Amazon says in a blog post that they are so excited they can barely contain themselves.

Today we are releasing a set of features that expand the power and value of the Virtual Private Cloud.

Woo hoo, break out the cloud party hats. More power. More value. This EC2 goes all the way to 11…or maybe not.

You can think of this new collection of features as virtual networking for Amazon EC2. While I would hate to be innocently accused of hyperbole, I do think that today’s release legitimately qualifies as massive, one that may very well change the way that you think about EC2 and how it can be put to use in your environment.

Yes, ok, I see trusted security partners still are relied upon to provide advanced features for EC2/VPC. I take that to mean this a core/basic security announcement; it’s like an “oops, here’s that thing you have been looking for” release.

The first three comments on the blog post emphasize a sort of underwhelming-ness. Not everything you have been looking for is there yet.

1. Simon, March 14, 2011 at 11:50 PM: “Whats the ETA on IPV6 support?”
2. Pve, March 15, 2011 at 01:29 AM: “Now, what about your roadmap for IPv6 integration?”
3. Roland, March 15, 2011 at 01:57 AM: “What about IPv6?”

Let me get out my language pattern analysis toolkit…yes, yes, aha! IPv6 apparently is not yet supported.

A little more digging and it appears the security group you can attach now to the VPC Internet gateway is stateless. Stateful-packet filtering is ages old. It also is required for PCI compliance (DSS v2.0 Requirement 1.3.6), and Amazon says they are PCI compliant. So perhaps I am missing something in this “new” networking model; but it looks to me that you would have to manually configure inbound high-level ports. That makes it neither secure nor compliant.

What about cost?

I think this is the best part of the Virtual Private Cloud: you can deploy a feature-packed private network at no additional charge! We don’t charge you for creating a VPC, subnet, ACLs, security groups, routing tables, or VPN Gateway, and there is no charge for traffic between S3 and your Amazon EC2 instances in VPC. Running Instances (including NAT instances), Elastic Block Storage, VPN Connections, Internet bandwidth, and unmapped Elastic IPs will incur our usual charges.

The usual charges. A NAT for 2-tiers with a private IP range to the public will set you back at least 0.09/hr — a micro instance is not allowed. So a networking instance you setup is going to bring cost but they are not adding an additional burden for the above networking features. Imagine if they tried to charge to add an ACL. Like I said, this is the “oops, here’s that thing you have been looking for” release. Party like it’s 1999. Or should I say dude, where’s my DMZ?

In related news an Amazon EC2 bicycle now has tires…and here’s the best part: they let you put in air and lubricate your chain at no additional charge!

Dave Briccetti first demonstrates and then runs through the open source code of his TalkingPuffin Web app that provides Twitter behavior analysis

In 1994 the San Francisco Bike Coalition started a campaign for safe riding after a cyclist was killed by “dooring” — a car door opened suddenly.

“Unfortunately, the usual safety message given to cyclists is to ride to the right, near the parked cars, and watch out for opening doors. That’s the wrong message,” says the group’s Executive Director David Snyder. “What do you do if a door pops open? Swerve into traffic or hit the door? The correct safety message is stay out of the door zone.”

That was the message then. It has changed as most states have passed laws that make it illegal to open a door in the path of anyone. Despite safety warnings and laws, the Door Prize tragic list of car door victims continues to grow.

I noticed that some have trouble applying the “dooring” law. Manhattan District Attorney Cy Vance gives a good example of why. He came up with the absurd interpretation that killing a cyclist with a car door is only illegal for the driver of the car, not any operator of the door. Note the San Francisco letter of the law, which should make it clear why Vance is dead wrong:

CVC 22517: “No person shall open the door of a vehicle on the side available to moving traffic unless it is reasonably safe to do so and can be done without interfering with the movement of such traffic, nor shall any person leave a door open upon the side of a vehicle available to moving traffic for a period of time longer than necessary to load or unload passengers.”

No person. If we can’t get that part right, we really will get stuck enforcing the more hidden problem (pun not intended) with “dooring” laws.

The interpretation of “side available to moving traffic” is unclear for cyclists, motobikes and pedestrians. They often pass on the right as well as the left of cars. Yet the right side has been treated as different from the left under CVC 21754, due to an automobile-dominated view of what constitutes moving traffic. That soon will have to change.

Seventeen years after the 1994 “dooring” bulletin, San Francisco has begun to add safety zones around parked cars that will protect cyclists from the hazards of automobiles and their passengers. Both sides of cars now will unquestionably have to yield to moving traffic, but more importantly there is a buffer built into the road to help cars more safely operate their doors:

“Floating Parking” & Bike Buffer Zone in Separated Bike Lanes from Streetfilms on Vimeo.