As we find ourselves at the exhilarating midpoint of AWS re:Invent 2023, the air is charged with innovation, collaboration, and the unmistakable buzz of cutting-edge technology. It's been a whirlwind of breakthrough announcements, hands-on experiences, and invaluable insights from industry leaders. From mind-bending keynotes to deep-dive technical sessions, the conference has proven to be a kaleidoscope of possibilities, transforming the cloud landscape.

Join me as I reflect on the journey so far, unpacking the game-changing advancements, captivating moments, and the profound impact re:Invent 2023 is already having on the future of cloud computing.

Analytics

Amazon QuickSight is ushering in a new era with the preview of Amazon Q, introducing Generative BI capabilities that empower business users with enhanced insights and storytelling tools. In this preview, users can leverage three key capabilities: Stories, Executive Summaries, and Data Q&A. Stories enable the creation of visually compelling narratives through natural language prompts. Executive Summaries provide quick snapshots of dashboard highlights, saving time and offering at-a-glance insights. The Data Q&A experience facilitates deeper understanding, allowing users to ask vague questions and receive AI-suggested answers with narrative context. This is just one of the Amazon Q capabilities that were introduced and we will look in a few more further below. Read more about the release here.

Containers

A new capability was introduced – the Amazon Managed Service for Prometheus collector – designed to automatically and agentlessly discover and collect Prometheus metrics from Amazon Elastic Kubernetes Service (EKS). This collector, part of the Amazon Managed Service for Prometheus, eliminates the need to run collectors in-cluster and offers fully managed Prometheus-compatible monitoring and alerting. With the option for AWS-managed or customer-managed collection, users can optimize metric collection costs for monitoring applications and infrastructure on EKS. The setup process involves enabling AWS managed collectors during EKS cluster creation, defining scraper configurations, and visualizing metrics using Amazon Managed Grafana. This new capability is now available to all AWS customers in supported regions. Read more about the release here.

Databases

Several exciting announcements have taken place in the space of Databases (so far) at re:Invent 2023. Amazon introduced Amazon ElastiCache Serverless, a groundbreaking serverless option enabling users to create a cache in under a minute and dynamically scale based on application traffic patterns. Compatible with Redis and Memcached, ElastiCache Serverless eliminates the need for capacity planning or caching expertise. It offers fully managed, highly available caches with automatic replication across multiple Availability Zones, providing a 99.99% availability SLA. With a simplified endpoint experience, no upfront costs, and payment for actual resource consumption, ElastiCache Serverless ensures operational excellence. Read more about the release here.

Next, the preview of Amazon Aurora Limitless Database was announced, a groundbreaking capability enabling automated horizontal scaling for processing millions of write transactions per second and managing petabytes of data in a single Aurora database. Unlike traditional read replicas, Limitless Database scales write throughput and storage capacity independently, supporting high-scale applications without the complexity of managing data across multiple instances. The two-layer architecture includes shards for parallel processing and transaction routers for managing distributed transactions. Users can sign up for the preview in select AWS regions, experiencing the power of Aurora Limitless Database for high-performance and scalable applications. Read more about the release here.

Lastly, AWS dives into the world of the IBM Db2 database! IBM and AWS collaborated to introduce Amazon RDS for Db2, providing a fully managed Db2 database engine on AWS infrastructure. IBM Db2, renowned for its enterprise-grade features, scalability, and security, is widely used for managing data-intensive workloads. Amazon RDS for Db2 simplifies database management, offering features such as fully managed infrastructure, automatic backups, high availability, and scalability. Users can create Db2 databases effortlessly through the AWS Management Console, CLI, or SDKs, allowing AWS to handle infrastructure complexities. The service supports existing applications seamlessly, offering a choice of storage types and flexible scaling options. The preview of Amazon RDS for Db2 is available in various AWS regions but users must bring their own Db2 license. Read more about the release here.

Developer Tools

Let's take a look at another capability of Amazon Q. Amazon introduced new generative AI capabilities in Amazon CodeCatalyst, focusing on feature development acceleration through Amazon Q. The feature development capability in Amazon Q aids in expediting software development tasks, such as adding comments, refining issue descriptions, generating classes and unit tests, and updating workflows. Developers can move from idea to fully tested, merge-ready code with natural language inputs. Amazon Q handles the heavy lifting by converting human prompts into actionable plans, generating code, unit tests, workflows, and summarizing changes in pull requests. Developers can provide feedback to Amazon Q on published pull requests and request new revisions. Read more about the release here.

Generative AI / Machine Learning

re:Invent 2023 is Gen AI heavy. Amazon introduced Amazon Q, a generative AI-powered assistant for business users. Amazon Q streamlines tasks, aids decision-making, and fosters creativity by connecting to company information repositories, code, data, and enterprise systems. Tailored user-based plans ensure pricing and features align with individual needs, and Amazon Q adapts interactions based on users' existing identities, roles, and permissions. The AI assistant operates without using customers' content for model training, ensuring data security and privacy. Amazon Q supports over 40 built-in connectors for popular data sources and enterprise systems. Read more about the release here.

Next, let's look at improvement to Amazon Bedrock. Amazon announced Guardrails for Amazon Bedrock (in preview), allowing users to implement safeguards for generative AI applications to promote responsible AI interactions. As part of AWS's commitment to responsible AI development, Guardrails enable users to define denied topics and content filters, adding an extra layer of control to enhance safety and align applications with company policies. The key controls include:

Denied Topics: Users can specify undesirable topics for their applications, providing natural language descriptions. For example, a banking application could avoid providing investment advice.
Content Filters: Configurable thresholds for harmful content across hate, insults, sexual, and violence categories. Guardrails provide additional controls beyond built-in protections to filter interactions based on user-defined degrees.
PII Redaction (Upcoming): Users will soon be able to select personally identifiable information (PII), such as name, email address, and phone number, for redaction in responses or block user input containing PII.

Guardrails for Amazon Bedrock integrate with Amazon CloudWatch for monitoring and analysis of inputs and responses violating defined policies. Users can apply these guardrails to innovate safely while adhering to responsible AI goals. Read more about the release here.

Security, Identity, & Compliance

I am excited to see further updates to AWS Control Tower, the best way to manage your Landing Zone within AWS. AWS has introduced 65 purpose-built controls within AWS Control Tower to help users meet digital sovereignty requirements. AWS Control Tower allows users to set up and govern secure, multi-account AWS environments efficiently. The new controls support data residency, granular access restriction, encryption, and resilience. Examples of added controls include Operator access, controlling access to data, and encryption at rest and in transit. AWS Control Tower provides a consolidated view of enabled controls, compliance status, and evidence across multiple accounts, helping users manage digital sovereignty needs. Read more about the release here.

Amazon GuardDuty has introduced ECS Runtime Monitoring to detect potential runtime security issues in Amazon Elastic Container Service (ECS) clusters running on AWS Fargate and Amazon EC2. GuardDuty uses machine learning, anomaly detection, network monitoring, and malicious file discovery to identify threats. ECS Runtime Monitoring detects runtime events such as file access, process execution, and network connections, providing over 30 different finding types. It uses a managed and lightweight security agent for individual container runtime behaviors, and when used with AWS Fargate, the agent is automatically managed by AWS. Findings are visible in the console, and GuardDuty can send them to AWS Security Hub, Amazon EventBridge, and Amazon Detective. Amazon Detective now receives security findings from GuardDuty ECS Runtime Monitoring to aid in analysis and investigations. Read more about the release here.

Serverless

AWS Lambda has improved its scaling capabilities, allowing each synchronously invoked Lambda function to scale by 1,000 concurrent executions every 10 seconds. This occurs until the aggregate concurrency across all functions reaches the account's concurrency limit. The update ensures that each function within an account scales independently, regardless of how the functions are invoked, enhancing scalability for highly variable traffic and reducing the impact of noisy neighbor scenarios. Read more about the release here.

Storage

Amazon introduced the Amazon S3 Express One Zone storage class, aiming to provide up to 10 times better performance than the S3 Standard storage class. This new storage class is designed for frequently accessed data and demanding applications, delivering consistent single-digit millisecond latency while handling hundreds of thousands of requests per second. Objects are stored and replicated within a single AWS Availability Zone, allowing co-location of storage and compute resources to reduce latency. With very low latency, especially beneficial for smaller objects, and 50% lower request costs compared to S3 Standard, the Express One Zone storage class is suitable for data-intensive applications such as AI/ML training, financial modeling, media processing, and more. I guess it remains to see this in action. Read more about the release here.

To be continued...

Strap in for the second half – the stage is set for more revelations, connections, and the uncharted terrain of possibilities that lies ahead!

Halfway through AWS re:Invent 2023: A Journey Unveiling Innovation!