Dec 2018

AWS WAF now supports rule group exceptions, allowing you to override individual rules within a managed rule group. You can now choose which rules within the rule group should be excluded and set in count-only mode, preventing those rules from blocking a request. This will allow you to modify the behavior of a managed rule group so that it can be adapted to your unique environment.

Traditionally, any customization within the managed rule group required you to reach out to your managed rules provider. Starting today, you can exclude individual rules within a managed rule group and change the action for the rule to COUNT. Therefore, requests that match an excluded rule are counted, but not blocked. This helps you try out new managed rule groups for AWS WAF, react faster to abnormal conditions, and gives you more control over your web ACLs.

Adding a managed rule to the exception list is done in three steps. First, analyze incoming traffic using the full logging feature and look for unexpected behavior within the rule group. Second, identify the unwanted rule from the log. Lastly, exclude the rule either through the AWS WAF console or through the API.

This feature has been enabled for all customers at no additional cost. For more details, please visit AWS WAF Documentation.

You can now stream customer audio from your Amazon Connect contact center in real time using the new customer voice stream feature. Previously, you could only access customer audio after a call was completed, using the call recording feature. Now, you can automatically stream customer audio from any point during the call, whether it's from the IVR, in a queue, or when speaking to an agent.

You can now use Apache Spark 2.4.0 and Hue 4.3.0 on Amazon EMR release 5.20.0. Spark 2.4.0 adds several new features and updates, including support for a new scheduling model called barrier execution mode that provides better integration with deep learning workloads, several new built-in SQL functions for ease of handling complex data types like arrays and maps, and native support for reading and writing Avro data formats. Hue 4.3.0 includes improvements to SQL exploration, improvements to job scheduling and monitoring, better dashboard layouts, and several bug fixes.

Additionally, with this release, you can use the upgraded versions of Apache Hive 2.3.4, Apache Flink 1.6.2, Apache HBase 1.4.8, Apache MXNet 1.3.1, Apache Tez 0.9.1, TensorFlow 1.12.0, and Presto 0.214.

You can create an Amazon EMR cluster with the release 5.20.0 by choosing the release label “emr-5.20.0” from the AWS Management Console, AWS CLI, or SDK. You can choose Spark, Hue, Hive, Flink, HBase, MXNet, Tez, TensorFlow, and Presto to install these applications when you launch your EMR cluster. Please visit the Amazon EMR documentation for more information about EMR release 5.20.0, Spark 2.4.0, Hue 4.3.0, Hive 2.3.4, Flink 1.6.2, HBase 1.4.8, MXNet 1.3.1, Tez 0.9.1, and Presto 0.214.

Amazon EMR release 5.20.0 is now available in all supported regions for Amazon EMR.

You can stay up to date on EMR releases by subscribing to the RSS feed for EMR release notes. Use the RSS icon at the top of the EMR Release Guide to link the feed URL directly to your favorite feed reader.

AWS Elemental MediaConvert is now available in the AWS GovCloud (US-West) region.

You can now launch Amazon EMR clusters with the next generation of compute optimized C5n instances, and the new AMD-based general purpose M5a instances and memory optimized R5a instances from the Amazon EC2 family. These instances are available for EMR clusters with release 5.20.0 and later. Compute Optimized C5n instances offer network bandwidth of up to 100Gbps and are ideal for communication-intensive distributed analytics and compute-heavy big-data applications that require high-network throughput and high-performance computing. The new AMD powered M5a and R5a instances are variants of Amazon EC2’s general purpose (M5) and memory optimized(R5) instance families that cost 10% lower than comparable instances. M5a instances offer a balance of compute, memory and networking and cater to a broad range of workloads. R5a instances have high memory to vCPU ratio and are ideal for memory-intensive analytics workloads. These instances are available in various sizes, to learn more about these instances please visit the Amazon EC2 instance page. For Amazon EMR pricing for these instances, visit the Amazon EMR pricing page.

Amazon EMR supports these instances in the following regions:

C5n instances are supported in the AWS US East (N.Virginia and Ohio), AWS US West (Oregon), AWS Europe (Ireland), and AWS GovCloud (US) regions.

M5a and R5a instances are supported in the AWS US East (N.Virginia and Ohio), AWS US West (Oregon), AWS Europe (Ireland), and AWS Asia Pacific (Singapore) regions.

You can now use the sam publish command to easily create an application or publish a new application version to the AWS Serverless Application Repository using the AWS Serverless Application Model (AWS SAM) Command Line Interface (CLI).

You can now launch M5 instance types when using Amazon RDS for SQL Server. Amazon EC2 M5 instances are the next generation of the Amazon EC2 General Purpose compute instances. M5 instances offers a balance of compute, memory, and networking resources for a broad range of database workloads.

You can now launch R5 instance types when using Amazon RDS for PostgreSQL. Amazon EC2 R5 instances are the next generation of Amazon EC2 memory optimized instances.

R5 instances are based on the Amazon EC2 Nitro System, a combination of dedicated hardware and lightweight hypervisor which delivers practically all of the compute and memory resources of the host hardware to your database instance. With a 1:8 vCPU to memory ratio and the largest size, R5 instances are well suited for running memory intensive database workloads including transaction processing, data warehousing, and analytics. R5 instances introduce a new larger sized instance, r5.24xlarge, which provides 96 vCPUs and 768GiB of memory per instance. Depending on your workload, you may be able to achieve up to 35% performance boost with R5 instances compared to R3 or R4 instances.

Amazon RDS database instances running PostgreSQL versions 9.6.9 (and higher) and 10.4 (and higher) are supported with R5 instance types. You can easily scale up to these new instance classes by modifying your existing DB instance in the AWS RDS Management Console.

Please refer to the Amazon RDS User Guide for more details and refer to Amazon RDS Pricing for pricing details and regional availability.

This Quick Start deploys Varnish Cache Plus (VCP), a caching and HTTP acceleration technology by Varnish Software, on the AWS Cloud in about 30 minutes.

The AWS Management Console now makes it easier to find and access your favorite services.

The AWS Management Console automatically detects whether you are on a smartphone, tablet, laptop, or widescreen monitor, and it resizes the on-screen content so you can easily access your favorite services. When you click into the search bar, you can see a list of AWS services with easy-to-follow descriptions, even before you start typing. This allows you to quickly find relevant services based on your needs.

These improvements are available in the AWS GovCloud (US) Region. To start using these features, login to the AWS Management Console.

Starting today, AWS Firewall Manager is available in 4 additional regions - US East (Ohio), Asia Pacific (Sydney), EU (Frankfurt), and Asia Pacific (Tokyo), extending the footprint to 7 AWS Regions and all the 149 Amazon CloudFront edge locations.

AWS Firewall Manager is a security management tool that simplifies your AWS WAF administration and maintenance tasks across multiple accounts and resources. With Firewall Manager, you set up your firewall rules just once. The service automatically applies your rules across your accounts and resources, even as you add new resources or AWS accounts.

You can learn more by visiting the Firewall Manager details page, or the documentation.

UPDATE July 2020: We’re not currently providing the AWS Workload Qualification Framework (AWS WQF) tool for download. If you need help with assessing a migration to AWS with WQF, we recommend opening a support ticket. We can engage with you directly to help make the process work for you.

As always, if you have questions, feel free to contact us.

Today, we are launching the Workload Qualification Framework (WQF) as part of AWS Database Migration Service (AWS DMS) to help you assess and plan your database migrations to AWS databases.

WQF uses AWS Schema Conversion Tool (AWS SCT) to collect information to model existing Oracle and Microsoft SQL Server database workloads and provides instructions to convert them to an AWS database. It identifies the complexity of the migration by analyzing database schemas and code objects, application code, dependencies, performance characteristics among other inputs. WQF can conduct a fleet-wide analysis of your entire database portfolio and help categorize migrations based on complexity and workload, so you're fully informed about the potential effort to migrate them into AWS.

WQF automatically generates the following reports:

• Workload assessment based on the complexity, size, and technology used
• Recommendations on migration strategies to migrate to Amazon RDS or Amazon Aurora
• Actionable feedback and step-by-step instructions for migrations
• Assessment of the migration effort required based on team size and member roles

WQF comes in a packaged Windows AMI and is available for use via the AWS Marketplace. You can find region availability, supported instance classes, pricing and WQF documentation via the AWS Marketplace page.

 

 

The AWS Solutions team has updated the AWS WAF Security Automations solution. AWS WAF is a web application firewall that enables customers to quickly create custom, application-specific rules that block common attack patterns that can affect application availability, or consume excessive resources.

You can now use Amazon Route 53 alias records to map custom domain names (such as api.example.com) both to API Gateway custom regional APIs and edge-optimized APIs and to Amazon VPC interface endpoints, without incurring additional Route 53 query charges. Alias records also let you point your zone apex (such as example.com) at these resources, which is not possible using standard DNS CNAME records.

You can create alias records pointing to API Gateway resources and Amazon VPC endpoints using the Route 53 console or API. To learn more, see the Amazon Route 53 developer guide.

AWS Elastic Beanstalk now supports additional access control with tag-based permissions. This allows you to control access based on tags using your existing AWS Identity and Access Management (IAM) policies and taking advantage of the global condition keys for RequestTag/tag-key, ResourceTag/tag-key, and TagKeys. 

Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for you to add a speech-to-text capability to your applications. Amazon Transcribe now supports transcription of audio in the following new languages: French, Italian, and Brazilian Portuguese. These languages expand upon the existing 5 languages already available in Amazon Transcribe: US English, US Spanish, Australian English, British English and Canadian French. 

Amazon DynamoDB Accelerator (DAX) is now compatible with the Amazon DynamoDB TransactWriteItems and TransactGetItems APIs. You can integrate your DynamoDB application with DAX without making changes to your existing application logic.

AWS CodeStar now lets you automatically create a new Alexa Skill from within your Amazon Web Services (AWS) account. Previously, you needed to create the skill in the Alexa Skill console and link it with an AWS Lambda function in your AWS account. You would also need to manually register changes any time you updated your skill. These manual steps are no longer needed if you develop your Alexa Skills with CodeStar. To get started with Alexa skill templates on AWS CodeStar, go to our getting started guide to follow step by step instructions.

Today we are introducing partition placement groups, a new Amazon EC2 placement strategy that helps reduce the likelihood of correlated failures for large distributed and replicated workloads such as HDFS, HBase and Cassandra running on EC2. Partition placement groups spread EC2 instances across logical partitions and ensure that instances in different partitions do not share the same underlying hardware, thus containing the impact of hardware failure to a single partition. In addition, partition placement groups offer visibility into the partitions and allow topology aware applications to use this information to make intelligent data replication decisions, increasing data availability and durability.

Partition placement groups are available through AWS API and CLI to customers at no additional charge and is offered in US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), EU (Frankfurt), EU (Ireland), EU (London), EU (Paris), South America (São Paulo), China (Beijing) and China (Ningxia) regions.

To learn more about partition placement groups, see the user guide for EC2 Placement Groups.

You can now use Amazon MQ to set up a highly available network of brokers that connects multiple message brokers across AWS availability zones and regions. A network of brokers improves message broker availability and scalability, and is ideal for mission critical applications where downtime is extremely impactful.

The MediaTek MT7697H System on Chip (SoC) is now qualified for Amazon FreeRTOS. You can take advantage of Amazon FreeRTOS features and benefits using the MediaTek MT7697Hx Development Kit available from MediaTek.

We are pleased to announce that Support Center is now available in AWS GovCloud (US) Regions, allowing access with GovCloud account credentials. Support Center is the console through which AWS customers are able to create and view support cases and gain access to AWS Support knowledge articles and videos.

Previously, access to Support Center was only available to commercial account credentials that had the appropriate permissions. With this launch, GovCloud customers can now make use of their GovCloud credentials to access Support Center to create and view support cases. Access to Support Center in the standard AWS Management Console will still be available, but, as before, will require commercial account credentials to create and view support cases.

To get started, visit the Support Center console in AWS GovCloud (US). To learn more about AWS Support in AWS GovCloud (US), visit the Support product FAQs.

Amazon Elastic Container Service for Kubernetes (Amazon EKS) is now available in Europe (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Tokyo) AWS regions.

AWS CloudHSM is now available in the AWS GovCloud (US-East) region.  

CloudHSM provides fully managed hardware security module (HSM) instances in the AWS Cloud. With CloudHSM, you can manage and use your own encryption keys using FIPS 140-2 Level 3 validated HSMs. Applications can be built using using industry-standard APIs, such as PKCS#11, Java Cryptography Extensions (JCE) and Windows Cryptography API: Next Generation (CNG).  

 

Amazon Aurora with PostgreSQL Compatibility now supports Query Plan Management in version 10.5, and is available in the US East (N. Virginia, Ohio), US West (Oregon), Europe (Ireland), Asia Pacific (Tokyo), and Asia Pacific (Seoul) Regions.

Amazon Aurora with PostgreSQL Compatibility version 10.5 adds support for Query Plan Management, a new feature that allows you to control how and when query execution plans change. Query plan management allows you to prevent plan regressions when the database system or environment changes, and allows you to control when and whether the optimizer can use new plans.

The quality and consistency of query optimization have a major impact on the performance and stability of any relational database management system (RDBMS). Query optimizers create a query execution plan for a SQL statement at a specific point in time. As conditions change, the optimizer might pick a different plan that makes performance worse. For example, changes in statistics, constraints, environment settings, query parameter bindings, and software upgrades can all cause the query optimizer to choose a different plan and lead to performance regression. Regression is a major concern for high-performance applications.

With query plan management, you can control execution plans for a set of statements that you want to manage. You can do the following:

• Improve plan stability by forcing the optimizer to choose from a small number of known, good plans.
• Optimize plans centrally and then distribute the best plans globally.
• Identify indexes that aren't used and assess the impact of creating or dropping an index.
• Automatically detect a new minimum-cost plan discovered by the optimizer.
• Try new optimizer features with less risk, because you can choose to approve only the plan changes that improve performance.

To use the new version, you can create an Amazon Aurora with PostgreSQL Compatibility database instance with just a few clicks in the AWS Management Console. You can also create an Amazon Aurora with PostgreSQL Compatibility 10.5 read replica using an RDS for PostgreSQL 10.5 master instance, and then fail over your connections and applications to Aurora when ready. Learn more about migrating to Aurora PostgreSQL 10.5 in the Amazon RDS User Guide.

Amazon Aurora combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. It provides up to three times better performance than the typical PostgreSQL database, together with increased scalability, durability, and security.

You can now launch Apache ActiveMQ 5.15.8 brokers on Amazon MQ. This minor update to ActiveMQ contains several fixes and new features compared to the previously supported version, ActiveMQ 5.15.6.  

Amazon Aurora with PostgreSQL Compatibility now supports PostgreSQL major version 10.5, and is available in the US East (N. Virginia, Ohio), US West (Oregon), Europe (Ireland), Asia Pacific (Tokyo), and Asia Pacific (Seoul) Regions.

Amazon Aurora with PostgreSQL Compatibility version 10.5 adds support for Query Plan Management, a new feature that allows you to control how and when query execution plans change. Query plan management allows you to prevent plan regressions when the database system or environment changes, and allows you to control when and whether the optimizer can use new plans.

This release includes all patches from the PostgreSQL 10.1, PostgreSQL 10.2, PostgreSQL 10.3, PostgreSQL 10.4, and PostgreSQL 10.5 minor versions. It also includes all extensions that are supported in the Amazon Aurora with PostgreSQL Compatibility 9.6 release.

To use the new version, you can create an Amazon Aurora with PostgreSQL Compatibility database instance with just a few clicks in the AWS Management Console. You can also create an Amazon Aurora with PostgreSQL Compatibility 10.5 read replica using an RDS for PostgreSQL 10.5 master instance, and then fail over your connections and applications to Aurora when ready. Learn more about migrating to Aurora PostgreSQL 10.5 in the Amazon RDS User Guide.

Amazon Aurora combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. It provides up to three times better performance than the typical PostgreSQL database, together with increased scalability, durability, and security.

Amazon Redshift now automatically runs the VACUUM DELETE operation to reclaim disk space occupied by rows that were marked for deletion by previous UPDATE and DELETE operations. It also defragments the tables to free up consumed space and improves performance for your workloads.

You can now route contacts directly to specific agents using agent queues. Previously, contacts in Amazon Connect were routed to shared queues that were typically handled by multiple agents. Now all agents have a personal queue, without additional configuration. Just as with contacts in standard queues, a contact in an agent queue appears as an incoming call in the Contact Control Panel (CCP) when the agent is set to available.

Starting today, you can easily review your action items in Amazon WorkDocs with 'Tasks.' With Amazon WorkDocs Tasks, you can review action items that are pending, assigned, or resolved in one place. You can manually create new tasks by clicking on the 'Tasks' tab on the top navigation bar, or by clicking 'Request feedback' when inviting other users as contributors to your file. Types of tasks include sending content out for review, requesting access to a file, transfering ownership of a file, or requesting action from your site administrator. Amazon WorkDocs Tasks can help you and your teams collaborate more efficiently by highlighting critical action items for the day.

 

To see your tasks, you can access Amazon WorkDocs in your browser and click on ‘Tasks’ in the top navigation bar. On the 'Tasks' tab, you can review 'My tasks' to see action items assigned to you, 'Sent' tasks to see items that you have assigned to others, and 'Archive' to access a full list of completed tasks.

 

Amazon WorkDocs Tasks is available immediately to all Amazon WorkDocs customers. No user or administrator action is required to activate it. Discover more about WorkDocs, or sign up for a 30-day trial today.

Starting today, you can easily review your action items in Amazon WorkDocs with 'Tasks.' With Amazon WorkDocs Tasks, you can review action items that are pending, assigned, or resolved in one place. You can manually create new tasks by clicking on the 'Tasks' tab on the top navigation bar, or by clicking 'Request feedback' when inviting other users as contributors to your file. Types of tasks include sending content out for review, requesting access to a file, transfering ownership of a file, or requesting action from your site administrator. Amazon WorkDocs Tasks can help you and your teams collaborate more efficiently by highlighting critical action items for the day.

To see your tasks, you can access Amazon WorkDocs in your browser and click on ‘Tasks’ in the top navigation bar. On the 'Tasks' tab, you can review 'My tasks' to see action items assigned to you, 'Sent' tasks to see items that you have assigned to others, and 'Archive' to access a full list of completed tasks.

Amazon WorkDocs Tasks is available immediately to all Amazon WorkDocs customers. No user or administrator action is required to activate it. Discover more about WorkDocs, or sign up for a 30-day trial today.
 

Amazon DynamoDB made it easier for you to perform a variety of queries by increasing the number of global secondary indexes you can create per table to 20. If you need more than 20 global secondary indexes, you can request an increase.

Following the recent announcement of updates to the PostgreSQL database, we have updated Amazon RDS for PostgreSQL to support PostgreSQL minor versions 10.6, 9.6.11, 9.5.14, and 9.4.20. This release fixes PostgreSQL security vulnerabilities included in the current minor release by the PostgreSQL community and contains additional bug fixes and improvements.

With this update, a new Restricted Password Management feature is introduced in PostgreSQL 10.6. Using a new parameter and a special role, you can limit database user password changes to members of the role, thereby enabling greater control over password management on the client side (e.g. expiry requirements, complexity requirements). The logical decoding plugin wal2json has been updated in PostgreSQL 10.6 and 9.6.11.

Amazon RDS for PostgreSQL makes it easy to set up, operate, and scale PostgreSQL deployments in the cloud. Learn more about upgrading your database instances from the Amazon RDS User Guide. See Amazon RDS for PostgreSQL Pricing for pricing details and regional availability.

Starting today, Amazon Data Lifecycle Manager (DLM) for EBS Snapshots is available in the EU (Paris) region. DLM provides a simple, automated way to back up data stored on Amazon EBS volumes. With this feature, you no longer have to rely on custom scripts to create and manage your backups.

AWS Auto Scaling with Predictive Scaling for Amazon EC2 is now available in 8 additional regions. Using AWS Auto Scaling, customers can configure Predictive Scaling to automatically scale their Amazon EC2 Auto Scaling Groups in advance of impending traffic changes. Customers can also use AWS Auto Scaling to manage scaling configuration for multiple resources with a single scaling plan for services such as Amazon EC2, Amazon ECS, Amazon DynamoDB, and Amazon Aurora.

AWS Auto Scaling with Predictive Scaling for EC2 is now available in Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Sydney), Canada (Central), US West (Northern California), Europe (London), Europe (Frankfurt) in addition to the existing regions US East (Virginia), US East (Ohio), US West (Oregon), EU (Ireland), and Asia Pacific (Singapore). Today's launch brings the total number of regions the service is available to 13.

AWS Auto Scaling can be accessed using the AWS Auto Scaling console, API via SDK/CLI, or CloudFormation. To learn more about AWS Auto Scaling, please visit this page. To learn more about Predictive Scaling, please visit the blog.

AWS IoT Device Defender helps you keep connected devices secure. AWS IoT Device Defender alerts you whenever devices violate a user-defined behavior for security metrics gathered from devices and AWS IoT Core.

We are excited to announce the addition of 15 free, new, individually available digital courses to our online training portfolio. Launched at AWS re:Invent 2018, these 10-minute video courses introduce services for machine learning (ML), satellite communications, global services, medical data analytics, and more. These 15 courses are also grouped together in a free new digital curriculum called AWS re:Invent 2018 New Services.

Now, the AWS Identity and Access Management (IAM) console supports five new languages, including German, Portuguese, Spanish, Italian, and Traditional Chinese. Customers who prefer to interact with the IAM console in these languages can do so using the language selector in the IAM console footer.  

The Media Services Application Mapper is a solution that enables customers to display the logical connections between media services, visualize error messages and counts, and produce a list of confidence-ranked root causes for problematic workflows. The solution is easy to deploy and currently monitors AWS Elemental MediaLive, AWS Elemental MediaPackage, Amazon CloudFront, and Amazon Simple Storage Service.

You can now use AWS Glue in the AWS US West (N. California) Region.

You can now tag your Amazon Elastic Container Registry (ECR) repositories with custom metadata. This makes it easier for you to organize, manage, search, and allocate costs. 

AWS Client VPN is a new managed service that provides you with the ability to securely access your AWS and on-premises networks from anywhere, using OpenVPN-based clients.

We’re excited to announce the availability of Lumberyard Beta 1.17, which features over 70 slice workflow updates to help game developers get more done, faster. This release includes:

You can now use WebSocket APIs to build real-time two-way communication applications in Amazon API Gateway—all without having to provision and manage any servers.

Amazon RDS Performance Insights, an advanced database performance monitoring feature, now supports additional counter metrics on Amazon Aurora with PostgreSQL compatibility. With counter metrics, you can customize the Performance Insights dashboard to include up to 10 additional graphs that show a selection of dozens of operating system and database performance metrics. This information can be correlated with database load to help identify and analyze performance problems.

Today, AWS IoT Analytics added support for AWS CloudFormation with templates for data ingestion and analytical patterns. CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment and simplifies the roll out across multiple AWS accounts and/or regions with just a couple of clicks.  

Three new features for AWS ParallelCluster, available today, will help customers further simplify the process of creating and managing HPC clusters on Amazon Web Services (AWS).

AWS Batch Support: Customers can now use AWS Batch as a job scheduler in AWS ParallelCluster and submit distributed computing jobs through AWS ParallelCluster to AWS Batch. AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch also supports scheduling multi-node parallel jobs, enabling customers to efficiently run single jobs that span multiple Amazon EC2 instances.

Amazon Elastic File System (EFS) integration: AWS ParallelCluster now supports native configuration for EFS to further enhance storage and file management features. Users can create and/or mount EFS directly from AWS ParallelCluster without a post-install script.

RAID Array Configuration Support: AWS ParallelCluster customers can now easily create a RAID 0 or RAID 1 array for use with their HPC cluster. RAID 0 combines multiple drives into a single drive to provide enhanced I/O performance, while RAID 1 combines multiple drives into a single drive for better fault tolerance. RAID arrays can be created from up to 5 Amazon Elastic Block Store (EBS) volumes.

AWS ParallelCluster is available at no additional charge, and you pay only for the AWS resources needed to run your applications. AWS ParallelCluster is released via the Python Package Index (PyPI). AWS ParallelCluster’s source code is hosted under the Amazon Web Services repository on GitHub.  Learn how to launch an HPC cluster using AWS ParallelCluster here.

AWS Direct Connect is now live at two new locations in Silicon Valley and Stockholm. In Silicon Valley, AWS Direct Connect launched its third location at CoreSite SV2, Milpitas. This location is the first new location that offers logical redundancy over a single virtual interface (VIF) on a Direct Connect connection, a new capability launched last month. Logical redundancy can reduce downtime when a BGP peering session goes down due to a device failure or maintenance activity on the AWS side. CoreSite SV2, Milpitas can be found under its associated home region of US West (N. California). With Direct Connect Gateway and global public VIFs, customers can access their resources in any global AWS Region (except China).

The AWS Price List API provides you with the ability to query for the current and historical prices of AWS services, as well as receive alerts via Amazon SNS when pricing changes are detected.

AWS Fargate Platform Version 1.3.0 is now available. This update adds Secrets support when using Fargate launch type with Amazon Elastic Container Service (ECS).

Amazon Connect now provides a new contact API that lets you programmatically retrieve contact attributes for a given contact. Contact attributes are key-value pairs of data about a contact, such as the name of the caller, why they called, or the quality of service they received. Contact attributes can be stored using contact flow blocks or by API. For example, for a given contact, you might choose to set contact attributes to indicate why the customer was calling or how their issue was resolved. If the customer calls back, you can now use the new contact API to load the attributes associated with their previous contact in order to personalize the IVR experience or route them to an appropriate queue.

Today, Amazon GameLift released an updated server SDK that is compatible with the latest versions of Unity and Unreal game engines, along with Visual Studio 15 2017.

The Amazon GameLift server SDK version 3.3.0 is now compatible with Unity 2018 and Unreal 4.21 and continues to support earlier versions. You can now also integrate Amazon GameLift into games using Visual Studio 15 2017.

Learn more about the update and how to get started in the release notes.

You can now use AWS Shield Advanced to get higher levels of DDoS protections for your applications running on the recently announced AWS Global Accelerator. Simply enable AWS Shield Advanced protection on your Accelerator. AWS Shield Advanced will automatically detect the type of AWS resource behind the Accelerator and apply the relevant advanced DDoS protections. 

Starting today, AWS Batch supports running workloads on P3dn instances.

Today, we released the Amazon DynamoDB key diagnostics library, which provides near-real-time key usage information for DynamoDB. This library is a lightweight, client-side utility that can help you to analyze your table's traffic and display visualizations that show the number of reads and writes to each partition key. By using the library, you can adjust to unpredictable and uneven workloads in near-real time. To learn more about the library, how to set it up, and to identify hot keys, see How to use the new Amazon DynamoDB key diagnostics library to visualize and understand your application’s traffic patterns.

The AWS Deep Learning AMIs for Ubuntu and Amazon Linux now come with newer versions of the following deep learning frameworks: PyTorch 1.0, MXNet 1.3.1, and Chainer 5.1. This release also includes upgrades of the NVIDIA stack, including CUDA 10, cuDNN 7.4.1, and NCCL 2.3.7. For GPU-based training, PyTorch 1.0 in the AMIs is fully configured to take advantage of performance improvements in CUDA 10.

Amazon SageMaker Automatic Model Tuning now supports early stopping of training jobs. With early stopping, training jobs will be automatically stopped during hyperparameter tuning when it becomes evident that they aren't likely to improve model accuracy. Early stopping will reduce your costs for hyperparameter tuning.

AWS Step Functions is now available in the EU (Paris) region. AWS Step Functions is a workflow automation service that allows you to build and update applications quickly.

AWS Step Functions is now available in the South America (Sao Paulo) region. AWS Step Functions is a workflow automation service that allows you to build and update applications quickly.

AWS customers can now access Amazon Simple Queue Service (Amazon SQS) from their Amazon Virtual Private Cloud (Amazon VPC) using VPC endpoints, without using public IPs, and without needing to traverse the public internet. VPC endpoints for Amazon SQS are powered by AWS PrivateLink, a highly available, scalable technology that enables you to privately connect your VPC to supported AWS services.

AWS Systems Manager now enables customers to use Automation at scale using a pay-per-use model. The existing limit of 25,000 basic steps will be increased to a new free tier of 100,000 basic steps per account per month.

This Quick Start automatically deploys TIBCO Data Science on the Amazon Web Services (AWS) Cloud in about 80 minutes. This deployment guide is for infrastructure architects and TIBCO administrators who want to quickly deploy a TIBCO Data Science system in a fault-tolerant configuration across AWS Availability Zones.

AWS Transit Gateway is now available in 8 additional AWS Regions in the Americas, Europe, and Asia Pacific: Canada (Central), EU (London), EU (Frankfurt), EU (Paris), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Seoul), and Asia Pacific (Sydney).

AWS Transit Gateway enables customers to connect thousands of Amazon Virtual Private Clouds (VPCs) and their on-premises networks using a single gateway. As you grow the number of workloads in AWS across multiple accounts, you need to scale your networks, control your connectivity policies better, and monitor your network effectively. Today, you can connect pairs of Amazon VPCs using VPC peering. However, managing point-to-point connectivity across large number of Amazon VPCs, without centrally managing connectivity and routing policies, can be operationally costly and cumbersome. This solution can be hard to manage hundreds of Amazon VPCs.

With AWS Transit Gateway, you only have to create and manage a single connection from a central gateway to each Amazon VPC, on premises data center, or remote office. AWS Transit Gateway acts as a hub where traffic is routed to all the connected networks, the spokes. This hub and spoke model significantly simplifies management and reduces operational costs because each network only has to connect to the AWS Transit Gateway. With effective routing policies on the Transit Gateway, you have centralized control over how your Amazon VPCs and on-premises networks connect to each other. This connectivity model makes it easy and simple for you to scale and monitor your networks over time.

With this announcement, AWS Transit Gateway is now available in a total of 14 AWS Regions around the world. For more information, see the AWS Transit Gateway product page and documentation.

Amazon Neptune is now available in the Asia Pacific (Singapore) region.

Starting today, AWS Batch is available in the Europe (Paris) AWS Region.

AWS Storage Gateway released various feature enhancements to File Gateway, including increased performance, the option to selectively refresh portions of the gateway’s cache, and the ability to configure DNS and NTP settings.

AWS is announcing the immediate availability of the new AWS Europe (Stockholm) Region. The Stockholm Region joins Frankfurt, Ireland, London and Paris as the fifth AWS Region in Europe, and the 20th AWS Region worldwide. The AWS Europe (Stockholm) Region consists of three Availability Zones and with this launch, the AWS Global Infrastructure now offers 60 Availability Zones worldwide, serving customers in over 190 countries. The new AWS Europe (Stockholm) Region adds to the existing infrastructure AWS already has in the Nordics, which includes three Edge Network Locations in Sweden, and one each in Finland, Denmark and Norway, for customers looking to deliver websites, applications, and content to end users with low latency.

Amazon Elastic Container Service for Kubernetes (EKS) now performs managed, in-place cluster upgrades for Kubernetes versions. Additionally, Amazon EKS now supports Kubernetes version 1.11.5.

You can now set a lifecycle policy to delete objects from AWS Elemental MediaStore containers after a minimum of one day. This lets you automatically delete the video segments that make up your live streams after a period of time that you define, helping optimize your storage footprint and minimize cost.

You can now use Amazon Neptune in applications that are subject to PCI compliance or require ISO certification. Neptune is a fast, reliable, fully-managed graph database service that makes it easy to build and run applications that work with highly connected datasets.  

Amazon Redshift is now available in the EU (Stockholm) AWS Region.

Amazon Elastic File System (Amazon EFS) is now available in the AWS GovCloud (US-West) region. 

AWS Certificate Manager is now PCI DSS compliant; ISO 9001, 27001, 27017, 27018 certified; SOC 1,2 and 3 compliant; and has been added to the AWS Services In Scope listings.

AWS Organizations now supports AWS License Manager; a service that makes it easier for customers to bring their existing software licenses to AWS cloud, and manage licenses across their hybrid environments seamlessly, across AWS and on premises. Customers can now manage licenses across their AWS accounts centrally. They can create licensing rules in their master account, easily attach them to resources in member accounts, and track usage of licenses across their AWS accounts centrally, using License Manager’s built-in dashboard.

Starting today, you can use AWS Batch with workloads running on C5n instance types.

Amazon Comprehend, Amazon Translate, and Amazon Transcribe are now certified as compliant with the Payment Card Industry Data Security Standard (PCI DSS), a proprietary information security standard administered by the PCI Security Standard Council. This means that these services are certified to handle cardholder data (CHD) and sensitive authentication data (SAD), including merchants, processors, acquirers, issuers, and service providers.

Details: Amazon CloudFront announces ten new Edge locations, adding to our global presence. Eight of the new Edge locations are in North America: Houston, Texas (our first location in this city), Chicago, Illinois, Newark, New Jersey, Los Angeles, California, and Ashburn, Virginia. We also added an Edge location in Berlin, Germany, as well as one in Tokyo, Japan.

With this launch, CloudFront will increase its request processing capacity by up to 40%, on average, in the North American cities.

These new Edge locations add to CloudFront's existing global presence and enhance delivery, performance, and scale for our customers. A full list of CloudFront’s global locations is available on the CloudFront Features webpage.

Amazon RDS now includes enhancements to the Auto Minor Version Upgrade feature for Amazon RDS database instances. Auto Minor Version Upgrade is a feature that you can enable to have your database automatically upgraded when a new minor database engine version is available.

Amazon Elasticsearch Service is now HIPAA Eligible. You can now use Amazon Elasticsearch Service to store and analyze protected health information (PHI) and build HIPAA compliant applications. 

You can now publish logs from your RDS for PostgreSQL databases to Amazon CloudWatch Logs in Amazon RDS. Supported logs include PostgreSQL system logs and upgrade logs.

Publishing these logs to CloudWatch Logs allows you to maintain continuous visibility into PostgreSQL system logs, and upgrade logs for your PostgreSQL databases. For example, you can set up Amazon CloudWatch Alarms to notify you on frequent restarts which are recorded in the PostgreSQL system log. Similarly, alarms for events recorded in PostgreSQL logs can be created to alert on unwanted changes made to your databases. You may also enable logging of slow queries and create alarms to monitor them in the PostgreSQL logs and enable timely detection of long-running queries.

CloudWatch Logs provide a durable archive destination for your database logs. You can specify a retention period to indicate how long you want CloudWatch to retain your logs. Additionally, with CloudWatch Logs, you can perform ad hoc searches across multiple logs. This capability is particularly useful for troubleshooting, audits, and log analysis. You can also export logs from CloudWatch to Amazon S3.

Refer to the RDS for PostgreSQL documentation for more information. To start publishing logs from RDS for PostgresQL databases to CloudWatch Logs, visit the AWS RDS Management Console or download the latest AWS SDK or CLI.

Amazon RDS for PostgreSQL makes it easy to set up, operate, and scale PostgreSQL deployments in the cloud. See Amazon RDS for PostgreSQL Pricing for regional availability.

Alexa for Business now allows organizations to connect select Echo devices managed by Alexa for Business to their corporate WPA2 Enterprise Wi-Fi network. Many organizations prefer to have all devices on their WPA2 enterprise protected network to simplify network and device management. This new feature lets you connect the Echo devices to your existing WPA2 wireless network without having to create a guest or WPA2 personal network.  

Amazon Connect is now available in the Asia Pacific (Tokyo) AWS Region. With this launch, your business in Japan can offer the best possible customer service experience to your customers. This also lets you provision your Amazon Connect cloud contact center with the other AWS services you use.

Today, Amazon AppStream 2.0 announced dynamic app framework APIs. Using these APIs, you can dynamically build application catalogs for your users from a single AppStream 2.0 application image, or deliver virtualized apps from a third party solution. This reduces the number of application images you need to maintain, because you no longer need to create an image, stack, and fleet for each user group.

You can build your own solution using these APIs, or leverage a third party dynamic app provider. The apps managed by a dynamic app provider can either be installed on an AppStream 2.0 image, or be delivered off-instance from a Windows file share or application virtualization service.

To build your own solution, or find third party dynamic app providers, see Manage App Entitlement with the Dynamic App Framework. The dynamic app framework APIs are available today at no additional charge in all AWS Regions where AppStream 2.0 is offered. AppStream 2.0 offers pay-as-you-go pricing. Please see Amazon AppStream 2.0 Pricing for more information, and try our sample applications.

We are pleased to announce the general availability for the latest release of AWS Thinkbox Deadline 10.0.23.4. This release includes support for Luxion KeyShot usage based licensing (UBL) via the AWS Thinkbox Marketplace for all customers globally, bringing the power of the cloud to Industrial Design.

Today, Alexa for Business launched usage reports, which lets you access usage metrics on how Alexa for Business shared devices and private skills are being used in your organization. This will allow you to measure the impact of Alexa in your organization, as well as run and measure experiments so you can identify opportunities to build improved experiences for your employees. For example, the usage reports will allow you to measure the usage of “Join the meeting” functionality across your conference rooms, so you can understand user preferences in different locations. You can then determine where you need to educate or develop features to increase user engagement. Usage reports can also help you understand what private skills are most popular with users, so you can prioritize the development of more such private skills.

AWS CloudFormation has enhanced CreateStack and UpdateStack actions to support Macros. This means customers can now embed macros in templates with nested stacks. Macros enable powerful custom processing on CloudFormation templates, from simple actions like find-and-replace operations to extensive transformation of entire templates.

In the AWS SDKs and CLI, templates containing macros can now be executed directly using the CreateStack and UpdateStack actions. This functionality is available in all regions today. For more information, visit our API reference.

AWS Identity and Access Management (IAM) access advisor now enables you to automate the analysis of your IAM permissions across all your accounts using IAM access advisor APIs with the AWS Command Line Interface (AWS CLI) or SDK. IAM access advisor helps you audit service access, remove unnecessary permissions, and set appropriate permissions providing the last timestamp when an IAM entity (e.g., user, role, or a group) accessed an AWS service.

Building on the momentum of our existing collaboration with edX, we are excited to announce Amazon SageMaker: Simplifying Machine Learning Application Development. This new intermediate-level course, available exclusively on edX, provides a baseline understanding of machine learning (ML) and how applications can be built and deployed using Amazon SageMaker.

This course is recommended for those who are existing cloud-native developers, or developers who are upskilling in ML—and no data science background is required. It’s suggested that learners gain familiarity with the AWS Console, tools, and services by completing the AWS Developer Professional Series on edX before beginning this course.

The course may be audited for free, or learners can pay a one-time fee of $99 USD for a verified certificate. Register today!

AWS Resource Access Manager (RAM) provides customers a simple way to share their resources across AWS accounts or within their AWS Organization. Many AWS customers use multiple AWS accounts to provide administrative and billing autonomy to their teams. These customers can now centrally create resources and use RAM to share them across accounts, leading to a reduction in operational overhead for customers while maintaining the benefits of a multi-account strategy. Using RAM to share resources eliminates the need for customers to create duplicate resources in each of their accounts and drives down costs. Consumption of shared resources is governed by access control policies in AWS Identity & Access Management and Service Control Policies in AWS Organizations, enabling customers to leverage their existing investments in security and governance controls. At this time, customers can share Amazon Route 53 Resolver Rules, AWS Transit Gateways, Subnets, and AWS License Manager Configurations using RAM.

AWS Resource Access Manager is available to customers at no additional charge and is offered in US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), EU (Frankfurt), EU (Ireland), EU (London), and EU (Paris) regions. Click here to get started and here to learn more about AWS Resource Access Manager.

This Quick Start automatically deploys Fortinet FortiGate Auto Scaling Baseline on the Amazon Web Services (AWS) Cloud in about 15 minutes. The Quick Start is intended to be a baseline for IT infrastructure architects, administrators, and DevOps professionals who plan to implement or extend Fortinet’s Security Fabric workloads on the AWS Cloud.

You can now access AWS CodePipeline from your Amazon Virtual Private Cloud (Amazon VPC) using VPC endpoints. Many AWS customers run their applications within a VPC for security or isolation reasons. Previously, you could connect to CodePipeline from your VPC using an internet gateway or VPN connection. With VPC endpoints, no public IP addresses are required and traffic between the VPC and CodePipeline does not leave the Amazon network. 

AWS Server Migration Service (SMS) now offers multi-server migration support that makes it easier and more cost effective to migrate applications from on-premises datacenters to Amazon EC2. You can migrate a group of servers as a single unit without having to go through the hassle of coordinating the replication of individual servers or decoupling application dependencies. With multi-server support, Server Migration Service significantly reduces the time to migrate applications and lessens the risk of errors in the migration process.

Amazon GuardDuty now offers an Amazon SNS notification topic so you can be notified automatically when new Amazon GuardDuty finding types or features are released. To subscribe to this SNS topic, see the documentation. GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.  

AWS Service Catalog, a service to organize, govern, and provision cloud resources on AWS, now integrates with AWS Organizations. With this feature, you can simplify sharing of AWS Service Catalog portfolios across member accounts in your organization. AWS Organizations offers policy-based management for multiple AWS accounts.

Now, AWS Service Catalog administrators no longer need to have the receiving account ID or portfolio ID on hand. You can save time and reduce the risk of error with manually sharing portfolio and account IDs. Using your organization’s master account, you can share portfolios to member accounts by referencing an existing organizational unit or organization ID without leaving AWS Service Catalog.

Click to learn more about AWS Service Catalog and AWS Organizations.

Amazon Elastic Container Registry (ECR) now has a dedicated management console.

Amazon Pinpoint's new Deliverability Dashboard helps you understand and solve issues that could impact the deliverability of your emails. You rely on the email channel to deliver important information to your users, such as password resets and order confirmations, so protecting and improving your inbox placement rate and email sender reputation is incredibly important. With the Deliverability Dashboard, you can increase the effectiveness of your email campaigns and create a better email experience for your users.

The Deliverability Dashboard gives you insight into your inbox placement rate, provides predictive email placement tests, enables you to protect and manage your sender reputation, permits you to lease and monitor dedicated IP addresses, and is integrated directly within the Amazon Pinpoint email platform.

These features provide you with greater visibility into your email sending health and provide a set of tools that you can use to increase the likelihood of reaching your users. Building these deliverability tools on top of the Amazon Pinpoint email sending platform allows you to quickly and easily see a direct correlation between the quality of your messages and the engagement rates of your recipients.

The Amazon Pinpoint Deliverability Dashboard is available for a monthly cost of $1,250, which includes reputation monitoring for up to five domains and 25 predictive email placement tests. Please visit the Amazon Pinpoint pricing page for more information. You can use these features today in every AWS Region where Amazon Pinpoint is available. For more information, see the Amazon Pinpoint User Guide.

The AWS Deep Learning AMIs for Ubuntu and Amazon Linux in AWS GovCloud regions US-West and US-East are now compliant with the Federal Risk and Authorization Management Program (FedRAMP) High baseline, which includes over 400 security controls.

AWS Database Migration Service (DMS) has expanded its functionality from replication engine version 3.1.2 to improve migration performance and enhance user experience. The new improvements are given below:

Improved Migration Speed During Full Load: When migrating large tables, DMS now has the ability to load table partitions or sub-partitions in parallel and improve migration speeds. If a table does not contain partitions or sub-partitions, you can specify row ranges to migrate each segmented range in parallel. 

Improved LOB Migrations: You can now control large object (LOB) settings at the table level. It was previously supported for all tables in a task at the task level. We also introduced a new LOB mode which combines the advantages of limited and full LOB modes from the previous versions. For example, when a LOB migration encounters truncation in limited LOB mode, DMS will automatically switch to full LOB mode, complete migrating that particular big LOB and switch back to limited LOB mode, and continue migrating. 

Control Table Load Order: You can now control the order of tables loaded during the full load phase. For example, if your selected tables list contains tables of different sizes, you can set up the load order in a way that the smaller tables are loaded before the larger tables.

For more information about new enhancements in DMS, please read our blog. For AWS DMS availability, refer to the AWS region table. 

You can now assign AWS resource tags to your Amazon MQ brokers and configurations. Tags enable you to categorize your AWS resources in different ways, such as by cost center or owner, which simplifies the process of cost allocation.  

You can now use Amazon MQ for messaging in applications that are subject to PCI compliance or require ISO certification. Amazon MQ is a managed message broker service for Apache ActiveMQ that makes it easy to set up and operate message brokers in the cloud.

AWS Fargate is now available in Canada (Central) and Asia Pacific (Mumbai) Regions. 

X-Ray now automatically analyzes your traces and assigns to one or more root causes. This enables you to filter traces by a particular root cause and quickly determine whether same error or faults are behind performance issues. 

You can now allow other AWS accounts to create their application resources, such as EC2 instances, Relational Database Service (RDS) databases, Redshift clusters, and Lambda functions, into shared, centrally-managed Amazon Virtual Private Clouds (VPCs).

Customers create multiple AWS accounts to streamline billing and restrict access to various environments, such as development, staging, and production, across different business and application teams. With the increase in the number of accounts, you need to efficiently manage network and security policies across your application environments. Today, you can create separate Amazon VPCs for each account with the account owner being responsible for connectivity and security of each Amazon VPC. With VPC sharing, your IT team can own and manage your Amazon VPCs and your application developers no longer have to manage or configure Amazon VPCs, but they can access them as needed.

You can also share Amazon VPCs to leverage the implicit routing within a VPC for applications that require a high degree of interconnectivity and are within the same trust boundaries. This reduces the number of VPCs that need to be created and managed, while you still benefit from using separate accounts for billing and access control. Customers can further simplify network topologies by interconnecting shared Amazon VPCs using connectivity features, such as AWS PrivateLink, AWS Transit Gateway, and Amazon VPC peering.

VPC sharing is available in all commercial AWS Regions except in South America (São Paulo), Asia Pacific (Osaka-Local), and China regions. There are no additional charges for using this feature. For more information about VPC sharing, please visit our documentation.

Customers can now get Amazon S3 Inventory reports in Apache Parquet file format. Amazon S3 Inventory provides flat file lists of objects and selected metadata for your bucket or shared prefixes. You can use S3 Inventory to list, audit, and report on the status of your objects, or to simplify and speed up business workflows and big data jobs.  

You can now use Amazon Pinpoint to create campaigns that send messages (such as text messages, push notifications, and emails) to your customers when they take specific actions within your apps. For example, you can set up a campaign to trigger a message when a customer creates a new account, or when they add an item to their cart but don’t purchase it. Event-based campaigns help you send messages that are timely, personalized, and relevant to your customers, which ultimately increases their trust in your brand and gives them a reason to return.

Event-based campaigns address both transactional and targeted campaign use cases. For transactional workloads, imagine you want to send a receipt each time a customer uses mobile pay; you can create event-based campaigns to address this in as little as 4 clicks. Targeted event-based campaigns are a great way to introduce cross-sale opportunities for complementary items. For example, if a customer adds a phone to their mobile shopping cart, you can trigger an in-app push notification that offers a discount on a case that fits the device that they’re purchasing.

There are no additional charges associated with creating event-based campaigns. You pay only for the number of endpoints that you target, the number of messages that you send, and the number of analytics events that you send to Amazon Pinpoint (detailed pricing info here). You can use these features today in every AWS Region where Amazon Pinpoint is available. For more information and links to best practices, please visit our blog post and documentation.

This Quick Start sets up an Aviatrix Site to Cloud VPN service that includes an AVX Controller and AVX Gateways on the Amazon Web Services (AWS) Cloud in about 10 minutes.

Today we are announcing a 60% improvement in performance of General Purpose SSD (gp2) Volumes from 10,000 IOPS to 16,000 IOPS and from 160 MB/s to 250 MB/s of throughput per volume.