Personal experience Link to heading

One week after I have returned from Vegas from what was my 2nd re:invent and a few days after I’ve shared my experience and announcement highlights as a panelist at the regular AWS User Group Bulgaria meetup I thought that it’s a good idea to do so in a post too.

As I’ve mentioned this was my 2nd re:invent, but during my previous trip The Sphere was still under construction, and as such one of the first things I did this time was to visit it. I saw a Postcard from Earth which was incredible, but I’ve found The Sphere a bit more impressive from the outside, rather than inside. Perhaps, it would have been more spectacular during a concert, but unfortunately The Eagles were about to play the week after I was about to leave, so maybe next time.
The Sphere

Re:Invent is a massive event with more than 65000 attendees from around the world, and while the chances of bumping into a familiar face every now and then are not that bad, but also not very high, it was constantly happening. It was great to meet friends and colleagues from around the world (this includes colleagues from the company I work for, folks from AWS and the extended AWS community, especially from the AWS Community Builders program).
Of course, this has its toll in terms of number of steps,
Steps Count

But it’s worth it, as you can easily refill those burned calories
Community Builder cakes

AWS Announcements Link to heading

Going back to my favourite announcements I’ll split them into two categories, those from pre:invent and the ones who came out during the re:invent week or made it into the keynotes from Peter DeSantis, Swami Sivasubramanian, Matt Garman or Werner Vogels.

Pre:Invent Link to heading

Perhaps one of the biggest pre:invent announcements which came about two weeks before re:invent was the option to Centrally manage root access in AWS Organizations, which was on top of my #AWSWishlist features for quite some time since managing root credentials was quite a cumbersome task if you had to manage a lot of AWS accounts created with Organizations as it’s well explained in this blog post.
Resource Control Policies in AWS Organizations was exciting news for everyone in the AWS security field. It complements Service Control Policies and while SCPs control the maximum permissions for a particular IAM principal / entity in your organization, RCPs offer central control over the maximum permissions on AWS resources within your organization.
VPC Origins for Amazon CloudFront was another notable pre:invent announcement. It is now possible to point CloudFront distributions directly to ALBs, NLBs or EC2 instances inside a private subnet, and it comes at no additional cost.
But perhaps the biggest was the Block Public Access for Amazon Virtual Private Cloud, which was announced on the same day. This makes it possible to authoritatively block public access to a VPC as it supersedes any other settings currently in place and prevents internet access to the resources in the respective VPC. Additional information on how it works is available in this blog post.

Re:Invent Link to heading

Access to VPC resources over AWS PrivateLink - you can now access or share resources in a VPC directly, without the need of having a load balancer in front.
In addition to this AWS PrivateLink now supports cross-region connectivity, which makes it possible to connect to a VPC endpoint service in other regions (on the same AWS partition). More information is available in this blog post.
Another good security related re:invent announcement was the one for the availability of declarative policies in AWS Organizations and AWS Control Tower. This makes it possible to enforce a particular EC2 Amazon Image (AMI) across the whole organization.

Amazon EKS Auto Mode is a new feature that fully automates compute, storage, and networking management for Kubernetes clusters. More about it could be read here.

Aurora DSQL

Aurora DSQL keynote And now, the announcements that impressed me the most - Aurora DSQL - cross-regional highly available strong consistency relational database (with PostgreSQL compatibility). The fact that someone is so close to breaking the CAP theorem is an impressive achievement on its own.
I highly recommend the blog post series of Marc Brooker one of the DSQL developers linked below:

  1. https://brooker.co.za/blog/2024/12/03/aurora-dsql.html
  2. https://brooker.co.za/blog/2024/12/04/inside-dsql.html
  3. https://brooker.co.za/blog/2024/12/05/inside-dsql-writes.html
  4. https://brooker.co.za/blog/2024/12/06/inside-dsql-cap.html

Simplexity Link to heading

And as Werner Vogels said, “Keep it Simple” and now GO BUILD:
Werner Vogels Simplexity Keynote