[Day 1] re:Invent 24 - Top Announcements and Thoughts

9 minute read
Content level: Foundational
0

As AWS re:Invent kicks off, the excitement is palpable with a series of intriguing announcements made on Day 1, December 1st. In this article, I will swiftly cover my favourite announcements and will share my thoughts on them.

Hello from Vegas! With the commencement of AWS re:Invent, the atmosphere is charged with excitement as a range of captivating announcements were unveiled on Day 1, December 1st. This article will quickly highlight some of the most notable announcements and provide my insights on them. For ease of navigation, the announcements are organized into categories.

Databases

1/ AWS DMS Schema Conversion now uses generative AI - GA

Database migration projects are often time consuming and cumbersome and this often is very relevant when converting complex objects such as stored procedures, functions, or triggers. AWS DMS Schema Conversion with generative AI, a new feature, converts up to 90% of your schema. Thats a pretty impressive number for sure, and I'm really excited to try this capability soon.

The new generative AI capability in AWS DMS SC is designed to address challenges by automating some of the most time-intensive schema conversion tasks. Using LLMs hosted on Amazon Bedrock, the new capability expands the existing conversion capabilities.

2/ Amazon MemoryDB Multi-Region - GA

If you are looking for a low latency(microsecond read and millisecond write latencies), fully managed and active-active multi region In Memory Database service, then this new launch is for you.

With MemoryDB Multi-Region, you can build highly available multi-region applications for increased resiliency. It offers active-active replication so you can serve reads and writes locally from the Regions closest to your customers with microsecond read and single-digit millisecond write latency. MemoryDB multi-region asynchronously replicates data between regions and typically propagates data within a second. It automatically resolves update conflicts and corrects data divergence issues, so you can focus on building your application.

With MemoryDB multi-region, you can achieve up to 99.999% availability and microsecond read and single-digit millisecond write latencies. MemoryDB is a fully managed, Valkey- and Redis OSS-compatible.

Valkey is the future and I would embrace this change in the In Memory Database space.

3/ Amazon CloudWatch Database Insights - GA

Single pane glass view matters and with the launch of CloudWatch Database Insights, this long standing wish for enhanced observability is granted. CloudWatch Database Insights supports Amazon Aurora PostgreSQL and Amazon Aurora MySQL. This feature provides a unified view of database fleet health and performance. Consolidates logs and metrics from applications, databases, and operating systems and offers pre-built dashboards and recommended alarms for monitoring.

This feature allows application developers to correlate database performance with application metrics. This correlation matters and I'm pretty sure DevOps engineers, application developers, and database administrators (DBAs) will find this feature interesting.

Generative AI

1/ Amazon Bedrock Model Evaluation now includes LLM-as-a-judge - Preview

Model evaluation is key to decide what model works best for your use case. Amazon Bedrock Model Evaluation gets better with the addition of this new capability, LLM-as-a-judge.

Customers can now choose an LLM as a judge to evaluate models. This features allows customers to select from multiple judge LLMs available on Amazon Bedrock. The LLM-as-a-judge assess quality metrics like correctness, completeness, and professional tone as well as responsible AI metrics such as harmfulness and answer refusal.

This new approach provides human-like evaluation quality at a lower cost and significantly faster than traditional human-based evaluations, offering a more sophisticated alternative to previous automatic evaluation methods.

2/ Amazon Bedrock Knowledge Bases now supports custom connectors and ingestion of streaming data - GA

Huge capability for keeping knowledge bases up-to-date with real-time data!

Amazon Bedrock Knowledge Bases has introduced support for custom connectors and streaming data ingestion, enabling developers to efficiently manage their knowledge bases by directly adding, updating, or deleting data through API calls. This enhancement allows financial services firms, among others, to keep their knowledge bases continuously updated with the latest market data, ensuring that generative AI applications provide the most relevant information to end-users. By eliminating the need for full data synchronization and intermediary storage, this capability reduces latency and operational costs, thereby improving application performance. Customers can utilize these features without incurring additional costs.

3/ Amazon Bedrock Knowledge Bases now supports RAG evaluation - Preview

Amazon Bedrock Knowledge Bases now support Retrieval-Augmented Generation (RAG) evaluation, enabling users to assess their RAG applications more efficiently. This new feature allows for the evaluation of both information retrieval and the combination of retrieval with content generation, using LLM-as-a-Judge technology. Users can choose from various judge models and metrics, including context relevance, correctness, completeness, and responsible AI criteria like harmfulness and stereotyping. The tool facilitates comparisons across different settings, such as chunking strategies or content-generating models, enhancing optimization efforts.

Compute

1/ Announcing Amazon EKS Auto Mode - GA

Even with a managed service like EKS, there can be numerous challenges and overheads that a platform engineering team can face on a day to day basis. This can be in the form of selecting the best instances or keeping up with the version upgrade story.

Amazon EKS Auto Mode is a new feature that fully automates Kubernetes cluster management for compute, storage, and networking. The feature automatically selects and manages best EC2 instances for applications, removes need for deep Kubernetes infrastructure expertise, dynamically scales EC2 instances based on demand, provides automated OS patches and updates and enhances security.

Focus on your applications and let AWS handle the undifferentiated heavy lifting.

2/ Announcing Amazon EKS Hybrid Nodes - GA

Interesting feature that allows customers to use on-premises and edge infrastructure as nodes in Kubernetes clusters. Amazon EKS Hybrid Nodes unifies Kubernetes management across environments and offloads Kubernetes control plane management to AWS.

This feature is compatible with any on-premises hardware or virtual machines and also supports Amazon EKS features like add-ons, Pod Identity, and cluster access management. The feature is also natively integrated with various AWS services including AWS Systems Manager, AWS IAM Roles Anywhere, Amazon Managed Service for Prometheus, Amazon CloudWatch, and Amazon GuardDuty for centralized monitoring, logging, and identity management.

Security, Management & Governance

1/ AWS Security Incident Response - GA

Security is Job Zero! Single pane glass view for security incidents and remediation is key, and AWS Security Incident Response service revolutionizes how businesses handle security events by automating monitoring and investigations.

The service integrates seamlessly with existing services like Amazon GuardDuty and third-party tools via AWS Security Hub, enabling rapid escalation and containment of high-priority alerts. By centralizing incident communications and documentation, it significantly reduces coordination time from hours to minutes. The service also provides 24/7 access to AWS Customer Incident Response Team (CIRT) for expert support, offering a single dashboard for real-time monitoring and management of security incidents. This innovation is crucial for enhancing security operations, improving response times, and freeing up valuable resources for more strategic initiatives.

2/ Declarative policies - GA

Familier with SCPs? (Service Control Policies), while SCPs are pretty commonly used as guardrails to ensure security standards are consistently applied across an organization, Declarative policies are designed to enforce desired configurations for AWS services across an organization, ensuring that resources comply with predefined standards.

Declarative policies is a new management policy type designed to simplify and enforce consistent configuration across an organization's cloud environment. It allows organizations to set baseline configurations for AWS services like EC2, EBS, and VPC. Prevents non-compliant actions across entire organizational accounts. Maintains configurations even when new APIs, features, or accounts are added.Provides governance teams with account status reports for configuration insights.Enables custom error messages to guide users to internal resources.

If you are little confused between SCPs and Declarative policies, this mental model should help - SCPs do not grant permissions; they only restrict or filter permissions. They use a deny-by-default model and can allow or deny specific AWS services and actions. Declarative policies automatically enforce and maintain desired configurations, such as blocking public access to VPCs, across multiple accounts.SCPs do not provide feedback to end users when actions are restricted; they simply enforce policy limits.Declarative policies offer transparency with custom error messages to guide users on why an action failed and how to remediate it.

3/ AWS Verified Access now supports secure access to resources over non-HTTP(S) protocols - Preview

One of the top feature requests from customers. With this launch, Verified Access enables you to provide secure, VPN-less access to your corporate applications and resources using AWS zero trust principles. This feature eliminates the need to manage separate access and connectivity solutions for your non-HTTP(S) resources on AWS and simplifies security operations.

Now you can secure access to resources that connect over protocols such as TCP, SSH, and, RDP.

Storage

1/ Storage Browser for Amazon S3 - GA

Gone are the days when you had to rely on a 3rd party plug-in or tool to provide a UI like experience to access S3. Storage Browser for S3, an open-source component for web applications enables end users to interact with S3 data directly. This feature provides a simple interface for browsing, downloading, and uploading S3 data and available in AWS Amplify React and JavaScript client libraries. This features allows users to search files by name, copy, and delete data they have access to.

Bonus points - Storage Browser for S3 is open source and you can integrate it with your applications at no extra cost.

2/ Amazon FSx Intelligent-Tiering, a new storage class for FSx - GA

Great to see intelligent-tiering getting into the world of FSx. Amazon FSx Intelligent-Tiering, a new storage class for Amazon FSx for OpenZFS offers significant cost savings and improved storage management. This new tier Reduces storage costs up to 85% compared to FSx SSD storage. Supports automatic storage cost optimization based on data access patterns.

Networking

1/ AWS announces access to VPC resources over AWS PrivateLink - GA

Customers can now use VPC endpoints (powered by AWS PrivateLink) to privately and securely access VPC resources. These resources, such as databases or clusters, can be in your VPC or on-premises network, need not be load-balanced, and can be shared with other teams in your organization or with external independent software vendor (ISV) partners.

Prior to this launch, customers could only access or share services that use Network Load Balancer or Gateway Load Balancer. Now, customers can share any VPC resource using AWS Resource Access Manager (AWS RAM). This resource can be an AWS-native resource such as an RDS database, a domain name, or an IP address in another VPC or on-premises environment. Once shared, the intended users can access these resources privately using VPC endpoints.

That's all for now! I'll see you tomorrow with updates on some exciting new features and services!

Happy Building!