Slide 1

Slide 1 text

Evolving your architecture

Slide 2

Slide 2 text

Updates

Slide 3

Slide 3 text

Amazon RDS for SQL Server now supports db.t3.micro instances || Amazon EC2 High Memory instances now available in Europe (Milan) Region || Amazon ElastiCache now supports network-optimized C7gn Graviton3-based nodes || Amazon EC2 C7g, M7g and R7g instances are now available in additional AWS Regions | Announcing general availability of Amazon EC2 DL2q instances || Amazon Aurora R6g and T4g instances now available in 9 additional regions || Amazon RDS fo PostgreSQL supports minor versions 15.5, 14.10, 13.13, 12.17, and 11.22 || Amazon Verified Permissions now supports batch authorization || Amazon EC2 Mac nstances now support Apple macOS Sonoma || Amazon EC2 C7g, M7g and R7g instances are now available in additional AWS Regions || Amazon OpenSearch Service now supports OpenSearch version 2.11 || Amazon Verified Permissions now provides an enhanced visual mode for schema editing || Amazon Elastic Block Store announces io2 Block Express volumes available on all EC2 Nitro instances || AWS IoT SiteWise announces Query API for metadata, and telemetry data retrieva | Amazon QuickSight launches a new redesigned analysis experience || Amazon EMR Studio is now available in 4 new AWS Regions || AWS Entity Resolution is now Health Insurance Portability and Accountability Act (HIPAA) eligible || Amazon EFS now supports up to 250,000 IOPS per file system || Automate AWS Control Towe anding zone operations using APIs || AWS Systems Manager Automation makes it easier to author runbooks with new low-code visual design experience || ENA Express supports 58 new instances with sizes as small as 16 vCPUs || Announcing Amazon EC2 High Memory U7i instances (Preview) || AWS Backup now supports Amazon Elastic Block Store (EBS) Snapshots Archive || AWS Control Tower announces 65 new controls to help meet digital sovereignty requirements || Amazon MSK now supports Graviton3-based M7g instances for new provisioned clusters || Announcing the general availability of Amazon RDS for Db2 || Announcing new Amazon EC2 R8g instances powered by AWS Graviton4 processors (Preview) || Amazon Connect launches no-code UI builder to configure step-by-step guides || Amazon Connect now supports two-way SMS || Amazon Connect now offers in-app, web, and video calling || AWS announces OR1 for Amazon OpenSearch Service || EC2 Hibernate now supports Amazon EC2 C7a, C7i, R7a, R7i and R7iz Instances || Amazon Redshift extends SUPER data type column size support to 16 MB || AWS DMS adds support for Amazon Relational Database Service for Db2 as a target endpoint || Amazon EC2 M7i-flex and M7i instances are now available in 8 additional AWS Regions || Amazon EC2 C7gd, M7gd, and R7gd instances now available in additional regions || Amazon EC2 C6gn instances are now available in an additional region | AWS CloudShell has migrated to Amazon Linux 2023 (AL2023) || Amazon RDS for MariaDB supports minors 10.11.6, 10.6.16, 10.5.23, 10.4.32 || Amazon EC2 M6id nstances are now available in additional regions || Amazon DevOps Guru achieves FedRAMP Moderate compliance || Amazon MQ now supports RabbitMQ version 3.10.25 || Amazon SNS now supports sending SMS from Asia Pacific (Jakarta) || Amazon AppStream 2.0 now supports Microsoft Windows Server 2022 images | Amazon Linux announces support for KVM and VMWare images with AL2023.3 || Amazon EC2 M7g instances are now available in additional regions || Amazon RDS or SQL Server supports minor version 2022 CU10 || AWS Control Tower Landing Zone updates managed policies and controls || Amazon EC2 HPC instances now available in additional regions || AWS Cloud9 now supports Amazon Linux 2023 || AWS Security Hub launches 15 new security controls || Amazon DynamoDB loca adds support for two DynamoDB API features || Amazon Elastic Container Registry now supports wildcards in lifecycle policies || AWS Elemental MediaConnect now available in three additional AWS Regions || AWS AppFabric now supports 7 additional applications || AWS Network Firewall egress TLS inspection is now available in all regions || AWS Audit Manager now supports PCI 4.0 for automated evidence collection || Amazon Route 53 Resolver Endpoints now supports DNS-over-HTTPS DoH) || EFA support for Open MPI 5.0 now available || AWS Config now supports 1000 AWS Config rules per AWS Region per account || Amazon Aurora supports PostgreSQL 15.5, 14.10, 13.13, 12.17 || VPC Traffic Mirroring is now available in four additional regions || Amazon CloudFront now supports 4096-bit RSA TLS certificates || CodePipeline supports GitLab self-managed || Amazon Cognito identity pools enhances quota management in AWS Service Quotas || AWS Systems Manager now supports Ubuntu 23.04, Debian 12, MacOS 14, and SUSE SP5 || Amazon OpenSearch Service now supports TLS 1.3 and perfect forward secrecy | Amazon OpenSearch Service expands Graviton2 support to six additional regions || AWS CloudShell now supports Docker in 13 Regions || ROSA with hosted contro planes (HCP) is generally available || AWS Config now supports 22 new resource types || Amazon SageMaker Canvas is now available in 6 new Regions || Amazon WorkSpaces Thin Client is now generally available || Amazon Location Service launches CloudFormation support for API keys and resource management || AWS Control Tower now provides controls to meet data residency requirements || Cost Anomaly Detection extends CloudFormation region support || Amazon SNS now everything everywhere all at once

Slide 4

Slide 4 text

https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address-charge-public-ip-insights/

Slide 5

Slide 5 text

IPv6 related updates AWS Global Accelerator AWS Lambda AWS App Runner Amazon Virtual Private Cloud (Amazon VPC) Amazon Elastic Kubernetes Service (Amazon EKS) Amazon S3 on Outposts

Slide 6

Slide 6 text

DevSecOps

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

Plan

Slide 9

Slide 9 text

CloudFront KeyValueStore https://aws.amazon.com/cloudfront/

Slide 10

Slide 10 text

CloudFront KeyValueStore https://aws.amazon.com/cloudfront/

Slide 11

Slide 11 text

CloudFront KeyValueStore

Slide 12

Slide 12 text

CloudFront KeyValueStore Functions KeyValueStore Users Amazon CloudFront

Slide 13

Slide 13 text

CloudFront KeyValueStore Functions KeyValueStore Users Amazon CloudFront

Slide 14

Slide 14 text

ECS, Fargate, EBS https://aws.amazon.com/blogs/aws/amazon-ecs-supports-a-native-integration-with-amazon-ebs-volumes- for-data-intensive-workloads/

Slide 15

Slide 15 text

EFS - 2023 Storage Class Storage GB-month Reads GB Writes GB Tiering GB Max IOPS Read/Write Standard Regional $ 0.30 $ 0.03 $ 0.03 n/a 55,000 25,000 Standard One Zone $ 0.16 $ 0.03 $ 0.06 n/a 35,000 7,000 IA Regional $ 0.025 $ 0.04 $ 0.04 $ 0.01 55,000 25,000 IA One Zone $ 0.0133 $ 0.04 $ 0.06 $ 0.01 35,000 7,000

Slide 16

Slide 16 text

EFS - 2024 Storage Class Storage GB-month Reads GB Writes GB Tiering GB Max IOPS Read/Write Standard Regional $ 0.30 $ 0.03 $ 0.03 n/a 250,000 50,000 Standard One Zone $ 0.16 $ 0.03 $ 0.06 n/a 35,000 7,000 IA Regional $ 0.016 $ 0.04 $ 0.04 $ 0.01 65,000 50,000 IA One Zone $ 0.0133 $ 0.04 $ 0.06 $ 0.01 35,000 7,000 Archive Regional $ 0.008 $ 0.06 $ 0.06 $ 0.03 65,000 50,000

Slide 17

Slide 17 text

AWS Backup Restore Testing https://aws.amazon.com/blogs/aws/automatic-restore-testing-and-validation-is-now-available-in-aws-backup/

Slide 18

Slide 18 text

Code

Slide 19

Slide 19 text

AWS SDKS

Slide 20

Slide 20 text

CodeWhisperer General purpose languages IaC Languages IDEs Security

Slide 21

Slide 21 text

CodeWhisperer for Command Line https://fig.io/

Slide 22

Slide 22 text

CodeWhisperer for Command Line https://aws.amazon.com/blogs/devops/introducing-amazon-codewhisperer-for-command-line/

Slide 23

Slide 23 text

Application Composer https://aws.amazon.com/blogs/aws/ide-extension-for-aws-application-composer-enhances-visual-modern-applications-development-with-ai-generated-iac/

Slide 24

Slide 24 text

AWS Toolkit

Slide 25

Slide 25 text

Build/Release/Deploy

Slide 26

Slide 26 text

Amazon CodeCatalyst https://aws.amazon.com/codecatalyst/

Slide 27

Slide 27 text

Amazon CodeCatalyst - 2023 Free Standard $4 per user Pre-provision Compute - ✅ Compute minutes 2000 3000 Dev Environment hours 60 200 Source and Attachment Storage 10 GB per space 50 GB per space

Slide 28

Slide 28 text

Amazon CodeCatalyst - 2024 Free Standard $4 per user Enterprise $20 per user Pre-provision Compute - ✅ ✅ Compute minutes 2000 3000 1500 per user Dev Environment hours 60 200 160 per user Source, Package and Attachment Storage 10 GB per space 50 GB per space 500GB per space Custom blueprints - - ✅ Teams ✅ ✅ ✅ Single sign-on ✅ ✅ ✅ VPC Support ✅ ✅ ✅ Amazon Q (Preview) Pull Requests - 15 per space/month 20 per user/month Amazon Q (Preview) Summaries 4 per space/month 15 per space/month 20 per user/month

Slide 29

Slide 29 text

Amazon CodeCatalyst • Access Dev Environments using SSH over AWS Systems Manager Session Manager • Terraform Support • More User Roles

Slide 30

Slide 30 text

CodePipeline, CodeBuild • Self-managed GitLab as source in CodePipeline • Lambda Compute mode in CodeBuild • More features in V2 Pipelines V1 Pipeline V2 Pipeline Action-level variables ✅ ✅ Pipeline-level variables - ✅ Source Revision overrides - ✅ Git Tag Trigger configuration - ✅ Pricing $1.00 per active pipeline $ 0.002 per action execution minute

Slide 31

Slide 31 text

Operate

Slide 32

Slide 32 text

ECR pull through cache Amazon Elastic Container Registry (Amazon ECR) Amazon ECR Public registry.k8s.io Quay.io

Slide 33

Slide 33 text

ECR pull through cache Amazon Elastic Container Registry (Amazon ECR) Amazon ECR Public registry.k8s.io Quay.io Docker Hub Azure Container Registry GitHub Container Registry

Slide 34

Slide 34 text

S3 Batch Operations

Slide 35

Slide 35 text

S3 Batch Operations Specify entire bucket, prefix, suffix, creation date, or storage class

Slide 36

Slide 36 text

Long Term Support • EKS Extended Support • 26 months after availability (+ 12 from standard) • $ 0.60 per cluster-hour (+ 0.50 form standard) • Automatic • RDS MySQL and RDS PostgreSQL • + 3 years from standard • eu-west-1: + $ 0.112 per vCPU-hour, doubles in year 3 • Automatic

Slide 37

Slide 37 text

Monitor

Slide 38

Slide 38 text

Amazon CloudWatch https://aws.amazon.com/cloudwatch/

Slide 39

Slide 39 text

CloudWatch Metrics and Alarms • External Data Sources • Cross-Account Metrics Insights • Directly trigger Lambda from an Alarm https://aws.amazon.com/blogs/aws/new-use-amazon-cloudwatch-to- consolidate-hybrid-multi-cloud-and-on-premises-metrics/

Slide 40

Slide 40 text

CloudWatch Logs - 2023 Standard Ingestion $ 0.50 / GB Storage $ 0.03 / GB Logs Insights (Query) ✅ Cross-Account Support ✅ Extract Metrics ✅ Sensitive Data Protection ✅ Live Tail ✅

Slide 41

Slide 41 text

CloudWatch Logs - 2024 Standard Infrequent Access Ingestion $ 0.50 / GB $ 0.25 / GB Storage $ 0.03 / GB $ 0.03 / GB Logs Insights (Query) ✅ ✅ Cross-Account Support ✅ ✅ Extract Metrics ✅ - Sensitive Data Protection ✅ - Live Tail ✅ - Anomaly Detection Pattern Analysis ✅ -

Slide 42

Slide 42 text

CloudWatch Logs – Subscription filter Amazon Kinesis Data Firehose Amazon Simple Storage Service (Amazon S3) Amazon Simple Storage Service (Amazon S3)

Slide 43

Slide 43 text

CloudWatch Logs – Subscription filter Amazon Kinesis Data Firehose Amazon Simple Storage Service (Amazon S3) Account Level Subscription

Slide 44

Slide 44 text

Application Signals (Preview) • Java libraries and frameworks supported by the AWS Distro for OpenTelemetry • EKS add-on • ECS and EC2 supported using CloudWatch Agent

Slide 45

Slide 45 text

Security

Slide 46

Slide 46 text

GuardDuty https://aws.amazon.com/guardduty/

Slide 47

Slide 47 text

GuardDuty Runtime monitoring Amazon EKS Foundational sources AWS CloudTrail VPC Flow Logs DNS logs Optional sources Amazon EKS Audit Logs AWS Lambda Flow Logs Amazon Aurora Login events Amazon S3 Data Events Malware protection Amazon EBS Amazon GuardDuty User

Slide 48

Slide 48 text

GuardDuty Runtime monitoring Amazon EKS Amazon ECS Amazon EC2 Foundational sources AWS CloudTrail VPC Flow Logs DNS logs Optional sources Amazon EKS Audit Logs AWS Lambda Flow Logs Amazon Aurora Login events Amazon S3 Data Events Malware protection Amazon EBS Amazon GuardDuty User

Slide 49

Slide 49 text

Inspector CI/CD Container Scanning TeamCity Jenkins Custom Agentless Scanning AWS Lambda Amazon EBS

Slide 50

Slide 50 text

Identity and Access Management Amazon EKS Pod Identity Amazon Athena User Identities Amazon MSK IAM Support AWS Data Exchange Data Grants Amazon EKS IAM Cluster Management Amazon S3 Access Grants

Slide 51

Slide 51 text

More?

Slide 52

Slide 52 text

https://partyrock.aws/

Slide 53

Slide 53 text

Thank you! Ben Bridts [email protected] @BenBridts | @WeAreCloudar www.cloudar.be