14 min read

In Cloud Computing This Week [Apr 3rd 2020]

April 3, 2020

This week's roundup of notable cloud news.

 

cloud_developer

Hello Cloudland,  here's this week's round up of everything that's happening in cloud computing.  

We've been super busy this week. Snuck out a pretty stunning new website in between on boarding a slew of new clients and finalising some more big ticket items on our roadmap - more news on that soon.

Check out https://hava.io and let us know what you think.

If you have just discovered Hava. Hava auto generates AWS, GCP and Azure diagrams

No massive news in the cloud space this week, although still more WFH advice than we can keep up with.

There were a few notable exceptions: 

 

Amazon Redshift update – ra3.4xlarge nodes  Getting_Started_aws_logo 

Since AWS launched Amazon Redshift as a cloud data warehouse service more than seven years ago, tens of thousands of customers built their workloads using it. They are always listening to your feedback and, in December last year, AWS announced their 3rd generation RA3 node type providing you the ability to scale compute and storage separately. Previous generation DS2 and DC2 nodes had a fixed amount of storage and required adding more nodes to your cluster to increase storage capacity. The new RA3 nodes let you determine how much compute capacity you need to support your workload and then scale the amount of storage based on your needs. The first member of the RA3 family was the ra3.16xlarge which aws reports they heard from many customers was fantastic, but more than they needed for their workload needs.

This week AWS added a new smaller member to the RA3 family: the ra3.4xlarge.

The RA3 node type is based on AWS Nitro and includes support for Redshift managed storage. Redshift managed storage automatically manages data placement across tiers of storage and caches the hottest data in high-performance SSD storage while automatically offloading colder data to Amazon Simple Storage Service (S3). Redshift managed storage uses advanced techniques such as block temperature, data block age, and workload patterns to optimize performance.

https://aws.amazon.com/blogs/aws/amazon-redshift-update-ra3-4xlarge-instances/

 

AWS DeepComposer – Now Generally Available With New Features  Getting_Started_aws_logo

AWS DeepComposer, a creative way to get started with machine learning, was launched in preview at AWS re:Invent 2019. This week AWS was extremely happy to announce that DeepComposer is now available to all AWS customers, and that it has been expanded with new features.

If you’re new to AWS DeepComposer, here’s how to get started.

  • Log into the AWS DeepComposer console.
  • Learn about the service and how it uses generative AI.
  • Record a short musical tune, using either the virtual keyboard in the console, or a physical keyboard available for order on Amazon.com.
  • Select a pretrained model for your favorite genre.
  • Use this model to generate a new polyphonic composition based on your tune.
  • Play the composition in the console.
  • Export the composition, or share it on SoundCloud.

 

New – Use AWS IAM Access Analyzer in AWS Organizations  Getting_Started_aws_logo

Last year at AWS re:Invent 2019, AWS released AWS Identity and Access Management (IAM) Access Analyzer that helps you understand who can access resources by analyzing permissions granted using policies for Amazon Simple Storage Service (S3) buckets, IAM roles, AWS Key Management Service (KMS) keys, AWS Lambda functions, and Amazon Simple Queue Service (SQS) queues.

AWS IAM Access Analyzer uses automated reasoning, a form of mathematical logic and inference, to determine all possible access paths allowed by a resource policy. We call these analytical results provable security, a higher level of assurance for security in the cloud.

Today I am pleased to announce that you can create an analyzer in the AWS Organizations master account or a delegated member account with the entire organization as the zone of trust. Now for each analyzer, you can create a zone of trust to be either a particular account or an entire organization, and set the logical bounds for the analyzer to base findings upon. This helps you quickly identify when resources in your organization can be accessed from outside of your AWS Organization.

 

Azure server-side encryption with customer-managed keys for Managed Disks  Getting_Started_Azure_Logo

This week, Azure announced the general availability for server-side encryption (SSE) with customer-managed keys (CMK) for Azure Managed Disks. Azure customers already benefit from SSE with platform-managed keys for Managed Disks enabled by default. SSE with CMK improves on platform-managed keys by giving you control of the encryption keys to meet your compliance need.

Azure customers can also use Azure Disk Encryption, which leverages the Windows BitLocker feature and the Linux dm-crypt feature to encrypt Managed Disks with CMK within the guest virtual machine (VM). SSE with CMK improves on Azure Disk encryption by enabling you to use any OS types and images, including custom images, for your VMs by encrypting data in the Azure Storage service.

SSE with CMK is integrated with Azure Key Vault, which provides highly available and scalable secure storage for your keys backed by Hardware Security Modules. You can either bring your own keys (BYOK) to your Key Vault or generate new keys in the Key Vault.

https://azure.microsoft.com/en-us/blog/announcing-serverside-encryption-with-customermanaged-keys-for-azure-managed-disks/

 

GCP Service Directory: Manage all your services in one place at scale Getting_Started_gcp_logo

Enterprises rely on increasing numbers of heterogeneous services across cloud and on-premises environments. Google Cloud customers, for example, may use services like Cloud Storage alongside third-party partner services such as Snowflake, MongoDB, and Redis, as well as their own company-owned applications. Securely connecting to and managing these multi-cloud services can be challenging, especially as resources need to scale up and down to meet fast changing business needs.

Customers want to be able to take a service- rather than infrastructure-centric approach to connecting to Google Cloud services, their own applications, and third-party partner services from GCP Marketplace. Service Directory is a new managed solution to help you publish, discover, and connect services in a consistent and reliable way, regardless of the environment and platform in which they are deployed. It provides real-time information about all your services in a single place, allowing you to perform service inventory management at scale, whether you have a few service endpoints or thousands.

https://cloud.google.com/blog/products/networking/introducing-service-directory

 

Amazon Detective makes it easier to spot cloud security issues Getting_Started_aws_logo

AWS has announced that its new security service Amazon Detective is now available to customers at no additional cost.

Amazon Detective makes it much easier to conduct faster and more efficient investigations into security issues across AWS workloads. 

The service automatically collects log data from a customer's resources and then uses machine learning, statistical analysis and graph theory to build interactive visualizations that allow customers to analyze, investigate and quickly identify the root cause of potential security issues or suspicious activities.

There are also no additional charges or commitments to use Amazon Detective and customers pay only for data ingested from AWS CloudTrail, Amazon Virtual Private Cloud (VPC) Flow Logs and Amazon GuardDuty findings.

AWS has announced that its new security service Amazon Detective is now available to customers at no additional cost.

Amazon Detective makes it much easier to conduct faster and more efficient investigations into security issues across AWS workloads. 

The service automatically collects log data from a customer's resources and then uses machine learning, statistical analysis and graph theory to build interactive visualizations that allow customers to analyze, investigate and quickly identify the root cause of potential security issues or suspicious activities.

There are also no additional charges or commitments to use Amazon Detective and customers pay only for data ingested from AWS CloudTrail, Amazon Virtual Private Cloud (VPC) Flow Logs and Amazon GuardDuty findings.

https://www.techradar.com/news/amazon-detective-makes-it-easier-to-spot-cloud-security-issues

 

General availability of new Azure disk sizes and bursting Getting_Started_Azure_Logo

This week marks the general availability of new Azure disk sizes, including 4, 8, and 16 GiB on both Premium and Standard SSDs, as well as bursting support on Azure Premium SSD Disks.

To provide the best performance and cost balance for your production workloads, Azure are making significant improvements to their portfolio of Azure Premium SSD disks. With bursting, even the smallest Premium SSD disks (4 GiB) can now achieve up to 3,500 input/output operations per second (IOPS) and 170 MiB/second. If you have experienced jitters in disk IOs due to unpredictable load and spiky traffic patterns, migrate to Azure and improve your overall performance by taking advantage of bursting support.

Azure offer disk bursting on a credit-based system. You accumulate credits when traffic is below the provisioned target and you consume credit when traffic exceeds it. It can be best leveraged for OS disks to accelerate virtual machine (VM) boot or data disks to accommodate spiky traffic. For example, if you conduct a SQL checkpoint or your application issues IO flushes to persist the data, there will be a sudden increase of writes against the attached disk. Disk bursting will give you the headroom to accommodate the expected and unexpected change in load.

https://azure.microsoft.com/en-us/blog/general-availability-of-new-azure-disk-sizes-and-bursting/

 

Announcing general availability of incremental snapshots of Managed Disks Getting_Started_Azure_Logo

Microsoft announced the general availability of incremental snapshots of Azure Managed Disks. Incremental snapshots are a cost-effective, point-in-time backup of managed disks. Unlike current snapshots, which are billed for the full size, incremental snapshots are billed for the delta changes to disks since the last snapshot and are always stored on the most cost-effective storage, Standard HDD storage irrespective of the storage type of the parent disks. For additional reliability, incremental snapshots are stored on Zone Redundant Storage (ZRS) by default in regions that support ZRS.

Incremental snapshots provide differential capability, enabling customers and independent solution vendors (ISVs) to build backup and disaster recovery solutions for Managed Disks. It allows you to get the changes between two snapshots of the same disk, thus copying only changed data between two snapshots across regions, reducing time and cost for backup and disaster recovery. Incremental snapshots are accessible instantaneously; you can read the underlying data of incremental snapshots or restore disks from them as soon as they are created. Azure Managed Disk inherit all the compelling capabilities of current snapshots and have a lifetime independent from their parent managed disks and independent of each other.

https://azure.microsoft.com/en-us/blog/announcing-general-availability-of-incremental-snapshots-of-managed-disks/

 

Powering up GCP caching with Memorystore for Memcached  Getting_Started_gcp_logo

In-memory data stores are a fundamental infrastructure for building scalable, high-performance applications. Whether it is building a highly responsive ecommerce website, creating multiplayer games with thousands of users, or doing real-time analysis on data pipelines with millions of events, an in-memory store helps provide low latency and scale for millions of transactions. Redis is a popular in-memory data store for use cases like session stores, gaming leaderboards, stream analytics, API rate limiting, threat detection, and more. Another in-memory data store, open source Memcached, continues to be a very popular choice as a caching layer for databases and is used for its speed and simplicity.

GCP announced Memorystore for Memcached in beta, a fully managed, highly scalable service that’s compatible with the open source Memcached protocol. They launched Memorystore for Redis in 2018 to let you use the power of open source Redis easily without the burden of management. This announcement brings even more flexibility and choice for your caching layer. 

https://cloud.google.com/blog/products/databases/fully-managed-memorystore-for-memcached

 

Mapping The Cloud: A Look At The Segments Driving Growth  Getting_Started_aws_logo Getting_Started_Azure_LogoGetting_Started_gcp_logo

In this article, Seeking Alpha explore the cloud ecosystem's distinct segments, identifying some of the key trends and investment rationales that are relevant to today's technology investors.

https://seekingalpha.com/article/4335708-mapping-cloud-look-segments-driving-growth

 

Pluralsight offers 7,000+ online tech courses free for April  Getting_Started_aws_logo Getting_Started_Azure_LogoGetting_Started_gcp_logo

In a bid to encourage online learners to stay home and upskill during COVID-19 lockdowns, Pluralsight, the enterprise technology skills platform, has made its 7,000+ courses available for free for the month of April.

The offer is available for individual users not currently subscribed to the platform. In addition, Pluralsight is offering extended trials to businesses, nonprofits and education institutions for teams and teachers.

With a key focus on enterprise technology skills, Pluralsight offers a platform that delivers a unified, end-to-end learning experience for businesses across the globe.

The platform runs as a subscription service, offering companies the means to better understand technology and innovation through a library of more than 7,000 courses focused on technology skill development.

https://itbrief.co.nz/story/pluralsight-offers-7-000-online-tech-courses-free-for-april 

  

Upcoming Events:  Getting_Started_aws_logo Getting_Started_Azure_LogoGetting_Started_gcp_logo

 

HashiDays    ** Postponed **

Where: Sydney AU
When : 6-7th April 2020

For the first time HashiDays is coming to APAC: get ready for HashiDays Sydney at the Roslyn Packer Theatre on 7 April.

https://hashidays.com/

However - there's a Virtual Day being held instead on the 7th of April: https://www.hashicorp.com/webinars/hashicorp-virtualdays-apac-april2020/

 Virtual Cloud Computing Events Getting_Started_aws_logo Getting_Started_Azure_LogoGetting_Started_gcp_logo

Redhat Virtual Summit

When: April 28-29

https://www.redhat.com/en/summit

 

DockerCon Live

When: May 28

https://www.docker.com/dockercon/

 

Think 2020 IBM

When: May 5-7

https://www.ibm.com/events/think/

 

Cloud Data Summit North America

When: May 26-27

https://www.clouddatasummit.com/na/

 

If you need a fix of AWS goodness, there is an extensive program of online tech talks scheduled:

Join AWS for live, online presentations led by AWS solutions architects and engineers. AWS Online Tech Talks cover a range of topics and expertise levels, and feature technical deep dives, demonstrations, customer examples, and live Q&A with AWS experts.

Note – All sessions are free and in Pacific Time. Can’t join them live? Access webinar recordings and slides on the On-Demand Portal.

Tech talks this month, by category, are:

 

Microsoft also has a full training and events calendar underway : 

Source : https://azure.microsoft.com/en-us/community/events/

Some are going ahead, but we'd suggest contacting the organisers before putting any concrete plans in place.


Thanks for reading, we hope you found something useful. Talking of useful: 

hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.

If you haven't taken a hava.io free trial to see what it can do for your workflow, security and compliance needs - please get in touch.

 

You can reach us on chat, email sales@hava.io or book a callback or demo below.

 

 

Topics: aws azure gcp news
Team Hava

Written by Team Hava

The Hava content team

Featured