New Features and Benefits with AWS – Quarterly Update – Q3 2023

Each quarter AWS shares important news and updates. Apps Associates wants to make sure that you are aware of what is available to you and what you can leverage to get the most from your AWS investment.  This blog highlights new features and benefits and it’s categories by General, EC2, RDS, and Storage.

General

VPC Container Networking Interface (CNI) – The Amazon VPC Container Networking Interface (CNI) Plugin now supports the Kubernetes NetworkPolicy resource. Customers can use the same open-source Amazon VPC CNI to implement both pod networking and network policies to secure the traffic in their Kubernetes clusters. This reduces the need to run additional software for network access controls and will work alongside all existing VPC CNI capabilities.

Gateway Load Balancer – You can now route any IPv4 and IPv6 traffic entering your Amazon VPC from virtual private gateway through a Gateway Load Balancer endpoint before the traffic reaches the destination. You can use Gateway Load Balancer Endpoint to process your VPC traffic through AWS Network Firewall or other security appliances available on AWS Market Place.

Network Load Balancer – NLB support for security groups provides new capabilities to help keep your workloads secure. With this launch, cloud administrators and security teams can enforce security group inbound rules, even when the load balancer converts IPv6 traffic to IPv4 or when the targets are in peered VPCs. Additionally, using security group referencing, application owners can restrict access to resources, ensuring that clients access them only through the load balancer. This can help prevent imbalanced load distribution due to direct client access.

AWS DataSync – In addition to support for Google Cloud Storage, Azure Files, and Azure Blob Storage, DataSync now supports copying data to and from DigitalOcean Spaces, Wasabi Cloud Storage, Backblaze B2 Cloud Storage, Cloudflare R2 Storage, and Oracle Cloud Storage. Using DataSync, you can move your object data at scale between S3-compatible storage on other clouds and AWS Storage services such as Amazon S3.

AWS Application Migration Service (MGN) – AWS MGN Modernization Actions minimizes time-intensive, error-prone manual processes by automating the conversion of your source servers to run natively on AWS. It also helps you simplify modernization of your migrated applications by allowing you to select predefined and custom automation options during migration.

AWS Application Migration Service (MGN) – Major Updates – Major updates to Application Migration Service. Here’s the quick summary for each feature release:

• Global View, Import and Export from Local Disk, Additional Post-launch Actions

S3 File Sharing – S3 offers a feature called presigned URLs to generate temporary download links, which are effective and secure way to upload and download data to authorized users.

EC2

EBS Data LifeCycle – Customers can now use Amazon Data Lifecycle Manager to automate pre-scripts and post-scripts on their Amazon EC2 instances to protect their workloads with application-consistent Amazon Elastic Block Store (EBS) Snapshots. This capability works in conjunction with AWS Systems Manager Agent and AWS Systems Manager Documents (SSM documents) and comes with AWS-provided templates to make it easy for customers to automate the creation of application-consistent EBS Snapshots, including for self-managed databases.

EC2 new Instance Typey R7iz – AWS announcing the general availability of the Amazon EC2 R7iz instances. R7iz instances are the fastest 4th Generation Intel Xeon Scalable-based (Sapphire Rapids) instances in the cloud with 3.9 GHz sustained all-core turbo frequency. R7iz instances are suitable for workloads where there’s a requirement for more memory to process additional data, larger sizes of instances to scale up, higher compute and memory performance to reduce completion times, and higher networking and Amazon Elastic Block Store (Amazon EBS) performance to improve latency.

EC2 new Instance Types Hpc7a – AWS announcing the general availability of Amazon EC2 Hpc7a instances, the next generation of instance types that are purpose-built for tightly coupled HPC workloads. Hpc7a instances powered by the 4th Gen AMD EPYC processors (Genoa) deliver up to 2.5 times better performance compared to Hpc6a instances.

EC2 new Instance Types M7a – AWS announcing the general availability of new, general purpose Amazon EC2 M7a instances, powered by the 4th Gen AMD EPYC (Genoa) processors with a maximum frequency of 3.7 GHz, which offer up to 50 percent higher performance compared to M6a instances. This increased performance gives you the ability to process data faster, consolidate workloads, and lower the cost of ownership.

EC2 new Instance Types M7i Flex – AWS launched Amazon Elastic Compute Cloud (Amazon EC2) M7i-Flex and M7i instances powered by custom 4th generation Intel Xeon Scalable processors available only on AWS, that offer the best performance among comparable Intel processors in the cloud – up to 15% faster than Intel processors utilized by other cloud providers. M7i-Flex instances are available in the five most common sizes, and are designed to give you up to 19% better price/performance.

EC2 new Graviton3 ARM based Instances – AWS launched Amazon EC2 C7g instances in May 2022 and M7g and R7g instances in February 2023. Powered by the latest AWS Graviton3 processors, the new instances deliver up to 25 percent higher performance, up to two times higher floating-point performance, and up to 2 times faster cryptographic workload performance compared to AWS Graviton2 processors.

RDS – Relational Database Service

RDS Custom for SQL Server new start/stop feature – AWS announced option for Amazon RDS Custom for SQL Server that makes it simple to stop and start your database instances. This lets you save costs by stopping a database instance when it does not need to be running, such as when it is used for development or test purposes. Amazon RDS Custom for SQL Server is a managed database service that allows customization of the underlying operating system and includes the ability to bring your own licensed SQL Server media.

RSD optimized writes for MySql and MariaDB – Amazon Relational Database Service (Amazon RDS) Optimized Writes now supports r5 database (DB) instances. With Amazon RDS Optimized Writes you can improve the write throughput for Amazon RDS for MySQL and MariaDB workloads by up to 2x at no additional cost. This is especially useful for write-intensive database workloads, commonly found in applications such as digital payments, financial trading, and online gaming.

RDS for Oracle now supports auto-upgrade for time zone – Amazon Relational Database Service (Amazon RDS) for Oracle now supports the auto-upgrade of Oracle time zone files for DB instances on the multitenant container database (CDB) architecture running in single-tenant configuration. The Oracle time zone file auto-upgrade feature provides an automated way to upgrade the daylight savings time (DST) time zone file version in the DB instance.

RDS Custom for Oracle new instance types supported – Amazon Relational Database Service (Amazon RDS) Custom for Oracle now supports R6i, M6i, and T3 instances. R6i instances are designed for memory-intensive workloads with 8:1 ratio of memory to vCPU. M6i are general purpose compute instances designed to provide a balance of compute, memory, storage, and network resources with 4:1 ratio of memory to vCPU. T3 instances are ideal for database workloads with moderate CPU usage that experience temporary spikes in use.

RDS for Oracle supports Apex 23.1 – Amazon Relational Database Service (RDS) for Oracle now supports version 23.1 of Oracle Application Express (APEX) for the 19c & 21c versions of Oracle Database.

RDS for SQL Server new AD join option – Amazon RDS for SQL Server now allows customers to directly join their RDS for SQL Server DB instances to the domains of self-managed Microsoft Active Directory (AD). Self-managed AD can be on-premises or in the cloud. Currently, customers can only use NTLM as the authentication protocol for self-managed AD.

Storage

Amazon FSx for NetApp ONTAP new management features – Amazon FSx for NetApp ONTAP is announcing two additional capabilities that make it even easier for you to secure and audit access to your file systems: you can now create additional ONTAP file system administrator users for your file system and you can use Active Directory credentials to access the ONTAP CLI.

S3 now supports MVA in DBS response – Amazon S3 now supports multivalue answer (MVA) in response to DNS queries for S3 endpoints. With MVA, you can now get up to eight S3 IP addresses per DNS query. You can use these IP addresses to automatically make multiple concurrent connections to S3 which can improve throughput. MVA also makes retries more efficient as applications will automatically try an alternative IP address without having to wait for another DNS query.

EBS io2 now supports storage fencing – Amazon Elastic Block Store (Amazon EBS) io2 and io2 Block Express volumes now support storage fencing using NVMe reservations. Storage fencing is used to regulate access to storage for a compute or database cluster, ensuring that just one host in the cluster has permission to write to the volume at any given time.

AWS Backup additional support for delegated backup – AWS announced support for delegated backup administrators to use AWS Backup Audit Manager for creating and managing audit reports across accounts in AWS Organizations. Using AWS Organizations, you can delegate backup management to dedicated administration accounts, previously only afforded to your management account. With this launch, delegated backup administrators can now centralize report generation and management at scale using AWS Backup Audit Manager, an AWS Backup feature that allows you to audit and report on the compliance of your data protection posture.

FSx for NetApp ONTAP additional cloudwatch metrics – Amazon FSx for NetApp ONTAP, an AWS service that provides the only complete, fully managed NetApp ONTAP file systems in the cloud, now provides additional Amazon CloudWatch performance metrics for improved visibility into file system activity and enhanced monitoring dashboards with performance insights and recommendations. You can use the new metrics and dashboards to more easily monitor and right-size your file systems to optimize performance and costs.

S3 adds mountpoint option – Mountpoint for Amazon S3 is an open-source file client that makes it easy for your file-aware Linux applications to connect directly to Amazon Simple Storage Service (Amazon S3) buckets. Announced earlier this year as an alpha release, it is now generally available and ready for production use on your large-scale read-heavy applications: data lakes, machine learning training, image rendering, autonomous vehicle simulation, ETL, and more. It supports file-based workloads that perform sequential and random reads, sequential (append-only) writes, and that don’t need full POSIX semantics.

Amazon FSx for NetApp ONTAP adds access to Event management log – Amazon FSx for NetApp ONTAP, a service that provides fully managed shared storage built on NetApp’s popular ONTAP file system, is announcing two additional monitoring capabilities that enable you to monitor file system events and diagnose network connectivity: you can now access ONTAP Event Management System (EMS) logs and collect packet captures on your file systems.

Amazon FSx for NetApp ONTAP adds WORM feature “Snaplock” – AWS adding support for SnapLock, an ONTAP feature that gives you the power to create volumes that provide Write Once Read Many (WORM) functionality. SnapLock volumes prevent modification or deletion of files within a specified retention period, and can be used to meet regulatory requirements and to protect business-critical data from ransomware attacks and other malicious attempts at alteration or deletion. FSx for ONTAP is the only cloud-based file system that supports SnapLock Compliance mode.

Apps Associates is here to help you. Don’t hesitate to reach out with any questions.  Visit our website to learn more about our services – Migration to Public Cloud or AWS AppsAssurance Managed Services.