AWS Ground Station is a fully managed service that provides you global access to your space workloads. AWS Ground Station enables you to downlink data and provide satellite commands across multiple regions quickly, easily, and cost-effectively without having to worry about building or managing their own ground station infrastructure. AWS Ground Station is available today in six AWS Regions around the world. To see a list of supported regions, please visit the Global Infrastructure Region Table webpage.
AWS Security Hub launches in AWS GovCloud (US) Regions
AWS Security Hub is now available in the AWS GovCloud (US) Regions. You can now centrally view and manage the security posture of your AWS accounts in both AWS GovCloud (US-West) and AWS GovCloud (US-East).
Amazon EKS managed node groups allow fully private cluster networking
Amazon Elastic Kubernetes Service (EKS) managed node groups now allow fully private cluster networking by ensuring that only private IP addresses are assigned to EC2 instances managed by EKS.
AWS Firewall Manager now supports organizational units for policy scoping
AWS Firewall Manager now supports organizational units (OU), allowing customers greater flexibility while scoping their policies. AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. With Firewall Manager, you can manage AWS WAF, AWS Shield Advanced, or VPC security groups across your entire AWS Organization.
AWS Security Hub launches the Foundational Security Best Practices standard
AWS Security Hub has launched a new security standard: AWS Foundational Security Best Practices v1.0.0. The initial release of this standard consists of 31 fully automated security controls in 12 Regions and 27 controls in AWS GovCloud (West) Region. 7 additional regions will be launched shortly. These security controls detect when AWS accounts and deployed resources do not align with security best practices defined by AWS security experts. This curated set of controls helps improve a customer’s security posture in AWS and covers AWS’s most popular and foundational services. When a deviation from an AWS security best practice is identified, AWS Security Hub issues a detailed and actionable finding to customers. These controls closely align to the Top 10 Security Best Practices outlined by AWS Chief Information Security Office, Stephen Schmidt, at AWS re:Invent 2019. We recommend that you enable AWS Security Hub and this standard in all accounts and Regions where you have activity. To learn more, visit our documentation on the AWS Foundational Security Best Practices standard.
Amazon DocumentDB (with MongoDB compatibility) adds improved multi-key indexing capabilities
Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. Amazon DocumentDB makes it easy and intuitive to store, query, and index JSON data.
Introducing Multi-Region Infrastructure Deployment
The Multi-Region Infrastructure Deployment solution helps make it easier to set up a multi-region, high reliability architecture and ensure the consistency of a workload by automatically validating and deploying AWS CloudFormation stacks into a pre-production and production environment across a primary and secondary AWS Region. This solution automatically provisions and configures AWS CodePipeline to automate the continuous integration/continuous delivery (CI/CD) pipeline for CloudFormation templates in the AWS Cloud.
You can now use AWS Control Tower to set up new multi-account AWS environments in AWS Organizations
AWS Organizations customers can now use AWS Control Tower to manage newly created organizational units (OUs) and accounts. This allows cloud administrators and architects to set up an AWS Control Tower landing zone with an existing Organization.
Announcing cost controls for Amazon Redshift Spectrum and Concurrency Scaling
You can now monitor and control your usage and associated cost for Amazon Redshift Spectrum and Concurrency Scaling features. You can create daily, weekly, and monthly usage limits, and define actions that Amazon Redshift automatically takes if those limits are reached to maintain your budget with predictability. Actions include: logging an event to a system table, alerting with a CloudWatch alarm, notifying an administrator with SNS, and disabling further usage. Amazon Redshift Spectrum enables you to power a lake house architecture to directly query and join data across your data warehouse and data lake, and Concurrency Scaling enables you to support thousands of concurrent users and queries with consistently fast query performance.
Amazon Detective is now available in the AWS Canada (Central) Region
Amazon Detective is now available in the AWS Canada (Central) Region. You can now easily analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities in the AWS Canada (Central) region.