In this session 'What's new on AWS re:Invent 2017 update', Simona, a new member of our Canada office, talked about some big announcements.
This article describes the content of the following presentation.
The slide was written by Yuki @torazuka.
At the latest re:Invent, AWS has announced more than sixty new services and feature updates. As you can see through a list of Product Announcements, the following categories had many new announcements: IoT, machine learning, and media services.
Some members from Classmethod Canada joined re:Invent 2017, but we cannot talk about all of the new announcements. I would like to introduce six impacting announcements that include four innovative services and two practical services in this session.
AWS DeepLens is a new programmable video camera that runs deep learning models directly on the device. AWS says that all developers with different skill levels are able to start to build their Deep Learning enabled application in 10 minutes. This service has a set of pre-trained models for image detection and recognition. We can use them for our applications.
With over 100 GFLOPS of compute power, DeepLens can process deep learning predictions on HD video in real time. We can also build custom models with Amazon SageMaker and send it to DeepLens.
Amazon Rekognition Video
Image analysis service Amazon Rekognition is now supporting video. It can detect objects, scenes, text, and faces, recognize celebrities, and identify inappropriate content. You can also search and compare people's faces. It will be charged for the analysis image and the image metadata to be saved.
This is one of popular use cases for a retail shop. They capture live images of shoppers with in-store cameras. Rekognition analyzes the image and returns facial attributes detected, which include emotion and demographic detail. The data is stored in S3 and Redshift and they can use it for designing and planning shops.
AWS PrivateLink is a new type of VPC endpoint. You can send a request to AWS services such as Kinesis, Service Catalog, EC2 and so on inside the VPC without going to the Internet.
PrivateLink was announced in mid-November, and there was an innovative update at re:Invent.
We can now access our own services through the endpoints and publish endpoints to external users and other VPCs. As a restriction on the published service, you need to be running behind the Network Load Balancer and using TCP.
In addition, PrivateLink is integrated with AWS Marketplace and we can charge our users by offering services such as SaaS. This new form of service provision brings innovation to our business.
Amazon EC2 Bare Metal Instances
A Bare Metal Instance is one of the EC2 instance type family. Unlike other instance types, we are able to access hardware resources directly and install an OS and virtualization software on it freely. As you can see on the slide, the hardware spec is strong; 72 logical processors, 512 GiB RAM, 15.2 TB SSD-based NVMe storage, and 25Gbps network. Bare metal instances can use the EC2 related services such as Auto Scaling and CloudWatch, so we can retain the benefits of the cloud.
The use cases of Bare Metal Instances are the following: When we want to use a virtualization hypervisor different from Xen or KMS, when we want to maximize the performance through setting hardware specific features, or when we want to run applications with only licenses for use in non-virtualized environments.
AWS Fargate is an on demand Docker containers service. We can deal with deploying and maintaining containers without cluster management. We can set up containers from tens to thousands in a few seconds. AWS Fargate takes over the basic mechanism of Amazon ECS which is a container management service.
A member of our company is thinking that Fargate is suitable as an environment for executing batches with long running time (c.f. Estimated a usage fee for AWS Fargate - (Japanese blog)). If you want to run some event-driven batches on the scale of millisecond, chose AWS Lambda instead.
A continuous security monitoring and threat detection services have been released. That is Amazon GuardDuty. The service consumes multiple data streams, including several threat intelligence feeds, recognizing malicious IP addresses and domains, and learning to identify malicious or unauthorized behavior in your AWS accounts.
GuardDuty detects various suspicious behavior from VPC Flow Logs, CloudTrail event log, and DNS log. Detected activities, called Findings, are classified at three importance levels and notified to the user with countermeasures. We can use CloudWatch Events and Lambda functions to take recovery actions against the problems. In addition, you can easily link Findings information with third party event management systems such as Splunk, and Workflow system such as JIRA, and Slack.
All of the product announcements are at Amazon Web Services' official website. Go to this link to learn about other products.
Yuki Torigata @torazuka