Last Month at AWS: November Edition (with re:Invent 2021)
One year on from being forced by the pandemic to go fully virtual, AWS re:invent returned to Las Vegas for the annual customer conference. Once of the most anticipated annual events in the cloud calendar, this is always a chance for engineers, developers, AWS partners and cloud evangelists to get the first look at what AWS’ focus will be, both now and in the near future.
Apexon was not only a proud sponsor of AWS re:invent 2021, but also had boots on the ground in Vegas, and we would like to thank everyone who dropped by the booth to meet our cloud experts in person. These types of interactions are one of the reasons why we were happy that a sense of normalcy had returned to the conference, even more so when you consider the learning and networking opportunities that an in-person event generates.
As is usual for AWS re:invent (which ran from November 29th to December 3rd, inclusive), there were a significant number of announcements and service updates for attendees to consider. Helpfully, the AWS News Blog has compiled all the most noteworthy ones here.
While there were some in the media who felt that the launches or updates were more incremental than transformational – TechRepublic reported that the event “chose a rather conservative path” this year, but in a good way – there were some big announcements that the AWS Partner team feel are worthy of attention.
Customize Your AWS Well-Architected Review Using Custom Lenses
Posted On: November 29, 2021
The AWS Well-Architected Tool now offers the ability for customers to create their own custom lenses.
Many customers who use the AWS Well-Architected Tool have internal best practices they follow in addition to the AWS best practices provided by the AWS Well-Architected Framework. Historically, customers have had to track these best practices in separate documents and tools, making it difficult to gather insights into their overall architectural health.
With the addition of custom lenses, the AWS Well-Architected Tool will become a single place for customers to review and measure best practices while performing associated operational reviews for all technology across their organization.
You can read the full announcement here.
Why It Matters
In recent years, the AWS Well-Architected Tool forced customers to track their best practices – both internal and AWS – in separate tools and documents. This often made it tricky to gain insights into the overall architectural health of the organization.
On a simple level, this update allows customers to develop their own questions and evaluate workloads using the best practices of your organization.
In addition, you (as the customer) can also perform technology-based or governance-based reviews as per the specific requirements of your industry. These custom lenses also provide higher visibility and efficiency as they can be shared across multiple AWS accounts.
From an Apexon perspective, this allows our customers to both access the feature and customize the options available. This means that the some of the major benefits of the AWS Well-Architected Tool become even more accessible, including:
- Free architectural guidance
- Review organizational workloads consistently
- Identify and implement hassle-free improvements
- Create customized reviews
You can learn more about the value of the AWS Well-Architected Review here.
Recover Your Accidentally Deleted Snapshots Using Recycle Bin
Posted On: November 29, 2021
You can now use Recycle Bin for EBS Snapshots to recover from accidental snapshot deletions to meet your business continuity needs. Previously, if you accidentally deleted a snapshot, you would have to roll back to a snapshot from an earlier point in time, increasing your recovery point objective.
With Recycle Bin, you can specify a retention time period and recover a deleted snapshot before the expiration of the retention period. A recovered snapshot retains its attributes such as tags, permissions, and encryption status, which it had prior to deletion, and can be used immediately for creating volumes. Snapshots that are not recovered from the Recycle Bin are permanently deleted upon expiration of the retention time.
You can read the full announcement here.
Why It Matters
Recycle Bin for EBS Snapshots is a time-efficient safeguarding technology for customers against accidental deletions.
Essentially, this feature enables the customers to recover EBS Snapshots that have been deleted from a customer’s account. For example, if a customer “lost” EBS Snapshots, the previous technology only allowed them to roll back to the earlier snapshot and increase its recovery point objective – this was not only a limitation, but also frustrating in term of time spent recovering or recreating previous work.
However, if the customer now opts to use Recycle Bin, the snapshot is automatically moved into the depository, where it stays for a customer-predefined period. Once that allocated time expires, the snapshots get deleted automatically on a permanent basis. This provides a more effective and quick solution to EBS Snapshots recovery, especially as the recovered snapshot retains the attributes (tags, permissions, encryption status) that it had prior to accidental deletion.
You can get started with your Recycle Bin feature for every AWS account you hold. You can easily enable this feature by setting up specific retention periods for your snapshots. Recycle Bin could be easily accessed through AWS Command Line Interface (CLI), AWS Management Console, or AWS SDKs.
Sustainability Pillar for AWS Well-Architected Framework
Posted On: December 2, 2021
The AWS Well-Architected Framework has been helping AWS customers improve their cloud workloads since 2015. The framework consists of design principles, questions, and best practices across multiple pillars: Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization.
We are introducing a new AWS Well-Architected Sustainability Pillar to help organizations learn, measure, and improve workloads using environmental best practices for cloud computing.
You can read the full announcement here.
Why It Matters
Cloud processing used to require a great deal of energy for the fulfilment of tasks and procedures. Often, this leads to unintended but inevitable production of carbon as a result of the combustion reaction.
The newly introduced Sustainability Pillar in the AWS Well-Architected Framework means that customers can optimize and regulate the areas of code that consume the most resources and time to process. By focusing on ways to reach set sustainability targets, decision makers can introduce in-built lifecycle policies to delete unnecessary data and optimize the use of GPUs.
From a wider perspective, this pillar indirectly affects the customer devices and equipment by optimizing them for sustainable outcomes as well.
Amazon CloudWatch RUM for Monitoring Applications’ Client-side Performance
Posted On: November 29, 2021
Amazon CloudWatch RUM is a real-user monitoring capability that helps you identify and debug issues in the client-side on web applications and enhance end user’s digital experience.
CloudWatch RUM enables application developers and DevOps engineers reduce mean time to resolve (MTTR) client-side performance issues by enabling a quicker resolution. Amazon CloudWatch RUM is part of CloudWatch’s Digital Experience Monitoring along with Amazon CloudWatch Synthetics and Amazon CloudWatch Evidently.
You can read the full announcement here.
Why It Matters
Monitoring web applications to both understand and optimize their performance has always been a big challenge.
With the launch of CloudWatch Real-User Monitoring, you can now have a better overview of the system and know exactly what is needed to be done. The feature allows you to collect detailed data on the UI and API performance of platforms and services. This means that you can keep a better track of the response times of APIs, correlating this data with metrics to help scale the service and infrastructure appropriately.
In addition, if the customers are experiencing any anomalies in app performance, RUM supplements the testing by helping to identify and addressing that issue, prioritizing what needs to be done and when before it becomes a larger problem.
AWS announces the new Amazon Inspector for continual vulnerability management
Posted On: Nov 29, 2021
The new Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure is generally available, globally. Amazon Inspector has been completely rearchitected to automate vulnerability management and deliver near real-time findings to minimize the time to discover new vulnerabilities.
You can read the full announcement here.
Why it matters
Amazon Inspector has been part of the AWS landscape for some time, so the launch of an updated version is big news.
For starters, the service can now be enabled across an organization with just a single click. Once this is done, the new Amazon Inspector would automatically discover all your workloads and scan them continually for any unintended network exposure and software vulnerabilities that could be a threat to your business workloads.
The updated and rearchitected version of AWS Amazon Inspector supports Amazon Elastic Container Registry (ECR), which would help you gain a consolidated and better view of vulnerabilities across your organization. The findings are routed to Amazon Security Hub and pushed to Amazon EventBridge, allowing the latter to automate with partner solutions – this reduces Mean-Time-to-Resolution and makes the process more time efficient.
The new Amazon Inspector is also highly contextualized, introducing a risk score that correlates the vulnerability information with environmental factors.
AWS Secrets Manager increases Secrets Limit to 500K per Account
Posted On: November 2, 2021
AWS Secrets Manager now supports a limit of up to 500,000 secrets per account per region, up from 40,000 secrets in the past. This simplifies secrets management for software as a service (SaaS) or platform as a service (PaaS) applications that rely on unique secrets for large numbers of end customers.
You can read the full announcement here.
Why It Matters
This pre-AWS re:invent announcement has both attracted the attention and been of interest to the AWS Secrets Manager users. Not only does it reduce the risk of your credentials being compromised but also promises to regularly rotate the credentials of up to 500,000 end users too.
Existing Secrets Manager customers should know that their increased secrets per account limit will be automatically reflected in their accounts, making this update even more convenient for them.
The updates secrets limit is also applicable to all regions where the service operates, a full list of which can be found here.
Amazon RDS on AWS Outposts: Supports Exporting Database logs to Amazon CloudWatch
Posted On: November 2, 2021
Amazon Relational Database Service (Amazon RDS) on AWS Outposts can now export database logs to Amazon CloudWatch. You can now monitor all your Amazon RDS on AWS Outposts database instances from the same single pane of glass as your Amazon RDS database instances in our AWS Regions.
You can read the full announcement here.
Why It Matters
In the time before Amazon CloudWatch was introduced, people had to manually manage the status of on-going tasks. Another pre-event announcement, this update solves a lot of this time-consuming workload.
With this update to one of its database export services, CloudWatch users will now be able to set alarms that ensures they never miss an important event related to the work in progress. They will also be able to visualize the logs and metrics side by side, which saves not only a great deal of time but makes it significantly easier to compare. Users will also be able to identify and troubleshoot issues, with the added bonus of discovering insights that will keep their applications running smoothly and on track.
Manually presenting the information in a sophisticated order and keeping the logs in check was also an extremely time-consuming approach. With this enhancement, Amazon CloudWatch is expected to provide a much-needed change in the way we approach solutions by allowing users to monitor the components of a workflow in an easy-to-understand manner. In addition, users will be able to detect anomalous behavior in their environments.
From a pricing perspective, AWS said that “Amazon RDS on AWS Outposts logs will incur the same charges as they do for RDS database logs in CloudWatch in an AWS region on monthly basis.” This is also good news for customers, who can now take advantage of additional features at no extra cost.
Apexon’s Advanced Consulting partnership with AWS allows our digital engineers to leverage technical expertise and knowledge to deliver solutions to the toughest cloud challenges. To find out how we can move you into or further along your cloud journey, fill out the form below.