔸 Bengaluru, India
🔸 Chennai, India
🔸 Kolkata, India

Milan
🔸 Athens, Greece

Mumbai
🔸 Delhi, India

N. Virginia
🔸 Bogotá, Colombia
🔸 Buenos Aires, Argentina
🔸 Lima, Peru
🔸 Santiago, Chile

Paris
🔸 Brussels, Belgium

Stockholm
🔸 Copenhagen, Denmark
🔸 Helsinki, Finland
🔸 Oslo, Norway

Sydney
🔸 Auckland, New Zealand
🔸 Brisbane, Australia

Spain
🔸 Lisbon, Portugal

Melbourne
🔸 Perth, Australia

Ohio
🔸 Querétaro, Mexico

Sao Paulo
🔸 Rio de Janeiro, Brazil

Without AWS Region
🔸 Bangkok, Thailand
🔸 Hanoi, Vietnam
🔸 Manila, Philippines

Interestingly that 4 out of 5 new Local Zones in South America belong to the N.Virginia AWS Region.

#AWS_Region

CloudWatch Container Insights for EKS Fargate using ADOT (AWS Distro for OpenTelemetry):

https://aws.amazon.com/blogs/containers/introducing-amazon-cloudwatch-container-insights-for-amazon-eks-fargate-using-aws-distro-for-opentelemetry/

▫️ This blog presented an overview of the design of the ADOT Collector for EKS Fargate with support for CloudWatch Container Insights and demonstrated its deployment and metrics collection from workloads on an EKS Fargate cluster.
▫️ A single collector instance is able to discover all the worker nodes in an EKS cluster through the use of Kubernetes service discovery and collect metrics from them by using the Kubernetes API server as a proxy for the kubelet on worker nodes.
▫️ EKS customers will now be able to collect system metrics such as CPU, memory, disk, and network usage from workloads that are deployed to an EKS Fargate cluster and visualize them in CloudWatch dashboards, providing the same experience as CloudWatch agent.

#CloudWatch

​​Multiple applications on EKS using a single ALB:

https://aws.amazon.com/blogs/containers/how-to-expose-multiple-applications-on-amazon-eks-using-a-single-application-load-balancer/

▫️ In this blog post, we demonstrated, in a step-by-step procedure, how to implement a microservices architecture in a simple and cost-effective way using EKS with a single ALB.
▫️ If you wish, you could also achieve the same results by using several Ingress objects pointing to the same ALB using the annotation “alb.ingress.kubernetes.io/group.name”. In this case, you would create individual Ingresses and add a common name to this annotation.
▫️ By using this approach, different teams can be completely independent from each other because they can deploy and manage their own services and ingresses while relying on the ALB.

#EKS #ALB

AWS Backup for S3:

https://aws.amazon.com/blogs/storage/automate-and-centrally-manage-data-protection-for-amazon-s3-with-aws-backup/

AWS Backup for Amazon S3 is now generally available in all commercial AWS Regions where AWS Backup is available.

#Backup #S3

​​Weekly Summary on AWS (February 13-19)

🔸 Backup for S3 + general availability 💪
🔸 Braket + 80-qubit
🔸 Budgets + Auto-adjusting 👍
🔸 CloudWatch Container Insights + EKS Fargate using ADOT
🔸 CodeGuru Reviewer
➖ Detector Library
➖ Security detectors for Log-Injection Flaws ⚠️
➖ Example repositories for Java and Python
🔸 EC2 C6a instances 🎉
🔸 EFS + sub-millisecond read latencies 💥
🔸 Firewall Manager + versioning for WAF managed rule group
🔸 MQ for RabbitMQ version 3.9.13
🔸 OpsWorks for Chef Automate version 20220103112354
🔸 RDS for MariaDB + delayed replication
🔸 Redshift
➖ Concurrency Scaling + automatic WLM
➖ UNLOAD command for JSON
➖ Cross-regions data sharing
🔸 Security Hub + 13 new controls
🔸 Transfer Family + banners
🔸 WAF Fraud Control + Account Takeover Prevention 🔥
🔹 s2n-quic 👀

#AWS_week

AWS WAF Account Takeover Prevention

На прошлой неделе было несколько анонсов без официальных блогов, но при этом весьма интересные фичи, одна из них ATP (AWS WAF Account Takeover Prevention).

Детальное видео о том, что это и как пользоваться:

https://www.youtube.com/watch?v=adpT3ir_bUY

Ссылка на документацию:

https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html

#WAF

AWS SAM CLI + TypeScript:

https://aws.amazon.com/blogs/compute/building-typescript-projects-with-aws-sam-cli/

This post reviews several new features that can improve the development experience for TypeScript developers. I show how to create a sample TypeScript project using sam init. I build and deploy a TypeScript project using the AWS SAM CLI. I show how to use AWS SAM Accelerate with your TypeScript project. Last, I measure the impact of bundling, tree shaking, and minification on a sample project.

#SAM #TypeScript