W-Systems joins SugarCRM! Read Blog
You can now capture and aggregate your Amazon Virtual Private Cloud (Amazon VPC) flow logs at shorter intervals of up to 1 minute, giving you quicker visibility into your network traffic flows. With a 1-minute configuration, your VPC flow logs arrive in an expedited manner and provide more granular visibility into the sequence of events in a flow, thereby enabling you to accurately investigate and rapidly respond to security incidents, or troubleshoot connectivity issues faster.
To get started, you can choose a maximum aggregation interval (also known as capture window) of 1 minute while creating a new flow log using the AWS Management Console, the AWS Command Line Interface (AWS CLI) or the AWS Software Development Kit (AWS SDK). Your flow logs will then be aggregated at intervals of up to 1 minute, before they are processed and published. By default, the maximum aggregation interval is 10 minutes.
There is no additional charge for flow logs with a maximum aggregation interval of 1 minute. Standard rates apply based on your choice of log destination. Learn about the pricing to deliver Amazon VPC flow logs to S3 or CloudWatch Logs here. For more information about Amazon VPC flow logs, please refer to the documentation.
Amazon VPC Container Networking Interface (CNI) Plugin version 1.6 is now available for use by Kubernetes clusters running on AWS.
Version 1.6 of the open source Amazon VPC CNI plugin includes a new MINIMUM_IP_TARGET parameter that can be used to reduce pod start time while minimizing IP addresses allocated to nodes. Support for peered VPCs is improved with a new parameter AWS_VPC_K8S_CNI_EXCLUDE_SNAT_CIDRS that allows CIDR ranges to be excluded from Source Network Address Translation (SNAT). Additionally, v1.6 includes a number of bug fixes around ENI allocation and EC2 API call rates to improve overall reliability and performance.
To learn more, see the Amazon VPC CNI v1.6 release notes on GitHub. You can upgrade existing clusters to use version 1.6 by following the instructions in the Amazon EKS documentation. As AWS confirm stability, VPC CNI v1.6 will be set as the default for new Kubernetes clusters launched by Amazon EKS.
You can now add tags, simple labels consisting of a user-defined key and an optional value, to your Amazon Virtual Private Cloud (VPC) gateway endpoints, interface endpoints (AWS PrivateLink), and endpoint services (AWS PrivateLink) directly while creating the resource. By tagging resources at the time of creation, you can eliminate the need to run custom tagging scripts after resource creation.
To get started, simply add tags at the time of creating a VPC gateway endpoint, interface endpoint or an endpoint service. These tags can then be used to search, filter, and organize your VPC endpoints and endpoint services. You can also use tags to clearly organize the charges for the resources you utilize, as presented at Using Cost Allocation Tags in the AWS Billing and Cost Management user guide.
This functionality is available at no additional cost through the AWS console, command-line interfaces (CLIs), and software-development kits (SDKs) in all AWS Regions. To learn more about tagging, please visit the user guide. To learn more about AWS PrivateLink, please visit the PrivateLink product page or documentation.