AWS Morning Brief

Links:Amazon NAT Gateway Now Allows You to Select Private IP Address for Network Address TranslationAmazon S3 Glacier improves restore throughput by up to 10x when retrieving large volumes of archived dataAmazon Time Sync is now available over the internet as a public NTP serviceAWS re:Post launches a community leaderboardAnnouncing the new Applications widget on AWS Console HomeAmazon S3 request-level information on use of access control lists (ACLs) coming to S3 server access logs and AWS CloudTrail Know Before You Go: An AWS Partner’s Guide to re:Invent 2022Introducing our final AWS Heroes of the year – November 2022Now Open–AWS Region in SpainIntroducing Amazon EventBridge SchedulerMigrate ROW CHANGE TIMESTAMP from IBM Db2 for z/OS to Amazon RDS for PostgreSQL or Amazon Aurora PostgreSQL-Compatible EditionYou can now assign multiple MFA devices in IAM 

Links:A super-neat exploration of the Lambda execution environment from a security perspective.Detect and block advanced bot traffic How to evaluate and use ECDSA certificates in AWS Certificate Manager - AWS released support for ECDSA certificates.Canary Tokens

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/How-To-Learn-Something-New-Kubernetes-the-Much-Harder-WayWant to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/bpp5tpgU6CENever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:Ben Kehoe has left iRobot. And where's he going next? Presumably to re:Invent! I am too, with my re:Quinnvent nonsenseAmazon Athena announces Query Result Reuse to accelerate queriesAmazon EC2 enables you to opt out of directly shared Amazon Machine ImagesAmazon EC2 placement groups can now be shared across multiple AWS accounts Amazon EC2 now supports specifying list of instance types to use in attribute-based instance type selection for Auto Scaling groups, EC2 Fleet, and Spot Fleet Amazon Lightsail announces support for domain registration and DNS autoconfigurationAmazon RDS now supports new General Purpose gp3 storage volumesAnnouncing recurring custom line items for AWS Billing ConductorAWS Lambda announces Telemetry API, further enriching monitoring and observability capabilities of Lambda ExtensionsAWS Cost Explorer’s New Look and Common Use CasesA New AWS Region Opens in Switzerland - eu-central-2 is now available.Introducing AWS Resource Explorer – Quickly Find Resources in Your AWS Account Overview of building resilient applications with Amazon DynamoDB global tables Publish Amazon DevOps Guru Insights to Slack ChannelUncompressed Media over IP on AWS: Read the whitepaper Enable cross-account queries on AWS CloudTrail lake using delegated administration from AWS OrganizationsNASA and ASDI announce no-cost access to important climate dataset on the AWS Cloud 

Links:I really like this idea of an AWS account solely for getting into other AWS accounts. Amazon accidentally exposed an internal server packed with Prime Video viewing habits.How to use trust policies with IAM roles - "It's an older post sir, but it checks out." OpenSSL Security Advisories - November 2022Tool of the week: s3crets_scanner

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/an-alternat-future-we-now-have-a-nat-gateway-replacement/Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:Amazon MSK now offers a new low-cost storage tier that scales to virtually unlimited storageAmazon Virtual Private Cloud (VPC) now supports the transfer of Elastic IP addresses between AWS accountsAWS IoT Core announces Location Action to route location data from IoT devices to Amazon Location ServiceAmazon Connect Customer Profiles now surfaces additional customer information in the Amazon Connect Agent Application Keeping Pace with FinServ Regulatory Compliance Demands with Smarsh and AWS Use Alexa devices to initiate customer service with Amazon ConnectHow USAA built an Amazon S3 malware scanning solution  Vela Games Cuts Game Build Times by 60% Using Infrastructure on AWSAmazon Simple Email Service (SES) helps improve inbox deliverability with new featuresIncreasing sustainability for your Microsoft workloads on AWSHow Nomad uses Amazon IVS to scale public court livestreamsExport historical Security Hub findings to an S3 bucket to enable complex analytics How to control non-HTTP and non-HTTPS traffic to a DNS domain with AWS Network Firewall and AWS Lambda 

Links:SOCRadar demonstrated a significant leak that spanned the world; it distills down to an Azure equivalent of an open S3 bucket.This security recap of 2022 Google Next and Microsoft Ignite is worth reading if you're doing things in that particular side of the ecosystem.IAM Access Analyzer findings now support Amazon SNS topics and five other AWS resource types to help you identify public and cross-account access DNS Analysis Server is a tool that can be used to demonstrate vulnerabilities in your DNS configuration. A very reasonable API Security Checklist of things to consider before releasing your API to the world.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/aws-re-invent-what-you-actually-need-to-know-before-you-go/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/lZPDfTXmfI4Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:Amazon Aurora supports cluster export to S3 Amazon Cognito now provides user pool deletion protection Amazon Connect adds real-time schedule adherenceAmazon EC2 enables easier patching of guest operating system and applications with Replace Root Volume Amazon Neptune Serverless is now generally available Introducing the Amazon OpenSearch Service delivery programAmazon SageMaker Canvas supports tags to track and allocate costs incurred by users AWS Console Mobile Application adds support for AWS CloudShell AWS Fault Injection Simulator now supports network connectivity disruptionAWS Nitro Enclaves is now supported on AWS GravitonAWS Organizations console now allows users to centrally manage primary contact information on AWS accounts AWS Private Certificate Authority introduces a mode for short-lived certificates Announcing dark mode support in the AWS Management Console EC2 High Memory instances with 18TiB and 24TiB of memory are now available with On-Demand and Savings Plan purchase options How to take advantage of the AWS Free TierGoldman Sachs, a legacy financial services firm, transforms its operations on AWS Reduce food waste to improve sustainability and financial results in retail with Amazon Forecast Cost Optimization recommendations for AWS Config Optimize your Amazon EC2 instances cost at scale by migrating from Intel to AMD using AWS Systems Manager Automation