Each November, AWS pushes important updates to its platform that might otherwise get lost in the shuffle at re:Invent. This year was no different, with a slew of moves to address automation, cost controls and containers ahead of Amazon’s marquee cloud conference.
Among the dozens of new features and services rolled out this month were additions to CloudFormation, including the capability to create, register and import resources, as well as a new discount pricing plan for EC2 compute instances, custom log routing for containers and a Lambda update.
CloudFormation expands its reach
The AWS CloudFormation CLI is an open source toolset that enables users to incorporate a range of tools and services into CloudFormation, even if those resources aren’t currently supported by the infrastructure-as-code tool. This includes AWS offerings on the CloudFormation roadmap or third-party resources.
To get started with the AWS CloudFormation CLI, model a general schema for the resource, develop skeleton code for core actions, test the resource provider in your local environment and register it with CloudFormation in your desired AWS Region. Once the resource is registered, you can call and manage this custom resource like any other CloudFormation action.
AWS also added a resource import capability for CloudFormation, so developers can import an existing resource to be managed with a CloudFormation template. This will help users centralize infrastructure management.
Use the resource input command in CloudFormation to access existing resources and bring them into a CloudFormation stack. This capability currently supports import operations from S3, EC2, Lambda and more.
After user gripes over CloudFormation feature lag drew some attention earlier this year, AWS has spent the last few months improving its infrastructure-as-code tool. To make the effort more transparent, AWS created a public coverage roadmap, where users can suggest improvements and integrations and track progress. So far, the CloudFormation team has shipped 43 feature updates and integrations, with more on the way.
Savings Plans for EC2 expenses
AWS added a pricing plan in an apparent response to the fact that IT teams are often overwhelmed or confused by the range of discount options and stipulations the cloud provider offers for its compute resources.
Savings Plans is a discount program similar to EC2 Reserved Instances, but with more flexibility. It offers the same discount as Reserved Instances if users commit to a set compute amount – measured in dollars per hour — for either a one- or three-year term.
A Savings Plan consists of two prices — a Savings Plan price and a higher On Demand price. When you set compute amount per hour, all usage up to that limit will be charged at the Savings Plan price. Any usage beyond that limit will be charged at the On Demand rate.
Additionally, there are two types of Savings Plans — compute and EC2 instance plans. Compute plans are the more flexible option. They apply to any EC2 expenses regardless of region, instance family, OS or tenancy. EC2 instance plans apply to a specific instance family within a region but offer the larger discount. EC2 instance plans can still cover different instance sizes within the same family.
AWS Cost Explorer can recommend a Savings Plan based on your recent compute usage, but forecast expected usage before committing to a Savings Plan.
FireLens for container logging
AWS FireLens is a new service for custom log routing for container services such as Amazon Elastic Container Service and Fargate. You can use task definition parameters to route container logs to AWS monitoring services or an AWS Partner Network that runs on Fluentd or Fluent Bit, such as Datadog and New Relic, among others.
To use FireLens, create a new task execution IAM role that gives permission to access the services involved for log analysis or storage, such as CloudWatch or Amazon Kinesis Data Firehose. You can then use the Fluent Bit image provided by AWS with plugin for CloudWatch and Kinesis Data Firehose, for example. You can also create a task definition for custom log routing.
AWS Lambda Destinations for asynchronous tasks
The latest update to AWS Lambda is intended to reduce complexity and increase resiliency when building and managing serverless applications.
AWS Lambda Destinations is a feature that adds visibility into asynchronous invocations, alerting developers when those tasks have been processed correctly. Previously, Lambda could only tell users that an event had been received by the corresponding queue, with no information about whether it completed successfully. Developers would have to write additional code for a messaging service to handle any failures.
With this feature, developers can route the execution record to a destination resource without that added code. Execution status can instead be automatically directed – based on results — to another Lambda function, Amazon Simple Notification Service, Amazon Simple Queue Service or Amazon EventBridge.