December started with a bang at AWS re:invent in Las Vegas! Many announcements were made in the days leading up to the conference as well as at the conference itself. Some key resources for all announcements made in the first week of December are:
In this series, we look to distill those announcements that should be on the radar of the AWS user seeking to drive adoption in the enterprise. Let’s take a look through this lens at the announcements that can often be overlooked in December. Specifically, announcements that have been made since AWS re:Invent closed! We’ll look at Open Monitoring with Prometheus for Amazon MSK, AWS CloudTrail support for Amazon Connect API calls, DNS Resolution for Amazon EKS Clusters using Private Endpoints, and some notable feature announcements on the logging and monitoring front.
Open Monitoring with Prometheus for Amazon MSK
Prometheus is a very popular open source monitoring solution for time-series metrics. Amazon MSK is Amazon’s managed streaming for Apache Kafka solution. One notable announcements since AWS re:invent, if you are an Amazon MSK user, is the announcement of open monitoring with Prometheus for Amazon MSK. This important new feature is offered free of charge. As with most features of this nature, you will pay normal traffic charges for the data created when the feature is turned on.
Getting started is pretty simple. You can enable open monitoring for an Amazon MSK cluster at cluster creation or after. When you enable open monitoring, you must specify either one or both of the following two exporters: JMX Exporter or Node Exporter. This provides clients access to JMX metrics emitted by Amazon MSK brokers and Apache Kafka. This also opens the doors to third-party tools that are able to consume Prometheus formatted metrics like Datadog, Lenses, New Relic, Sumo Logic, and others. To enable open monitoring or learn more about how it works you can visit the documentation found here.
CloudTrail support for Amazon Connect API calls
Amazon Connect has been picking up steam in the enterprise given its full featured, omnichannel cloud contact center offering. An important aspect of using AWS services is the ability to have deep insight into actions that are taken within the environment. AWS CloudTrail is the AWS service offering that provides a record of all calls made to the AWS API’s within an account. You can get detailed information such as the user that made the call, what API they called, the time and date, and more. Enterprise users looking to move their call center services to Amazon Connect can now take advantage of the same level of API call logging. To learn more about enabling AWS CloudTrail for Amazon Connect, check out the documentation here.
DNS Resolution for EKS Clusters Using Private Endpoints
For newly created Amazon EKS clusters, it is now possible to resolve a private Amazon EKS endpoint from outside of Amazon VPC, such as in the case of Amazon VPC peering or AWS Direct Connect from on premise. The same feature will be available for existing clusters in the days to come. Prior to this announcement, with only the private endpoint enabled for an Amazon EKS cluster, there was no automatic way to dynamically get the IP address of the private endpoint within Amazon VPC. This made connecting to the private cluster endpoint from outside of Amazon VPC difficult.
With this important new feature announcement for the enterprise, the private IP addresses of the private endpoint get advertised from the public endpoint. Clients (such as the kubectl CLI tool) use the public endpoint as a DNS resolver to connect to the private endpoint through a peered VPC automatically. Since these are always private IPs, clients without access to the private VPC, may receive the IP, but are unable to connect to the cluster. To learn more, check out the documentation here.
Some notable feature announcements on the logging and monitoring front:
Seven new data fields for CloudFront Access Logs
Requests to CloudFront create access logs that have long been helpful in understanding the nature and characteristics of traffic traversing an Amazon CloudFront distribution. Those characteristics deepen in insight with the announcement of seven new data fields that will begin to appear in Amazon CloudFront access logs.
These are:
- c-port – The port number of the request from the viewer.
- time-to-first-byte – The number of seconds between receiving the request and writing the first byte of the response, as measured on the server.
- x-edge-detailed-result-type – When the result type is an error, this field contains the specific type of error.
- sc-content-type – The value of the HTTP Content-Type header of the response.
- sc-content-len – The value of the HTTP Content-Length header of the response.
- sc-range-start – When the response contains the HTTP Content-Range header, this field contains the range start value.
- sc-range-end – When the response contains the HTTP Content-Range header, this field contains the range end value.
For more information about all Web Distribution Log File Formats for CloudFront distributions, visit the developer guide found here.
AWS Simple Queue Service (SQS) now supports 1-minute metrics to Amazon CloudWatch
A useful feature for more granular monitoring of SQS queues. Check out the announcement here.
To follow these monthly updates and gain insights on how they can impact your business, subscribe to our blog!
