The Stack counted over 119 new AWS services and features landing during the cloud hyperscaler’s re:Invent 2022 conference. Many were jargon-dense. We mainlined some coffee and reviewed every single one.
Our goal was to distil each release into clear synopses of ~30 words for time-poor readers – and also to get a sense, whilst doing so, of thematic/strategic direction amidst the barrage of new AWS products.
A takeaway: AWS is notably focussed on making its multiplicity of cloud services work together better. (Call that customer-centricity, or call it a bid to make sure that every moving part of your app’s requirements is in AWS).
Some were innovative. Some more prosaic and arguably overdue, like improved policy management and finer-grained delegation of critical actions across large AWS user accounts; improvements and cross-platform integrations for AWS Backup; or extension of its threat detection service to other AWS services like Aurora.
It is also clearly emphasising improved user experience and integrated capabilities across machine learning, “Big Data”, and serverless (running code/applications without provisioning or managing infrastructure.)
Here's our take on these 119 new AWS services from re:Invent below. They are necessarily succinct, but we welcome feedback, so if you have views on either our takes or the services themselves, get in touch.
119 new AWS services and features from re:Invent 2022, digested
1) New “feature flagging” capabilities for AWS AppConfig: These let you change the way a containerised application behaves whilst it is running. In short, add new features without a full application redeploy. Link.
2) AWS CodeCatalyst (in preview): Shared project resources for application development and lifecycle management, from source code repositories to AWS service configuration, CI/CD, all in one place. Link.
3) Event Bridge Pipes: Plug-and-play point-to-point integrations between event producers and consumers. This makes it easier to stitch together different services for data streaming or “event-driven” applications. Link.
4) New APIs for Amazon Comprehend, an NLP service. This lets users extract unstructured data from PDF documents, Microsoft Word files, and images. Sounds rather handy. Is it any good? Let us know. Link.
5) Step Functions Distributed Map: Coordinate large-scale parallel workloads within serverless applications, e.g. to add massive and flexible serverless data processing into interactive applications. Link.
6) New AWS re:Post integrations: These let customers use the AWS Management Console and troubleshoot in the re:Post community hub without managing multiple login credentials. Basic but handy. Link.
7) AWS Application Composer (in preview): A low-code, drag-and-drop hub for building serverless applications. Use templates or write from scratch. Import and visualise CloudFormation and AWS SAM templates. Link.
Get our newsletter on LinkedIn. No forms. Takes a single click.
8) Amazon Gamelift Anywhere: Gamelift is a hosting service for multiplayer game servers. The new “Anywhere” addition lets users deploy their own hardware too in a hybrid setup with a common interface. Link.
9) Amazon SageMaker Data Wrangler: Easily pull in data (CSV, Parquet, ORC, and JSON, database tables et al) for machine learning from over 40 third-party sources like Databricks, Google Analytics, LinkedIn, SAP. Link
10) New governance tools for SageMaker (a machine learning service) including custom permissions. Link.
11) Amazon Athena support for Apache Spark. Athena is a serverless, interactive analytics service. It now supports Apache Spark as well as SQL so customers can use Spark to perform analytics. Link.
12) A new built-in data preparation capability in SageMaker Studio Notebooks (collaborative service for ML projects) flags incorrect data, missing data, column data quality issues and suggests transformations. Link.
13) Trusted Language Extensions for PostgreSQL: A new Apache 2.0 licensed SDK that provides an extension framework for adding more functionality to the PostgreSQL database without having to fork it. Link.
14) 22 new data connectors for Amazon AppFlow (which connects SaaS and AWS services), including for Facebook, Google, Instagram, and LinkedIn Ads; MailChimp; Okta; Teams; Zoom Meetings, Stripe; Jira. Link.
15) New shared spaces in Amazon SageMaker Studio, the integrated development environment (IDE) for machine learning. This lets multiple users access, read, edit, and share the same notebooks in real time. Link.
New AWS services in 2022 include a big serverless drive
16) AWS AI Service Cards: “Responsible documentation” on how not to be evil with Amazon AI services. The new service cards cover Amazon Rekognition (facial recognition) Amazon Textract and Amazon Transcribe. Link.
17) “Amazon EC2 Spot Ready” partner specialisation. A gold star for AWS partners whose software can support Amazon EC2 Spot Instances (spare EC2 capacity at a discounted price). Link.
18) AWS Glue Delivery specialisation: A gold star for AWS Partners that pass an “exceptionally high technical bar… in serverless data integration with AWS Glue”. Link.
19) AWS Graviton Delivery specialisation: A gold star for AWS partners that excel in enabling the best price performance for Graviton (AWS’s Arm chip) workloads in Amazon EC2. Link.
20) Amazon MSK Service Delivery specialisation: A gold star for AWS partners that help customers migrate and build real-time streaming analytics solutions using its fully managed Apache Kafka service. Link.
21) The Amazon GuardDuty threat detection service now profiles and monitors access activity to Amazon Aurora. (Really? Did it not do that before? No wonder cloud security companies proliferate…) Link.
22) AWS Machine Learning University now provides free educational material for US community colleges. Link.
23) Amazon SageMaker JumpStart (An ML hub with built-in algos, pretrained models) makes tweaks to make it easier to share machine learning artefacts, including notebooks and models, across your organisation. Link.
24) AWS Data Exchange for AWS Lake Formation (preview): Pull third-party data from the data exchange into AWS’s managed data lake formation service and centralise/streamline data licensing operations. Link.
25) A refreshed UX for SageMaker Studio, the web-based hub for all things ML. New navigation, etc. Link.
26) A new Amazon SageMaker Ready specialisation, which “validates world-class AWS Partner software products that integrate with Amazon SageMaker and help customers build machine learning solutions”. Link.
27) AWS Data Exchange for Amazon S3 (preview). Pull in third-party data files directly from data providers’ own S3 buckets. Why the heck not? Link.
28) AWS Glue Data Quality (preview): Automatically measure and monitor data quality for likes, pipes. (This uses the open source service Deequ to help measure and monitor data quality of PB-scale data lakes.) Link.
29) Redshift Multi-Availability Zone deployments: Run your data warehouse in multiple AWS Availability Zones simultaneously for mega-resilience. Holy smoke we bet that gets expensive but haven’t dug in yet. Link.
30) Something we don’t entirely understand about “Spark memory configurations and output partition format” in SageMaker Data Wrangler. All stuff in service of deploying data transformation pipelines, or “data flow” with an ML model, as part of a pipeline for both batch and real-time inference applications. Link.
31) “Shadow Testing” on SageMaker: Route a copy of inference requests received by a production model to a new model and create a live dashboard that shows performance differences across key metrics. Link.
32) More SageMaker updates that integrate low-code ML (AutoPilot) with CI/CD steps (Pipelines). Link.
33) Automatically take a snapshot of a SageMaker notebook, package it and dependencies into a container, build the infrastructure, runs the notebook as an automated job, and de-provision when done. Link.
34) Cross-account S3 access points: More easily share datasets with thousands of applications and users; customise permissions across each application or use case. Allow trusted accounts, such as the account administrator of a different team or a partner organisation, to self-serve permissions for datasets. Link.
35) Simplified governance of Amazon Redshift data sharing. Use AWS Lake Formation to centrally manage permissions on data being shared across your organisation. View, modify, and audit permissions on the tables and views in the Redshift datashares using Lake Formation APIs and the AWS Console. Link.
36) Use Geospatial data in SageMaker: Easier building, training, and deploying of ML models using geospatial data. This comes on the back of 2021’s launch of Amazon Location Service (maps, routes, geofences)… Link.
37) Simplified data loading from S3 into Amazon Redshift, e.g. with continuous file ingestion rules. Link.
38) General Availability of Amazon DocumentDB Elastic Clusters. Elastically scale this document database to handle millions of reads and writes per second with PB of storage and MongoDB compatibility. Link.
39) General Availability of AWS Marketplace Vendor Insights. This lets third-party sellers make security and compliance information available in AWS Marketplace. Users like governance, risk, and compliance (GRC) teams get a web-based dashboard to assess things like data privacy and residency, app security data. Link.
40) Amazon VPC Lattice (Preview). Define policies for traffic management, network access, and monitoring to connect apps across AWS compute services. Automatic handling of network connectivity between VPCs, account, translation between IPv4, IPv6, overlapping IP addresses” Link.
41) Amazon Redshift integration with Apache Spark, available across EC2, EKS, and Serverless. Build applications that directly write to Redshift tables via Spark as a part of your ETL workflows. Link.
42) New EC2 Inf2 instances. Lease compute for demanding deep learning (DL) inference applications. Link.
43) Amazon OpenSearch Serverless (preview): Run petabyte-scale search, analytics workloads without having to configure, manage, or scale OpenSearch clusters. Same ingest and query APIs as OpenSearch. Link.
44) Deliver streaming data to Amazon OpenSearch Serverless via the managed Amazon Kinesis Data Firehose extract, transform, and load (ETL) service. Link
45) Amazon’s QuickSight Q (a business intelligence/data visualisation dashboard with natural language query capabilities) gets new automated data population capabilities including field population and more. Link.
46) Torn Write Prevention for EC2 I4i instances, EBS, and Amazon RDS: Simply: turn off “double write” operations (designed for resilience in the event of a DB crash) without recovery risk on certain instances. Link.
47) Conversational analytics to assess customer sentiment in both agent and chatbot conversations. Link.
48) New Machine Learning capabilities in Amazon Connect, AWS’s Contact Centre offering.New release adds forecasting, capacity planning, and scheduling capabilities. Now GA. Link.
49) New Hpc6id instances for mega workloads, with low latency/high bandwidth interconnects and massive memory. Use for “memory bandwidth-bound, data-intensive HPC workloads” Link.
50) “Zero-ETL” integration of Aurora and Redshift. (Aurora is a managed relational database service; Redshift is Amazon’s widely used data warehouse.) Limited preview (Aurora MySQL 3 with MySQL 8.0, US East only. Link.
51) Redshift gets real-time streaming ingestion for Amazon Kinesis Data Streams (KDS) and Amazon Managed Streaming for Apache Kafka (MSK). No need to stage streaming data in Amazon S3. Link.
52) Launch of SimSpace Weaver, as covered by The Stack here. Dedicated infrastructure that you can scale up and down and an SDK for simulated space modelling. Link.
53) External Key Store for Amazon Key Management System. Store your customer managed encryption keys on a hardware security module that you operate on premises or at any location of your choice. Finally! Link.
54) Amazon Omics. A new service for life science organisations. “Store, query, and analyze genomic, transcriptomic, and other omics data… analyze genome data for entire populations (!) Link.
55) Amazon Security Lake (preview). Normalise, combine security data from AWS and a broad range of enterprise security data sources under Open Cybersecurity Schema Framework standard in one place. Link.
56) AWS Supply Chain (preview). Bad news for companies like Coupa, Ivalua SAP Ariba: AWS wants a piece of the supply chain optimisation software pie. Here’s its effort for those that trust Amazon with supply chain data.
57) Amazon Connect agent workspace now lets users create workflows that suggest what to do at a given moment during a customer interaction and programmatically infer customer intent. Link. Just use a chatbot eh?
58) Ask Amazon Quicksight Q (BI dashboard with natural language) “forecast” to see future trajectories for up to three measures simultaneously or “why” to identify key drivers. (Will the answer be “42”? Find out…) Link.
59) Performance evaluation capabilities (preview) in Amazon’s contact centre conversational analytics offering that lets managers create evaluation forms with specific criteria and score them using machine learning. Link.
60) Amazon verified access (preview): A new “Zero Trust” offering that provides secure access to corporate applications without a VPN. It evaluates each application request from users and allows access based on “trust data” from either AWS or a chosen third party and access policies that you create in Verified Access. Link.
61) Dynamic data masking for Redshift (preview): Control access to your data through simple SQL-based masking policies that determine how Redshift returns sensitive data to the user at query time. You can even choose how you show the masked data. A welcome addition that follows similar rollouts at rivals. Link.
62) AWS Outposts comes to Qatar, Guatemala, and Trinidad & Tobago. (Outposts is a rack of servers managed by AWS but physically on-premises that runs a subset of AWS services. Cloud, at the Edge.) Link.
63) AWS CloudTrail Lake, a managed data lake for immutable storage of cloud logs from CloudTrail, can now also ingest and query configuration changes (did it not already?!) so you can see, for example, who made configuration changes around security incidents such as data exfiltration or unauthorised access. Link.
64) New R6in and R6idn instances powered by Intel “Ice Lake”: Good for “memory-intensive workloads such as SQL, NoSQL DBs, distributed web scale in-memory caches like Memcached and Redis, in-memory databases, and real-time big data analytics like Hadoop and Spark clusters.” Link. Also, M6in and M6idn instances: Good for “high-performance file systems, caching fleets, real-time big data analytics, and telco applications. Link.
65) “Amazon FSx for NetApp ONTAP is announcing…” stop, what? Simple version: Easier access to file systems spread across multiple AWS availability zones, from an on-premises network, without custom routes. Link.
66) Much lower latencies for Amazon Elastic File System (Amazon EFS) for frequently-accessed data and metadata. (A claimed 60% lower read, 40% lower write). Being rolled out automatically in coming weeks. Link.
67) Improved performance monitoring for the AWS Global Network. Monitor network latency in up to give-minute intervals, as well as view the 45-day historical trend from AWS Network Manager. Link.
68) New EC2 R7iz instances (preview). Highest performance per vCPU of its x86-based EC2 instances. Good for “Electronic Design Automation (EDA), relational database with high per-core licensing fees, financial, actuarial, data analytics simulations” and anything with high compute performance and high memory footprint. Link.
69) AWS Glue version 4.0: AWS Glue is a serverless data integration service. The new version bakes in the latest Apache Spark and Python releases, adds support for Apaches Hudi, Iceberg, and Delta Lake, etc. Link.
70) AWS Config (a tool to assess, audit, and evaluate the configurations and relationships of your AWSresources) now does what it should, properly: “Proactively check for compliance with AWS Config rules prior to resource provisioning” and evaluate resource configurations before they are created/updated. Link.
71) AWS Glue for Apache Spark (now supports Apache Hudi, Apache Iceberg, and Linux Foundation Delta Lake. to simplify incremental data processing in data lakes built on Amazon S3. This strips out the need to install a separate connector or complete extra configurations to use these frameworks in AWS Glue ETL jobs. Link.
72) Amazon QuickSight (business intelligence dashboard) now supports Paginated Reports. Not as boring and more helpful than it sounds: Easy production of “highly formatted insights designed to be printable.” Link.
73) Amazon’s managed NetApp ONTAP shared storage platform is doubling the maximum throughput capacity per file system to 4 GB/s and maximum SSD IOPS to 160,000. Good for video rendering, DB applications. Link.
74) AWS Wickr is GA. Amazon bought end-to-end encrypted messenger service Wickr in 2021. Now it’s added some enterprise bells and whistles and is selling it at between $5-$15/seat. It’s competing in a busy marketplace however with the likes of Signal, Element, Wire, Threema, and, erm, WebEx. Interesting move. Link.
75) Performance optimisations for AWS Lambda: “10x faster function startup performance” for Java. Link.
76) Improved multi-region failover tools for S3: Designate an active AWS Region to service S3 requests and a passive AWS Region only routed to when it is made active during a planned or unplanned failover. Shift S3 data access request traffic from an active to a passiveRegion within 2 minutes to test appl resilience. Overdue. Link.
77) Customise new and existing AWS accounts before provisioning them from the AWS Control Tower console (a managed service for setting up multi-account environments) instead of using its pre-built blueprints. Link
78) A new capability in Amazon Macie (a platform that uses machine learning to scan for sensitive data in your environments) that now means you can automatically scans for PII, financial data, and AWS credentials. Good for compliance and security. Great for hackers. Don’t give everyone admin access to this one please. Link.
79) Amazon VPC Reachability Analyzer, Trace and troubleshoot “network reachability” between a source and destination resources in virtual private clouds (VPCs) by analysing your network configurations. Link.
80) New AWS Local Zones in Buenos Aires, Copenhagen, Helsinki, and Muscat. Local Zones are AWS at the Edge. Unlike Outposts though, which are on-prem or co-lo, Local Zones are managed by AWS. Link.
81) New features for AWS Glue, a serverless data integration services, that let customers reuse and share business-specific ETL logic so that data engineers can write reusable “transforms” for its visual job editor. Link.
82) Four new Elastic Load Balancing capabilities that help isolate apps from different types of failures. Link.
83) Amazon Verified Permissions (preview) “a scalable, fine-grained permissions management and authorization service for custom applications” to build out AWS’s Zero Trust offering. Features custom policy language called Cedar to define permissions at app level and integrates with identity providers. Link.
84) Launch of Informatica Data Loader for Redshift, “frictionless” data loading of Informatica’s Intelligent Data Management Cloud (an AI-powered data management platform) into Amazon’s data lake. Link.
85) Redshift gets new SQL functionalities, MERGE, ROLLUP, CUBE, and GROUPING SETS, to simplify building multi-dimensional analytics apps and incorporating fast changing data. Also gets support for a larger, semi-structured data size (up to 16 MB) when ingesting nested data from JSON and PARQUET source files. Link.
86) New application resilience tools in Amazon Route 53 Application Recovery Controller: Shift application traffic away from/around an AZ with a single action to recover applications suffering due to events such as power outages and hardware or software failures. Want to quite rightly get technical about this? Dig in here.
89) AWS Compute Optimizer now supports external performance metrics from Datadog, Dynatrace, Instana, and New Relic. Ingest memory metrics for EC2 instances for recommendations on memory capacity in addition to CPU, disk, network, IO and throughput, unlocking additional savings and performance awareness. Link.
90) Amazon launches Braket Algorithm Library, an open source GitHub repo with ready-to-use Python implementations for quantum algorithms on on Amazon’s quantum computing service Braket. Link.
91) AWS Glue for Ray (preview) combines Glue’s serverless option for data integration with Ray (ray.io), a popular open-source compute framework that helps you scale Python workloads. Link.
92) New controls management in AWS Control Tower to “proactively identify and block noncompliant resources before they are provisioned by CloudFormation”. In theory, this makes it easier to manage the controls like enforcing least privilege, restricting network access, and enforcing data encryption. Link.
93) Third-party add-ons to EKS clusters through the console, CLI, eksctl, APIs, or IaC tools like CloudFormation and Terraform. Bake third-party tools for monitoring, security, storage etc.into EKS clusters. Link.
94) Run Microsoft Office on EC2 with Amazon-provided licenses for Microsoft Office LTSC Professional Plus 2021 Amazon Machine Images (AMIs). Manage access to Microsoft Office via AWS License Manager. Link.
95) New APIs for Amazon QuickSight (business intelligence) for programmatic creation and management of dashboards, analysis, and templates so that BI teams can manage their BI assets as code, similar to IaC. Link.
96) Support for Redshift in AWS Backup: Centrally manage data protection of data warehouses. Link.
97) New organization-wide delegation of backup administration to member accounts in AWS Backup. This lets admins create and manage backup policies and monitor backup activity across accounts. Link.
98) AWS IoT Device Management Jobs gets new scheduling configurations, so users can deploy remote operations during pre-defined time windows so regular usage of their IoT devices is not disrupted. Link.
99) New data protection tools in Amazon CloudWatch Logs that use pattern matching and machine learning capabilities to detect and protect sensitive log data in-transit, e.g. to stop data being logged during ingestion that is tagged as relevant under HIPAA, GDPR, PCI-DSS, or FedRAMP. Link.
100) More improvements to Amazon CloudWatch to search for log groups stored across multiple accounts, run cross-account queries, and create Contributor Insights rules across accounts. Link.
101) Amazon RDS for MySQL gets 50% faster query processing. Default on RDS for MySQL versions 8.0.28 and higher on M5d and R5d instances and AWS Graviton2-based M6gd and R6gd database (DB) instances. Link.
102) AWS Backup lets you add AWS CloudFormation stacks to backup policies, for easier app backup. Link.
103) Amazon Elastic File System now supports a 1-day Lifecycle Management Policy to automatically move files that haven’t been accessed in 1 day to the Amazon EFS Infrequent Access (EFS IA) storage class. Link.
104) Amazon CloudWatch Internet Monitor (preview), monitor internet availability and performance metrics between your AWS-hosted applications and application end users across VPCs), Amazon CloudFront distributions, and Amazon WorkSpaces directories. Yes, this is yet another internet monitoring service. Link.
105) AWS Elastic Disaster Recovery (AWS DRS) now allows you to initiate a scalable failback process for your applications running on AWS. Simplify failing back recovered EC2 instances to your primary AWS Region. Link.
And now for something cuter...
106) “Optimised writes” for Amazon RDS for MySQL, for 2x faster throughput. Default option from RDS for MySQL version 8.0.30 and above and on db.r6i and db.r5b database instances. Link.
107) AWS IoT Core gets a Device Location feature to track and manage IoT devices using location data. Link.
108) Amazon ECS gets new “Service Connect”. Amazons container orchestration service ECS, gets a new networking capability called Service Connect to simplify network setup and service communication for microservices apps deployed across multiple ECS clusters and virtual private clouds (VPCs). Link.
109) Amazon EFS gets a new throughput model for “spiky and unpredictable” workloads that is designed to provide applications with as much throughput as they need with pay-as-you-use pricing. Link.
111) AWS’s machine learning-powered Kendra search platform gets support for tabular search, to better search tables embedded in HTML pages. Link.
112) + language support for Spanish, French, German, Portuguese, Japanese, Korean, and Chinese. Link.
113) AWS Backup adds centralized, multi-account reporting, for better compliance/auditing. Link.
114) New delegated administrator: Delegate policy management to specified member accounts to do actions by default available only to the management account. You can select any policy type — backup policies, service control policies (SCPs), tag policies, and AI services opt-out policies — and specify permissible actions. Link.
115) New SAWS Database Migration Service (DMS) schema conversions: Automatically assess and convert source database schema to a format compatible with the target database service in AWS. Would you, really? This works converting the sources Microsoft SQL Server version 2008 R2 and higher and Oracle version 10.2 and later, 11g and up to 12.2, 18c, and 19c to MySQL version 8.x PostgreSQL version 14.x. Details here.
117) AWS Application Migration Service (AWS MGN) adds new migration features to help automate the conversion of source servers to run natively on AWS with optional modernization features. Detail.
118) Mortgage services for Amazon Textract: AWS tool to automatically extract text, handwriting, and data from documents or images gets an API to help automate mortgage document processing. Link.
119) AWS Backup lets you hold protected data beyond defined retention policies, for legal and auditing Cleared by law firm Cohasset Associates for SEC Rule 17a-4(f), FINRA Rule 4511, CFTC Regulation 1.31. Link.
Got this far? Tell us your favourite new AWS service, favourite animal, pop us a story idea or just say hello.