Well, it’s been a little quiet this past week in the world of AWS updates and releases. But there are still a couple of interesting announcements to cover off in this weeks article. We have a new feature available to Fargate workloads and a price Drop for those using DynamoDB global tables. A new Search expression for CloudWatch dashboards, and new policy abilities when working with CloudWatch alarms.
As always, this list is not meant to be an exhaustive list of all the updates and changes to the AWS eco-system, but simply a summary of changes that might have an impact on the business and trends we at Kloud are seeing within the industry. As always, if you would like to talk to somebody about how you might be able to leverage some of these new technologies and services, please feel free to reach out using the contact link at the top of the page.
The key takeaways from this week are:
- AWS Fargate PV1.3 adds secrets and enhanced container dependency management
- Amazon CloudWatch Launches Search Expressions
- You can now use resource level policies for Amazon CloudWatch Alarms
- Amazon DynamoDB drops the price of global tables by eliminating associated charges for DynamoDB Streams
AWS Fargate PV1.3 adds secrets and enhanced container dependency management
First off in this week’s rundown is the announcement coming out of the Fargate team. On Wednesday it was announced that AWS Secrets Manager is available when using AWS Fargate Platform Version 1.3. This means you can store sensitive information in either AWS Secrets manager or AWS Systems Manager Parameter Store. Previously, you had to directly reference this sensitive information in the task definition (more information about that release can be referenced here) however now supports task definition conventions for accessing sensitive information stored in either AWS Secrets Manager and AWS Systems Manager Parameter Store. This new option for handling secrets within container-based workloads will help teams manage containers in a simpler manner.
In addition to new ways of managing secrets within container-based workloads is the ability to add task definition parameters to define dependencies for container start-up and shutdown. Previously there was no way to ensure that your container workloads started or stopped in a particular order, making the management on micro-service based workloads a difficult platform to manage. With this new update allows teams to define things such as extended stop timeouts for workloads requiring long-running clean-up activities or ensuring that backend services (such as telematics or database workloads) are started prior to front-end workloads.
More information on both of these features is available here and details on configuring dependency management are available in the ECS developer guide here.
Amazon CloudWatch Launches Search Expressions
Coming out of the CloudWatch team on Tuesday was the announcement that “You can now use search expressions to define Amazon CloudWatch dashboards. This enables you to create dashboards that update automatically as new resources have created that match the search query, providing up-to-the-minute visibility with reduced operational overhead.”
This is going to be a really handy feature and will make CloudWatch Dashboards simpler for a lot of customers. I haven’t had a chance to play with this new feature as of yet. However, will take it for a test drive in the coming days and release a blog next week. In the meantime, anybody who’s interested in investigating it for themselves can do so by visiting the link here.
You can now use resource level policies for Amazon CloudWatch Alarms
While we are on the topic of monitoring comes another announcement on Monday stating that “You can now create tags in CloudWatch alarms that let you define policy controls for your AWS resources. This enables you to specify fine-grained permissions, improving security for monitoring resources and cost allocation.”. Where this is going to get really powerful is when it’s partnered with IAM policies. You could define an IAM policy based on the resource group, and control which users (if any) can delete/alter the associated resource tags (such as an environment tag for defining between PROD and DEV). This would ensure that tags used for reporting/alarming and budgeting are now accidentally altered by users ensuring their accuracy. The official announcement is available here and details on creating groups of resources here.
Amazon DynamoDB drops the price of global tables by eliminating associated charges for DynamoDB Streams
And lastly, for our NoSQL people, was the announcement that “Amazon DynamoDB has reduced the price of global tables by eliminating associated charges for DynamoDB Streams”. This announcement didn’t get as much public press as the announcement around the new S3 storage announcement (with the announcement of the new Glacier Deep Archive storage tier can be found here) but has the potential to save large amounts of money for those using Global Tables. Previous, Cross-Region replication of Global tables incurred charges for the associated DynamoDB stream. This billing model could add up for those running Global tables with a large number of writes. Under this price change, these streams are no longer billed for. However, it is important to note that you will continue to be billed for other DynamoDB stream workloads. Full details of the announcement are available here
And that’s it for the AWS update for Friday the 5th of April 2019. Please keep an eye out for our weekly updates on the happenings within the AWS eco-system. We post updates every Friday as well as detailed tutorials and deep dives on products throughout the week. If there something you’d like to see on the Kloud Blog, please feel free to drop a comment below.