1. EventBridge Pipes
The service feature allows communication between AWS services and filtering and/or enrichment (through Step functions or Lambda or Filter) of events from sources like Managed Service for Kafka, Kinesis, SQS, DynamoDb streams, Amazon MQ to targets like Step functions, Firehose, SageMaker pipeline etc. This is a huge leap forward, because it is like a spider web for AWS services and allows building architecture, that is based on multiple filtered events. Connected AWS services are expected to be the new normal for a serverless architecture. The EventBridge Pipes creates the required IAM permissions automatically by following the least privilleges, required by the services
A short demo:
1.1. We create a SQS queue, named reinventQueue:
1.2. As next step we create a Step Function, which needs only to have a Pass step:
{
"Comment": "A Hello World example demonstrating various state types of the Amazon States Language",
"StartAt": "Hello World",
"States": {
"Hello World": {
"Type": "Pass",
"End": true
}
}
}
1.3. We proceed by creating EventBridge Pipes with following source and target
Source:
Target:
1.4 Send a message to the queue to invoke the step function and test
Source: https://aws.amazon.com/blogs/aws/new-create-point-to-point-integrations-between-event-producers-and-consumers-with-amazon-eventbridge-pipes/?trk=d0c467f8-ee69-4b7d-8e81-bc02ae25d111&sc_channel=el
Werner Vogels keynote: https://www.youtube.com/watch?v=RfvL_423a-I
2. Distributed map for step functions
The current map feature of Step functions allows
up to 40 parallel executions of lambda at a time. With the distributed map function, we can do up to 10000
executions in parallel. This will allow us to do map and reduce using csv files stored in S3 and analyse
large amount of data, while keeping the costs low. At the moment is available only for standard workflow and not for express
Source: https://aws.amazon.com/blogs/aws/step-functions-distributed-map-a-serverless-solution-for-large-scale-parallel-data-processing/
3. Application composer
WSIWYG tool to design a serverless distributed applications. The purpose of the service is to ease developers life and helps in designing asynchronous distributed systems
Source: https://aws.amazon.com/about-aws/whats-new/2022/12/aws-application-composer-preview/
4. CodeCatalyst
The current CodePipeline ci/cd requires
advance docker and Linux knowledge and to start from scratch with CodeBuild, CodeCommit, CodeDeploy. With CodeCatalyst AWS allows developers to build ci/cd smarter and easier, while providing a direct possibility to deploy in AWS accounts. The service is a direct competitor to Azure DevOps and is promising to be the best CI/CD in future. It allows connecting to source in Github, Bitbucket, Codecommit and etc. The authentication to Github is using OAuth. The authentication to AWS accounts happens manually through approval. This will be difficult if you have 200 accounts, but the team is working on automating it with API calls. In future this will be a direct competitor to Azure DevOps.
Source: https://aws.amazon.com/blogs/aws/announcing-amazon-codecatalyst-preview-a-unified-software-development-service/
5. Security Lake
The Security Lake consolidates the security from cloud and on premise and helps analyse security data. The S3 is used to store the data. The Security Lake also converts ingested data into Apache Parquet format and a standard open-source schema called the Open Cybersecurity Schema Framework, which is already supported by a large number of vendors.
Source: https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-security-lake-preview/
6. Cross-account observability across multiple AWS accounts
Now we can view and search not only metrics, but also logs across account boundaries. This makes the life of DevOps teams easier
Source: https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-cloudwatch-cross-account-observability-multiple-aws-accounts/
7. Proactive controls for Control Tower
Now Cloudformation templates could be checked for RDS encryption (just as an example) before deployment in order to enforce compliance with standards. This saves a lot of time compared to a detective control that would find the issue only when the CloudFormation deployment is in progress or has terminated. This also improves the security posture by preventing something that’s not allowed as opposed to reacting to it after the fact.
Source: https://docs.aws.amazon.com/controltower/latest/userguide/proactive-controls.html
8. OpenSearch Serverless
I remember back in the days, when the PagerDuty was calling every minute. The reason was, that ElasticSearch needs expansion or increase of the size/nodes. I am hoping this will help us address this issue in future. AWS aims to be water positive by 2030, which means, that our architectures will need to adapt to the demand frequently and will need to be more environment friendly at same time. And OpenSearch Serverless could give us one of the answer to the issue of frequent scale out and down. This will be intended for test and dev environments mainly. I guess with the possibility to be available for production in future :)
Source: https://aws.amazon.com/opensearch-service/features/serverless/
9. SimSpace weaver
The service can be used for large scale 3-D simulation. Developers using Unreal engine and Unity already can take advantage of it.
Source: https://aws.amazon.com/opensearch-service/features/serverless/
10. Amazon Inspector support for AWS Lambda functions
Amazon Inspector can check for vulnerabilities (CVEs) not only AMIs and network, but also Lambda function.
Top comments (1)
Inspector for AWS Lambda make it 10 :-)