AWS silly season — here we go
The AWS re:Invent annual conference in Las Vegas kicks-off next week, which means we are about to be snowed under by hundreds of new service announcments, product updates and the like. This year, AWS have started this process slightly early, so as not to overwhelm people during the week of the conferenece. There have been lots of announcements already.
Here are a few that I’ve spotted slipping past in my inbox that I think will be of interest to our members and customers. But there’s probably a lot of things that I’ve missed, so I suggest you keep an eye on the AWS blog for yourself. There will be so much coming out of AWS over the next week or so that keeping up will be more or less a full time job.
SES account-level suppression lists — For those of our customers that are sending large amounts of outbound email from their AWS-hosted services using SES (Simple Email Service), keeping up with bounces and complaints is a challenge. If they fail to stop sending mail to email addresses that have previously bounced, they run the risk of being blocked by AWS. (AWS have to do this to preseve the integrity of the SES service as a whole). AWS has now announced the availability of account-level suppression lists, which can be used by customers to protect their sender reputations and improve overall delivery rates for messages.
AWS managed rules for AWS WAF — AWS WAF is a web application firewall. It lets you define rules that give you control over which traffic to allow or deny to your application. You can use AWS WAF to help block common threats like SQL injections or cross-site scripting attacks. You can use AWS WAF with Amazon API Gateway, Amazon CloudFront, and Application Load Balancer. For most of our customers, we define and manage a set of rules in collaboration with them. AWS managed rules gives us a way of piggy-backing on the knowledge in AWS, choosing sets of rules that are maintained by AWS staff.
Least outstanding requests algorithm for load balancing requests — Sounds like a minimal announcement but I suspect it will actually be very useful. You can now use a ‘least outstanding requests’ algorithm, as well as plain old round-robin, to determine how Application Load Balancers share load across their target resources.
AWS Cost Categories — You can use use AWS Cost Categories to define custom rules to map to your internal business structures. After defining categorization rules, the system will organize your costs starting at the beginning of the month. Customers can visualize and monitor spend by viewing these categories in AWS Cost Explorer and AWS Budgets. We will look at the options here, particularly with regards to how we utilise this in our forthcoming Billing Portal.
Use employee attributes from your corporate directory for access control — You can now use your employees’ existing identity attributes, such as cost center and department, from your directory to create fine-grained permissions in AWS. Use these to implement attribute-based access control to AWS resources and simplify permissions management.
As I say above, these are just a few of the many announcements that AWS have made over the last couple of days. I’ll be keeping an eye of future announcements and summarising the ones that I think are most relevent to our members and customer here.
Originally published at https://cloud.jiscinvolve.org on November 26, 2019.