You can now run Kubernetes pods as part of your Amazon EKS Kubernetes clusters in the two AWS Local Zones in Los Angeles. With Amazon EKS and Local Zones, you can run latency-sensitive Kubernetes applications closer to end-users in Los Angeles. Once you have opted-in for using AWS Local Zones, you can create a VPC and subnet in the local zone to deploy EC2 resources into it and attach them to your EKS clusters running in AWS US West (Oregon) parent region.
AWS Batch now supports Custom Logging Configurations, Swap Space, and Shared Memory
AWS Batch now supports new parameters when specifying AWS Batch job definitions, including custom logging configurations, swap space, and shared memory. AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (e.g., GPU, CPU, or memory optimized instances) based on the volume and specific resource requirements of the batch jobs submitted. With AWS Batch, there is no need to install and manage batch computing software or server clusters that you use to run your jobs, allowing you to focus on analyzing results and solving problems.
Amazon EKS Adds Fargate Support in Northern California, Canada, São Paulo, London, Paris, Stockholm, Bahrain, Mumbai, Seoul, and Hong Kong AWS Regions
Amazon Elastic Kubernetes Service (EKS) now supports running containers on AWS Fargate in ten additional AWS regions: US West (Northern California), Canada (Central), South America (São Paulo), Europe (London), Europe (Paris), Europe (Stockholm), Middle East (Bahrain), Asia Pacific (Mumbai), Asia Pacific (Seoul), and Asia Pacific (Hong Kong) regions.
Amazon CloudWatch Logs now supports two subscription filters per log group
Amazon CloudWatch Logs now supports two subscription filters per log group, enabling you to deliver a real-time feed of log events from CloudWatch Logs to an Amazon Kinesis Data Stream, Amazon Kinesis Data Firehose, or AWS Lambda for custom processing, analysis, or delivery to other systems.
AWS Security Hub achieves FedRAMP Moderate authorization
AWS Security Hub is now authorized as FedRAMP Moderate in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), and US West (Oregon). The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that delivers a standard approach to the security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses the National Institute of Standards and Technology (NIST) Special Publication 800 series and requires cloud service providers to receive an independent security assessment conducted by a third-party assessment organization (3PAO) to ensure that authorizations are compliant with the Federal Information Security Management Act (FISMA). We are also now approved as Department of Defense Cloud Computing Security Requirements Guide Impact Level 2 (DoD SRG IL-2 ) in those regions.
Amazon S3 Object Ownership is available to enable bucket owners to automatically assume ownership of objects uploaded to their buckets
Amazon S3 Object Ownership is a new S3 feature that enables bucket owners to automatically assume ownership of objects that are uploaded to their buckets by other AWS Accounts. This helps you to standardize ownership of new objects in your bucket, and to share and manage access to these objects at scale via resource-based policies such as a bucket policy or an access point policy. Whether your S3 bucket receives data from other AWS accounts, or stores output from AWS services like AWS CloudTrail, S3 Object Ownership simplifies the work of creating and maintaining shared data sets on Amazon S3.
Simplify data management in Amazon Personalize with new APIs
Amazon Personalize enables you to personalize your website, app, ads, emails, and more, using the same machine learning technology as used by Amazon.com, without requiring any prior machine learning experience. Using Amazon Personalize, you can generate personalized recommendations for your users through a simple API interface. Amazon Personalize now makes it easier to manage your growing item and user catalogs with new APIs for incrementally adding items and users in the datasets that you use in Personalize to create personalized recommendations.
AWS Config adds 15 new sample conformance pack templates and introduces simplified setup experience for conformance packs
AWS Config now offers 15 additional sample conformance pack templates that can help you verify your cloud infrastructure’s compliance with one or more frameworks for configuration best practices. With conformance packs, you can package a collection of AWS Config rules and remediation actions that can be deployed together as a single entity across an entire organization. This is particularly useful if you need to quickly establish a common baseline for resource configuration policies and best practices across multiple accounts in your organization in a scalable and efficient way.
Amazon MSK launches new education classes and labs
Amazon Managed Streaming for Apache Kafka (MSK) launches a new master class and AWS Labs to get you started using the service and hone your skills with best practices. The new Amazon MSK Master Class, created by Stephane Maarek, AWS Hero, gives you six hours of hands-on learning in the most comprehensive content available for Amazon MSK. New AWS Labs take you through getting started, a use case example of ingesting and analyzing real-time clickstream data, and best practices for migrating your self-managed Apache Kafka cluster to Amazon MSK. By completing the class and labs, you will learn how to apply your knowledge to your own use cases.
AWS Lake Formation now supports Active Directory and SAML providers for Amazon Athena
AWS Lake Formation now supports Active Directory and Security Assertion Markup Language (SAML) identity providers such as OKTA and Auth0 for Amazon Athena . You can now easily manage data access for Amazon Athena users with fine grained privileges using existing identity management tools.