This week's roundup of all the cloud news.
Here's a round up of all things GCP, Azure and AWS for the week ending Friday 23rd April 2021.
To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
EC2 announces the Replace Root Volume feature that enables customers to replace the root volume for a running instance. The feature restores the root volume of an instance to its launch state, or to a specific snapshot, without stopping the instance. This allows customers to fix issues, such as root volume corruption or guest operating system network configuration errors, while retaining the instance store data, networking and IAM configuration.
This week, AWS announced a new feature of AWS Systems Manager Application Manager that customers can use to manage Amazon Elastic Container Service (Amazon ECS) clusters. This feature provides IT professionals the ability to view operational data, manage compliance, and take remedial actions on their ECS clusters.
AWS announced a free digital course: Amazon Simple Storage Service Performance Optimization. This advanced 60-minute course explores tools and techniques you can use to optimize your Amazon S3 performance. Designed for cloud architects, storage architects, developers, and operations engineers, it includes interactive lessons and a quiz to check your knowledge.
AWS were excited to announce that Amazon Forecast now displays the estimated time it takes to complete an in-progress workflow for importing your data, training the predictor and generating the forecast. You can now manage your time more efficiently and better plan for your next workflow around the estimated time remaining for your in-progress workflow. Forecast uses machine learning (ML) to generate more accurate demand forecasts, without requiring any prior ML experience. Forecast brings the same technology used at Amazon.com to developers as a fully managed service, removing the need to manage resources or rebuild your systems.
Amazon ElastiCache now supports publishing Redis logs to Amazon CloudWatch Logs and Kinesis Data Firehose
You can now publish the Redis slow log from your Amazon ElastiCache for Redis clusters to Amazon CloudWatch Logs and Amazon Kinesis Data Firehose. The Redis slow log provides visibility into the execution time of commands in your Redis cluster, enabling you to continuously monitor the performance of these operations. You can choose to send these logs in either JSON or text format to Amazon CloudWatch Logs and Amazon Kinesis Data Firehose .
AWS Service Catalog is now available to customers in the AWS Region in Osaka, Japan. AWS Service Catalog allows organizations to create, govern, and manage catalogs of IT services that are approved for use on AWS.
NoSQL Workbench for Amazon DynamoDB now supports AWS CloudFormation, so you can manage and modify DynamoDB data models with CloudFormation templates. In addition, you now can configure table capacity settings in NoSQL Workbench.
Amazon Elasticsearch Service now supports open source Elasticsearch 7.10 and its corresponding version of Kibana. This minor release includes bug fixes and enhancements.
Amazon RDS on VMware no longer requires the use of a Virtual Private Network (VPN) tunnel back to AWS. By removing the VPN tunnel requirement and moving to HTTPS, we’ve simplified the preparation that is required on your network to be able to take advantage of Amazon RDS managed database services in your VMware vSphere clusters on-premises. You are no longer required to open up the VPN ports in your corporate firewalls, nor add a VPN Originator, and can potentially lower your setup and operating costs.
Amazon Redshift, a fully-managed cloud data warehouse, now supports native integration with select AWS Partners from within the Amazon Redshift console. With the new console partner integration, you can accelerate data onboarding and create valuable business insights in minutes by integrating with select partner solutions. With these solutions, you can bring data from applications like Salesforce, Google Analytics, Facebook Ads, Slack, Jira, Splunk, and Marketo into your Amazon Redshift data warehouse in an efficient and streamlined way. It also enables you to join these disparate datasets and analyze them together to produce actionable insights.
AWS Outposts can now be shipped and installed at customer datacenters and on-premises locations in the Philippines and Brunei.
Amazon Elasticsearch Service now supports Asynchronous Search. Asynchronous Search lets you submit a query that gets executed asynchronously, monitor the progress of the request, and retrieve results at a later stage. You can also retrieve partial results as they become available even before the search has fully completed. Once the search completes, it can be stored for consumption at a later time up to an expiry duration.
NOW AVAILABLE CREDENTIAL PROFILE SUPPORT FOR AWS SSO AND ASSUME ROLE WITH MFA IN THE AWS TOOLKIT FOR VISUAL STUDIO
With this new release of the AWS Toolkit for Visual Studio, customers can use federated credentials, multi-factor authentication (MFA) and AWS Single Sign-On (AWS SSO) to connect their IDEs to AWS.
Amazon EMR Release 5.33 now supports 10 new instance types - C6gd, M6gd, R6gd, C6gn,C5a, C5ad, d3, d3en, m5zn and R5b. These instances are supported in all commercial regions where the instances are available. Amazon EMR 5.33 ships with Apache Hudi 0.7.0, ApacheFlink 1.12.1, PrestoDB 0.245 and Zeppelin 0.9.0.
AMAZON SAGEMAKER ANNOUNCES A PRICE REDUCTION BY UP TO 14% ON INSTANCES AND SAGEMAKER SAVINGS PLANS WITH UP TO 64% COST SAVING
AWS announced Amazon SageMaker Savings Plans, a new flexible pricing model that allows you to save up to 64% on Amazon SageMaker ML instances in exchange for making a commitment to a consistent amount of eligible usage (e.g. $10/hour) for a 1- or 3-year term. We are also pleased to share that effective April 19th, 2021 we are reducing the prices by up to 14% for instances in Amazon SageMaker. The price reductions apply to instances families ml.t2, ml.t3, ml.m4, ml.m5, ml.m5d, ml.c4, ml.c5, ml.c5d, ml.c5n, ml.r5, ml.r5d, ml.inf1 and ml.g4dn for SageMaker Studio notebooks, SageMaker On-Demand Notebooks, SageMaker Processing, SageMaker Training, SageMaker Real-Time Inference, SageMaker Data Wrangler and SageMaker Batch Transform.
Amazon S3 on Outposts now supports the ability to monitor your S3 on Outposts events via Amazon CloudWatch. You can now use CloudWatch Events to create a rule for any S3 on Outposts API Event to get notified via all supported CloudWatch targets such as Amazon SNS, and Amazon SQS.
This week AWS announced the general availability of EMR Studio, an integrated development environment (IDE) that makes it easy for data scientists and data engineers to develop, visualize, and debug big data and analytics applications written in R, Python, Scala, and PySpark. EMR Studio provides fully managed Jupyter Notebooks, and tools like Spark UI and YARN Timeline Service to simplify debugging. EMR Studio uses AWS Single Sign-On and allows you to log in directly with your corporate credentials without logging into the AWS console.
AWS Chatbot customers can now receive notifications in chat channels from an expanded range of AWS services through Amazon EventBridge. AWS Chatbot allows users to monitor and interact with AWS resources directly from Slack channels and Amazon Chime chat rooms.
You now can use AWS CloudTrail to log Amazon DynamoDB Streams data-plane APIs—GetRecords and GetShardIterator—to monitor and investigate item-level changes in your DynamoDB tables. Previously, you could use CloudTrail to log DynamoDB Streams control-plane activity (and not data-plane activity) on your DynamoDB tables.
IT admins and security teams can now view, analyze, and report on the patch compliance of their environment from a single dashboard using Patch Manager. The Patch Manager dashboard provides you with enhanced reporting capabilities and integrates key patching information such as non-compliant instances and instances never scanned for patches into a single pane of glass. It further enables you to troubleshoot issues easily by providing a drilled down view of patch compliance, enabling you to monitor missing patches and analyze execution logs. Using this feature, you can generate patch compliance reports on demand or on a schedule to simplify analysis and sharing of patch compliance information.
This week, Amazon Athena announced the general availability of a new capability that makes working with machine learning models as simple as running a SQL query. You can now build and deploy machine learning models in Amazon SageMaker and use SQL functions in Amazon Athena to generate predictions from your SageMaker models. This enables analytics teams to make model-driven insights available to business users and analysts without the need for specialized tools and infrastructure.
The AWS Solutions team recently updated Machine to Cloud Connectivity Framework, a solution that provides secure factory equipment connectivity to the AWS Cloud. This solution is a framework to send equipment telemetry data to your AWS account, allowing you to leverage AWS Services to conduct analysis on your equipment data instead of managing underlying infrastructure operations. The solution currently allows for robust data ingestion using either the OPC Data Access (OPC DA) protocol or the CC-Link Partner Association (CLPA) Seamless Messaging Protocol (SLMP). Support for OPC Unified Access (OPC UA) protocol will follow in the next release.
The Amplify CLI now gives developers the ability to make multiple global secondary index (GSI) updates to their Amazon DynamoDB tables in a single deployment, enabling faster and safer data model iterations. AWS Amplify CLI is a command line toolchain that helps frontend web and mobile developers create cloud backends and connect them to their app for common use cases, like managing app data using AWS AppSync and Amazon DynamoDB.
Review last accessed information to identify unused EC2, IAM, and Lambda permissions and tighten access for your IAM roles
IAM helps AWS customers with capabilities to analyze access and achieve least privilege. When you are working on new permissions for your teams, you can use IAM Access Analyzer policy generation to create a policy based on your access activity and set fine-grained permissions. To analyze and refine existing permissions, you can use last accessed information to identify unused actions in your IAM policies and reduce access. When we launched action last accessed in 2020, we started with S3 management actions to help you restrict access to your critical business data. Now, IAM is increasing visibility into access history by extending last accessed information to Amazon EC2, AWS IAM, and AWS Lambda management actions. This makes it easier for you to analyze access and reduce EC2, IAM, and Lambda permissions by providing the latest timestamp when an IAM user or role accessed an action. Using last accessed information, you can identify unused actions in your IAM policies and tighten permissions confidently.
Google Cloud Releases and Updates
Anthos clusters on VMware
Anthos Config Management
Anthos GKE on AWS
Anthos Service Mesh
Adding multiple private clusters from different projects into a single Mesh on GKE is now available as a generally available (GA) feature.
Adding multiple private clusters from different projects into a single Mesh on GKE is now available as a public preview feature.
App Engine ( Go / Java / Node.js / PHP / Python / Ruby )
Build environment variables support is now available in preview.
BigQuery supports changing an existing non-clustered table to a clustered table and vice versa. You can also update the set of clustered columns of a clustered table.
BigQuery ML is introducing new ARIMA_PLUS models and deprecating the ARIMA model type. While the underlying modeling technique has not changed, the following improvements are now available in ARIMA_PLUS:
Cloud Database Migration Service
Cloud Functions has added support for a new runtime, PHP 7.4, in Preview.
Cloud Load Balancing
Cloud Monitoring Workspaces are changing. Over the next few weeks, new capabilities are being deployed:
- A Cloud Monitoring Workspace will be created automatically for a Google Cloud project. This change replaces the manual creation process.
- The restriction that you can view the metrics for a project from only one Workspace is being eliminated. You'll be able to view the metrics for a project from multiple Workspaces.
- Navigation to a Workspace that manages metrics from multiple projects is changing. For information on this change, see Navigating to a Workspace.
Cloud SQL for PostgreSQLCloud SQL for SQL Server
Security Command Center
Virtual Private Cloud
General Availability release of Ingress and egress rules for VPC Service Controls.
Microsoft Azure Releases And Updates
Encryption of backup data in Recovery Services vaults using customer managed keys has enhancements in public preview.
Azure Purview is now available in public preview in the Australia East and UK South region. You can now provision Azure Purview accounts in these regions as a public preview offering.
Ubuntu 16.04 community support ends on 30 April 2021 – Transition to 18.04 immediately
Azure Purview is announcing the public preview of resource set pattern rules. A resource set is a single object in the data catalog that represents a large number of assets in storage. Resource set pattern rules allow you to customize or override how Azure Purview detects which assets are grouped as resource sets and how they are displayed within the catalog.
Application Gateway now supports hosting friendly URLs and routing based on query string values.
Azure Data Factory has released Mapping Data Flows for 2 new Azure regions: US Virgina Gov & US Arizona Gov
Azure Government customers can build secure, enclave-based applications to protect code and data while it’s in use, in a dedicated cloud that meets stringent government security and compliance requirements.
Announcing general availability of new M-series Msv2/Mdsv2 Medium Memory VMs for memory-optimized workloads
Azure Msv2/Mdsv2 Medium Memory Series offering up to 192vCPU and 4TB memory configurations and running on Cascade Lake processor are now generally available.
Read more about Hava Azure Infrastructure Diagrams here.
Read more about Hava AWS Architecture Diagrams here.
Read more about Hava GCP Architecture Diagrams here