This week's roundup of all the cloud news.
Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 4th February 2022
To stay in the loop, make sure you subscribe using the box on the right of this page.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
Source: aws.amazon.com
Amazon FSx for OpenZFS now supports full-copy volumes to make it easier to clone and experiment with your data, enabling you to quickly capture the results of your cloning-based testing for long-term use.
Amazon FSx for OpenZFS provides fully managed file storage built on the popular OpenZFS file system, offering a rich set of ZFS-powered capabilities for working with data. It supports organizing your file system data into individual data containers called volumes, as well as creating point-in-time copies of these volumes called “clone volumes”. These clone volumes are instantly available and space-efficient — only storing the incremental changes to your source data — making it quick and easy to test new changes to your data and applications.
Amazon RDS for MariaDB now supports MariaDB version 10.6. This release introduces multiple MariaDB features to enhance the performance, scalability, reliability and manageability of your workloads, including:
- MyRocks storage engine: You can use the MyRocks storage engine with RDS for MariaDB to optimize storage consumption of your write-intensive, high-performance web applications.
- IAM integration: You can now configure AWS’s Identity and Access Management (IAM) with your Amazon RDS for MariaDB instances to simplify access management of your AWS resources. With IAM, you can manage user access to all AWS resources from a single location and avoid issues caused by out-of-sync permissions on different AWS resources.
- Flexible Upgrades: You can upgrade to RDS for MariaDB 10.6 from any prior MariaDB major release (10.2, 10.3, 10.4, 10.5) in a single step. You can also take a snapshot of an existing MySQL 5.6 or 5.7 instance and use the RDS snapshot restore feature to convert it into a MariaDB 10.6 instance.
- Delayed replication: You can now set a configurable time period for which a read replica lags behind the source database, as a disaster recovery strategy. In a standard MariaDB replication configuration, there is minimal replication delay between the source and the replica.
- Oracle PL/SQL compatibility: With an increased set of PL/SQL compatibility functions (e.g. ROWNUM(), TO_CHAR(), ADD_MONTHS()), you can migrate your legacy Oracle stored procedures as-is to RDS for MariaDB 10.6.
- Atomic DDL: Your DDL statements will now be crash-safe with RDS for MariaDB 10.6. CREATE TABLE, ALTER TABLE, RENAME TABLE, DROP TABLE, DROP DATABASE and related DDL statements are now atomic. Previously a crash during a DDL operation could lead to undetermined results and introduce errors during replication. With atomic DDL, either a DDL operation is either fully done or not done at all. Therefore, recovery from crashes during DDL operations are deterministic and binlog remains consistent across any server crashes.
- Other enhancements: JSON_TABLE function for transforming JSON data to relational format within SQL, faster empty table data load with Innodb, new sys_schema for analysis & troubleshooting, optimizer enhancement for ignoring unused indexes and performance improvements.
AWS Step Functions Local, a runtime for debugging and testing state machine based workflows locally, is now designed to support mocking for service integrations, allowing you to run state machines without the need to call downstream services.
AWS Step Functions is a visual workflow service capable of orchestrating over 9,000 API actions from over 200 AWS services. Step Functions Local is a downloadable version of Step Functions that is designed to enable you to run, debug, and test state machines without leaving your development environment. Now, with Step Functions Local, you can mock the responses from your service integrations, helping save time and lower development efforts when building state machines.
Google Cloud Releases and Updates
Source: cloud.google.com
BigQuery
The BigQuery migration assessment is now available in Preview. Use this feature to assess the complexity of migrating from your current data warehouse to BigQuery.
The WITH RECURSIVE
feature has been added to Google Standard SQL for BigQuery and is now in Preview. This feature allows a query in a WITH
clause to refer to either itself or to queries defined later in the WITH
clause.
BigQuery now supports materialized views without aggregation and materialized views with inner join. This feature is generally available (GA).
Cloud Debugger
Cloud Debugger now has Preview support for VPC Service Controls.
Cloud Key Management Service
You can now use Cloud EKM with a Virtual Private Network (preview). This means you can access your external key manager with a private endpoint.
See Using Cloud EKM with VPC to learn more.
Cloud Monitoring
You can now save a copy of a chart on a predefined dashboard to one of your custom dashboards by selecting Add to Custom Dashboard from the More Options menu on the chart. When you select a custom dashboard, you also have the option of renaming the copied chart.
You can now view SLOs on a custom dashboard. For more information, see Display SLOs on a dashboard.
Cloud SQL for MySQL
The Key Access Justifications (KAJ) feature is now generally available in Cloud SQL. You can use KAJ as part of Cloud External Key Manager (EKM). KAJ enables you to view the reason for each Cloud EKM request. Additionally, based on the justification provided, you can automatically approve or deny a request. For related information, see the Overview.
Cloud SQL for PostgreSQL
Query Insights lets you configure the query sampling rate. For information, see Using Query Insights to improve query performance.
The Key Access Justifications (KAJ) feature is now generally available in Cloud SQL. You can use KAJ as part of Cloud External Key Manager (EKM). KAJ enables you to view the reason for each Cloud EKM request. Additionally, based on the justification provided, you can automatically approve or deny a request. For related information, see the Overview.
Cloud SQL for SQL Server
The Key Access Justifications (KAJ) feature is now generally available in Cloud SQL. You can use KAJ as part of Cloud External Key Manager (EKM). KAJ enables you to view the reason for each Cloud EKM request. Additionally, based on the justification provided, you can automatically approve or deny a request. For related information, see the Overview.
CloudTPU
Cloud TPU now supports Tensorflow 2.8.0. For more information, see TensorFlow 2.8.0 Release Notes.
Compute Engine
Rate limits for all Compute Engine requests have the following changes:
-
- All per-user rate limits are removed.
- Rate limits are now enforced in 1-minute (60-second) intervals instead of 100-second intervals.
- Due to this change, you might receive more 403
rateLimitExceeded
errors when bursting.- Although per-second rate limits increased slightly, the enforcement intervals are now shorter, so the maximum number of requests per enforcement interval is slightly reduced overall. For example, the default Queries group's rate limit is changing from 20 requests per second with a maximum of 2000 requests per 100 seconds to 25 requests per second with a maximum of 1500 requests per 60 seconds.
Additionally, rate limits are now documented for the following groups:
-
- Instance list referrer requests
- Instance get serial port output requests
As of February 1, 2022, all CentOS 8 images are deprecated. CentOS 8 reached EOL on December 31, 2021. If you use CentOS 8 images in your project, review CentOS 8 end of life.
Config Connector
Config Connector version 1.72.1 is now available.
Dataproc
Dataproc Serverless for Spark now uses runtime version 1.0.2, which updates Spark to 3.2.1 version.
Deep Learning Containers
M89 release
-
- TensorFlow Enterprise 2.8 is now available and includes Long Term Version Support. TensorFlow Enterprise 2.8 is available in both Deep Learning Containers and Deep Learning VM Images.
- Upgraded TensorFlow Enterprise 2.6.2 to 2.6.3.
Google Cloud Deploy
Google Cloud Deploy is now available in the following regions:
-
northamerica-east1
(Montréal)asia-northeast1
(Tokyo)
GKE
-
- Version 1.22.3-gke.1500 is now available in the Regular channel.
- Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to 1.20.12-gke.1500 with this release.
- Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to 1.21.6-gke.1500 with this release.
- Version 1.22.4-gke.1501 is now the default version in the Rapid channel.
- Version 1.21.9-gke.300 is now available in the Rapid channel.
- Version 1.22.6-gke.300 is now available in the Rapid channel.
- Version 1.23.2-gke.300 is now available in the Rapid channel.
- Version 1.21.5-gke.1802 is no longer available in the Rapid channel.
- Version 1.23.1-gke.500 is no longer available in the Rapid channel.
- Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to 1.21.6-gke.1500 with this release.
- Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to 1.21.6-gke.1500 with this release.
- Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to 1.22.4-gke.1501 with this release.
- Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to 1.23.2-gke.300 with this release.
In GKE, you can now filter Pub/Sub cluster notifications by notification type. For more information, see Receive cluster notifications.
When creating a maintenance exclusion window, you can restrict the exclusion to specify types of maintenance. For example, during a specific time period you can exclude minor upgrades from occurring on your cluster. For more information, see Maintenance exclusions documentation.
Pub/Sub Lite now supports regional Lite topics that replicate data to a secondary zone.
Secret Manager
Secret manager now supports data checksums when adding or accessing a secret version.
Security Command Center
Event Threat Detection, a built-in service of Security Command Center, launched the Exfiltration: BigQuery Data to Google Drive rule to Preview. This rule detects events where the protected organization's BigQuery data is saved, through extraction operations, to a Google Drive folder. For more information, see Event Threat Detection rules.
Virtual Machine Threat Detection, a built-in service of Security Command Center Premium, is in Preview. During the Preview, VM Threat Detection detects cryptocurrency mining software, which is among the most common types of software installed in compromised cloud environments.
For more information, see Virtual Machine Threat Detection conceptual overview.
Web Security Scanner, a built-in service of Security Command Center, released the CACHEABLE_PASSWORD_INPUT
and SESSION_ID_LEAK
finding types.
For more information, see Web Security Scanner findings.
Web Security Scanner, a built-in service of Security Command Center, provides detectors for the OWASP Top 10 2017 and OWASP Top 10 2021. For more information, see Detectors and Compliance.
VPC Service Controls
General availability for the following integrations:
Microsoft Azure Releases And Updates
Source: azure.microsoft.com
Public preview: Microsoft Azure Communication Services Telephony capabilities in Denmark and UK
Customers in Denmark and the UK can now purchase Toll-Free and Geographic phone numbers.
General Availability: IoT Edge monitoring with Azure Monitor
Use the latest IoT Edge Metrics collector module to send metrics to Azure Monitor and leverage updated visualizations to monitor and troubleshoot your IoT Edge devices.
General Availability: The Azure Sphere OS 22.01 release is cancelled
The next release of Azure Sphere will be version 22.02.
General availability: Azure Database for PostgreSQL – Hyperscale (Citus): Private access support
Private access is now generally available for Hyperscale (Citus) on Azure Database for PostgreSQL, a managed service running the open-source Postgres database on Azure.
Public preview: Anomaly Detector adds synchronous multivariate detection and improved anomaly interpretation
Start using Anomaly Detector’s multivariate detection synchronously for quicker response, easier operations, and more informative result interpretation to help you analyze root causes.
General availability: Azure Database for PostgreSQL – Hyperscale (Citus) new certifications
New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.
General availability: Azure Database for PostgreSQL - Hyperscale (Citus) supports PostgreSQL minor versions
Use PostgreSQL 11.14, 12.9, 13.5, and 14.1 minor versions with Hyperscale (Citus) for Azure Database for PostgreSQL, a managed service running the open source Postgres database on Azure.
General availability: Enhanced storage configuration with tempdb
Manage your SQL Server on Azure Virtual Machine storage configuration with tempdb directly from the SQL virtual machine blade in the Azure portal.
General availability: Deployment enhancements for SQL Server on Azure Virtual Machines
Deploy SQL Server on Azure Virtual Machines with a setup-like experience where configuration of the instance is done during deployment of the Azure Marketplace image.
General availability: Automated backup enhancements for SQL Server on Azure Virtual Machines
The Automated backup feature on SQL Server for Azure Virtual Machines blade comes with the ability for increased retention and better manageability with your choice of storage container per instance.
General availability: Azure SQL updates for early February 2022
Generally available enhancements and updates released for Azure SQL.
Public preview: Azure SQL updates for early February 2022
Public preview enhancements and updates released for Azure SQL.
General availability: Azure Cache for Redis active geo-replication in enterprise tiers
Link cached data across regions for multi-primary writes and higher availability with active geo-replication in enterprise tiers for Azure Cache for Redis.
Public preview: Custom virtual network support in Azure Container Apps
Start deploying Azure Container Apps into your own Azure virtual netowrks.
Generally available: PowerShell on Linux OS in Azure Functions
Azure Functions now supports PowerShell on Linux.
Generally available: Azure Monitor diagnostic settings for Azure Storage
Azure Monitor diagnostic settings now supports Azure Storage logs in log analytics workspaces, Azure Event Hubs, Azure Storage, and select Marketplace partners.
Public preview: Azure IoT Edge for Linux on Windows (EFLOW) update
The update brings enhancements to IoT Edge 1.2, Microsoft Defender for IoT, and chipset support.
Generally available: Improved Syslog RFC compliance using the new Azure Monitor agent
Azure Monitor agent now supports additional syslog RFC formats collected from various networking devices.
Generally available: Azure Monitor agent extension support for automatic upgrade extension feature
Enable the ‘automatic extension upgrade’ feature on the Azure Monitor agent extension to automatically get new extension versions rolled out to your virtual machines and scale sets in Azure.
Public preview: Test action groups in Azure Monitor
Start testing your alert notification settings using the new test action groups functionality in Azure Monitor.
Public preview: Execute Azure Monitor Logs connector on an exact time range
Investigate alert incidences with Azure Monitor Logs connector scoped to an exact time range of alert.
Generally available: Azure PostgreSQL backup with long term retention
Azure Backup and Azure Database Services bring to you a new backup solution for your PostgreSQL servers that retains backups for up to 10 years.
Generally available: Azure Monitor Diagnostic settings for Azure Storage
With the general availability of Azure Monitor Diagnostic settings for Azure Storage, review the pricing model for Diagnostic settings for Azure Storage logs.
Public Preview: Microsoft Azure Payment HSM Service
Azure Payment HSM Service is now in public preview to accelerate the digital transformation of payment ecosystem in Azure
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: