Last Month at AWS: December Edition

Last Month at AWS: December Edition

The start of a new year is a moment for all of us to reflect on what has happened in the last 12 months, but the fast pace of the connected society can often mean that we are already looking ahead as opposed to back. However, there is always a need to complete some relevant informational housekeeping, even more so when you know that AWS did not rest on its laurels after its successful re:Invent conference in November.

As an advanced and active consulting partner, ensuring that Apexon customers are aware of the latest monthly announcements from AWS has been a focus throughout 2021. And we will be continuing this monthly review throughout the next 12 months.

December was another busy month, especially if you think about the consistent stream of announcements that are beneficial to AWS’ service-users. With that in mind, the AWS Partner team has wrapped up everything important you need to know about the enhancements to AWS Shield, AWS Amplify Studio, Construct Hub, Pinpoint, Amazon S3 File Gateway, AWS Systems Manager and much more!

It’s not always easy to keep pace with everything that AWS launches or reveals, and we value and appreciate your participation in keeping pace with the growing technologies and services of the ecosystem. The team is often amazed how the platform always gives us something new to look forward to, and the monthly opportunity to not only share this information with our end readers but also tell you Why It Matters is an important part of what we do.

AWS Shield Advanced Introduces Automatic Application-layer DDoS Mitigation

Posted On: December 1, 2021

AWS Shield Advanced now automatically protects web applications by blocking application layer (Layer 7) DDoS events with no manual intervention needed by you or the AWS Shield Response Team (SRT).

You can read the full announcement here.

Why it Matters

Blocking the application layer to avoid any potential DDoS (Distributed Denial of Service) attack can be an extremely time-consuming process if it is handled manually. In addition, dealing with such an attack might also keep your resources occupied for a significant length of time.

It is extremely unlikely the number of DDoS attacks is going to ease off anytime soon (industry research estimates that there were more than 10 million of these incidents in 2020 alone, for example).

Taking that into account, AWS Shield Advanced is now all set to automatically protect your web applications by blocking the application-layer DDoS events. This functionality could help you with gaining the utmost security with no manual intervention needed by you or the Shield Response Team.

The user will also be able to view the detection, mitigation and top contributor metrics associated with the 7th layer DDoS events. This upgrade could also be helpful if you want to investigate or assess the effects of mitigation created by the shield

Introducing AWS Amplify Studio

Posted On: December 2, 2021

AWS Amplify announces AWS Amplify Studio, a visual development environment that offers frontend developers new features (public preview) to accelerate UI development with minimal coding, while integrating Amplify’s powerful backend configuration and management capabilities.

You can read the full announcement here.

Why it Matters

AWS Amplify Studio is an efficient visual development environment designed for frontend developers and this tool is intended to make production easier. The platform is equipped with certain tools and features that promise to accelerate UI development, while also reducing the need to code more. Users will then be able to integrate the powerful backend configuration and management capabilities of Amplify with minimal coding.

From a digital engineering standpoint, the platform translates the Figma designs and turns them into human-readable React UI component code automatically. Developers can easily connect the UI components to the backend data of the application, which saves a great deal of time.

Amplify Studio comes with a considerable number of React UI libraries which include components like contact forms, newsfeeds, e-commerce cards, etc. As a developer, you can also import the necessary component customization from Figma into Amplify Studio to further export all frontend and backend artifacts to credible code. Additionally, this tool can allow you to fully customize the application design and regulate its behavior using familiar programming languages and concepts.

AWS Announces Construct Hub General Availability

Posted On: December 2, 2021

We are announcing the general availability of Construct Hub, a registry of open-source construct libraries for simplifying cloud development. Constructs are reusable building blocks of the Cloud Development Kits (CDKs).

You can read the full announcement here.

Why it Matters

The reusability of the resources and their material has always been a topic of significant importance for most of us at Apexon.

As a result, the Construct Hub is a reliable registry of trending and useful open-source construct libraries. In fact, these libraries are designed to simplify the whole process of cloud development. These reusable building blocks of the Cloud Development Kits can be used along with the relevant construct-based tools to make cloud development an even smoother experience.

It is important to note that monitoring, containers, databases, utilities, security, cloud service integrations et al are directly connected with your use cases. For those reasons alone, you can leverage these construct libraries that are published by AWS, communities and cloud service providers to come up with an accurate solution for your identified use case.

Amazon Pinpoint now Includes OTP Management Feature

Posted On: December 6, 2021

Amazon Pinpoint now includes a one-time password (OTP) management feature. An OTP is an automatically generated string of characters that authenticates a user for a single login attempt or transaction. The OTP feature makes it easier to add OTP workflows to your application, site, or service.

You can read the full announcement here.

Why it Matters

A lack of OTP features might encourage malicious actors to attack an application on multiple occasions. To avoid or reduce the chances of this happening, Amazon Pinpoint has taken certain steps to ensure that the overall experience is safe for end users.

An OTP feature is the set of automatically generated strings of characters, numbers and symbols that are used to authenticate the integrity of users. This authentication allows users to successfully prove their identity during every login attempt. This feature could also be applied to a defined need to make or conduct certain transactions.

The newly introduced OTP verification feature makes it easier for you to add relevant workflows to your application. The feature will allow you to generate and send new or unique OTP codes to your recipients in form of SMS or text messages, and they can also be used for your sites and services.

From a practical standpoint, the Amazon Pinpoint API will be called by your application to further ensure that the OTP code entered by your recipient is valid. The tool provides a pre-defined template to send these OTPs to your application end users, while the brand name that appears in the text message can also be customized.

You also have the option to modify the origination identity to include your phone number or the Sender ID that is used to send the OTP message. In addition, you can regulate the length of the OTP code and the amount of time the code remains valid and for how long.

Amazon S3 File Gateway Enables Administrators to Force Closing of Locked Files

Posted On: December 6, 2021

Amazon S3 File Gateway now enables you to force-close locked files on SMB file shares on Amazon S3 File Gateway by providing access to local security groups. Amazon S3 File Gateway provides on-premises applications with file-based, cached access to virtually unlimited cloud storage using SMB and NFS protocols.

You can read the full announcement here.

Why it Matters

Force-closing a file could be more important than we comprehend. Especially under certain circumstances where it is the only choice and not an option.

It is not uncommon that end-users and other applications may stop working on SMB shared files without closing them. Often, the files are left unattended in an open or locked state. Until this upgrade, the administrator had no permissions to close these files.

S3 File Gateway now allows the users to force-close files that are locked on SMB files shared on the gateway. This action is achieved by providing the user-access to local security groups. Additionally, the service also offers on-premises applications that support file-based cached access to virtually unlimited cloud storage – SMB and NFS protocols are used for the provision of this access.

The admin will now have the authority to access force-close permissions to users and groups from the Active Directory that they are connected with. By adding them to the GatewayAdmin local group (and with the help of the AWS Storage Gateway console), the admin can efficiently close files in a given gateway. Please note, it is also possible to complete the action with the through the API or CLI.

Amazon S3 File Gateway now Supports NFS File Share Auditing

Posted On: December 6, 2021

AWS Storage Gateway now supports NFS file share auditing end-user access to files, folders, and file shares on Amazon S3 File Gateway. Amazon S3 File Gateway provides on-premises applications with file-based, cached access to virtually unlimited cloud storage using SMB and NFS protocols.

You can read the full announcement here.

Why it Matters

If you have ever tried maintaining audit logs about users manually, then you are aware of the time and effort it can require. Since the Storage Gateway now supports and lets you enable NFS file share auditing, here is what you should expect from this moment on.

The service will now provide you with file-based and cached access to virtually unlimited cloud storage for your on-premises applications with the help of protocols like SMB and NFS. This feature is designed especially for IT administrators and compliance managers – if you are someone who needs to audit logs about user access to folders and files then your work is about to get easier. Additionally, you can also look after the security and compliance requirements.

The launch of this feature will allow for the logging of NFS client operations for files and folders, including key operations such as create, read, update, delete, rename, write and change permissions. These actions can then be published to Amazon CloudWatch Logs.

You can also choose to stream logs to the Amazon Kinesis Data Firehouse. This decision will allow you to query, process store, and even archive logs and trigger actions whenever the need arises.

AWS Systems Manager Supports Application-level Cost Reporting

Posted On: December 8, 2021

Application Manager, a capability of AWS Systems Manager, announces a new feature for customers to report and visualize the cost of their applications through integration with AWS Cost Explorer. Application Manager is a central hub on AWS to create, view and operate applications from a single console.

You can read the full announcement here.

Why it Matters

How often have you struggled with reporting or simply keeping a check on the cost of your application?

The Application Manager tool within AWS Systems Manager might be the ultimate solution to any challenges related to reporting the overall cost of your application (Application Manager is one of the capabilities of AWS Systems Manager).

A new feature – AWS Cost Explorer – allows the users to report on and visualize the cost of their applications once it is enabled. Put simply, this tool that helps in the understanding and managing your overall AWS costs, with its usage scaled across either a daily or monthly granularity.

AWS Systems Manager Announces New Features for Session Manager

Posted On: December 8, 2021

AWS Systems Manager announces new features for Session Manager to support maximum session timeout and annotate the reason for starting a session. AWS Systems Manager is the operational hub for AWS, that provides a unified user interface to track and resolve operational issues across AWS applications from a central place.

You can read the full announcement here.

Why it Matters

The creation and end of a session (at any given time and under any circumstances) should always require close attention to its parameters. In our experience, it’s always better if there is a firm and logical explanation behind the handling of sessions to avoid harmful consequences.

To overcome the most commonly recurring challenges related to sessions, AWS has launched a new Session Manager feature that supports maximum session timeout. Additionally, the feature will support the annotation for starting a session, which means that a reason should be annotated before a session is started.

The users will now be able to specify the maximum session duration. Once a session exceeds the maximum allotted time it will be automatically terminated, and the user might need to start a new session in order to continue using the system resources.

To make things more convenient for the end-users, the Console will also display a countdown timer. This countdown timer will display the amount of time that is left until the max-session time-out threshold and session termination.

Apexon’s Advanced Consulting partnership with AWS allows our digital engineers to leverage technical expertise and knowledge to deliver solutions to the toughest cloud challenges.

To find out how we can move you into or further along your cloud journey, fill out the form below.

Interested in our Cloud Services?

Please enable JavaScript in your browser to complete this form.
Checkboxes
By submitting this form, you agree that you have read and understand Apexon’s Terms and Conditions. You can opt-out of communications at any time. We respect your privacy.