16-08-2024

Announcing Amazon S3 Express One Zone storage class support on Amazon EMR

Amazon EMR (Elastic MapReduce) is the industry-leading cloud big data solution for data processing, interactive analytics, and machine learning, designed to run open-source frameworks such as Apache Spark, Hive and Trino efficiently on AWS. We are excited to announce that  the Amazon S3 Express One Zone storage class is now supported on all EMR deployment models - EMR on EC2, EMR on EKS, and EMR Serverless, for Spark, Trino, Flink, Hive and HBase workloads.  Amazon S3 Express One Zone is a high-performance, single-Availability Zone (AZ) storage class purpose-built to deliver consistent, single-digit millisecond data access for your most frequently accessed data and latency-sensitive applications. With this launch, you can now accelerate data movement between Amazon EMR and Amazon S3, enabling faster job execution times and improved performance for your workloads. This is particularly beneficial for workloads with strict service-level agreements (SLAs) or those requiring low-latency data access. Amazon S3 Express One Zone is supported for Spark, Trino, Flink, Hive and HBase workloads on EMR on EC2, for Spark and Flink workloads on EMR on EKS and for Spark and Hive workloads on EMR Serverless.  Amazon S3 Express One Zone support on EMR is available with Amazon EMR release 7.2.0 and later in the AWS Regions where S3 Express One Zone is available. To get started using Amazon S3 Express One Zone on Amazon EMR, visit the user guide for Amazon EMR on EC2, EMR on EKS, and EMR Serverless.

Amazon DataZone launches domain units and authorization policies

Amazon DataZone announced a set of new data governance capabilities called domain units and authorization policies that enable customers to create business unit/team level organization and manage policies per their business needs. With the addition of domain units, users can organize, create, search, and find data assets and projects associated with business units or teams. With authorization policies, those domain unit users can set access policies for creating projects, glossaries, and using compute resources within Amazon DataZone.  As an Amazon DataZone administrator, you can now create domain units (e.g Sales, Marketing) under the top-level domain and assign domain unit owners to further manage their data team's structure. Amazon DataZone users can login to the portal to browse and search the catalog by domain units, and subscribe to data produced by specific business units. Additionally, authorization policies can be configured for a domain unit permitting actions such as who can create projects, metadata forms and glossaries within their domain units. Authorized portal users can then login to the Amazon DataZone portal, and create entities such as projects and create metadata forms using the authorized projects.

Announcing Karpenter 1.0

With the release of Karpenter version 1.0.0, Karpenter’s APIs graduate out of beta. Karpenter is a flexible, efficient, and high-performance Kubernetes compute management solution that helps improve application availability, reduce operational overhead, and increase cluster compute utilization. This release also includes three new features which provide customers greater control over how and when Karpenter disrupts Kubernetes applications. Customers can use Karpenter with Amazon Elastic Kubernetes Service (EKS) or any conformant Kubernetes cluster.  Like other Kubernetes open-source projects, Karpenter’s APIs follow a maturity progression from alpha to beta then stable. In October 2023, the Karpenter project graduated its APIs from alpha to beta. This release marks the final milestone in the project’s maturity and customers can be assured that all Karpenter APIs will remain available in future 1.0 minor versions and not modified in any way that results in breaking changes. Alongside the graduation from beta, this 1.0 release includes three new features for Karpenter: 1/ the ability to specify disruption reasons, e.g. underutilization, emptiness, drift, for disruption budgets, 2/ a forceful disruption mode that helps customers balance application availability against security requirements, and 3/ an expansion of consolidateAfter which lets customers better tune Karpenter’s consolidation feature to meet their cost-efficiency and application availability requirements. 

AWS CodeBuild now supports using GitHub Apps to access source repositories

AWS CodeBuild now integrates with GitHub Apps as the authentication method to access your repositories. A GitHub App connection can be set as the default authentication method for all projects, or can be specified for an individual project source.  With GitHub Apps, you can use short-lived tokens with fine-grained permissions, and have control over which repositories the app can access. In a CodeBuild project, GitHub App connections are established via AWS CodeConnections, where you can further limit the access to the connections by using IAM roles and resource policies.  The new feature is available in all regions where AWS CodeBuild is supported except in China (Beijing), China (Ningxia).

AWS Control Tower launches landing zone version selection

AWS Control Tower customers can now select from a set of versions when performing a landing zone update, reset, or upgrade operation. Starting with landing zone version 3.1 and above, customers can update or reset in-place their landing zone on their current version, or upgrade to a version of their choice. A landing zone is a well-architected, multi-account AWS environment based on security and compliance best practices. AWS Control Tower automates the setup of a new landing zone using best-practices blueprints for identity, federated access, logging, and account structure.  With landing zone version selection, customers have more flexibility to plan for version upgrades while they evaluate potential changes to their environment. Customers need not choose between resetting drift to stay in compliance, updating their landing zone configurations, or upgrading to the latest landing zone version. If customers are running landing zone version 3.1 or above, they can choose to stay on the current version, or upgrade to a newer version, when they update or reset their landing zone configurations. 

AWS CloudFormation Git sync now supports pull request workflows to review your stack changes

AWS CloudFormation Git sync now allows you to review your stack changes via Pull Request (PR) comments before they are deployed to CloudFormation. With this launch, you get a clear overview of the changes in your deployments within the PR. CloudFormation Git sync will automatically post the change set information as comments to each new PR created or updated in your repository. You are able to review the proposed changes and then deploy the change set by merging the PR.  CloudFormation allows you to use a template file to manage the configuration of your resources as a stack. Using Git sync, you can store this template in a remote Git repository and have your CloudFormation stacks automatically updated. CloudFormation monitors your Git repository and triggers a change set deployment whenever it detects a change in any template file that defines a stack, and/or a stack deployment file that contains parameters that configure the stack. With this launch, you can catch and prevent undesired changes from being deployed through a PR review of the change set.