Here’s my latest commentary on the last week in Amazon Web Services announcements…
zomg. New Shiny Things.
Last week, Amazon Web Services had their annual San Francisco summit. Along with this year’s summit, there were lots of new service announcements
- AWS Secrets Manager: store, manage, rotate, and retrieve secret data. This is a full-fledged service to expand the capabilities of the existing solution for this, Parameter Store. The Secrets Manager services comes at a price: $0.40 per secret per month. This can stack up if you’re not careful — especially with multiple environments. Still, this should help many of us who may not have a Secret Storage solution already in place. Plus, it comes with IAM support.
- AWS Firewall Manager: Manage all of your Web Application Firewall systems in one place. This is intended for Security and Compliance administrators who must guarantee that all applications and services have certain rules in place. With the Firewall Manager, an administrator can define some rules and enforce that rule across all Application Load Balancers and CloudFront distributions, even those in other AWS Accounts.
- AWS S3 One-Zone: One of the most surprising announcements this year was the One-Zone reduced durability for S3 buckets. For customers that may have objects stored in S3, but can manage a lower durability SLA, this is a great option for some steep price cuts (20% off of Standard Infrequent Access…which is already a steep price drop from Standard). I imagine many people will use this to to host either highly cacheable objects served by CloudFront or data backups. It should be noted that the reduced durability SLA is still pretty impressive at 99.5% (or about 1.5 days a year)
- AWS Certificate Authority: Let’s face it. Maintaining a private Certificate Authority is a big PITA. Now, you can click a few buttons and have an AWS hosted Private Certificate Authority. Use real, CA signed certificates for your internal services and use the exposed API to programmatically generate SSL certificates for your services and applications.
- Amazon CloudWatch Events Adds Amazon SQS FIFO as an Event Target
- Amazon CloudWatch Metric Math
- Amazon S3 Select Is Now Generally Available
- New Multi-Account, Multi-Region Data Aggregation Capability in AWS Config
- AWS Elastic Beanstalk Console Supports Application Load Balancer
- Amazon ElastiCache for Redis Introduces New CPU Utilization Metric For Better Visibility Into Redis Workloads
- Introducing AWS PrivateLink in the EU (Paris) Region
- Announcing Amazon Linux 2 LTS Candidate 2
- Amazon WorkMail Introduces New Ways to Share Mailboxes
- Amazon QuickSight Adds New Data Connectors to Popular Business Apps and JSON
- AWS Batch Adds Support for Automatic Termination with Job Execution Timeout
- Amazon Translate is Now Generally Available