Quick Peek

  • Application Load Balancers enables gRPC workloads with end to end HTTP/2 support
  • Amazon Kendra achieves HIPAA eligibility
  • Amazon Elasticsearch Service announces support for Elasticsearch version 7.8
  • AWS Auto Scaling is now generally available in the AWS Africa (Cape Town) and AWS Europe (Milan) regions
  • Use AWS Systems Manager to view vulnerability identifiers for missing patches on your Linux instances
  • Introducing the AWS Load Balancer Controller
  • Amazon SNS introduces First-in-First-out (FIFO) topics and supports selecting the origination number when sending SMS messages
  • Amazon announces CloudFront Origin Shield
  • AWS Batch introduces tag-based access control
  • Launch Amazon SageMaker Studio in your Amazon Virtual Private Cloud (VPC)
  • vCPU-based Spot Instance Limits are Now Available in Amazon EC2

Application Load Balancers enables gRPC workloads with end to end HTTP/2 support

Application Load Balancer (ALB) now supports the protocol gRPC. You can use ALB to load balance and route your gRPC (gRPC Remote Procedure Calls) traffic between gRPC enabled clients and services or between microservices. This will allow the users to bring up gRPC traffic management in their architectures seamlessly without changing any of the underlying infrastructures on their clients or services.

gRPC with HTTP/2 is becoming the protocol of choice for inter-service communication for applications built on a microservices-based architecture and for the client to service communication.

Choose gRPC as the protocol version for your target group, HTTPS as your listener protocol, and register IP or instance as targets for the configured target group to use the feature on your ALB.

You can also configure HTTP/2 as the protocol for your target groups, enabling an end-to-end HTTP/2 flow from clients to targets. This is available for new and existing ALB at no extra cost in all AWS Regions.


Amazon Kendra achieves HIPAA eligibility

Customers can now use Amazon Kendra, a highly accurate intelligent search service powered by machine learning, to manage healthcare and life science workloads containing protected health information (PHI). It has become the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) eligible service.

The natural language search capabilities of Amazon Kendra help unlock data stored in documents, medical records, and forms to enhance decision making and improve patient interactions.


Amazon Elasticsearch Service announces support for Elasticsearch version 7.8

AWS has released the Elasticsearch Service that now supports the open-source Elasticsearch 7.8 version. This release includes popular open-source analyzers for Chinese (IK Analyzer), Vietnamese (Vietnamese Analysis plugin), and Thai (Thaichub2) language available under Apache-2.0 License.

AWS now also supports Open and Close API for Elasticsearch version 7.4 and above. With the close index API, you can close an open index, and a closed index can be opened using the open index API.


AWS Auto Scaling now available in the AWS Africa and AWS Europe regions

Now, AWS Auto Scaling with scaling plans and predictive scaling is available in the AWS Africa (Cape Town) and AWS Europe (Milan) regions totalling 24 regions.


Use AWS Systems Manager to view vulnerability identifiers for missing patches on your Linux instances

AWS Systems Manager Patch Manager now includes standard vulnerability identifiers (CVE ID) describing missing patches identified in your fleet across multiple Linux platforms.

CVE IDs help you identify security notices applicable to vulnerabilities within your fleet and recommended patches. You can now use Amazon Inspector to conduct a detailed scan for CVE in your fleet. The Systems Manager Patch Manager will automatically start showing vulnerability identifiers as part of patch compliance for Oracle, Amazon Linux, Amazon Linux 2, SUSE, CentOS, and RHEL.


Introducing the AWS Load Balancer Controller

The ALB Ingress Controller is now the AWS Load Balancer Controller, including support for both Network Load Balancers and Application Load Balancers.

The new controller supports ingress grouping, enabling you to share an Application Load Balancer across multiple applications in your Kubernetes cluster and use a Network Load Balancer to target pods running on AWS Fargate and enables you to simplify operations and save costs.

Previously, Kubernetes could only provision Network Load Balancers in instance targeting mode, preventing pods running on AWS Fargate from being included as load balancing targets. Now, the AWS Load Balancer Controller supports IP address targeting mode for Network Load Balancers, allowing customers to target pods running on AWS Fargate.


Amazon SNS introduces First-in-First-out (FIFO) topics and supports selecting the origination number when sending SMS messages

Now you have the option of selecting the origination number when using Amazon SNS (Amazon Simple Notification Service) to send text messages (SMS) to your customers.  You can also use SNS FIFO topics, combined with SQS (Simple Queue Service) FIFO queues, to build applications that require messages to be sent and processed in a strict sequence and without duplicates.

By specifying the origination number for SMS messages, you can achieve a more trusted and consistent experience for the message receiver.

Additionally, you can control which numbers are used for various use-cases or implement load sharing approaches that better suit your needs by purchasing multiple origination numbers.

However, this feature doesn’t apply when sending SMS to countries where local limitations, laws, or regulations require the use of Sender Ids in the place of origination numbers.


Amazon announces CloudFront Origin Shield

Origin Shield, a centralized caching layer that helps increase your cache hit ratio to reduce your origin load, is newly announced by Amazon CloudFront. Origin Shield collapse requests across regions, so as few as one request goes to your origin per object, thus reducing your origin operating costs.

Origin Shield is charged per request that goes to Origin Shield as an incremental layer. Choose the Regional Edge Cache nearest to your origin to become your Origin Shield Region to configure Origin Shield. Once it is enabled, CloudFront will route all origin fetches through Origin Shield, and if the content is not stored in Origin Shield’s cache, requests to your origin.


AWS Batch introduces tag-based access control

AWS introduces tag-based access control enabling you to control AWS Batch resources access based on tag values. You can modify or create AWS Identity and Access Management (IAM) policies to control access based on tags.


Launch Amazon SageMaker Studio in your Amazon Virtual Private Cloud (VPC)

Developers and data scientists can quickly spin up SageMaker Studio in the Amazon Virtual Private Cloud (VPC) for fine-grained control on network access and internet connectivity of SageMaker Studio Notebooks for exploring datasets and building models. This enables you to completely disable public internet access for notebooks to add a layer of security.

You can enable this feature using AWS SDK, AWS CLI, and AWS management console for SageMaker from all AWS regions where Amazon SageMaker Studio is available.


vCPU-based Spot Instance Limits are Now Available in Amazon EC2

AWS has updated the account limit for Spot Instances from being instances based to a vCPU based limit experience similar to the On-Demand Instances.

The vCPU-based instance limits are available in all commercial AWS Regions. They are measured in terms of the number of vCPUs (virtual central processing units) attached to the requested and running instances, making it easier to take advantage of Amazon EC2’s broad selection of instance types.