RDS now generates an SSL certificate for each DB Instance. If you need a certificate for an existing instance youll need to reboot it using the AWS Management Console, the RDS command-line tools, or the RDS APIs.

Here are a few interesting things things to keep in mind:

• SSL encrypts the data transferred ‘over the wire’ between your DB Instance and your application. It does not protect data ‘at rest.’ If you want to do this, youll need to encrypt and decrypt the data on your own.
• SSL encryption and decryption is a compute-intensive task and as such it will increase the load on your DB Instance. You should monitor your database performance using the CloudWatch metrics in the AWS Management Console (pictured at right), and scale up to a more powerful instance type if necessary.
• The SSL support is provided for encryption purposes and should not be relied upon to authenticate the DB Instance itself.
• You can configure your database to accept only SSL connections by using the GRANT command with the REQUIRE SSL option. You can do this on a per-user basis so you could, for example, require SSL requests only from users connecting from a non-EC2 host.

You can learn more about this new feature in the RDS Documentation on Database Instances and in the forum post.

Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.

Amazon RDS gives you access to the full capabilities of a familiar MySQL database. This means the code, applications, and tools you already use today with your existing MySQL databases work seamlessly with Amazon RDS. Amazon RDS automatically patches the database software and backs up your database, storing the backups for a user-defined retention period.

Starting today, there is a new tab in the AWS Management Console for the Amazon Relational Database Service.

You can now easily create, manage, and scale DB Instances: Continue reading…

CloudFront delivers your static and streaming content using a global network of edge locations. Amazon CloudFront delivers your static and streaming content using a global network of edge locations. Requests for your objects are automatically routed to the nearest edge location, so content is delivered with the best possible performance. You can now enable logging for an Amazon CloudFront Streaming distribution Once enabled for a particular distribution, CloudFront logs all accesses to a designated Amazon S3 bucket. The information in the log files will let you know which of your streaming media files are the most popular and will also let you see which CloudFront Edge Location was used to stream the information.

Each log entry contains the following information: Continue reading…

Amazon Virtual Private Cloud (VPC) is now available in our EU (Ireland) region.

Customers with existing IT infrastructure in the EU can now deploy Amazon VPC in the same region in order to provide the best possible experience for their users. They can also deploy an Amazon VPC in the EU to ensure that their data remains in the EU.

Get the latest VPC Getting Started Guide here.

Amazon Virtual Private Cloud (Amazon VPC) is a secure and seamless bridge between a company’s existing IT infrastructure and the AWS cloud. AmazonVPC enables enterprises to connect their existing infrastructure to a set of isolated AWS compute resources via a Virtual Private Network (VPN) connection, and to extend their existing management capabilities such as security services, firewalls, and intrusion detection systems to include theirAWS resources. Amazon VPC integrates today with Amazon EC2, and will integrate with other AWS services in the future. As with all Amazon Web Services, there are no long-term contracts, minimum spend or up-front investments required.

If you are a software developer and didn’t read this paper you should. This paper is targeted towards cloud architects who are gearing up to move an enterprise-class application from a fixed physical environment to a virtualized cloud environment. The focus of this paper is to highlight concepts, principles and best practices in creating new cloud applications or migrating existing applications to the cloud. Most importantly, the paper discusses some specific strategies on how to architect your application to leverage the benefits of the cloud benefits. Although you’ll see some specific tactics on how to use different Amazon Web Services features and services (the paper is written by Jinesh Varia, Web Services Evangelist at Amazon), the principles can be applied using any cloud providers (Windows Azure).

Continue reading…

Under the pressure from Windows Azure release in a week, Amazon unveiled today a new AWS SDK for .NET Developers providing .NET developers the libraries, code samples, and documentation needed to build an AWS-powered application using any programming language capable of making .NET calls including C#, Visual Basic, Windows PowerShell, and other compliant languages. .NET developers get a special treatment with a dedicated .NET Forum and a special Windows & .NET Developer Center.

The SDK includes: Continue reading…

Today Amazon released its answer to SQL Azure, the hosted cloud database offered by Microsoft. The newest service form Amazon, the Amazon Relational Database Service, or Amazon RDS for short, now in beta, makes it easier for you to set up, operate, and scale a relational database in the cloud. You get direct database access without worrying about infrastructure provisioning, software maintenance, or common database management tasks.

Using the RDS APIs or the command-line tools, you can access the full capabilities of a complete, self-contained MySQL 5.1 database instance in a matter of minutes. You can scale the processing power and storage space as needed with a single API call and you can initiate fully consistent database snapshots at any time.

Continue reading…

Amazon is adding a new feature which significantly improves the flexibility of EC2’s Elastic Block Store  (EBS) snapshot facility. You now have the ability to share your snapshots with other EC2 customers using a new set of fine-grained access controls. You can keep the snapshot to yourself (the default), share it with a list of EC2 customers, or share it publicly.

The Amazon Elastic Block Store lets you create block storage volumes in sizes ranging from 1 GB to 1 TB. You can create empty volumes or you can pre-populate them using one of our Public Data Sets. Once created, you attach each volume to an EC2 instance and then reference it like any other file system. The new volumes are ready in seconds. Last week I created a 180 GB volume from a Public Data Set, attached  it to my instance, and started examining it, all in about 15 seconds. Continue reading…

The AWS Management Console now has complete support for Amazon CloudWatch. You can enable CloudWatch for any or all of your EC2 instances using the console and data will be available in a moment or two. You can select one or more running EC2 instances to see the CloudWatch data in graphical form. You can observe CPU utilization, disk reads, disk writes, and network traffic (both in and out). If you select more than one EC2 instance, the console will automatically display aggregated values.You can also get a larger and more detailed view of the data.

Here are some pictures of the console in action: Continue reading…

Amazon SQS launched over three years ago and is the quiet workhorse behind many of the highly scalable applications running on Amazon EC2.

Today Amazon is rolling out some important new features for Amazon SQS including availability from within our EU region, control of access permissions, and more control over the visibility timeout.

Starting today, a complete, self-contained instance of Amazon SQS is available in Europe. You can now choose to build Amazon SQS-driven applications entirely based in Europe or span regions (US and EU) in order to provide geographic diversity.

AWS is also introducing additional permission features that control access to Amazon SQS and to each of its fundamental actions on a very fine-grained basis … Continue reading…