March on AWS: from new products to service retirement.

Do you want our logo?

Do you want our logo description

Top of News

1 AWS Systems Manager DHMC (Default Host Management Configuration)

Until now, to configure AWS Systems Manager on EC2 instances, it relied on 3 steps:

Instances must have System Manager Agent Installed (this agent comes by default in the public images provided by AWS
The instances need to have access to the SSM service, either with access to the Internet or by deploying and using the private Endpoints of (ssm, ssmmessages andec2messages)
Finally, the instances need to have an instance profile with permissions for System Manager, the easiest way is to generate a role with the policy ofAmazonSSMManagedInstanceCore and use it as an instance profile.

The first 2 steps are usually the simplest, but generating the instance profile is usually a headache, because many people forget to create, the instance profile is generated but without the right permissions, etc.

This is old-fashioned with the new feature, that allows all instances of an account to use AWS Systems Manager by default without the need to have an instance profile with SSM's permissions.

It may seem like something simple, but it solves a big problem.

If I want to manage my entire fleet of instances using AWS Systems Manager to automate certain tasks, it is not necessary to force the different accounts (which can be managed by different teams) to configure the instance profile. Now, it is possible to me generate the accounts with this functionality activated and by default the instances will be able to use the service.

It is a big improvement in simplicity at the operational level.

You have more information in the launch announcement and in the Systems Manager documentation.

2 VPC Resource Map

This announcement will be very useful to explain and understand the configurations of a VPC in a visual and very simple way.

With this map we will be able to view the Subnets of a VPC, to which route table they are associated and the associated networking elements such as Transit Gateway, Internet Gateway, NAT Gateway, VPC Peering.

For me, it is quite an important announcement, because it will help a lot when it comes to explaining networking at the AWS level and make its use easier for many AWS users.

You have more information in launch announcement, on the AWS blog and in the VPC documentation.

3 EKS anywhere en Snowball Edge

It is now possible to deploy Kubernetes Clusters on Snowball Edge Compute Optimized devices. This is very useful for areas where connectivity is limited or in locations that require isolation.

EKS anywhere is a very interesting product if you want to set up a Kubernetes cluster using the benefits of the AWS service.

Snowballs are very durable devices for storing data and executing loads at remote sites.

To give an example of hardness, in the last re:Invent one device flight to Las Vegas from Seattle in the hold of the plane like a suitcase and was working in Las Vegas without any problem.

We probably can't think of use cases for these elements, but they are essential for the team AWS Disaster Response, which uses these resources to help different organizations around the world in case of disasters.

You have more information in the launch announcement, in the AWS blog and in the Snowball documentation.

Also in the AWS blog an article has been published than to describe very well the benefits of the AWS Disaster Response team.

4 New m7g and r7g instances

We welcome the new m7g and r7g instances, which are the newest additions to the families of general purpose and memory that use the processors Graviton3.

Graviton 3 was announced at re:Invent 2021 and last year the c7g instances were launched, these instances were the first to use this processor.

Now Graviton 3 reach two of the most used families:

m7g instances belong to the general purpose instance family, which is the most used in AWS and probably the most typical (with a ratio of 4Gb per core)
The r7g instances belong to the family of instances optimized for Memory and the most typical instances for DBs (it is the default family of Amazon Aurora)

The benchmark results have quite surprised me, being higher than the previous generation, but above all because they are more powerful than instances based on x86 processors, both Intel and AMD, which is quite new, considering that they are much cheaper.

Here are all the benchmarks, so you can compare:

If we need to use ec2 instances, and we don't have problems using ARM processor, the new instances with Gravity 3 are the best choice.

Remember that if we want to port x86 developments to Graviton last month we talked about Porting Advisor, which is a tool that will help to us.

You have more information in launch announcement and on the m7g website y of r7g website.

Also, the BareMate instances of the c7g family are available.

5 SAP and AWS

SAP is perhaps one of the most important products in many companies, and we have quite important news.

The AWS Launch Wizard enables automated deployments of SAP S/4HANA Foundation and SAP S/4HANA 2022 infrastructure following AWS and SAP best practices.

SAP HANA is not easy to deploy and has many requirements at the Infrastructure level within AWS, with this solution the deployment of these workloads in AWS is easy.

Now it is much easier to deploy SAP on AWS.

You have more information in launch announcement.

In addition to this announcement, a new feature called AWS Systems Manager for SAP has also been launched, which allows the integration and automation of tasks in SAP for AWS:

For now the number of features is limited, but we hope it will continue to grow.

We can register and discover SAP applications, list the applications, view their configuration and, most important, the integration of AWS Backup with Sap Hana to manage SAP backups,

You have more information in launch announcement and in the AWS System Manager documentation

6 AWS Telco Network Builder

You have never had coverage problems and you have said that you were going to set up your own Telco...

Well now it is possible with AWS Telco Network Builder

Outside of the jokes about setting up your own Telco, it seems to me a fairly important service in order to understand the facilities that AWS can give us when setting up infrastructure for different purposes and solving problems to make them available to all people.

You have more information in launch announcement, on the VPC product website. and I recommend Jeff Barr's amazing post

News in the region of Spain.

A very important month for the region of Spain, in which we were able to enjoy the re:Cap of the re:Invent of 2022 and in which the new region was discussed.

This month has been a lot of news with up to 8 releases:

Although the 8 releases are very important this month, the arrival of EKS should be highlighted, since Kubernetes uploads are probably quite in demand today in Spain and the integration with Microsoft Active Directory since it is quite common to need this integration.

Also highlight my Favorite Security service, since now at Spain Region, GuardDuty Protecting our accounts is going to be much easier and at a fairly low price.

I'm always surprised by people who don't use GuardDuty, since it seems to me an essential service and that, contrary to what many people think, it is quite cheap.

More news

This month we have had many, many announcements and, as always, not all of them are included in our short list. Here are some of the most outstanding:

Amazon Opensearch

Opensearch, as we have already mentioned, it is becoming a very complete service, something that nobody would have imagined at the beginning.

Added a new connection method between clusters to be able to reindex between them directly without exposing them.

Also, the possibility of creating clusters with SAML integration directly has been enabled, without the need to activate it later.

Finally, it is possible to define daily maintenance windows for software uploads and even set the date and time of a specific software upgrade when the updates are released.

RDS

RDS has a new feature that permit to increasing the size of RDS replicas or the sizes for restores from a snapshot when it is created or later.

Now it is possible to generate replicas or restore a snapshot with more storage and minimize the downtime.

Also, RDS have a new Automatic Cross-Region Backup capability for Disaster Recovery for MySQL y MariaDB.

This feature already existed for PostgreSQL and Oracle. This feature is now added for MySQL and Oracle.

Athena

Athena now has a new connector with Google Cloud Storage.

This new connector adds the possibility of using data hosted in Google Cloud, something fundamental since implementations that use multiple cloud providers are quite common.
Before use, this kind of multi cloud implementation is recommended to review the egress cost.

EC2

In addition to the new m7g and r7g instances, there's more news coming to EC2.

EC added the feature EC2 Hibernate to c6i, c6id, m6i, m6id and i3en instances.

Also, ENA express feature (Presented at re:Invent 2023) is implemented to 15 more instance types

Now we can use this technology, on more instances, that improves latency and bandwidth a lot, using AWS's proprietary protocol but which is totally transparent to us.

NAT Gateways

The number of concurrent requests that NAT Gateway allowed for each associated IP was 55,000 connections and has been extended to 440,000 concurrent connections.

Lambda

Lambda has released new metrics for asynchronous calls until now it was not possible to have these metrics and have control for asynchronous invocations.

This new feature allows more visibility on these types of invocations and more easily mitigate problems.

Control Tower

AWS launch a new version of the Landing Zone provided by Control Tower, this new version adds the recommendations on server access logging in S3 and allows exceptions for more global services in the face of regional restrictions.

Additionally, Control Tower also adds traces on the customizations made via Account Factory for Terraform. This feature allows us to generate accounts automatically by applying a baseline generated in Terraform, until now it was not possible to review these traces, so debugging was manual and more complex.

EMR

EMR Serverless is now certified for workloads that require HIPAA, HITRUST, SOC, and PCI DSS compliance standards and also the maximum size of the workers have been extended for workloads that require more intensive use of computation and memory.

Also, EMR on EKS adds the feature to retry failed jobs, something that until now was not possible and is very useful.

AWS Mainframe

This service that makes it easy to migrate workloads from Mainframe to Cloud continues to add regions, hopefully it will soon reach the Spain Region in a short time.

AWS Firewall

AWS Firewall add interesting feature that allows tag-based filtering

This new feature can give a lot of flexibility in managing firewall rules within an account.

AWS Step Functions

AWS Step Functions is amazing and everyone who uses it falls in love with it and now adds 35 new integrations with AWS services including EMR.

The service allows orchestrating flows with different integrations in a simple way.
It is a very powerful service that helps a lot, for example, with Lambdas orchestration, but it has many more integrations and can help us a lot with different workloads.

Amazon ElasticCache Redis & Amazon MemoryDB Redis
Amazon ElasticCache Redis and Amazon MemoryDB Redis improve their SLA level to reach 99.99%, which implies a great improvement in availability in these 2 services.

SageMaker Autopilot

Interesting new feature in SageMaker Autopilot that allows you to choose the training algorithm used in SageMaker Autopilot experiments.

Goodbye, March!

Once again, we close a month that has spread so much that it is difficult for us to cover the wide range of presentations that there are. We have talked about Application Composer, AWS Clean Rooms, Amazon OpenSearch (of course) and the end of AWS Simple Monthly Calculator. Are you missing some functionality? Have we left something out? Leave us a comment!