Here's a cloud round up of all things Hava, GCP, Azure and AWS for the week ending Friday 29th April 2022
To stay in the loop, make sure you subscribe using the box on the right of this page.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
Source: aws.amazon.com
Amazon Polly now offers a new Neural TTS voice in Brazilian Portuguese
Amazon Polly is a service that turns text into lifelike speech. This week, AWS were excited to announce the general availability of a neural version of Vitória, Polly’s Brazilian Portuguese female text to speech (TTS) voice.
TTS voices simplify the way you can create, implement, update, and maintain your speech-enabled applications and products. You can use Amazon Polly to enhance the user experience and improve the accessibility of your text content with the power of voice. Common use cases include interactive voice response (IVR) systems, audiobooks, newsreaders, eLearning content, and virtual assistants.
Amazon Polly launched the Brazilian Portuguese voice Vitória using standard technology in 2016, and as of today a neural version of Vitória is also available. The new voice offers a more natural sounding rhythm, intonation, and sound articulation. In addition to Vitória, Polly also offers a second Brazilian Portuguese neural voice, Camila.
AWS Network Firewall now supports AWS Managed Threat Signatures
AWS Network Firewall now supports AWS Managed Threat Signatures to detect threats and block attacks against known vulnerabilities so you can stay up to date on the latest security threats without writing and maintaining your own rules.
AWS Network Firewall’s flexible rules engine lets you define firewall rules that give you fine-grained control over network traffic. Starting today, you can enable stateful managed rules for intrusion detection and prevention signatures that protect against threats such as malware, botnets, web attacks, and emerging events. You have full visibility into managed threat signature rule content across 11 categories. You can select managed rule groups to add to your AWS Network Firewall policies, or you can copy and modify rule groups to meet your specific needs. AWS Network Firewall provides notifications of managed rule group updates through Amazon Simple Notification Service (SNS).
Clone AWS Launch Wizard inputs to simplify future SAP deployments
AWS Launch Wizard now allows you to clone the inputs when you deploy an SAP system for use in future deployments. In most cases, the majority of these parameters will remain the same across deployments. Today’s launch eliminates the need to re-enter every parameter manually for subsequent deployments, allowing you to save time and reduce error by instead focusing on the few that make each deployment unique.
For instance, when you deploy your production system, you can clone the parameters from your pre-production system also deployed with AWS Launch Wizard. Launch Wizard will pre-populate those parameters, and all you have to do is change the few that are unique to the production system like SAPSID, instance numbers, and host name, while keeping common components like the SAP software and infrastructure the same.
Amazon Relational Database Service (Amazon RDS) for PostgreSQL, version 11 and higher, now supports M6i and R6i instances. M6i instances are the 6th generation of Amazon EC2 x86-based General Purpose compute instances, designed to provide a balance of compute, memory, storage, and network resources. R6i instances are the 6th generation of Amazon EC2 memory optimized instances, designed for memory-intensive workloads. Both M6i and R6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances.
M6i and R6i instances are powered by 3rd generation Intel Xeon Scalable processors with an all-core turbo frequency of 3.5 GHz, delivering up to 20% better transaction throughput over equivalent M5 and R5 instances. To meet customer demands for increased scalability, M6i and R6i instances provide a new instance size of 32xlarge with 128 vCPUs and 33% more memory than the largest M5 and R5 instances. M6i.32xlarge has 512 GiB of memory and R6i.32xlarge has 1,024 GiB of memory. They also provide up to 20% higher memory bandwidth per vCPU compared to the previous 5th generation instances. These instances give customers up to 50 Gbps of networking speed and 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS), 2x that of M5 and R5 instances.
This week, AWS announced the general availability of Amazon Rekognition Streaming Video Events, a fully managed service for camera manufacturers and service providers that uses machine learning (ML) to detect objects such as people, pets, and packages in live video streams from connected cameras. Amazon Rekognition Streaming Video Events sends them a notification as soon as the desired object is detected in the live video stream. With these event notifications, service providers can send timely and actionable smart alerts to their users such as “Pet detected in the backyard,” enable home automation experiences such as turning on garage lights when a person is detected, build custom in-app experiences such as a smart search to find specific video events of packages without scrolling through hours of footage, or integrate these alerts with Echo devices for Alexa announcements such as “A package was detected at the front door” when the doorbell detects a delivery person dropping off a package – all while keeping cost and latency low. Learn more about Amazon Rekognition Streaming Video Events.
Many camera manufacturers and security service providers offer home security solutions that include doorbells, indoor and outdoor cameras, and value-added notification services to help their users understand what is happening on their property. Cameras with built-in motion detectors are placed at entry or exit points of the home to notify users of any activity in real time, such as “Motion detected in the backyard.” However, motion detectors are noisy, can be set off by innocuous events like wind and rain, creating notification fatigue, and resulting in clunky home automation setup. Building the right user experience for smart alerts, search, or even browsing video clips requires ML and automation that is hard to get right and can be expensive.
Amazon Rekognition Streaming Video Events lowers the costs of value-added video analytics by providing a low-cost, low-latency, fully managed ML service that can detect objects (such as people, pets, and packages) in real time on video streams from connected cameras. The service starts analyzing the video clip only when a motion event is triggered by the camera and sends a notification as soon as the desired object is detected.
Amazon MSK Serverless is now generally available
AWS are pleased to announce the general availability of Amazon MSK Serverless, a type of Amazon MSK cluster that makes it easier for developers to run Apache Kafka without having to manage capacity. MSK Serverless automatically provisions and scales compute and storage resources and offers throughput-based pricing, so you can use Apache Kafka on demand and pay for the data you stream and retain.
With a few clicks in the AWS management console, you can set up secure and highly available clusters that automatically scale as your application I/O scales. MSK Serverless is fully compatible with Apache Kafka, so you can run existing applications without any code changes or create new applications using familiar tools and APIs. With pay-as-you-go pricing, there are no upfront commitments or minimum fees. You pay an hourly rate per cluster and an hourly rate for each partition that you create. Additionally, you pay per GB of data throughput and storage. MSK Serverless also provides private connectivity via AWS PrivateLink, secure client access via AWS Identity and Access Management (IAM), serverless stream processing and analytics via Amazon Kinesis Data Analytics and AWS Lambda, and schema evolution control via AWS Glue Schema Registry. In addition to these features, MSK Serverless is compliant with GDPR and provides a 99.9% availability SLA.
Amazon Relational Database Service (Amazon RDS) for MySQL version 8.0 now supports M6i and R6i instances. M6i instances are the 6th generation of Amazon EC2 x86-based General Purpose compute instances, designed to provide a balance of compute, memory, storage, and network resources. R6i instances are the 6th generation of Amazon EC2 memory optimized instances, designed for memory-intensive workloads. Both M6i and R6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances.
M6i and R6i instances are powered by 3rd generation Intel Xeon Scalable processors with an all-core turbo frequency of 3.5 GHz, delivering up to 20% better transaction throughput over equivalent M5 and R5 instances. To meet customer demands for increased scalability, M6i and R6i instances provide a new instance size of 32xlarge with 128 vCPUs and 33% more memory than the largest M5 and R5 instances. M6i.32xlarge has 512 GiB of memory and R6i.32xlarge has 1,024 GiB of memory. They also provide up to 20% higher memory bandwidth per vCPU compared to the previous 5th generation instances. These instances give customers up to 50 Gbps of networking speed and 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS), 2x that of M5 and R5 instances.
AWS Service Catalog support for the AWS Cloud Development Kit (AWS CDK) is now available
AWS Service Catalog constructs for the AWS Cloud Development Kit (AWS CDK) are now available. Service Catalog administrators can now define their catalog in code within a CDK application that deploys through AWS CloudFormation. They can also define a Service Catalog product entirely in code in CDK without having to upload and reference CloudFormation templates in Amazon Simple Storage Service (Amazon S3) or AWS CodeCommit first.
Introducing Amazon EC2 I4i instances
Amazon Web Services (AWS) announces the general availability of Amazon EC2 I4i instances. Designed for storage I/O intensive workloads, I4i instances are powered by 3rd generation Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz, offer up to 30% better compute price performance over I3 instances, and always-on memory encryption using Intel Total Memory Encryption (TME).
I4i instances offer up to 30 TB of NVMe storage from AWS Nitro SSDs. Nitro SSDs are NVMe-based and custom-designed by AWS to provide high I/O performance, low latency, minimal latency variability, and security with always-on encryption. I4i instances provide up to 60% lower storage I/O latency, and 75% lower storage I/O latency variability compared to I3 instances. These instances deliver the highest local storage performance within Amazon EC2 and are designed for databases such as MySQL, Oracle DB, and Microsoft SQL Server, and NoSQL databases such as MongoDB, Couchbase, Aerospike, and Redis where low latency local NVMe storage is needed in order to meet application service level agreements (SLAs). I4i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances.
Get insights into Data and Data Quality with Amazon SageMaker Data Wrangler
Amazon SageMaker Data Wrangler reduces the time it takes to aggregate and prepare data for machine learning (ML) from weeks to minutes. With SageMaker Data Wrangler, you can simplify the process of data preparation and feature engineering, and complete each step of the data preparation workflow, including data selection, cleansing, exploration, and visualization from a single visual interface. With SageMaker Data Wrangler’s data selection tool, you can quickly select data from multiple data sources, such as Amazon S3, Amazon Athena, Amazon Redshift, AWS Lake Formation, Amazon SageMaker Feature Store, Databricks Delta Lake, and Snowflake.
AWS Snow Family now enables you to remotely monitor and operate your connected Snowball Edge devices
AWS Snowball customers can now remotely monitor and operate their devices from AWS OpsHub or the AWS Command Line Interface (CLI). This enables customers to manage one or thousands of Snowball Edge devices, even when they are geographically dispersed. For Snowball Edge devices connected to the network, customers can remotely view a central dashboard to see whether a device is online, is unlocked, and monitor usage metrics such as available storage and compute capacity. Additionally, customers can now remotely unlock or reboot devices deployed in the field.
Before this launch, customers were able to manage Snowball Edge devices that were physically present and on the same local network. As customers expand the number of sites they deployed Snowball Edge devices to, they want a scalable way to manage all their devices from one central place without having to be physically present with the devices. With this launch, Snowball Edge devices can now be securely connected to an AWS region to enable customers to view information about all their devices in a single dashboard and to remotely reboot or unlock devices.
You can now use Amazon Route 53 Resolver endpoints for hybrid cloud configurations in the Asia Pacific (Jakarta) Region.
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) service. Amazon Route 53 Resolver endpoints make hybrid cloud configurations easier to manage by enabling seamless DNS query resolution across your entire hybrid cloud. Create DNS endpoints and conditional forwarding rules to allow resolution of DNS namespaces between your on-premises data center and Amazon Virtual Private Cloud (Amazon VPC).
ElastiCache data tiering is now available in 3 additional regions
You can now use data tiering for Amazon ElastiCache for Redis as a lower cost way to scale your clusters to up to hundreds of terabytes of capacity in the Asia Pacific (Mumbai), Canada (Central), and South America (Sao Paulo) Regions. Data tiering provides a new price-performance option for Redis workloads by utilizing lower-cost solid state drives (SSDs) in each cluster node in addition to storing data in memory. It is ideal for workloads that access up to 20% of their overall dataset regularly, and for applications that can tolerate additional latency when accessing data on SSD.
When using clusters with data tiering, ElastiCache is designed to automatically and transparently move the least recently used items from memory to locally attached NVMe SSDs when available memory capacity is completely consumed. When an item that moves to SSD is subsequently accessed, ElastiCache moves it back to memory asynchronously before serving the request. Assuming 500-byte String values, you can expect an additional 300µs latency on average for requests to data stored on SSD compared to requests to data in memory.
ElastiCache data tiering is available when using Redis version 6.2 and above on Graviton2-based R6gd nodes. R6gd nodes have nearly 5x more total capacity (memory + SSD) and can help you achieve over 60% savings when running at maximum utilization compared to R6g nodes (memory only).
Amazon SageMaker Data Wrangler now supports random sampling and stratified sampling
Amazon SageMaker Data Wrangler reduces the time it takes to aggregate and prepare data for machine learning (ML) from weeks to minutes. With SageMaker Data Wrangler, you can simplify the process of data preparation and feature engineering, and complete each step of the data preparation workflow, including data selection, cleansing, exploration, and visualization from a single visual interface. With SageMaker Data Wrangler’s data selection tool, you can quickly select data from multiple data sources, such as Amazon S3, Amazon Athena, Amazon Redshift, AWS Lake Formation, Amazon SageMaker Feature Store, Databricks Delta Lake, and Snowflake.
This week AWS announced the general availability of random sampling of data when importing from S3 and new transforms to create random or stratified samples of your datasets with Amazon SageMaker Data Wrangler in Amazon SageMaker Studio. Previously, you would have to write code to create random samples or stratified samples of their data when preparing data for ML applications. Today, with the random sampling option on import, you can now create a random sample of your data on S3 when importing your data into Data Wrangler. Additionally, with our new transforms for random and stratified sampling, you can create the following types of samples for your data set:
This week, AWS Snow Family launched Large Data Migration Manager, a new feature that enables you to plan, track, and manage your large data migrations when using multiple Snowball Edge service products. You can now easily plan and monitor your jobs from a minimum of 500 Terrabytes to petabyte scale data migrations. Using Large Data Migration Manager eliminates the need for you to manually track all of your Snow jobs and the status of their data ingestion.
The AWS Snow Family Large Data Migration Manager feature collects information about your data migration goals such as the data size to be moved to AWS, and the number of Snow devices you need in order to migrate data simultaneously. The Large Data Migration Manager then creates a projected schedule for your data migration project and recommends a job ordering schedule for your Snow jobs to meet your goals. The projected schedule is automatically adjusted as the project proceeds based on the amount of data ingested and the average time taken to complete a Snow job. Large Data Migration Manager’s projected job schedule allows you to focus on moving your data to AWS without having to worry about manually planning for or creating new Snow job orders. With Snow Large Data Migration Manager, you can now plan and track all your data migration needs and monitor the progress of the data ingestion in a single, centralized dashboard.
Amazon Chime SDK offers API endpoints for media pipeline in Oregon, Frankfurt, and Singapore
Amazon Chime SDK lets developers add intelligent real-time audio, video, screen share, and messaging to their web applications. Media Pipelines allow developers to capture the contents of Amazon Chime SDK WebRTC media sessions to the Amazon Simple Storage Service (Amazon S3) bucket of their choice. Starting today, the Amazon Chime SDK now has media pipeline API endpoints in US West (Oregon), Europe (Frankfurt), and Asia Pacific (Singapore) AWS Regions.
Customers can now use API endpoints in the same AWS Region for both media pipelines and WebRTC media session. This simplifies application architecture, and enables high availability architectures that use API endpoints in multiple AWS Regions. Customers who require endpoints with FIPS 140-2 validated cryptographic modules, now have a choice of US East (Northern Virginia) and US West (Oregon) AWS Regions.
This week, AWS Identity and Access Management (IAM) introduced a new way that you can control access to your resources based on the account, Organizational Unit (OU) or organization in AWS Organizations that contains your resources. AWS recommends that you set up multiple accounts as your workloads grow. Using a multi-account environment has several benefits including flexible security controls by isolating workloads or applications that have specific security requirements. With this new IAM capability, you now can author IAM policies to enable your principals to access only resources inside specific AWS accounts, OUs, or organizations.
The new capability includes condition keys for the IAM policy language called aws:ResourceAccount, aws:ResourceOrgPaths, and aws:ResourceOrgID. The new keys support a wide variety of AWS services and actions, so you can apply similar controls across different use cases. For example, you can now easily prevent your IAM principals from assuming any IAM roles outside of your own AWS account, without needing to list any specific IAM roles in your policies. To accomplish this, configure an IAM policy to deny access to AWS Security Token Service (AWS STS) assume role actions unless aws:ResourceAccount matches your unique AWS account ID. With the policy in place, when an AWS STS request is made to an account not listed in the policy, this access is blocked by default. You can attach this policy to an IAM principal to apply this rule to a single role or user, or use service control policies in AWS Organizations to apply the rule broadly across your AWS accounts.
Amazon RDS Data API now supports returning SQL results as a simplified JSON string
Amazon Relational Database Service (Amazon RDS) Data API can now return results in a new simplified JSON format that makes it easier to convert JSON string to an object in your application. Previously, Amazon RDS Data API returned a JSON string as an array of data type and value pairs. This required developers to write custom code to parse the response and extract the values in order to manually translate the JSON string into an object. Instead, the new format returns an array of column names and values, which makes it easier for common JSON parsing libraries to convert the response JSON string to an object. The previous JSON format is still supported and existing applications using Amazon RDS Data API will work unchanged. To learn more about the new format and how to use it see our documentation.
Amazon Interactive Video Service adds stream chat feature
You can now build scalable stream chat rooms with built-in moderation options designed to accompany live streaming video using the new Amazon Interactive Video Service (Amazon IVS) stream chat feature. With this feature, streamers and viewers can build community relationships by asking questions and participating in discussions. Amazon IVS chat provides chat room resource management and a messaging API for sending, receiving, and moderating chat messages. Visit the Amazon IVS chat feature page to learn more.
Amazon Interactive Video Service (Amazon IVS) is a managed live streaming solution that is designed to be quick and easy to set up, and ideal for creating interactive video experiences. Send your live streams to Amazon IVS using the IVS mobile broadcast SDK or standard streaming software such as Open Broadcaster Software (OBS) and the service is designed to provide everything you need to make low-latency live video available to any viewer around the world, letting you focus on building interactive experiences alongside the live video.
AWS Snow Family now supports update of device certificates
This week AWS are launching the ability for AWS Snowball Edge customers to update device certificates for Snowball Edge devices deployed at edge locations. Customers, Solutions Architects, or Account Managers can open a support case with AWS Snow team to request software update package with new device certificate. Customers then use the existing software update process to apply the new device certificate to their Snow devices. This enables customers to deploy Snowball Edge devices for multiple years without having to replace devices to update their operating certificates.
Prior to this launch, AWS customers had to replace their Snowball Edge devices when the device certificate expired in 360 days. Customers could not update the device certificates on Snowball Edge devices deployed in the field. Replacing an existing Snow device with a new replacement snowball edge every 360 days caused disruption to customer’s continued operations in the field. With this launch, customers do not have to replace their devices due to device certificate expiry and can offline update the device certificate in the field.
AWS Control Tower now supports Python 3.9 runtime
This week, AWS announced an update to AWS Control Tower that includes a change to the Notification Forwarder Lambda to use the Python version 3.9 runtime. This update addresses the planned deprecation of Python version 3.6 runtime. Function invocations continue indefinitely after the runtime version reaches end of support. However, AWS strongly recommends that you migrate functions to a supported runtime version so that you continue to receive security patches and remain eligible for technical support. Please refer to the runtime deprecation policy for additional deprecation details.
To implement the updated Notification Forwarder Lambda, you can perform a landing zone update by going to the Landing Zone Settings page in your AWS Control Tower dashboard, selecting the 2.9 version and clicking the Update button. After updating your landing zone, you must then update all accounts that are governed by AWS Control Tower.
Amazon Relational Database Service (Amazon RDS) for MariaDB, version 10.4 and higher, now supports M6i and R6i instances. M6i instances are the 6th generation of Amazon EC2 x86-based General Purpose compute instances, designed to provide a balance of compute, memory, storage, and network resources. R6i instances are the 6th generation of Amazon EC2 memory optimized instances, designed for memory-intensive workloads. Both M6i and R6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances.
M6i and R6i instances are powered by 3rd generation Intel Xeon Scalable processors with an all-core turbo frequency of 3.5 GHz, delivering upto 20% better transaction throughput over equivalent M5 and R5 instances. To meet customer demands for increased scalability, M6i and R6i instances provide a new instance size of 32xlarge with 128 vCPUs and 33% more memory than the largest M5 and R5 instances. M6i.32xlarge has 512 GiB of memory and R6i.32xlarge has 1,024 GiB of memory. They also provide up to 20% higher memory bandwidth per vCPU compared to the previous 5th generation instances. These instances give customers up to 50 Gbps of networking speed and 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS), 2x that of M5 and R5 instances.
Amazon Polly now offers a Neural TTS voice in Portuguese
Amazon Polly is a service that turns text into lifelike speech. This week, AWS are excited to announce the general availability of a Neural version of Inês, Polly’s European Portuguese female text to speech (TTS) voice.
TTS voices simplify the way you can create, implement, update, and maintain your speech-enabled applications and products. You can use Amazon Polly to enhance the user experience and improve the accessibility of your text content with the power of voice. Common use cases include interactive voice response (IVR) systems, audiobooks, newsreaders, eLearning content, and virtual assistants.
Inês, the European Portuguese TTS voice, has been available as a Standard voice. Neural Inês offers a more natural sounding voice with better rhythm, pausing, and sound articulation. With this launch, Amazon Polly now supports Standard and Neural voices in Brazilian and European Portuguese.
Amazon Lightsail has added two new security features for the Lightsail load balancer: the ability to automatically redirect HTTP requests to HTTPS and the ability to configure the security policy used for TLS termination of the HTTPS requests. With these features, you can easily make your websites more secure, meet compliance goals, achieve better search ranking and high SSL/TLS scores just by configuring a Lightsail load balancer with the Lightsail instances hosting your websites.
With just a click, the automatic redirect feature forces all load balancer HTTP traffic on port 80 to HTTPS on port 443. This ensures all requests to your load balancer are served securely over HTTPS. Further, with this update you now have the flexibility to pick from predefined security policies for your TLS listener, including a TLS 1.2 only policy (security policy defines a combination of protocols and ciphers used for TLS termination). Both of these features can be configured on existing and new Lightsail load balancers, either via the Lightsail console, AWS CLI, and AWS SDKs. There is no additional cost for using these features with your load balancers.
Amazon EC2 R6gd instances powered by AWS Graviton2 now available in South America (São Paulo)
Starting this week, memory-optimized Amazon EC2 R6gd instances with local NVMe-based SSD storage are available in South America (São Paulo). R6gd instances provide up to 40 percent better price-performance and up to 50% more NVMe storage GB/vCPU over comparable x86-based instances for memory-intensive workloads such as open-source databases, in-memory caches, and real time big data analytics. They are ideal for applications that need access to high-speed, low latency storage, as well as for temporary storage of data such as batch and log processing, and for high-speed caches and scratch files. Amazon EC2 R6gd instances are powered by AWS Graviton2 processors that are custom-designed by AWS to enable the best price performance in Amazon EC2.
AWS Backup for Amazon FSx is now available in the AWS Asia Pacific (Osaka) Region
AWS Backup’s policy-based data protection capabilities are now available for Amazon FSx in the AWS Asia Pacific (Osaka) Region. You can now use AWS Backup to centrally automate backup and restore of your application data stored in Amazon FSx along with other AWS services for compute, storage, and database in the Osaka Region.
Amazon Elastic Kubernetes Service (EKS) announces Karpenter v0.9.0 with support for Pod Affinity
Amazon Elastic Kubernetes Service (EKS) is announcing v0.9.0 of the Karpenter open-source cluster autoscaling project. Karpenter is a flexible, high-performance Kubernetes cluster autoscaler that helps improve application availability and resource utilization. Karpenter v0.9.0 adds supports for Kubernetes podAffinity and podAntiAffinity scheduling constraints, which increases its compatibility with popular third-party Helm charts and expands support for high-availability use cases.
AWS Announces general availability of the first AWS Wavelength Zone in Canada
This week, AWS are announcing the general availability of AWS Wavelength on the Bell 5G network in Toronto. Enterprises, application developers, and Independent Software Vendors (ISVs), can now use the AWS Wavelength Zone in Toronto to build ultra-low latency applications for mobile devices and end-users in Canada.
Wavelength Zones embed AWS compute and storage services at the edge of communications service providers’ 5G networks while providing seamless access to cloud services running in an AWS Region. By doing so, AWS Wavelength minimizes the latency and network hops required to connect from a 5G device to an application hosted on AWS. With AWS Wavelength and Bell 5G, applications developers can now build the ultra-low latency applications needed for use cases like autonomous robots, drone-based deliveries, video analytics and machine learning inference at the edge, and augmented and virtual reality-enhanced experiences.
Amazon Connect launches API to search for users by name, agent hierarchies, and tags
Amazon Connect now provides a new API to search for user records in your Amazon Connect instance. This new API provides a programmatic and flexible way to search for users by first name, last name, username, routing profile, security profile, agent hierarchies or tags. For example, you can now use this API to search for all users tagged with a Department:A key value pair. You can also quickly find a list of all users assigned to a specific security profile, routing profile, or agent hierarchy. To learn more about this new API, see the API documentation.
Amazon SES V2 now supports email size of up to 40MB for inbound and outbound emails by default
With V2 of Amazon Simple Email Service (SES), you can now send and receive emails of up to 40MB message size (including the email text, images, attachments, and the MIME encoding).
With this launch, the default message size limit in Amazon SES V2 increases from 10MB for email sending and 30MB for email receiving, to 40MB for both sending and receiving .
Amazon EC2 C6i, M6i and R6i Instances available in the AWS GovCloud (US) Regions
Amazon EC2 C6i, M6i and R6i instances are available in the AWS GovCloud (US) Regions. These instances are powered by 3rd Gen Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz, offering up to 15% better compute price performance over comparable Gen5 instances for a wide variety of workloads, and always-on memory encryption using Intel Total Memory Encryption (TME).
Amazon Redshift RA3 instances are now available in the Asia Pacific (Osaka), Europe (Milan), Middle East (Bahrain) and Africa (Cape Town) regions. Amazon Redshift RA3 instances with managed storage allow you to scale and pay for compute and storage independently for fast query performance and lower costs, and also enable you to more securely and more easily share live data across Amazon Redshift clusters. RA3 is available in three different node types, RA3.16xlarge, RA3.4xlarge, and RA3.xlplus to help you to balance price and performance depending upon your workload requirements.
Announcing consolidated view of Lambda Insights via Application Insights
You can now easily setup AWS Lambda monitoring and view the health of the Lambda functions via Amazon CloudWatch Application Insights problems directly from the Amazon CloudWatch Lambda Insights console. This integration makes it easier to dive deep into issues, troubleshoot problems and reduce mean time to resolution for your Lambda functions. The simple set up and problem analysis of Application Insights now combines with the monitoring details and troubleshooting of Lambda Insights to provide a consolidated view of the health and performance of your Lambda functions running on AWS.
Amazon Nimble Studio is now available in the Asia Pacific (Tokyo) Region
Amazon Nimble Studio is now available in the Asia Pacific (Tokyo) Region. Deploying Nimble Studio in your local region provides users with a more responsive experience. In just a few hours, you can create a new studio environment in which creative talent can access virtual workstations powered by Amazon Elastic Compute Cloud (EC2) G4dn instances, with NVIDIA Graphical Processing Units (GPUs), and high-speed storage enabled by Amazon FSx. With support for both Windows and Linux operating systems, artists can work with their creative tools of choice using Amazon Machine Images (AMIs) enabling a seamless on-premises to cloud migration. When ready to render images, Nimble Studio allows customers to scale compute resources with AWS Thinkbox Deadline.
Amazon Connect now allows customers to subscribe to a near real-time stream of contact (voice calls, chat, and task) events (e.g., call is queued) in your Amazon Connect contact center in the AWS GovCloud (US-West) Region. These events include when a voice call, chat, or task is initiated, queued to be assigned to an agent, connected to an agent, transferred to another agent or queue, and disconnected. Contact events can be used to create analytics dashboards to monitor and track contact activity, integrate into workforce management (WFM) solutions to better understand contact center performance, or to integrate applications that react to events (e.g., call disconnected) in real-time. Amazon Connect contact events are published via Amazon EventBridge, and can be set up in a couple of clicks by going to the Amazon EventBridge AWS console and creating a new rule.
Google Cloud Releases and Updates
Source: cloud.google.com
Anthos Clusters on bare metal
Anthos clusters on bare metal 1.9.7 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.9.7 runs on Kubernetes 1.21.
Anthos Clusters on VMWare
Two security vulnerabilities, CVE-2022-1055 and CVE-2022-27666, have been discovered in the Linux kernel. Each can lead to a local attacker being able to perform a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all Linux node operating systems (Container-Optimized OS and Ubuntu). For instructions and more details, see the GCP-2022-014 security bulletin.
Anthos clusters on VMware 1.11.0-gke.543 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.11.0-gke.543 runs on Kubernetes v1.22.8-gke.200.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.11, 1.10, and 1.9.
Kubernetes 1.22 has deprecated certain APIs, a list of which can be found in Kubernetes 1.22 deprecated APIs. In your manifests and API clients, you need to replace references to the deprecated APIs with references to the newer API calls. For more information, see the What to do section in the Deprecated API Migration Guide.
Several Anthos metrics have been deprecated for which data is no longer collected. For a list of deprecated metrics, including instructions to migrate to replacement metrics, see Replace deprecated metrics in dashboard.
BigQuery
The ability to configure the time travel window is now in Preview. You can specify the duration of the time travel window, from a minimum of two days to a maximum of seven days.
Three new INFORMATION_SCHEMA
views that show table storage metadata are now in Preview.
TABLE_STORAGE
view to get a snapshot of current storage usage for tables and materialized views.TABLE_STORAGE_TIMELINE_BY_PROJECT
and TABLE_STORAGE_TIMELINE_BY_ORGANIZATION
views to understand table storage changes over time at either the project or the organization level.BigQuery Admin Resource Charts are now generally available (GA) for on-demand users, enabling administrators to monitor key metrics and troubleshoot issues across the entire organization. Previously, it was only available for reservation users. A new permission, bigquery.jobs.listExecutionMetadata, has been added to make it easier to gain access to the full UI.
Chronicle
The following supported default parsers have changed (listed by product name and ingestion label):
For details about the changes in each parser, see Supported default parsers.
Rules can now be run at different frequencies. Rule run frequency impacts the latency with which detections are discovered for each rule. Longer run frequencies increase the amount of time between when an event occurs and when a detection is processed for that event. Rules with a window size of at least one hour are limited to either 1 hour or 24 hour run frequencies.
Cloud Billing
Cost table report now supports updated filters, project ancestry, and report sharing
In the Cloud Billing Console Cost table report, we've updated the report's filters and invoice month selector to function similarly to the Cloud Billing Reports page and Cost breakdown page, added project ancestry functionality, and enabled report sharing.
Updated filters: You use the cost table report to access the details of your invoices and statements. The report's filters and other settings allow you to configure the report views when you are analyzing the usage and cost data. You can also download the cost table data to CSV for offline analysis. When you download the report to CSV, the data that downloads is limited by any filters that you have set and includes only the columns that you have selected to view.
Project ancestry: A new table column has been added to display project ancestry data. Starting with the January 2022 invoice month:
Report sharing: Along with the updated report filters, the cost table report now supports URL bookmarking and sharing. As you configure your cost table report by setting the invoice month, table view cost grouping options, and report filters, the cost table URL updates to include your selections. You can save your report settings by bookmarking the URL. You can share the cost table report by copying the URL.
For more details about the cost table report and using the updated features and functionality, see the documentation.
Cloud Functions
Cloud Functions has added support for the following new runtimes at the Preview release level:
Cloud Logging
You can now comment within your Logging queries. For more information, see Logging query language: comments.
You can now do the following in the improved Logs Explorer:
Use the new plain-text search field and filter menus to construct queries without using the query language
Customize your date and time format preferences for building queries and to display dates and times in the UI.
Toggle on and off the default summary fields to see a raw-text view of your logs.
When querying your logs data in the Logs Explorer, you can now select queries from a library, making it easier to explore your data and find logs during time-critical troubleshooting sessions.
The Cloud Logging API now supports the following regions:
europe-southwest1
europe-west6
europe-west8
europe-west9
southamerica-west1
For more information, see Data Regionality for Cloud Logging.
Cloud SQL for MySQL
You can now accept a maintenance update on your instance outside of the normal flow of scheduled maintenance.
While Cloud SQL schedules maintenance updates once every few months to ensure you have the latest maintenance version, you might want to use self-service maintenance if:
Cloud SQL now supports maintenance changelogs. Maintenance changelogs provide information about updates available in new maintenance versions, such as database minor version upgrades and patches for security vulnerabilities. For links to current maintenance changelogs for each major database version, see Cloud SQL maintenance changelogs.
Cloud SQL for PostgreSQL
You can now accept a maintenance update on your instance outside of the normal flow of scheduled maintenance.
While Cloud SQL schedules maintenance updates once every few months to ensure you have the latest maintenance version, you might want to use self-service maintenance if:
Cloud SQL now supports maintenance changelogs. Maintenance changelogs provide information about updates available in new maintenance versions, such as database minor version upgrades and patches for security vulnerabilities. For links to current maintenance changelogs for each major database version, see Cloud SQL maintenance changelogs.
The following PostgreSQL minor versions and extension versions are now available. If you use maintenance windows, you might not yet have these versions. In this case, you will see the new versions after your maintenance update occurs. To find your maintenance window or manage maintenance updates, see Finding and setting maintenance windows.
Cloud SQL for SQL Server
You can now accept a maintenance update on your instance outside of the normal flow of scheduled maintenance.
While Cloud SQL schedules maintenance updates once every few months to ensure you have the latest maintenance version, you might want to use self-service maintenance if:
Cloud SQL now supports maintenance changelogs. Maintenance changelogs provide information about updates available in new maintenance versions, such as database minor version upgrades and patches for security vulnerabilities. For links to current maintenance changelogs for each major database version, see Cloud SQL maintenance changelogs.
Config Connector
Config Connector version 1.83.0 is now available.
Made the spec.resourceRef.apiVersion
field in IAMPolicy
, IAMPartialPolicy
, IAMPolicyMember
, IAMAuditConfig
optional.
Datastore
The datastore.databases.getMetadata
permission now supports custom Identity and Access Management roles. You can use custom roles with this permission to unlink your database from App Engine.
Dialogflow
Dialogflow ES has added preview support for the following languages:
Afrikaans, Albanian, Amharic, Armenian, Azerbaijani, Basque, Belarusian, Bosnian, Bulgarian, Catalan, Cebuano, Chichewa, Corsican, Croatian, Czech, Esperanto, Estonian, Frisian, Galician, Georgian, Greek, Gujarati, Haitian Creole, Hausa, Hmong, Hungarian, Icelandic, Igbo, Irish, Javanese, Kannada, Kazakh, Khmer, Kinyarwanda, Kurdish, Kyrgyz, Latin, Latvian, Lithuanian, Luxembourgish, Macedonian, Malagasy, Malayalam, Maltese, Maori, Mongolian, Nepali, Oriya/Odia, Punjabi, Samoan, Scots Gaelic, Serbian - Cyrillic, Serbian - Latin, Sesotho, Shona, Slovak, Slovenian, Somali, Sundanese, Swahili, Tajik, Tatar, Turkmen, Uzbek, Welsh, Xhosa, Yoruba, Zulu
Firestore
The datastore.databases.getMetadata
permission now supports custom Identity and Access Management roles.
GKE
Two security vulnerabilities, CVE-2022-1055 and CVE-2022-27666 have been discovered in the Linux kernel. Each can lead to a local attacker being able to perform a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all GKE node operating systems (Container-Optimized OS and Ubuntu). For instructions and more details, see the GCP-2022-014 security bulletin.
Security Command Centre
Security Command Center error detectors are generally available (GA). Error detectors report configuration errors that prevent Security Command Center and its services from functioning properly. Remediation guidance is provided for each finding type. For more information, see Security Command Center errors.
The connections[]
and description
attributes were added to the Finding
object.
connections[]
attribute contains information about the IP connection associated with the finding. It includes the destination IP address, the destination port, the source IP address, the source port, and the protocol.description
attribute provides an explanation of the finding.For more information, see the API documentation for the Finding
object.
T-Systems Sovereign Cloud
T-Systems Sovereign Cloud is now generally available. To get started, see the following topics:
VPC
Automatic DNS configuration for Private Service Connect endpoints is available in General Availability.
For service producers: When you publish a managed service with Private Service Connect, you can optionally specify a domain name for the service.
For service consumers: When you create a Private Service Connect endpoint to connect to a managed service that has a specified domain name, a DNS entry for the Private Service Connect endpoint is created in a Service Directory DNS zone.
Microsoft Azure Releases And Updates
Source: azure.microsoft.com
Generally Available: Automated key rotation in Azure Key Vault
Key Vault now enables you to automatically rotate keys for encryption of your data.
Public preview: Azure Lab Services April 2022 update
Improve performance, reliability, and scalability for Azure Lab Services in the latest update.
Generally available: Azure Functions Linux Elastic Premium plan increased maximum scale-out limits
Maximum scale-out limits for Functions Linux Premium plans have been increased in a number of regions.
Public preview: Azure Compute Gallery feature ‘community gallery’
New Azure Compute Gallery feature ‘community gallery’ makes your private images public.
Generally available: Azure SQL Database storage limits increase for selected compute sizes
Data storage limits have increased over 30% for selected mid-size compute configurations to help reduce costs.
Azure SQL—Generally available updates for late April 2022
Generally available enhancements and updates released for Azure SQL.
Azure SQL—Public preview updates for late April 2022
Public preview enhancements and updates released for Azure SQL.
Generally available: Azure Database for MySQL – Flexible Server higher burstable compute
Azure Database for MySQL - Flexible Server is now offering more options for burstable compute for you to choose from depending on your workload.
Generally available: Azure Database for PostgreSQL – Hyperscale (Citus) now includes PgBouncer 1.17
Create a Hyperscale Citus) server group using the latest 1.7 version of PgBouncer, a popular connection pooler for Postgres used with Azure Database for PostgreSQL – Hyperscale (Citus).
Public preview: Azure Managed Instance for Apache Cassandra enhancements
Azure Managed Instance for Apache Cassandra now includes support for deploying Cassandra 4.0 clusters and running nodetool commands using Azure CLI.
Generally available: Database templates in Azure Synapse Analytics
Azure Synapse database templates are industry-specific schema definitions that provide a standardized way for you to store and shape data, enabling rapid digital transformation.
General availability: Azure Synapse Link now supports existing Azure Cosmos DB containers
Enable Azure Synapse Link on your existing Azure Cosmos DB containers using the SQL API for Azure Cosmos DB.
General availability: Azure Cosmos DB portal—Azure Synapse Link seamless Power BI
Build Power BI reports using Azure Synapse Link from the Azure Cosmos DB portal.
General availability: Unique partial indexes in Azure Cosmos DB API for MongoDB
Specify a partialFilterExpression along with the 'unique' constraint in your Azure Cosmos DB API for MongoDB index.
Public preview: Azure Storage as share in Windows Code in App Service
Mount Azure Files as a local share in Windows Code in Azure App Service.
Public preview: Azure Functions now supports PowerShell 7.2
You can now use the latest version of PowerShell with Azure Functions.
Public preview: Static Web Apps now supports Gitlab and Bitbucket for CI/CD
You can now use Gitlab and Bitbucket as your CI/CD providers for Static Web Apps.
Public preview: Azure Static Web Apps now support skipping API builds
You can now choose to skip your default API builds.
Generally available: Scale-down mode in AKS
You can now select if you would like your AKS nodes to be deleted or deallocated when scaled down.
Generally available: Node pool snapshot
You can now take a snapshot of the node pool configuration and then create a node pool from that snapshot.
Generally available: Group Managed Service Accounts security policy support on Windows
AKS now supports Group Managed Service Accounts (GMSA) configuration, as well as maintaining trust during scale operations in the Windows nodepool.
Public preview: Azure Container Apps built-in authentication Microsoft Azure Container Apps
Use configured identify providers to sign in to your container apps by writing little or no code.
Generally available: Controls to block domain fronting behavior on customer resources
Block domain fronting behavior on Azure Front Door, Azure Front Door (classic), and Azure CDN Standard from Microsoft (classic) resources.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check out the 14 day free trial here: