AWS September (first half) Service Announcements

CloudFront Updates

There are 2 CloudFront announcements in the first half of September.

• Support for Brotli compression
• Support for TLSv1.3 for viewer connections

Graviton2 Processor Instances

• Amazon RDS M6g and R6g instances powered by AWS Graviton2 processors are now available in Asia Pacific regions
• Announcing new Amazon EC2 T4g instances powered by AWS Graviton2 processors, available with a free trial

Each of them improves user experience by allowing viewers to connect to CloudFront using the latest technology standards. TLSv1.3 provides faster handshakes and more secure connections. Brotli provides a higher compression ratio than the traditional GZip algorithm, thus allowing web pages to be delivered faster. When viewers are using the latest browsers, this should provide a faster experience in general.

AWS Elastic Beanstalk now supports sharing of an Application Load Balancer among Elastic Beanstalk environments

This is a timely product announcement for us. We are working with a customer who has been using Elastic Beanstalk for a number of years. While it serviced them well, one of the complaints is that each Elastic Beanstalk environment creates its own Application Load Balancer, makes it impossible to reuse an existing one for listener rules, etc. They also have a large number of dev and test environments where they use a single, tiny instance that can be shutdown outside of business hours for cost savings. But it is not possible to temporarily shutdown a load balancer for the same purpose.

We also have a customer who requires different groups of instances attached to the same load balancer with listener rules, who cannot benefit from the managed environment provided by Elastic Beanstalk due to this pre-defined behaviour.

The decoupling of Application Load Balancers from Elastic Beanstalk environments would allow more flexibility in using this product to build applications and create many more use cases, especially for the platforms supported by Elastic Beanstalk.

Amazon EKS now supports assigning EC2 security groups to Kubernetes pods

We helped a number of clients to migrate or improve their Kubernetes workload on AWS. One of the pain points is the inability to assign Security Groups at the pod level. Previously one can use a feature in Calico Enterprise to achieve the same effect, but it is an extra layer in the mix and require extra cost. You can do this natively within EKS and this will greatly increase the security posture of an EKS workload by controlling traffic flow among pods.