Chris Armstrong | Wed Dec 11 2019
At GorillaStack, we’re keen users of AWS, and the time around re:Invent is great for the number of new product and feature announcements that are made. 2019 was no exception, although with the deluge of announcements before and during the conference, even we found it hard to keep up!
Below, we’ve shared some of our favorite feature announcements from what we’d like to think of as ‘core’ AWS services, like IAM, EC2, SQS, etc. that are used in the majority of customer applications.
Our favorite AWS feature ;-) has been enhanced with the addition of Tag Policies. It provides reports and compliance checking, which can be very handy when combined with a well-defined tagging strategy.
Although not a service announcement, this one was important to us, because it was Amazon sharing how they scale and manage their applications. In their new Amazon Builders Library, they’re creating a series of extended blog-style posts from their developers and architects experience building Amazon services.
Some of it is very general (other bits are very specific). I can recommend the article on instrumentation - there’s lots of great advice here if you’re getting started with instrumented your applications in the cloud.
For REST API developers, AWS have in preview a rationalized and much cheaper version of the API Gateway called HTTP APIs (currently in preview).
If you’re familiar with API Gateway, you’ll know it has a dizzying array of integration options. HTTP APIs keeps things simple by only providing only does Lambda Proxy integration (which is generally how most developers use API Gateway due to its flexibility).
It also has much better CORS support, which (I must admit) is challenging on API Gateway, and absolutely taxing if you have multiple origins you need to support - the new CORS support lets you list our your origins, which is better than creating custom lambdas and configuring them for every HTTP path OPTIONS request.
If you’re writing Java applications, CodeGuru for automated code reviews might be of interest in its preview stage.
The first part of this service helps identify bad coding practices that could lead to resource leaks and race conditions (among other things).
There is also an in-production profiler for identifying slow blocks of code.
It appears to be expensive ($0.75/100 lines of code) at this point, but there is a generous 90 day trial period.
EC2 Image Builder is a simplified UI for rebuilding your AMIs with the latest patches and customizations and rolling out to your fleet.
With it, you can create a pipeline for mastering your images that is re-runnable when updates are released, and can be validated with your own test suite. It also seems to be extensive enough already to support cross-account image sharing and a whole suite of non-AWS image types.
Amazon now has a Managed Apache Cassandra Service in preview.
Also in databases - DynamoDB has had some important announcements over the past month that make it even more compelling to use as a database:
Great for customers with manually-created environments who want to migrate to CloudFormation (no excuses now).
CloudWatch has had an impressive number of important announcements, including new features in preview, after quite a long lag. There’s plenty here for all types of applications:
IAM Access Analyzer is another interesting new service. It looks at resource policies and identifies those resources that can be identified from outside the ‘scope’ it is given (usually an account). For example, I was quickly able to identify all the roles that are accessible by principals in other accounts (e.g. via AssumeRole), public S3 buckets, etc.
There was a couple of interesting VPC announcements too:
Lastly, for those running serverless applications with AWS Lambda and Kinesis, there’s been many awesome additions: