aws logo

AWS Week In Review April 10 2018

- Updated April 9, 2018

Here’s my latest commentary on the last week in Amazon Web Services announcements…

zomg. New Shiny Things.

Last week, Amazon Web Services had their annual San Francisco summit. Along with this year’s summit, there were lots of new service announcements

  • AWS Secrets Manager: store, manage, rotate, and retrieve secret data.  This is a full-fledged service to expand the capabilities of the existing solution for this, Parameter Store. The Secrets Manager services comes at a price: $0.40 per secret per month.  This can stack up if you’re not careful — especially with multiple environments. Still, this should help many of us who may not have a Secret Storage solution already in place.  Plus, it comes with IAM support.
  • AWS Firewall Manager:  Manage all of your Web Application Firewall systems in one place. This is intended for Security and Compliance administrators who must guarantee that all applications and services have certain rules in place.  With the Firewall Manager, an administrator can define some rules and enforce that rule across all Application Load Balancers and CloudFront distributions, even those in other AWS Accounts.
  • AWS S3 One-Zone: One of the most surprising announcements this year was the One-Zone reduced durability for S3 buckets. For customers that may have objects stored in S3, but can manage a lower durability SLA, this is a great option for some steep price cuts (20% off of Standard Infrequent Access…which is already a steep price drop from Standard). I imagine many people will use this to to host either highly cacheable objects served by CloudFront or data backups. It should be noted that the reduced durability SLA is still pretty impressive at 99.5% (or about 1.5 days a year)
  • AWS Certificate Authority: Let’s face it. Maintaining a private Certificate Authority is a big PITA. Now, you can click a few buttons and have an AWS hosted Private Certificate Authority. Use real, CA signed certificates for your internal services and use the exposed API to programmatically generate SSL certificates for your services and applications.

Read More about AWS Secrets Manager

Read More about AWS Private Certificate Authority

Read More about AWS Firewall Manager

Read More about S3 One-Zone Infrequent Access

Other Notables

Previous AWS Week In Review