April 2025: A month of innovation for Amazon Q Developer

Post Syndicated from Brian Beach original https://aws.amazon.com/blogs/devops/april-2025-amazon-q-developer/

As April 2025 comes to a close, I’m amazed by the innovations that Amazon Q Developer has launched in the past few weeks. Generative AI is evolving fast, enabling developer experiences that were just not possible a few months ago. Each new launch helps make Q Developer the most capable generative AI–powered assistant for software development. Let’s explore the announcements from April.

C# and C++ customization – April 1

Amazon Q Developer expanded its customization capabilities to include C# and C++ support, enabling developers to tailor AI suggestions based on their company’s proprietary codebase. This enhancement allows for more accurate inline suggestions and contextual code understanding across C# and C++ projects, while maintaining support for existing languages like Python, Java, JavaScript, and TypeScript. You can read more in Customizing C# and C++ with Amazon Q Developer

Amazon’s internal journey with Q Developer – April 2

In 2024, Amazon integrated its internal knowledge repository of millions of documents into Amazon Q Business, resulting in over 450,000 hours saved in technical query time. Using AI for software transformations integrated with internal development tools saved 4,500 developer years of effort and more than $260M. Perhaps most importantly, the technology is changing how developers approach problem-solving itself, enabling more creative and experimental development practices. You can read more in How generative AI is transforming developer workflows at Amazon.

Conversation persistence, search, and export – April 3rd

Amazon Q Developer now gives you more control over your conversation history. Your conversation is preserved between sessions, letting you pick up where you left off. In addition, you can search the conversation history and export the conversation as markdown. Conversation history features are now available in VS Code and will be added to other IDEs soon.

Context control enhancements – April 3rd

Back in March, I wrote a post about taking control of your code with Amazon Q Developer’s new context features. This allowed you to specify files and folders to add to the context. You can now include classes, functions, and global variables into the input context. In addition, the context size was increased to 100k characters in chat. These features are now available in VS Code and will be added to other IDEs soon.

Expanded language support – April 9

Amazon Q Developer now supports multiple languages across its IDE and CLI interfaces, enabling developers to discuss architecture, create documentation, and build applications in your preferred language. This enhancement creates a more inclusive and accessible development environment. You can read more in Speaking Your Language: Expanded language support in Amazon Q Developer.

Eclipse inline chat (preview) – April 10

The new inline chat feature in Eclipse allows developers to edit code in place using natural language commands. This powerful capability streamlines tasks like refactoring, optimization, and code maintenance without breaking development flow. You can read more in Announcing inline chat in Eclipse with Amazon Q Developer.

European region launch – April 14

Amazon Q Developer Pro Tier is now available in the Frankfurt (eu-central-1) region, addressing data residency requirements for European customers while improving performance through reduced latency. The launch includes cross-region inferencing optimization across Frankfurt, Ireland, Paris and Stockholm. You can read more in Announcing the European region for Amazon Q Developer.

GitLab Duo with Amazon Q (GA) – April 17

GitLab Duo with Amazon Q brings Amazon Q’s generative AI capabilities directly into GitLab’s DevSecOps platform and is now generally available. This integration enables AI-assisted development throughout your entire workflow—from idea conception to deployment—all within the familiar GitLab environment. You can read more in Announcing General Availability of GitLab Duo with Amazon Q.

Updated software development agent – April 21

Amazon Q Developer updated the software development agent. This new agent achieves state-of-the-art performance on industry benchmark SWTBench Verified (49%) and sits among the top ranking models on SWEBench Verified (66%). The agent has access to tools for planning and reasoning that use the capacity of advanced models to their fullest. You can read more in Amazon Q Developer releases state of the art agent for feature development

Amazon introduces SWE-PolyBench – April 23

Amazon has introduced SWE-PolyBench, a new industry benchmark to evaluate the performance of AI coding agents across multiple programming languages and real-world coding scenarios. Unlike previous benchmarks that focused mainly on Python and bug fixes, SWE-PolyBench contains over 2,000 curated coding tasks spanning Java, JavaScript, TypeScript, and Python, covering a variety of challenges including feature requests and refactoring. You can read more in Amazon introduces SWE-PolyBench, a multilingual benchmark for AI Coding Agents

Model context protocol support – April 30

The addition of model context protocol (MCP) support in the Amazon Q Developer CLI standardizes how applications provide context to Large Language Models, allowing developers to seamlessly integrate additional tools and data sources into their AI-assisted workflow. You can read more in Extend the Amazon Q Developer CLI with Model Context Protocol (MCP) for Richer Context.

Expanded support in customization – April 30

Less that one month after adding support for C# and C++, the Q Developer customizations team was hard at work adding support for: Dart, Go, Kotlin, PHP, Ruby, Rust, Scala, Bash, PowerShell, CloudFormation, and Terraform. This is, of course, in addition to the existing supported languages: Python, Java, JavaScript, TypeScript, Markdown, reStructuredText, and Text. Wow!

Conclusion

April 2025 has been a transformative month for Amazon Q Developer, with launches spanning global expansion, IDE enhancements, and deeper integrations. From bringing the service to European customers to enabling multilingual support and introducing powerful new capabilities like inline chat in Eclipse and GitLab integration, Amazon Q Developer significantly expanded how developers can leverage AI assistance in their daily workflows. These launches reflect a commitment to making AI-assisted development more accessible, powerful, and integrated into existing tools and processes. I encourage you to try these new features and share your feedback as we continue to enhance Amazon Q Developer.

Impact of Experience AI in Kenya

Post Syndicated from Paul Akwabi original https://www.raspberrypi.org/blog/impact-of-experience-ai-in-kenya/

Today’s blog post is written by Paul Akwabi, Executive Director at Tech Kidz Africa, part of our global partner network for Experience AI.

As artificial intelligence (AI) continues to reshape industries and redefine how we work and learn, it is essential that Kenyan educators are equipped with the knowledge and skills to introduce AI concepts to their learners.

In Kenya, the education system has taken significant steps towards digital literacy through the Competency Based Curriculum (CBC), which has introduced young learners to coding using Scratch and laid a foundation for tech skills. However, AI is yet to be formally integrated into the curriculum. This has presented an opportunity to prepare teachers to integrate AI into their lessons and inspire the next generation of innovators.

An educator with students at the Experience AI workshop.

How Experience AI has increased digital literacy

Our partnership with the Raspberry Pi Foundation has been a vital element in the retooling of Kenyan educators. Using the Foundation’s Experience AI resources, which they co-developed with Google DeepMind, we have equipped 441 teachers with practical AI and machine learning skills through hands-on training sessions in five counties: Mombasa, Nairobi, Taita Taveta, Meru, and Nakuru.

Our work to empower young learners with coding, robotics, and AI skills has positioned us as a key driver of digital literacy in Kenya. The Experience AI materials have helped us take key next steps — we’ve scaled up AI education, reached more teachers, and further democratised access to emerging technologies, supporting our goal of ensuring that no child is left behind in the digital revolution. 

To make the delivery of our training sessions as smooth as possible, we’ve joined hands with county governments and local education authorities like the Teachers Service Commission (TSC). In all the counties we’ve been working in, the TSC are actively promoting digital literacy among teachers and have made sure we equip teachers with the understanding and skills to use AI effectively. 

Learners using laptops during the Experience AI session.

Through our expert trainers, we’ve been able to offer hands-on introductions to AI concepts, provide opportunities for practical problem-solving with machine learning models, and expose participants to real-world AI applications. A great example of the work we’ve done is the training we gave to teachers in Meru County, where they learned to create an AI model that recognises certain food types in supermarkets. Later, in group sessions, participants developed their own diverse and innovative AI models. One group, for instance, designed an AI model for dishwashing that detects dirty dishes and automates the water removal process.

Feedback from training

Through the Experience AI training sessions, many educators gained new confidence and skills, and have already started to integrate AI into their classrooms. 

“I am grateful for the invaluable skills gained through the Experience AI training. The knowledge I’ve acquired will not only enhance my ability to conduct research but also empower me to teach my students how to effectively use AI. This is just the beginning. I look forward to building on this foundation and exploring even greater possibilities with AI.” — Mr. Githinji, Meru, Kenya

An educator with students at the Experience AI workshop.

In any aspect of life, learning is about shifting perspectives, nurturing curiosity, and embracing new possibilities — this is what drives innovation. The Experience AI training in Kenya has exemplified this, transforming how we think and approach technology.

“I am glad that my county has been considered in this training. I challenge the teachers here to make use of these useful resources to spice up learning in the classroom. I was once a mathematics teacher and I wish I had technology to teach. Thank you Tech Kidz Africa, Raspberry Pi Foundation and Google DeepMind for empowering these teachers.” — His Excellency Andrew Mwadime, Governor Taita Taveta County

The overwhelming enthusiasm from educators and learners is evidence that the Experience AI lessons have been highly impactful. Teachers have expressed a strong desire for more training opportunities to support them in equipping students for the future. Many of the teachers have also expressed how the training has demystified AI, enhancing accessibility and giving their daily teaching added relevance. In addition, there is a clear call to scale up these efforts to reach more teachers across the counties in Kenya to ensure that AI education is widespread and inclusive.

A group of students holding the Experience AI certificates.

Experience AI is bringing a unique AI experience to teachers, helping ease fears that AI might render them obsolete or take away their jobs. Educators are excited to explore how AI algorithms work and how they can train them for the benefit of both themselves and their students. They recognise that AI can help create an equal playing field, offering tools worldwide that can showcase and accentuate their talents, capabilities, and skill sets.

If you’re interested in finding out more about the Experience AI resources, visit the Experience AI website.

The post Impact of Experience AI in Kenya appeared first on Raspberry Pi Foundation.

[$] LWN.net Weekly Edition for May 1, 2025

Post Syndicated from corbet original https://lwn.net/Articles/1018680/

Inside this week’s LWN.net Weekly Edition:

  • Front: Mailman 2 vulnerabilities; AI in Debian; __nonstring__; Cache-aware scheduling; Freezing filesystems; Socket-level storage; Debugging information; LWN in 2025.
  • Briefs: Debian election; Kali Linux key; OpenBSD 7.7; Firefox 138.0; GCC 15.1; Meson 1.8.0; Valgrind 3.25.0; FSF review; OSI retrospective; Mastodon; Quotes; …
  • Announcements: Newsletters, conferences, security updates, patches, and more.

Amazon Nova Premier: Our most capable model for complex tasks and teacher for model distillation

Post Syndicated from Danilo Poccia original https://aws.amazon.com/blogs/aws/amazon-nova-premier-our-most-capable-model-for-complex-tasks-and-teacher-for-model-distillation/

Today we’re expanding the Amazon Nova family of foundation models announced at AWS re:Invent with the general availability of Amazon Nova Premier, our most capable model for complex tasks and teacher for model distillation.

Nova Premier joins the existing Amazon Nova understanding models available in Amazon Bedrock. Similar to Nova Lite and Pro, Premier can process input text, images, and videos (excluding audio). With its advanced capabilities, Nova Premier excels at complex tasks that require deep understanding of context, multistep planning, and precise execution across multiple tools and data sources. With a context length of one million tokens, Nova Premier can process extremely long documents or large code bases.

With Nova Premier and Amazon Bedrock Model Distillation, you can create highly capable, cost-effective, and low-latency versions of Nova Pro, Lite, and Micro, for your specific needs. For example, we used Nova Premier to distill Nova Pro for complex tool selection and API calling. The distilled Nova Pro had a 20% higher accuracy for API invocations compared to the base model and consistently matched the performance of the teacher, with the speed and cost benefits of Nova Pro.

Amazon Nova Premier benchmark evaluation
We evaluated Nova Premier on a broad range of benchmarks across text intelligence, visual intelligence, and agentic workflows. Nova Premier is the most capable model in the Nova family as measured across 17 benchmarks as shown in the table below.

Amazon Nova Premier Benchmark Evaluations

Nova Premier is also comparable to the best non-reasoning models in the industry and is equal or better on approximately half of these benchmarks when compared to other models in the same intelligence tier. Details of these evaluations are in the technical report.

Nova Premier is also the fastest and the most cost-effective model in Amazon Bedrock for its intelligence tier. For further details and comparison on pricing, please refer to the Bedrock pricing page.

Nova Premier can also be used as a teacher model for distillation, which means you can transfer its advanced capabilities for a specific use case into smaller, faster, and more efficient models like Nova Pro, Micro, and Lite for production deployments.

Using Amazon Nova Premier
To get started with Nova Premier, you first need to request access to the model in the Amazon Bedrock console. Navigate to Model access in the navigation pane, find Nova Premier, and toggle access.

Console screenshot.

Once you have access, you can use Nova Premier through the Amazon Bedrock Converse API providing in input a list of messages from the user and the assistant. Messages can include text, images, and videos. Here’s an example of a straightforward invocation using the AWS SDK for Python (Boto3):

import boto3
import json

AWS_REGION = "us-east-1"
MODEL_ID = "us.amazon.nova-premier-v1:0"

bedrock_runtime = boto3.client('bedrock-runtime', region_name=AWS_REGION)
messages = [
    {
        "role": "user",
        "content": [
            {
                "text": "Explain the differences between vector databases and traditional relational databases for AI applications."
            }
        ]
    }
]

response = bedrock_runtime.converse(
    modelId=MODEL_ID,
    messages=messages
)

response_text = response["output"]["message"]["content"][-1]["text"]

print(response_text)

This example shows how Nova Premier can provide detailed explanations for complex technical questions. But the real power of Premier comes with its ability to handle sophisticated workflows.

Multi-agent collaboration use case
Let’s explore a more complex scenario that showcases how Nova Premier works a multi-agent collaboration architecture for investment research.

The equity research process typically involves multiple stages: identifying relevant data sources for specific investments, retrieving required information from those sources, and synthesizing the data into actionable insights. This process becomes increasingly complex when dealing with different types of financial instruments like stock indices, individual equities, and currencies.

We can build this type of application using multi-agent collaboration in Amazon Bedrock, with Nova Premier powering the supervisor agent that orchestrates the entire workflow. The supervisor agent analyzes the initial query (for example, “What are the emerging trends in renewable energy investments?”), breaks it down into logical steps, determines which specialized subagents to engage, and synthesizes the final response.

For this scenario, I’ve created a system with the following components:

  1. A supervisor agent powered by Nova Premier
  2. Multiple specialized subagents powered by Nova Pro, each focusing on different financial data sources
  3. Tools that connect to financial databases, market analysis tools, and other relevant information sources

Multi-agent architectural diagram

When I submit a query about emerging trends in renewable energy investments, the supervisor agent powered by Nova Premier does the following:

  1. Analyzes the query to determine the underlying topics and sources to cover
  2. Selects the appropriate subagents specific to those topics and sources
  3. Each subagent retrieves their relevant economic indicators, technical analysis, and market sentiment data
  4. The supervisor agent synthesizes this information into a comprehensive report for review by a financial professional

Utilizing Nova Premier in a multi-agent collaboration architecture such as this streamlines the financial professional’s work and helps them formulate their investment analysis faster. The following video provides a visual description of this scenario.

The key advantage of using Nova Premier for the supervisor role is its accuracy in coordinating complex workflows, so that the right data sources are consulted in the optimal sequence and each subagent receives in input the correct information for their work, resulting in higher quality insights.

Multi-agent collaboration with model distillation
Although Nova Premier provides the highest level of accuracy of its family of models, you might want to optimize latency and cost in production environments. This is where the strength of Nova Premier as a teacher model for distillation becomes interesting. Using Amazon Bedrock Model Distillation, we can customize Nova Micro from the results of Nova Premier for this specific investment research use case.

Unlike traditional fine-tuning that requires human feedback and labeled examples, with model distillation you can generate high-quality training data by having a teacher model produce the desired outputs, streamlining the data acquisition process.

Amazon Bedrock Model Distillation diagram

The process to distill a model involves:

  1. Generating synthetic training data by capturing input and output from Nova Premier runs across multiple financial instruments
  2. Using this data as a reference to train a customized version of Nova Micro through custom fine-tuning tools
  3. Evaluating the difference in latency and performance of the customized Micro model
  4. Deploying the customized Micro model as the supervisor agent in production

With Amazon Bedrock, you can further streamline the process and use invocation logs for data preparation. To do that, you need to set the model invocation logging on and set up an Amazon Simple Storage Service (Amazon S3) bucket as the destination for the logs.

Customer voices
Some of our customers had early access to Nova Premier. This is what they shared with us:

“Amazon Nova Premier has been outstanding in its ability to execute interactive analysis workflows, while still being faster and nearly half the cost compared to other leading models in our tests,” said Curtis Allen, Senior Staff Engineer at Slack, a company bringing conversations, apps, and customers together in one place.

“Implementing new solutions built on top of Amazon Nova has helped us with our mission of democratizing finance for all,” said Dev Tagare, Head of AI and Data at Robinhood Markets, a company on a mission to democratize finance for all. “We’re particularly excited about the ability to explore new avenues like complex multi-agent collaborations that are not just highly performing but also cost effective and fast. The intelligence of Nova Premier and what it can transfer to the other models like Nova Micro, Nova Lite, and Nova Pro unlocks multi-agent collaboration at a performance, price, and speed that will make it accessible to everyday customers.”

“Accelerating real-world AI deployments—not just prototypes—requires the ability to build models that are specialized for the unique needs of real world applications,” said Henry Ehrenberg, co-founder of Snorkel AI, a technology company that empowers data scientists and developers to quickly turn data into accurate and adaptable AI applications. “We’re excited to see AWS pushing efficient model customization forward with Amazon Bedrock Model Distillation and Amazon Nova Premier. These new model capabilities have the potential to accelerate our enterprise customers in building production AI applications, including Q&A applications with multimodal data and more.”

Things to know

Nova Premier is available in Amazon Bedrock in the US East (N. Virginia), US East (Ohio), and US West (Oregon) AWS Regions today via cross-Region inference. With Amazon Bedrock, you only pay for what you use. For more information, visit Amazon Bedrock pricing.

Customers in the US can also access Amazon Nova models at https://nova.amazon.com, a website to easily explore our FMs.

Nova Premier is our best teacher for distilling custom variants of Nova Pro, Micro, and Lite, which means you can capture the capabilities offered by Premier in smaller, faster models for production deployment.

Nova Premier includes built-in safety controls to promote responsible AI use, with content moderation capabilities that help maintain appropriate outputs across a wide range of applications.

To get started with Nova Premier, visit the Amazon Bedrock console today. For more information, see the Amazon Nova User Guide and send feedback to AWS re:Post for Amazon Bedrock. Explore the generative AI section of our community.aws site to see how our Builder communities are using Amazon Bedrock in their solutions.

Danilo

How is the News Blog doing? Take this 1 minute survey!

(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)

Unified scheduling for visual ETL flows and query books in Amazon SageMaker Unified Studio

Post Syndicated from Noritaka Sekiyama original https://aws.amazon.com/blogs/big-data/unified-scheduling-for-visual-etl-flows-and-query-books-in-amazon-sagemaker-unified-studio/

Data engineers and analysts often need to automate their data processing workflows and queries to maintain up-to-date data pipelines and reports. Amazon SageMaker Unified Studio provides a unified environment for data, analytics, machine learning (ML), and AI workloads. Amazon SageMaker Unified Studio provides powerful tools for visual extract, transform, and load (ETL) flows and query books. Until today, scheduling these workflows has required additional setup and infrastructure.

Today, we’re excited to introduce a new unified scheduling feature that simplifies this process. SageMaker Unified Studio allows you to create ETL flows using a visual interface and write SQL analytics queries using query books. This new unified scheduling feature allows you to schedule your visual ETL flows and query books directly from SageMaker Unified Studio within the same interface, eliminating the need for visiting other consoles or complex configurations. Using Amazon EventBridge Scheduler, this feature provides a seamless and easy-to-use scheduling experience.

In this post, we walk through how to schedule your visual ETL flows and query books with just a few clicks, explore the underlying architecture, and demonstrate how this feature can streamline your data workflow automation.

Feature overview

SageMaker Unified Studio unified scheduling is built on top of EventBridge Scheduler and Amazon SageMaker Training. When you configure a new schedule from SageMaker Unified Studio, a new EventBridge schedule is automatically created in your AWS account. The EventBridge schedule is configured with the SageMaker CreateTrainingJob API. The SageMaker Training job runs visual ETL flows or query books.

The following diagram illustrates how it works.

Prerequisites

To run the instruction, you must have the following prerequisites:

  • An AWS account
  • A SageMaker Unified Studio domain
  • A SageMaker Unified Studio project with a All capabilities profile. This profile includes Tooling blueprint in which Scheduling is enabled by default. If scheduling is disabled, you may need to update your project’s profile.

Schedule a visual ETL flow

Complete the following steps to configure a schedule on a visual ETL flow:

  1. On the SageMaker Unified Studio console, on the top menu, choose Build.
  2. Under DATA ANALYSIS & INTEGRATION, choose Visual ETL flows.
  3. For Select or create project to continue, select your project, and choose Continue.
  4. Choose your visual ETL flow. If you don’t have any visual ETL flows, refer to Author visual ETL flows on Amazon SageMaker Unified Studio to create a new visual ETL flow.
  5. Choose the Schedule icon.
  6. For Schedule name, enter a unique name (for example, everyday).
  7. For Schedule Type, select Recurring.
  8. For Value, enter 1.
  9. For Unit, choose days.
  10. For Timezone, choose your time zone.
  11. Choose Create schedule.

You have successfully configured the schedule. Because Start date and time is not given, the visual ETL flow is triggered immediately and then it is triggered once a day after that.

Edit the schedule

You can view the configured schedules with the following steps:

  1. On the SageMaker Unified Studio console, navigate to Visual ETL flows for your project.
  2. Choose the Schedules tab.
  3. Choose Edit schedule under Actions.
  4. Edit with your preferences, then choose Save.

Pause or resume the schedule

If you want to pause the schedule, complete the following steps:

  1. Choose Pause schedule under Actions.

On the same Schedule tab, Status of the schedule will be updated to Paused.

  1. To resume the schedule, choose Activate schedule.

Delete the schedule

To delete the schedule, complete the following steps:

  1. Choose Delete schedule under Actions.
  2. Choose Delete schedule in the dialog.

On the same Schedule tab, you can verify that the deleted schedule disappears.

Schedule a query book flow

Complete the following steps to configure a schedule on a query book:

  1. On the SageMaker Unified Studio console, on the top menu, choose Build.
  2. Under DATA ANALYSIS & INTEGRATION, choose Query Editor.
  3. On the data explorer, under Lakehouse, choose AwsDataCatalog.
  4. Navigate to the table venue_event_agg. This table is created in the previous section.
  5. On the options menu (three dots), choose Query with Athena.
  6. On the Actions menu, choose Save to project.
  7. Choose Save changes.
  8. On the Actions menu, choose Create schedule.
  9. For Schedule Type, choose Recurring.
  10. For Value, enter 1.
  11. For Unit, choose days.
  12. For Timezone, choose your time zone.
  13. Choose Create schedule.

You have successfully configured the schedule. Because Start date and time was not set, the query book is triggered immediately and then it is triggered once a day after that. You can optionally configure start and end times if you want to limit your schedule to run in a specific date range.

To view the configured schedules, in the navigation pane, choose Scheduled queries.

You can view the list of scheduled queries and edit, pause, resume, or delete them, as shown in the previous section.

Clean up

To avoid incurring future charges, clean up the resources you created during this walkthrough:

  1. On the Schedule tab of Visual ETL flows, select the everyday schedule, and choose Delete schedule under Actions. The related EventBridge schedule is automatically deleted as well.
  2. On the SageMaker AI console, choose Training jobs under Training, and delete all the SageMaker training jobs that start with everyday-.
  3. (Optional) To delete the visual ETL flow, on the Flows tab of Visual ETL flows, select your visual ETL flow, and choose Delete flow under Actions.

Conclusion

The new unified scheduling experience in SageMaker Unified Studio simplifies workflow automation. With unified scheduling, you can seamlessly orchestrate your visual ETL flows and query books in one centralized location.

Whether you’re running daily data transformations, weekly analytical queries, or monthly reporting workflows, the unified scheduling experience provides a straightforward path to automation. This capability enables data teams to focus more on deriving insights from their data and less on managing infrastructure and scheduling configurations.

We encourage you to try out this new experience and share your feedback with us. For more information about SageMaker Unified Studio and its capabilities, visit our documentation or explore our other blog posts about visual ETL flows and query books.

About the Authors

Noritaka Sekiyama is a Principal Big Data Architect for AWS Analytics services with a strong focus on data engineering. He is responsible for building software artifacts to help customers. In his spare time, he enjoys cycling on his road bike.

Daniel Obi is a Frontend Engineer on the Amazon SageMaker Unified Studio team. He is dedicated to building intuitive and effective solutions that enhance user experience and technical functionality. Outside of his professional work, he enjoys watching and playing basketball.

Vasudevan Venkataramanan is a Senior Software Engineer on the Amazon SageMaker Unified Studio team. He is responsible for technical direction of scheduling and orchestration within SageMaker Unified Studio. Outside of his professional work, he enjoys spending time with his kid, and playing pickleball and cricket.

Yuhang Huang is a Software Development Manager on the Amazon SageMaker Unified Studio team. He leads the engineering team to design, build, and operate scheduling and orchestration capabilities in SageMaker Unified Studio. In his free time, he enjoys playing tennis.

Gal HeyneGal Heyne is a Senior Technical Product Manager for AWS Analytics services with a strong focus on AI/ML and data engineering. She is passionate about developing a deep understanding of customers’ business needs and collaborating with engineers to design simple-to-use data products.

Albertson: Future of OSL in Jeopardy

Post Syndicated from corbet original https://lwn.net/Articles/1019520/

Lance Albertson writes
that the Oregon State University Open Source Lab, the home of many
prominent free-software projects over the years, has run into financial
trouble:

I am writing to inform you about a critical and time-sensitive
situation facing the Open Source Lab. Over the past several years,
we have been operating at a deficit due to a decline in corporate
donations. While OSU’s College of Engineering (CoE) has generously
filled this gap, recent changes in university funding have led to a
significant reduction in CoE’s budget. As a result, our current
funding model is no longer sustainable and CoE needs to find ways
to cut programs.

Earlier this week, I was informed that unless we secure $250,000 in
committed funds, the OSL will be forced to shut down later this
year.

AWS’s Well-Architected Framework Transformed by Amazon Q Developer

Post Syndicated from Fahim Sajjad original https://aws.amazon.com/blogs/devops/awss-well-architected-framework-transformed-by-amazon-q-developer/

In the rapidly evolving landscape of cloud computing, developers, and architects face unprecedented challenges. These challenges include designing, implementing, and maintaining robust cloud infrastructures. The AWS Well-Architected Framework is the gold standard for building secure, efficient, and optimized cloud solutions. Traditionally, complying with this framework required deep expertise and manual analysis.

Now, Amazon Q Developer changes this paradigm. It introduces intelligent, context-aware recommendations. This framework is built on six pillars: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. Without careful attention to these foundational elements, organizations risk developing systems that fall short of both their business objectives and technical requirements, potentially compromising long-term scalability and performance.

In this blog, we will explore how Amazon Q Developer can help across the six pillars of the Well-Architected Framework.

Simplifying the AWS Well-Architected Framework with Amazon Q Developer

In this section, we will explore practical examples across the following pillars:

Operational Excellence pillar with Amazon Q Developer

Operational Excellence is a key pillar of the AWS Well-Architected Framework. It guides teams in running efficient workloads and monitoring systems. The pillar emphasizes continuous improvement to deliver business value. Amazon Q Developer enhances operations through AI-powered assistance for infrastructure as code, automated testing, and documentation. The service automatically creates runbooks and suggests safe infrastructure changes. It analyzes your environment and offers recommendations based on AWS best practices. Teams can implement operational excellence with reduced manual effort and fewer potential errors.

Let’s ask Amazon Q Developer in the console how it can help me improve operational excellence in my AWS Infrastructure: “How can I improve the Operational Excellence of my AWS infrastructure?”

Amazon Q Developer analyzes your prompt and generates comprehensive recommendations:

Amazon Q chat interface showing a response about best practices for improving AWS infrastructure operational excellence, with a list of recommendations including implementing IaC and automating deployments.

Figure 1: Prompting Amazon Q about Operational Excellence

Based on Amazon Q Developer’s guidance, Infrastructure as Code (IaC) is recommended for managing our AWS resources. Let’s open Visual Studio Code IDE and see how Amazon Q Developer Chat can help us implement IaC. We’ll create a CloudFormation template for a resilient web application by asking Amazon Q Developer to generate a template that includes an Application Load Balancer, EC2 instances, and an RDS database: “Generate a CloudFormation template for a highly available web application with an Application Load Balancer, EC2 instances, and an RDS database. Include best practices for operational excellence”

Amazon Q Developer generating a CloudFormation template for a highly available web application architecture.

Figure 2: Amazon Q Developer generating a CloudFormation template for a highly available web application architecture.

It also explains the template and lists the best practices for operational excellence that were followed:

Amazon Q explaining Generated template and Best Practices

Figure 3: Amazon Q explaining Generated template and Best Practices

Amazon Q Developer automates documentation to track and approve infrastructure changes effectively. It performs automatic code reviews to check quality and identify security vulnerabilities. The service detects code duplication and guides developers in making small, predictable changes. When issues arise, Amazon Q Developer quickly investigates operational problems across AWS environments. This rapid troubleshooting helps businesses maintain high application availability.

Security pillar with Amazon Q Developer

Cloud security at AWS is the highest priority. The AWS Well-Architected Framework’s Security Pillar provides a comprehensive approach to implementing robust protective measures. Even though traditionally security has been an afterthought in development often sacrificed for speed and automation, Amazon Q Developer transforms this by enabling security checks at every stage of the software development lifecycle. By embedding continuous security validation, you can significantly reduce vulnerabilities in production environments. This shifts security from reactive to proactive, ensuring your cloud applications are not just functional, but fundamentally secure.

Amazon Q Developer can streamline this process serving as an intelligent security assistant for AWS environments. It can help create robust Identity and Access Management (IAM) policies, including role-based access controls, user permissions, and multi-factor authentication. For data protection, Amazon Q Developer supports encryption strategies, key management, and secure backup procedures. Additionally, Amazon Q Developer guides users in infrastructure protection planning through secure network architectures and VPC segmentation, offering comprehensive support across critical security areas.

Amazon Q Developer enhances security beyond basic configurations. It helps set up advanced monitoring solutions using CloudWatch and CloudTrail. The service creates intelligent security alerts and automates incident response mechanisms. It protects your AWS environment against emerging threats through security scanning. Amazon Q Developer identifies potential vulnerabilities in your infrastructure. These capabilities align with AWS Well-Architected Framework security best practices. To illustrate Amazon Q Developer’s practical application in enhancing workload security, let’s consider implementing VPC flow logs for improved network monitoring in our web application CloudFormation file that we created before: “How can we implement VPC flow logs for better network monitoring?” 

Prompting Amazon Q about implementing VPC flow logs for better network monitoring.

Figure 4: Prompting Amazon Q about implementing VPC flow logs for better network monitoring

We can also ask Amazon Q Developer to check if there are any security best practices that is missing in our code. “What IAM security best practices are missing?”

Prompting Amazon Q about implementing VPC flow logs for better network monitoring

Figure 5: Prompting Amazon Q about implementing VPC flow logs for better network monitoring.

These examples demonstrates how developers can leverage Amazon Q Developer to bolster their security posture effectively.

Reliability pillar with Amazon Q Developer

Reliability is a critical pillar of the AWS Well-Architected Framework. It extends beyond maintaining system uptime. A reliable architecture must handle unexpected disruptions and recover gracefully. Amazon Q Developer brings AI-powered intelligence to reliability engineering. It helps organizations design resilient, self-healing cloud infrastructures. The service anticipates potential failures and suggests mitigation strategies before business operations are affected.

Amazon Q Developer guides users in implementing AWS reliability best practices. It helps architect resilient systems through multi-AZ deployments and auto-scaling configurations. The service assists in setting up automated recovery procedures and fault-tolerant systems. It streamlines the configuration of health checks, load balancers, and redundant components. Amazon Q Developer enables effective monitoring through CloudWatch alarms and automated failover mechanisms. It supports infrastructure as code implementation with proper testing procedures. The service helps establish cross-region redundancy and appropriate service quotas. These features ensure systems maintain high availability and recover quickly from failures.

By interacting with Amazon Q Developer in the AWS Management Console, you can receive intelligent recommendations for improving your infrastructure’s reliability by asking Amazon Q Developer: “Can you provide recommendations to eliminate single point of failures?”

Prompting Amazon Q about reliability

Figure 6: Prompting Amazon Q about reliabilityPerformance Efficiency pillar with Amazon Q Developer 

Performance can determine an application’s success in cloud computing. The Performance Efficiency pillar guides organizations in maximizing their computational resources. Amazon Q Developer enhances this pillar through AI-powered recommendations. It helps organizations design and optimize their cloud infrastructure more effectively.

Amazon Q Developer uses machine learning to deliver advanced performance insights. It recommends architectural improvements like serverless adoption and optimal service configurations. The AI assistant suggests effective caching strategies and data processing optimizations. It analyzes system metrics and infrastructure patterns to guide improvements. Development teams can enhance system performance and reduce computational overhead. Amazon Q Developer helps create adaptive architectures that respond effectively to changing workload demands.

For example, let’s say you’re an IT Professional with a monolithic three-tier web application on AWS and wanted to get recommendation on performance efficiency. The IT Professional could open a new Amazon Q Developer chat in the AWS Management Console, and enter a prompt such as: “Based on my current monolithic application on AWS, what are some things I should do as it relates to the performance efficiency pillar of the Well-Architected Framework?”

Prompting Amazon Q about performance efficiency

Figure 7: Prompting Amazon Q about performance efficiency

As shown above in figure 7, Amazon Q Developer made multiple recommendations based on the monolith application in the prompt. Amazon Q Developer makes recommendations such as using Serverless options and breaking the application into microservices, which is a design principal in the performance efficiency pillar of the Well-Architected Framework.

Cost Optimization pillar with Amazon Q Developer

Amazon Q Developer has the ability to give general recommendations for Cost Optimization based on the Well-Architected Framework. For example, let’s say an IT Professional wants to get more information about ways they can generally optimize their compute costs in AWS. The IT Professional could open a new Amazon Q chat in the AWS Management Console, and enter a prompt such as: “What are some ways I can cost optimize my compute infrastructure I have running in AWS based on the cost optimization pillar of the Well Architected Framework?”

Prompting Amazon Q about cost optimization

Figure 8: Prompting Amazon Q about cost optimization

As shown above in figure 8, Amazon Q Developer was able to make recommendations based on the Well-architected framework to help the developer cost optimize their compute through reserved instances and savings plans, auto scaling, rightsizing, and more, while also providing links to resources to help dive in further.

Additionally, Amazon Q Developer has revolutionized AWS cost analysis by introducing natural language processing capabilities directly integrated with AWS Cost Explorer. This innovative feature allows users to gain deep insights into cloud spending through simple, conversational queries, enabling professionals to understand complex cost structures, identify spending trends, and forecast future expenses with unprecedented ease. By transforming technical cost data into actionable insights, Amazon Q Developer empowers organizations to make more informed financial decisions about their cloud infrastructure.

For comprehensive details and specific use case, please refer to the full blog post: Analyzing your AWS Cost Explorer data with Amazon Q Developer: Now Generally Available. 

Sustainability pillar with Amazon Q Developer

Sustainability represents a critical emerging pillar of the AWS Well-Architected Framework, focusing on minimizing the environmental impact of cloud computing infrastructure and operations. Amazon Q Developer introduces AI-powered capabilities that help organizations optimize their cloud resources to reduce carbon footprint, improve energy efficiency, and align technological strategies with environmental responsibility.

Through intelligent analysis and context-aware recommendations, Amazon Q Developer enables teams to make more sustainable architectural decisions. The AI assistant can provide insights into resource optimization, suggesting ways to reduce unnecessary compute power, recommend more energy-efficient service configurations, and help developers understand the environmental implications of their architectural choices. By leveraging machine learning and comprehensive AWS infrastructure knowledge, Amazon Q Developer empowers organizations to not only meet their technological requirements but also contribute to broader environmental sustainability goals in cloud computing.

In the below example, you can see how you can ask Amazon Q Developer to help meet your company’s sustainability goals by asking Amazon Q: “How can I review my sustainability objectives on AWS?”

Prompting Amazon Q about sustainability

Figure 9: Prompting Amazon Q about sustainability

As you can see above Amazon Q Developer generated recommendations showing how you can review your sustainability objectives.

Now let’s take the first recommendation: Carbon Footprint tool as an example and ask Amazon Q Developer in the console to ask a follow up question We will be using the following prompt to generate response: “How do I view my carbon footprint on AWS?”

Prompting Amazon Q about carbon footprint

Figure 10: Prompting Amazon Q about carbon footprint

Conclusion

Amazon Q Developer represents a pivotal moment in cloud computing, transforming the AWS Well-Architected Framework from a static set of guidelines to a dynamic, intelligent system of continuous improvement. By integrating advanced AI capabilities across operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability, this innovative tool democratizes sophisticated cloud architecture strategies for organizations of all sizes. The true power of Amazon Q Developer lies not just in its ability to provide recommendations, but in its capacity to learn, adapt, and evolve alongside your infrastructure, bridging the gap between complex technical knowledge and actionable insights. As cloud technologies continue to advance, AI-powered tools like Amazon Q Developer will become increasingly essential, signifying a fundamental shift in how we approach cloud infrastructure: proactively, intelligently, and with a holistic understanding of technological and business requirements.

To get started with Amazon Q Developer in the AWS console, check out the documentation on chatting with Amazon Q Developer in AWS Console Home.

Fahim Sajjad

Fahim is a Solutions Architect at Amazon Web Services. He helps customers transform their business by helping in designing their cloud solutions and offering technical guidance. Fahim graduated from the University of Maryland, College Park with a degree in Computer Science. He has deep interested in AI and Machine learning. Fahim enjoys reading about new advancements in technology and hiking.

Brendan Jenkins

Brendan Jenkins is a Solutions Architect at Amazon Web Services (AWS) working with Enterprise AWS customers providing them with technical guidance and helping achieve their business goals. He has an area of specialization in DevOps and Machine Learning technology.

Jacques Mcanlay

Jacques Mcanlay is a Solutions Architect at Amazon Web Services (AWS) working with Enterprise AWS customers providing them with technical guidance and helping achieve their business goals. He has an area of specialization in the Security domain.

Migrating a CDK v1 Application to CDK v2 with Amazon Q Developer

Post Syndicated from Dr. Rahul Sharad Gaikwad original https://aws.amazon.com/blogs/devops/migrating-a-cdk-v1-application-to-cdk-v2-with-amazon-q-developer/

Introduction:

AWS Cloud Development Kit (AWS CDK) is an open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. As of June 1, 2023, AWS CDK version 1 is no longer supported. To avoid the potential issues that come with using an outdated version and to take advantage of the latest features and improvements, we highly recommend upgrading to AWS CDK version 2.

Amazon Q Developer, a generative AI-powered assistant for software development, enhances the efficiency of software development teams. It facilitates the creation of deployment-ready infrastructure as code (IaC) for AWS CloudFormation, AWS CDK, and Terraform. By using Amazon Q, developers can accelerate IaC development, enhance code quality, and decrease the likelihood of configuration errors.

This post demonstrates how Amazon Q Developer helps in upgrading the existing AWS CDK v1 application to AWS CDK v2.

Prerequisites

Planning

In this blog post, I will explore a code example where I have created a VPC, Subnets, and an ECS Fargate cluster using AWS CDK version 1. I will then explain how you can use Amazon Q to transform the code from CDK v1 to CDK v2.

1. In order to initiate this process, I have begun by asking Amazon Q Developer for the necessary steps to migrate from CDK version 1 to version 2, which are outlined below.

Can you provide the steps to migrate from cdk version 1 to version 2?

Amazon Q Developer outlining the comprehensive process to upgrade AWS CDK applications from version 1 to version 2.

2. In the above screenshot Amazon Q Developer outlined several steps we can take to make the necessary changes. The first step is to update the dependencies. If I need guidance on how to update the dependencies, I can ask the Amazon Q Developer again for help by asking the steps regarding updating dependencies as below .

Can you provide the steps to update dependencies?

Amazon Q Developer offering detailed, AI-powered guidance to upgrade project dependencies by analyzing the existing codebase, identifying outdated or deprecated libraries and frameworks, and recommending precise updates to ensure compatibility with newer language versions.

3. After updating the dependencies, the next step is to update the import statements. To get guidance on how to update the import statements, I can ask the Amazon Q Developer assistant again for help by asking the steps regarding how to import statements as shown below.

@workspace Can you provide the steps to update import statements?

Amazon Q Developer advises on updating import statements by analyzing the current code context and guiding developers to replace legacy or outdated import paths with the latest.

In the above screenshot if you have noticed I have added @workspace before the question which automatically includes the most relevant chunks of my workspace code as context.

4. If any errors occur while updating the code as recommended by Amazon Q Developer, I can use Amazon Q Developer to debug the issue and provide the needed inputs to resolve it.

Amazon Q Developer diagnosing issues by analyzing error messages and AWS resource states, providing natural language explanations of root causes such as permission errors and misconfigurations.

5. Once I have finished the required steps, I can deploy the application using version 2 of the AWS CDK by running the cdk deploy command.

Deployment of the updated AWS CDK version 2 application, involving synthesizing CDK stacks to generate CloudFormation templates and deployment artifacts, bootstrapping the AWS environment to provision necessary resources.

6. In addition to its other capabilities, Amazon Q offers code review functionality. To initiate a code review, simply select Amazon Q and use the /review command. I’ll then have the option to review either the active files or the entire open workspace. Select your preference, and Amazon Q will analyze your project and provide comprehensive review results.

Amazon Q Developer performs comprehensive code analysis by reviewing your entire codebase or real-time code as you write, identifying security vulnerabilities, code quality issues, and deployment risks.

7. Amazon Q Developer can also generate documentation, including README files. To create documentation, select Amazon Q and enter the /doc command. Amazon Q will automatically generate a README file for your project. I can then review the generated documentation, accept the changes, or provide specific instructions for further modifications.

Amazon Q Developer automatically generates a comprehensive README file for the entire project by analyzing the codebase, project structure, and dependencies within the selected folder in the IDE.

Conclusion

In this blog, I demonstrated how Amazon Q Developer can simplify and accelerate the upgrade process from AWS CDK version 1 to version 2, ensuring your cloud infrastructure remains secure, efficient, and aligned with the latest AWS innovations. AWS CDK v2 offers a streamlined, consolidated library with improved performance and ongoing support, making infrastructure management easier and more reliable.

By leveraging Amazon Q Developer, a generative AI-powered assistant, teams can automate Infrastructure as Code development, enhance code quality, and minimize configuration errors. Together, these tools empower development teams to confidently modernize and scale their AWS environments, turning the upgrade process into a seamless opportunity for innovation and growth.

Resources

To learn more about Amazon Q Developer, see the following resources:

To learn more about the AWS CDK, see the following resources:

About the authors:

Dr. Rahul Sharad Gaikwad

Dr. Rahul is a Solutions Architect at AWS, driving cloud innovation through migration and modernization of customer workloads. A Generative AI and DevOps enthusiast, he architects cutting-edge solutions and is recognized as an APJC HashiCorp Ambassador. He earned his Ph.D. in AIOps and he is recipient of the Man of Excellence Award , Indian Achievers’ Award , Best PhD Thesis Award, Research Scholar of the Year Award and Young Researcher Award.

Vinodkumar Mandalapu

Vinodkumar is a Devops Consultant at AWS, specializing in designing and implementing cloud-based infrastructure and deployment pipelines on AWS. With extensive experience in automating and streamlining software delivery, he has helped organizations of all sizes leverage the power of the cloud to drive innovation, improve scalability, and enhance operational efficiency. In his leisure time, he enjoys traveling and spending quality time with his son.

Tamilselvan P

Tamilselvan is a Devops Consultant at AWS, focusing on architecting and deploying cloud-native systems and continuous delivery within the ecosystem. Leveraging his comprehensive expertise in orchestrating and refining software release processes, he has assisted customers across various industries and scales in harnessing cloud technology to faster innovation, boost scalability, and elevate operational performance. During his free time, he enjoys playing cricket.

Integrating aggregators and Quick Service Restaurants with AWS serverless architectures

Post Syndicated from Mike Gomez original https://aws.amazon.com/blogs/compute/integrating-aggregators-and-quick-service-restaurants-with-aws-serverless-architectures/

In this post, you learn how to use AWS serverless technologies, such as Amazon EventBridge and AWS Lambda, to build an integration between Quick Service Restaurants (QSRs) and online ordering and food delivery aggregators. These aggregators have taken off as an option to QSRs to expand their consumer base, enabling them with delivery options to help grow their businesses.

QSR overview

QSRs prioritize speedy and convenient service, offering a streamlined menu. To meet evolving consumer expectations, QSRs can use API integrations with third-party aggregators. This technological synergy enables QSRs to expand their capabilities, introducing diverse payment methods and incorporating delivery services. These features have become standard in this restaurant segment.

Behind the scenes, the APIs are used to orchestrate the interaction between the aggregator and the QSR while having a consistent ordering and delivery experience.

QSR business objectives are:

  • Providing consistent ordering and delivery experiences
  • Offering personalized menu items
  • Retaining repeat customers
  • Reducing third-party delivery cancellation due to lack of delivery personalization options

This post starts with a simple architecture and adds components to solve architectural challenges.

Architecture

As a solutions architect, you’ve been approached by a thriving local restaurant business seeking technological solutions to fuel their expansion. Your task is to design an optimal integration architecture that aligns with their technical requirements, streamlines operations, and enhances customer experience.

At the core of this integration is Amazon API Gateway, which accepts the incoming orders from various delivery aggregators. The API Gateway becomes the front door, connecting the QSRs with the end customers for a streamlined and dynamic order processing system.

Driving the backend of this integration are Lambda functions. These functions validate orders and securely communicate with delivery aggregators. Lambda functions can scale dynamically based on-demand, and make sure of optimal resource usage and cost-effectiveness.

Order placement workflow

The following steps outline the serverless integration between API Gateway and Lambda functions, as shown in the following figure:

  • Customers can place orders either through food delivery aggregators or the business’s own ordering system.
  • The order request is sent to API Gateway.

This architecture works for small and simple integrations. To scale this architecture for high traffic, use asynchronous integration to reduce the coupling between API and Lambda function.

Order routing workflow

The following steps outline a serverless integration where API Gateway connects to Lambda functions through Amazon EventBridge as the event routing service, as shown in the following figure:

  1. API Gateway receives the order request.
  2. The API Gateway routes the customer’s order request to an EventBridge bus for processing.

EventBridge routes events (for example order status changes) to Lambda functions, making sure of resiliency during service disruptions. This eliminates manual error handling and keeps QSRs and aggregators synchronized.

EventBridge delivers the following essential capabilities:

  • EventBridge receives events triggered by various actions, such as new orders or menu updates.
  • It routes events to the relevant Lambda functions, initiating the appropriate actions.
  • EventBridge supports event replay, allowing recovery from Lambda deployment issues or function failures. This feature enables business continuity by storing events during service disruptions and automatically resuming processing when the system stabilizes.

To maintain order history and enable fast data retrieval, the system needs a highly performant database. Amazon DynamoDB, a serverless NoSQL database service, meets these requirements by efficiently storing and managing order information and metadata. The order processing Lambda function interacts with DynamoDB to persist order details. This approach enables asynchronous processing of the stored data by other backend processes. The database solution provides the scalability and responsiveness needed to handle growing order volumes while maintaining consistent performance, separating order intake from subsequent processing steps.

Order processing workflow

The following steps outline the order processing workflow, as shown in the following figure:

  • The order processing Lambda function validates the order and updates the DynamoDB database with the new order details.
  • The function publishes error events to EventBridge, enabling downstream processing for error handling and retry logic. These events can trigger more Lambda functions designed to manage specific error scenarios and recovery processes.

EventBridge implementation patterns: single or dual bus approaches

EventBridge offers multiple approaches for event bus topology. Architects can choose to either use a single event bus with distinct event patterns based on order status or implement a multi-bus strategy.

The single-bus approach uses one event bus for all events with routing rule patterns based on order status. For example, rules would match specific statuses (for example “new” or “processed”) to trigger appropriate Lambda functions. Although it is architecturally simple, it needs careful management of the event schema to avoid potential errors. However, a single-bus approach requires careful handling to prevent recursive processing, where messages trigger additional messages in an endless loop.

Alternatively, the multi-bus method, separating order placement and processing across different buses, effectively prevents loops and recursion issues. This approach provides better separation of transactions, albeit with a slightly more complex setup.

EventBridge can directly target external services using the API destination option, eliminating the need for Lambda functions for third party integrations.

Orchestrating order processing

In complex order processing systems for QSRs, managing multiple interdependent Lambda functions can become challenging, potentially leading to intricate code and difficult-to-maintain architectures. To address this, AWS Step Functions can be introduced as an orchestration layer.

Step Functions acts as a central coordinator for the business logic needed in QSR order flows. This service manages the progression of activities in the order processing workflow, thereby efficiently coordinating tasks such as kitchen preparation and delivery logistics. Defining and managing complex workflows allows Step Functions to optimize the overall efficiency of QSR operations, providing a structured and adaptable solution. This orchestration enhances the restaurant’s ability to handle dynamic processing, achieving a smooth and responsive integration with delivery services while streamlining the underlying architecture.

The following steps outline the orchestration of order processing, as shown in the following figure:

  • Order processing trigger respective Lambda function, which updates the order data in the DynamoDB database.
  • The updated order is made available for subsequent Lambda functions that process more business logic being performed by further Lambda functions.

In a multi-bus EventBridge architecture, the process flows are as follows:

  1. The first EventBridge bus receives the initial order event and routes it to a Step Functions workflow.
  2. The Step Functions workflow orchestrates the order processing, coordinating various tasks and checks.
  3. Upon completion, the Step Functions workflow emits an event with the processing results to the second EventBridge bus.
  4. Based on the output from the Step Function workflow, this second bus contains a rule that triggers the Aggregator API as an API destination.

User engagement workflow

When a customer places an order, there must be a way to confirm or notify them when the order is ready. For this purpose, you can use AWS End User Messaging services to push notifications for order completion and new offers to customers.

Analyzing customer data and individual preferences allows Amazon Personalize to be used to present personalized recommendations and promotions.

Amazon Personalize can analyze historical order data to enhance the user experience through personalized recommendations, such as optimal delivery times, preferred menu items, and tailored promotions based on individual ordering patterns.

Conclusion

This post showed how to use AWS serverless services to build a platform for your order processing without worrying about managing underlying infrastructure. The serverless services included were Amazon API Gateway, AWS Lambda, Amazon EventBridge, AWS Step Functions, AWS End User Messaging, and Amazon Personalize.

This post is a brief introduction to event-driven architectures focused on integrations of internal ordering systems with delivery aggregators and third-party ordering platforms. This can help expand the user base, and it has been a key factor in the growth of many QSRs. Making the ordering, take-out, and delivery experience more efficient translates to revenue growth, reduction of order abandonment, as well as increased recurrent customer retention and brand loyalty.

For more serverless learning resources, visit Serverless Land. To find more patterns, go directly to the Serverless Patterns Collection.

Lenovo ThinkSystem ST45 V3 Review AMD EPYC 4000 Entry Server

Post Syndicated from Patrick Kennedy original https://www.servethehome.com/lenovo-thinksystem-st45-v3-review-amd-epyc-4000-entry-server/

In our Lenovo ThinkSystem ST45 V3 review, we see how this AMD EPYC 4000 tower server compares to the ST50 V3, offering a lot more performance

The post Lenovo ThinkSystem ST45 V3 Review AMD EPYC 4000 Entry Server appeared first on ServeTheHome.

How to use AWS Transfer Family and GuardDuty for malware protection

Post Syndicated from James Abbott original https://aws.amazon.com/blogs/security/how-to-use-aws-transfer-family-and-guardduty-for-malware-protection/

Organizations often need to securely share files with external parties over the internet. Allowing public access to a file transfer server exposes the organization to potential threats, such as malware-infected files uploaded by threat actors or inadvertently by genuine users. To mitigate this risk, companies can take steps to help make sure that files received through public channels are scanned for malware before processing.

This post demonstrates how to use AWS Transfer Family and Amazon GuardDuty to scan files uploaded through a secure FTP (SFTP) server for malware as part of an overall transfer workflow. For readers who might have read an earlier blog post on this topic, the key difference is that this solution is fully managed and doesn’t require the deployment of compute resources. GuardDuty automatically updates malware signatures every 15 minutes instead of using a container image for scanning, avoiding the need for manual patching to keep the signatures up to date.

Prerequisites

To deploy the solution in this post, you will need:

  • An AWS account: You need access to AWS to deploy this solution. If you don’t have an account that you can use, see Start building on AWS today.
  • AWS CLI: Install and configure the AWS Command Line Interface (AWS CLI) to be authenticated to your AWS account. Set up the environment variables for your AWS account using the access token and secret access key for your environment.
  • Git: You will use Git to pull down the example code from GitHub.
  • Terraform: You’ll use Terraform to run the automation. Follow the Terraform installation instructions to download and set up Terraform.

Solution overview

This solution uses Transfer Family and GuardDuty. Transfer Family provides a secure file transfer service that you can use to set up an SFTP server, and GuardDuty is an intelligent threat detection service. GuardDuty monitors for malicious activity and anomalous behavior to protect AWS accounts, workloads, and data. At a high level, the solution uses the following steps:

  • A user uploads a file through a Transfer Family SFTP server.
  • A Transfer Family managed workflow invokes AWS Lambda to execute an AWS Step Functions workflow.
    • The workflow begins only after a successful file upload.
    • Partial uploads to the SFTP server will invoke an error handling Lambda function to report a partial upload error.
  • A step function state machine invokes a Lambda function to move uploaded files to an Amazon Simple Storage Service (Amazon S3) bucket for processing and then starts scanning using GuardDuty.
  • The GuardDuty scan result is sent as a callback to the step function.
  • Infected files are moved or cleaned.
  • The workflow sends the user the results through an Amazon Simple Notification Service (Amazon SNS) topic. This can be a notification of an error or malicious upload during the scan or notification of a successful upload and a clean scan for further processing.

Solution architecture and walkthrough

The solution uses GuardDuty Malware Protection for S3 to scan newly uploaded objects to the S3 bucket. You can use this feature of GuardDuty to set up a malware protection plan for an S3 bucket at the bucket level or to watch for specific object prefixes.

Figure 1: Solution architecture

Figure 1: Solution architecture

The following steps (shown in Figure 1) describe the workflow for this solution starting from the point the file is uploaded until it’s scanned and marked as safe or as infected, leading to subsequent steps that can be customized based on your use case.

  1. A file is uploaded using the SFTP protocol through Transfer Family.
  2. If the file is successfully uploaded, Transfer Family uploads the file to the S3 bucket called Unscanned and the Managed Workflow Complete workflow is triggered. This is the workflow used to handle successful uploads and invokes the Step Function Invoker Lambda function.
  3. The Step Function Invoker starts the state machine and kicks off the first step in the process by invoking the GuardDuty – Scan Lambda function.
  4. The GuardDuty – Scan function moves the file to the Processing bucket. This is the bucket from which the files will be scanned.
  5. When an object upload activity is detected, GuardDuty automatically scans the object. In this implementation, a malware protection plan is created for the Processing bucket.
  6. When a scan completes, GuardDuty publishes the scan result to Amazon EventBridge.
  7. An EventBridge rule has been created to invoke a Lambda Callback function whenever a scan event has completed. EventBridge will invoke the function with an event that contains the scan results. See Monitoring S3 object scans with Amazon EventBridge for an example.
  8. The Lambda Callback function notifies the GuardDuty – Scan task using the callback task integration pattern. The results of the GuardDuty scan are returned to the GuardDuty – Scan function and these results are passed to the Move File task.
  9. If the result is a clean scan with no threats detected, the Move File task will place the file in the Clean S3 bucket, indicating that the file is successfully scanned and safe for further processing.
  10. At this point, the Move File function publishes a notification to the Success SNS topic to notify the subscribers.
  11. If the result indicates that the file is malicious, the Move File function will instead move the file to the Quarantine S3 bucket for further investigation. The function will also delete the file from the Processing bucket and publish a notification in the Error topic in SNS to notify the user of a potential malicious file being uploaded.
  12. If the file upload is unsuccessful and the file isn’t fully uploaded, then Transfer Family will trigger the Managed Workflow Partial workflow.
  13. Managed Workflow Partial is an error handling workflow and invokes the Error Publisher function, which is used for reporting errors that occur anywhere in the workflow.
  14. The Error Publisher function identifies the type of error—whether it’s because of the partial upload or an issue elsewhere in the workflow—and sets the error status accordingly. It will then publish an error message to Error Topic in SNS.
  15. The GuardDuty – Scan task has a timeout to make sure that an event is published to Error Topic to prompt a manual intervention to investigate further if the file isn’t successfully scanned. If the GuardDuty – Scan task fails, the Error clean up Lambda function is invoked.

Finally, there’s an S3 Lifecycle policy attached to the Processing bucket. This is to make sure that no file is left in the Processing bucket for more than one day.

Code repository

The GitHub AWS-samples repository has a sample implementation developed using Terraform and Python-based Lambda functions to implement this solution. The same solution can also be implemented using AWS CloudFormation. The code has the components needed to deploy the entire workflow to demonstrate the abilities of Transfer Family and the GuardDuty malware protection plan.

Install the solution

Use the following steps to deploy this solution to your test environment.

  1. Clone the repository to your working directory using Git.
  2. Navigate to the root directory of your cloned project directory.
  3. Update the terraform locals.tf file with the values of your choice for the S3 bucket names, SFTP server names, and other variables.
  4. Run terraform plan.
  5. If everything looks good, run a terraform apply and enter yes to create the resources.

Clean up

After testing and exploring the solution, it’s important to clean up the resources you created to avoid incurring unnecessary costs. To delete the resources created by this solution, navigate to the root directory of your cloned project and run the following command:

terraform destroy

This command will remove the resources created by Terraform, including the SFTP server, S3 buckets, Lambda functions, and other components. Confirm the deletion by entering yes when prompted.

Conclusion

By using the approach outlined in the post, you can make sure that the files received over SFTP and uploaded to your S3 bucket are scanned for threats and are safe for further processing. The solution reduces the exposure surface by making sure that public uploads are scanned in a safe environment before they’re sent to other components of your system.

If you have feedback about this post, submit comments in the Comments section below.

James Abbott

James Abbott

James is a Principal Solutions Architect at AWS, working in Global Financial Services. When not in the office he enjoys mountain biking in North Carolina.

Santhosh Srinivasan

Santhosh Srinivasan

Santhosh is a Sr. Cloud Application Architect with the Professional Services team at AWS. He specializes in building and modernizing large scale enterprise applications in the cloud with a focus on the financial services industry.

Suhas Pasricha

Suhas Pasricha

Suhas is a Cloud Infrastructure Architect in the AWS Professional Services team. He has a background in web development and infrastructure automation. At Amazon, he has been helping customers set up and operate an enterprise-wide landing zone and cloud environment. In his spare time, he likes to read and play video games.

[$] The mystery of the Mailman 2 CVEs

Post Syndicated from jzb original https://lwn.net/Articles/1019149/

Many eyebrows were raised recently when three vulnerabilities were announced
that allegedly impact GNU Mailman 2.1,
since many folks assumed that it was no longer being supported. That’s
not quite the case. Even though version 3 of
the GNU Mailman mailing-list manager has been available
since 2015, and version 2 was declared (mostly) end of life
(EOL) in 2020, there are still plenty of users and projects still
using version 2.1.x. There is, as it turns out, a big difference between
mostly EOL and actually EOL. For example: WebPros, the company behind the cPanel server and web-site-management
platform, still maintains a port of
Mailman 2.1.x to Python 3 for its customers and was
quick to respond to reports of vulnerabilities. However, the
company and upstream Mailman project dispute that the CVEs are
valid.

[$] Better debugging information for inlined kernel functions

Post Syndicated from daroc original https://lwn.net/Articles/1018475/

Modern compilers perform a lot of optimizations, which can complicate debugging.
Song Liu and Thierry Treyer spoke about a potential improvement to

BPF Type Format (BTF) debugging information that could partially combat that
problem at the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit.
They want to add information on selectively inlined functions to BTF in order to
better support tracing tools.
Treyer participated remotely.

The conclusion of the FSF board review

Post Syndicated from corbet original https://lwn.net/Articles/1019479/

The Free Software Foundation has announced
the completion of the review of its board of directors; the process
resulted in the reconfirmation of all five sitting board members.

The review examined board members Ian Kelling, Geoffrey Knauth,
Henry Poole, Richard Stallman, and Gerald Sussman. The process
generated detailed philosophical and policy discussions between
board members and the FSF’s global associate members on topics
ranging from the firmness of the Free Software Definition,
developments in machine learning, to the board’s president
position.

How LWN is faring in 2025

Post Syndicated from corbet original https://lwn.net/Articles/1019217/

Just over six months ago, The Economist described the US economy as “the envy of the
world“. That headline would be unlikely to appear now. The economic
boom referenced in that article feels like a distant memory, markets are
falling, and uncertainty is at an all-time high. Like everybody else, LWN
is affected by the current turbulence in the political and economic
spheres; we expect to get through this period, but there will be some
challenges.

The collective thoughts of the interwebz