This week's roundup of all the cloud news.
Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 25th February 2022
To stay in the loop, make sure you subscribe using the box on the right of this page.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
Source: aws.amazon.com
AWS Lambda now supports .NET 6 as both a managed runtime and a container base image. Developers creating serverless applications in Lambda with .NET 6 can take advantage of new features such as improved logging, simplified function definitions using top-level statements, and improved performance using source generators.
Using .NET 6 also lets you take advantage of new .NET language features and performance optimizations. For more information on Lambda’s support for .NET 6, see our blog post at .NET 6 runtime now available in AWS Lambda.
Warm Pools are a good fit for applications that have time consuming initialization steps — like loading gigabytes of data, provisioning services, or running custom scripts — that can take several minutes or longer before those EC2 instances are ready to serve traffic.
AWS Firewall Manager now allows you to deploy AWS Network Firewall to inspect traffic using a centralized deployment model. Previously, Firewall Manager could deploy AWS Network Firewall only in a decentralized deployment model, where we deploy AWS Network Firewall into each VPC which requires protection. With this release, customers can now use Firewall Manager to deploy AWS Network Firewall in either a distributed deployment model or a centralized deployment model.
Available globally, Amazon GuardDuty continuously monitors for malicious or unauthorized behavior to help protect your AWS resources, including your AWS accounts, access keys, data stored in Amazon S3, and workloads on Amazon Elastic Kubernetes Service (Amazon EKS). GuardDuty can identify unusual or unauthorized activity like crypto-currency mining, access to data stores in S3 from unusual locations, infrastructure deployments in a region that has never been used, and detect threats related to user and application activity captured in Kubernetes audit logs.
Amazon Neptune is a fast, reliable, and fully managed graph database as a service that makes it easy to build and run applications work with highly connected datasets. You can build applications using Apache TinkerPop Gremlin or openCypher (in lab mode) on the Property Graph model, or using the SPARQL query language on W3C Resource Description Framework (RDF).
NICE DCV version 2022.0 introduces multiple new features such as game controller support and high color accuracy support. NICE DCV is a high-performance remote display protocol that helps customers securely access remote desktop or application sessions, including 3D graphics applications hosted on servers with high-performance GPUs.
Now AppSync supports configuring custom HTTP headers in responses to GraphQL operations. With the new feature it is now possible to define directly in AppSync additional headers sent to clients upon a response to an API call. For instance, if there is a security requirement for a specific header to be present in the HTTP response, the GraphQL operation can be configured in AppSync to generate it.
NICE DCV web client software development kit (SDK) version 1.1.0 introduces a user interface (UI) library, written as a React component. Instead of building the user interface from scratch, developers can now use and modify the React UI component to build applications faster.
AWS Glue now provides job run insights, a feature that reduces Apache Spark job development time by helping determine sources of errors and performance bottlenecks. AWS Glue is a data integration service that lets customers discover, prepare, and combine data for analytics using serverless Apache Spark and Python. Spark’s distributed processing and “lazy execution” model makes it hard and time-consuming for Data Engineers to diagnose errors and tune performance. With this launch, AWS Glue gives you automated analysis and interpretation of errors in your Spark jobs to make the process faster.
Starting this week, you can configure your workflow steps to process either the originally uploaded file or the output file from the previous workflow step, enabling you to more easily automate moving and renaming of your files with just a few clicks. You can now make multiple copies of a file and archive the original source file for records retention. For example, you can set up a single workflow to scan incoming files for malware, move files to different locations based on the scan outcome, and retain the original file for archival.
Amazon Translate is a neural machine translation service that delivers fast, high-quality, affordable, and customizable language translation. Today, we are introducing formality customization. This feature allows you to customize the level of formality in your translation output for six target languages - French, German, Hindi, Italian, Japanese, and Spanish. Now you can customize the formality of your translated output to suit your communication needs.
Amazon Relational Database Service (Amazon RDS) for Oracle and Amazon Aurora now support Database Activity Streams in the Asia Pacific (Jakarta) region. Database Activity Streams provides a near real-time stream of database activities to meet your relational database for compliance and regulatory requirements . When integrated with third party database activity monitoring tools, Database Activity Streams can monitor and audit database activity to provide safeguards for your database.
The AWS Snowcone solid state drive (SSD) is now available in AWS Asia Pacific (Mumbai), Canada (Central) and South America (Sao Paulo) regions adding to our growing list of regions already offering Snowcone SSD including AWS US East (N. Virginia), US East (Ohio), US West (Oregon) and US West (San Francisco) Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), Europe (Frankfurt), Europe (Ireland), Europe (London).
Amazon Kendra is a highly accurate intelligent search service powered by machine learning. Kendra reimagines enterprise search for your websites and applications so your employees and customers can easily find the content they are looking for, even when it’s scattered across multiple locations and content repositories within your organization.
Amazon Connect Customer Profiles now supports ingestion of high volumes of data from Salesforce, Marketo, and ServiceNow. Customer Profiles will divide high volumes of data into batches and ingest them in parallel without requiring configuration from customers. This makes it simple for customers to bring as much data as they need into Customer Profiles to help build a unified view of customer information and provide more personalized customer service.
Amazon SageMaker JumpStart helps you quickly and easily solve your machine learning problems with one-click access to 322 popular model collections from TensorFlow Hub, PyTorch Hub, Hugging Face and Gluon CV (also known as “model zoos”), and to 17 end-to-end solutions that solve common business problems such as demand forecasting, fraud detection and document understanding.
Announcing Amazon QuickSight’s new community hub, which will allow authors and admins to have a centralized hub for getting started with QuickSight, deepening QuickSight knowledge, or connecting with other QuickSight users. This means users no longer need to search many different resources for learning resources or in order to get in touch with other QuickSight customers.
Google Cloud Releases and Updates
Source: cloud.google.com
Kubernetes version 1.21.6-gke.1500 is now available. For more information, see the Kubernetes OSS release notes.
You can now launch clusters in the ap-northeast1
and sa-east-1
AWS regions.
Kubernetes version 1.21.6-gke.1500 is now available. For more information, see the Kubernetes OSS release notes.
You can now launch clusters in the brazilsouth
Azure region.
The constraint template library includes new templates: K8sPSPAutomountServiceAccountTokenPod, RestrictNetworkExclusions, and K8sDisallowAnonymous.
Anthos clusters on VMware 1.9.4-gke.3 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.9.4-gke.3 runs on Kubernetes v1.21.5-gke.1200.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.10, 1.9, and 1.8.
Apigee Hybrid
On February 23, 2022 GCP released an updated version of the Apigee hybrid v1.6.5 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.6.
Cloud Asset Inventory
The following resource types are now publicly available through the Export APIs (ExportAssets
and BatchGetAssetsHistory
), the Feed API, and the Search APIs (SearchAllResources
and SearchAllIamPolicies
):
- Cloud Healthcare API
healthcare.googleapis.com/ConsentStore
healthcare.googleapis.com/Dataset
healthcare.googleapis.com/DicomStore
healthcare.googleapis.com/FhirStore
healthcare.googleapis.com/Hl7V2Store
Cloud DNS
Zonal Cloud DNS zones are now available in Preview.
You can create private DNS zones that are scoped only to a Google Cloud zone.
Cloud Load Balancing
Network Load Balancing introduces a new monitoring resource type loadbalancing.googleapis.com/ExternalNetworkLoadBalancerRule
that lets you monitor all the supported protocols including TCP, UDP, ESP, and ICMP.
For details, see Monitoring Network Load Balancing.
This feature is available in General Availability.
Cloud Logging
You can now collect Apache CouchDB logs from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: CouchDB.
You can now collect Apache Hadoop logs and metrics from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: Hadoop.
You can now collect Apache HBase logs and metrics from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: HBase.
You can now collect Apache ZooKeeper logs from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: ZooKeeper.
You can now collect WildFly logs from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: WildFly.
Cloud Monitoring
Metrics Explorer and charts on dashboards have a new metric selection interface. For more information, see Select metrics when using Metrics Explorer.
You can now collect Apache ActiveMQ metrics from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: ActiveMQ.
You can now collect Apache Hadoop metrics and logs from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: Hadoop.
You can now collect Apache HBase metrics and logs from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: HBase.
You can now collect MongoDB metrics from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: MongoDB.
You can now collect RabbitMQ metrics from the Ops Agent, starting with version 2.11.0. For more information, see Monitoring third-party applications: RabbitMQ.
Cloud SQL for MySQL
If your primary instance uses a private IP address, you can now select an allocated IP range for clones and replicas created from the instance.
Cloud SQL for PostgreSQL
If your primary instance uses a private IP address, you can now select an allocated IP range for clones and replicas created from the instance.
Cloud SQL for SQL Server
If your primary instance uses a private IP address, you can now select an allocated IP range for clones and replicas created from the instance.
Data Catalog
Public preview: Public tags that provide less strict access control as compared to private tags for searching and viewing tags is rolled out to all Data Catalog regions with minimal disruption and in a controlled way. Public tags support simple search and search with predicates while private tags support only search with predicates.
Eventarc
Eventarc is now HIPAA and SOC 1-compliant.
Support for applying a path pattern when filtering is now available in Preview.
GKE
GKE cluster versions have been updated.
-
Version 1.19.16-gke.3600 is now available in the Stable channel.
-
Version 1.21.5-gke.1805 is now available in the Stable channel.
-
The following versions are no longer available in the Stable channel:
-
1.19.15-gke.1801
-
1.21.5-gke.1802
-
-
Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to 1.21.5-gke.1805 with this release.
GKE Gateway traffic management is now in Preview for GKE 1.22 and later version clusters. You can now autoscale Pods or dynamically shift traffic between clusters based on Service traffic capacity.
Network Connectivity Center
Networking Connectivity Center now supports the use of a third-party network virtual appliance in any Google Cloud region for the following use cases:
- Providing site-to-cloud connectivity
- Providing connectivity or managing traffic between VPC networks
A third-party network virtual appliance could be an SD-WAN router, a firewall appliance, a load balancer, or another appliance, as long as it uses BGP. After you create a Network Connectivity Center spoke to represent your router appliance instance, it can exchange routes dynamically with Cloud Router.
To view a list of partners whose solutions are integrated with Network Connectivity Center, see Network Connectivity Center partners.
For more information about Network Connectivity Center, see the product overview.
Security Command Center
Security Command Center can automatically send findings, assets, and security sources to the following SIEM and SOAR platforms:
- Cortex XSOAR—see Sending Security Command Center data to Cortex XSOAR.
- Elastic Stack—see Sending assets and findings to Elastic Stack and Exporting assets and findings with Docker and Elastic Stack.
- IBM QRadar—see Sending Security Command Center data to IBM QRadar.
MITRE ATT&CK framework details related to findings are now available as finding attributes for all Security Command Center services. The framework explains tactics and techniques for attacks against cloud resources, and provides remediation guidance. Although these attributes are available across all built-in and integrated services, only Container Threat Detection and Event Threat Detection are populating them at this time.
Microsoft Azure Releases And Updates
Source: azure.microsoft.com
Generally available: Updated navigation menu in Azure IoT Central
The Azure IoT Central navigation menu has been updated to make it easier to find product capabilities. Pages have been re-ordered, re-grouped, and re-named to align with common tasks.
Generally available: Utilize multiple backups per day for Azure Files in Azure Backup
The feature that allows you to configure multiple backups per day for Azure Files via backup policy is now generally available.
Public preview: Azure Spring Cloud Enterprise
Azure Spring Cloud Enterprise includes fully managed VMware Tanzu components to help you ship faster as well as long term support for Spring projects to unlock Spring’s full potential.
Public preview: Elastic and Azure Spring Cloud integration
Monitor every step of your cloud journey with the integration of Azure Spring Cloud logs and metrics into Elastic and instrument Spring Boot applications.
Generally available: Azure NetApp Files new region and cross-region replication
Azure NetApp Files is now available in an additional Australia region and supports a new cross-region replication pair.
Public preview: Azure NetApp Files - application consistent snapshot tool v5.1
Application consistent snapshot tool is a command-line tool for simplifying data protection for third-party databases in Linux environments.
Public preview: WordPress enhancements for App Service
Improvements include a new image, multiple hosting plans, better performance, and simplified configuration.
Generally available: Direct enterprise agreement on Azure Cost Management and Billing
Manage your enrollment hierarchy, view account usage, and monitor costs directly from the Azure Cost Management and Billing menu on the Azure Portal (for direct enterprise agreement customers on commercial cloud).
Generally available: Log Analytics data export in Azure Monitor
Log Analytics data export is ready for production deployments, supporting most tables in Log Analytics workspaces.
General availability: Custom retention for AzureActivity and Usage data tables
Set specific retention periods on AzureActivity and Usage data tables in Log Analytics workspaces, keeping such data for a longer time, while maintaining the workspace retention as low as needed.
Public preview: New capabilities for Azure Monitor logs
Add value and increase cost effectiveness with Azure Monitor logs
Public preview: Cost Management anomaly detection for subscriptions
Azure Cost Management offers subscription cost anomaly detection within the cost analysis preview to raise awareness and help identify unexpected changes in cost.
General availability: Application Gateway mutual authentication
Enable frontend mutual authentication and listener specific SSL policies on Application Gateway, now generally available.
General availability: Localization available in Azure Purview
The Azure Purview UX team has localized Azure Purview studio to 18 languages.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: