AWS Re:invent announcements day 1

Other Re:invent 2021 content:

Here are the most interesting announcements from the first day of AWS Re:invent for me:

S3 event improvements

Announcements:

If you’ve ever tried setting up s3 event-driven applications before, there were a couple of options which worked, but weren’t great. You could either trigger a lambda directly from s3 or push the events into SNS / SQS. Alternatively you could use glue and duct tape and hook into EventBridge by setting up CloudTrail Data Events which required far too much configuration — particularly if you wanted to capture events from many buckets.

With this new release, it’s as simple as flipping a switch on the s3 bucket in order to route events to dozens of targets inside AWS (or outside with API destinations), archive events for replay, etc. This costs $1.00 / million events.

They’ve added new event types as well if you need to handle objects in different storage tiers, or react to permission changes.

Athena ACID Transactions powered by Apache Iceberg

Athena gets more powerful with this release with new read, write, delete, and “time travel” via Apache Iceberg. Being able to reach into s3 to delete user data has been a particular pain point for us at Wave and caused us to do things like full nightly dumps instead of streaming our data into S3. Looking forward to digging into this more.

EBS Snapshot Improvements

Announcements:

We don’t use EBS snapshots that much, but I’m hopeful that these improvements will make their way to RDS snapshots during the upcoming year.

EBS Snapshots Archive seems like a straightforward way of saving money on those snapshots that you need to keep around in case of emergency.

Recycle Bin is interesting from a security perspective especially if you can enforce its application at the account level (sounds like you can) or org level (not sure if this is there) which would provide a layer of security and recovery time in case of accidental or malicious deletion of snapshots.

AWS Control Tower Terraform account provisioning and customization

Control Tower now integrates with Terraform for account provisioning. Interestingly this is the 2nd Terraform integration launched by AWS within the last week (AWS Proton now supports Terraform Open Source for infrastructure provisioning).

The setup looks pretty complex, but definitely still interesting for companies who use Terraform as their primary Infrastructure as Code tool.

AWS CloudWatch Improvements

Announcements:

Metrics Insights looks like a powerful new query tool for your metrics. It includes a visual query builder as well as SQL support for quickly sharing queries. During my testing, queries came back pretty much instantly.

It comes with a bunch of Sample Queries which seem to also be available directly within the UI:

CloudWatch Real User Monitoring (RUM) means another feature that you would’ve needed a separate tool like Datadog or New Relic can now be done within AWS.

CloudWatch Evidently is a feature flagging + AB testing tool (think Optimizely). AWS continues to expand with services competing with entire billion dollar companies.

AWS announces the new Amazon Inspector for continual vulnerability management

The release of InspectorV2 makes it a lot easier to configure — it can be enabled for your entire organization with a single click. It also no longer requires a standalone agent — instead it’s built into the Systems Manager agent which is already installed by default on most (all?) AWS provided AMIs.

Inspector now supports continuous scanning of Docker containers in ECR in addition to scanning EC2 instances. This appears to be powered by Snyk.

They claim improved risk score generation and SecurityHub integration, but I’ll need to test out those claims myself.

That’s a wrap for Re:invent Day 1! There were many more that weren’t as applicable to me — it looks like AWS is keeping a page up to date with all the news. I’ll be back with a Day 2 summary tomorrow!

--

--

--

Senior SRE @getsentry

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

10 best practises to improve your Looker instance

Galaxy Shooter 2D — No Clutter #4

How to set the .NET Core SDK while using dotnet build

Fast AWS Amplify Console rollbacks with blue/green deploys

Pinpoint GCM RawContent Sample

DUNZO Clone..

SelectorsHub: The XPath Smart editor.

Web API in .Net 6.0 with Auth0 with Roles and Permissions

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Warkentin

Michael Warkentin

Senior SRE @getsentry

More from Medium

I Cleared the AWS Certified Cloud Practitioner (AWS CCP) in 5 days — Here’s How

Sanitizing your SNS Subscriptions for cross-region traffic

Finding Work: From farming to Engineering

Working of Amazon Deep Composer