This week's roundup of all the cloud news.
Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 13th August 2021.
To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting later this year that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
AWS Snow Family customers to remotely monitor and operate their connected AWS Snowcone devices. This enables customers to manage one or thousands of Snowcone devices, even when they are geographically dispersed. Customers can remotely view a central dashboard to see whether a device is online or unlocked and monitor metrics such as storage and compute capacity. Additionally, customers can now remotely unlock or reboot devices in the field that have a network connection.
Amazon CodeGuru is a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code. Developers can use Amazon CodeGuru Profiler to understand the runtime behavior of their applications, identify and remove code inefficiencies, improve performance, and significantly decrease compute costs.
With AWS Glue DataBrew, customers can now use IF, AND, OR, and CASE logical conditions to create transformations based on functions. With this feature, customers have the flexibility to use custom values or reference other columns within the expressions, and can create adaptable transformations for their specific use cases.
AWS Glue DataBrew recipe jobs now support Tableau Hyper as a data output format, allowing customers to easily take the prepared datasets from Amazon S3 and upload them into Tableau for further visualization and analysis. For a list of supported output formats, please see the AWS Glue DataBrew output formats table .
Change Manager, a capability of AWS Systems Manager, now allows you to specify AWS Identity and Access Management (IAM) role as approvers for change requests and change templates. Change Manager simplifies the way you can request, approve, implement, and report on operational changes to your application configuration and infrastructure on AWS and on-premises. Now, you have more flexibility to leverage your existing identity provider for change management practices.
AWS CodeBuild project owners are now able make build logs and artifacts publicly accessible to people who are not logged into the AWS Console. This simplifies how CodeBuild project owners are able to collaborate with open source contributors because project owners don’t need to administer AWS account access for each contributor.
Amazon API Gateway now supports mutual TLS with certificates from third-party CAs and ACM Private CA
Amazon API Gateway enables customers to authenticate clients using certificate-based mutual TLS, where digital certificates are exchanged between the client and API Gateway before a secure connection is established. Previously, only certificates issued by AWS Certificate Manager (ACM) could be used as the server certificate when configuring mutual TLS in API Gateway. Starting today, customers can use a server certificate issued by a third-party certificate authority (CA) or ACM Private CA.
Amazon Connect now provides an improved chatbot building experience, powered by Amazon Lex V2 console and APIs
Amazon Connect now makes it easier for customers to build, deploy, and manage chatbots using the enhanced Amazon Lex V2 console and APIs. Amazon Lex allows customers to create intelligent chatbots that turn their Amazon Connect contact flows into natural conversations. Amazon Lex V2 console and API enhancements include: 1) support for multiple languages in a simple bot and the ability to manage them as a single resource through the life cycle (build, test, and deploy), 2) ability for end-users to request a bot to wait (“Can you wait while I get my credit card?”), and interrupt a bot in mid-sentence, 3) simplified bot versioning, and 4) new productivity features such as support for saving partially completed bots, bulk upload of sample utterances, and navigation via a dynamic ‘Conversation flow’ for more flexibility and control in the bot design process. For more details on Amazon Lex V2, see the “Amazon Lex introduces an enhanced console experience and V2 APIs” blog post.
You can now easily list Amazon EMR releases available in an Amazon region and describe the applications available with any Amazon EMR release. Previously, if you were looking to launch Amazon EMR clusters in new regions, or with the latest version of an application, you had to read the release notes and manually update your cluster launch workflow. The new API parameters now allow you to programmatically identify this information, enabling you to automate your cluster launch workflows.
AWS Snow Family now supports ML inference at the edge with Amazon SageMaker Edge Manager and AWS IoT Greengrass
AWS Snow Family now supports AWS IoT Greengrass version 2.0 or higher, which makes it easier for you to build IoT solutions and run ML inference on Snowball Edge and Snowcone devices. With support for AWS IoT Greengrass on Snow, you can now use Amazon SageMaker Edge Manager to optimize, secure, monitor, and maintain ML models on fleets of Snowball Edge devices.
AWS Snowball Edge (SBE) Storage Optimized devices now support high performance Network File System (NFS) data transfer operations. With this launch, customers can now transfer up to 80TBs of data onto Snowball Edge Storage Optimized devices through both file and object interfaces. The file interface exposes a Network File System (NFS) mount point for each bucket on your AWS Snowball Edge Storage Optimized device. After mounting the file share, you can drag and drop files from your computer into Amazon S3 buckets on the Snowball Edge device.
Amazon EMR now supports Amazon S3 Access Points, a feature of Amazon S3 that allows you to easily manage access for shared data lakes. Using your S3 Access Point alias, you can simplify your data access at scale on Amazon EMR.
The AWS Toolkit for VS Code now provides developers with convenient IDE functionality to create and manage deployments from their code or image repositories using AWS App Runner. AWS App Runner is a fully managed service that makes it easy for customers without any prior containers or infrastructure experience to build, deploy, and run containerized web applications and APIs in just a few clicks.
Amazon Chime SDK meetings now support live transcription with Amazon Transcribe and Amazon Transcribe Medical
The Amazon Chime SDK lets developers add real-time audio, video, and screen share to their web and mobile applications. Starting today, developers can overlay subtitles, build a transcript, or perform real-time content analysis with live audio transcription powered by Amazon Transcribe or Amazon Transcribe Medical.
Announcing support for new Timestamp function, PreTrigger function and ability to write nested expressions within aggregation functions
AWS IoT SiteWise now supports three new enhancements to AWS IoT SiteWise formula expressions to allow users greater flexibility in monitoring their IoT assets in near real-time.
AWS Amplify Hosting now supports deploying and hosting server-side rendered (SSR) apps built with version 11 of Next.js with zero configuration. Amplify Hosting supports all the latest Next.js features including incremental static regeneration, automatic image optimization, and script optimization.
AWS interactive EC2 Serial Console is now available in more commercial regions and AWS GovCloud (US) regions
Starting today, interactive EC2 Serial Console is available in AWS GovCloud (US), us-west-1, ca-central-1, eu-west-2 , eu-west-3 , ap-northeast-2 , ap-south-1 , sa-east-1 and eu-north-1 regions.
Amazon CloudWatch Logs now supports CloudWatch usage metrics, enabling you to monitor your CloudWatch Logs API Usage. Using usage metrics, you can create alarms to be notified when you're approaching a CloudWatch Logs API service quota and visualize your usage on CloudWatch dashboards.
Amazon SageMaker introduces one-click model inference and fine-tuning for Hugging Face models in Amazon SageMaker JumpStart
Building on the Hugging Face deep learning containers released earlier this year, Amazon SageMaker is now making it even easier to deploy and fine-tune the state-of-the-art natural language processing models (NLP) with just a few clicks using Amazon SageMaker JumpStart. Amazon SageMaker JumpStart helps you quickly and easily get started with machine learning (ML). SageMaker JumpStart provides a set of solutions for the most common use cases that can be deployed readily with just a few clicks, and supports one-click deployment and fine-tuning of popular open source models such as natural language processing, object detection, and image classification models. These solutions are fully customizable and showcase the use of AWS CloudFormation templates and reference architectures so you can accelerate your ML journey. SageMaker JumpStart is also integrated in Amazon SageMaker Studio, our fully integrated development environment (IDE) for ML, making it intuitive to discover models, solutions, and more.
Now enable auto-approval of change requests and expedite changes with AWS Systems Manager Change Manager
Change Manager, a capability of AWS Systems Manager, now allows administrators to auto-approve known and less risky changes through pre-configured change templates thereby eliminating the approval step and expediting changes.
AWS WAF now enables you to select a specific version of a managed rule group within your web ACL, giving you the ability to test new rule updates safely and roll back to previously tested versions. When using a versioned managed rule group, you control when new rule updates are applied to your traffic. By default, you will continue to automatically receive rule updates to your managed rule group. You can change this behavior by manually selecting a version, enabling you to pause automatic updates or go back to a previous version. Once you select a specific version, you will no longer receive automatic updates but will remain on the selected version until it reaches end of life.
AWS Systems Manager OpsCenter launches operational insights to identify duplicate items and event sources with unusual activity
Starting this week, OpsCenter, a capability of AWS Systems Manager, automatically analyzes operational items in customers’ accounts. Then, OpsCenter generates operational insights when it detects duplicate operational items or a large number of operational items created by the same event source. For each operational insight, OpsCenter recommends actions that operators and IT professionals can take to address the underlying issue. This improves operational efficiency by reducing alert noise, so that you can focus on issues that matter most. By using OpsCenter, you can track and resolve operational items related to AWS resources in a central place, helping to reduce the time to issue resolution.
Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to analyze text documents and identify insights such as sentiment, entities, and topics in text. Today, we are updating our custom entity recognition models so that you can train models with fewer training documents. Custom entity recognition extends the capability of Amazon Comprehend by enabling you to identify new entity types not supported as one of the preset generic entity types. This means that in addition to identifying the entity types from the Detect Entities API such as LOCATION or DATE, PERSON, you can analyze documents and extract entities like PRODUCT_CODE, EMPLOYEE_ID, CONTRACTOR_NAME or business-specific entities that you define and that fit your particular needs. Starting today, we have reduced the minimum required training documents by 50%. This means, you can train custom models with as few as 100 annotations per entity type from 250 documents. If you have more training documents, you can even expect to get better results from the newer models than before!
Amazon WorkSpaces now allows users to view default quota and applied quota information through Service Quotas
Amazon RDS Proxy now enables you to create Proxies in a shared, centrally-managed Amazon Virtual Private Cloud (VPC). VPC sharing allows teams, each with their AWS accounts, to create resources into a centrally-managed VPC. This reduces the number of VPCs that you need to create and manage, while using separate accounts for billing and access control. To learn more about VPC sharing, see our documentation .
Google Cloud Releases and Updates
Anthos cluster on VMWare
Anthos clusters on VMware 1.7.3-gke.2 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.7.3-gke.2 runs on Kubernetes 1.19.12-gke.1100.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.8, 1.7, and 1.6.
Users can now build repositories from GitHub Enterprise, including on-premises instances. For more information, see Creating GitHub Enterprise triggers.
The use of private worker pools is now available for building your functions.
When you create a line chart on a dashboard, you can now specify whether the selected metric is charted against the left Y-axis or the right Y-axis. This feature lets you display different metrics with different scales on the same chart. For an API example, see Dashboard with an
XyChart and a threshold.
Cloud SQL for MySQL, PostgreSQL, SQL Server
The Cloud SQL Admin API v1 is now generally available. It is and will continue to be compatible with the v1beta4 version. There is no requirement to migrate from v1beta4 to the v1 Admin API.
Cloud TPU now supports Tensorflow 2.6.0. For more information, see Tensorflow 2.6.0 Release Notes.
In TF 2.6.0, TensorFlow has introduced a new version of the TF/XLA bridge using the MLIR compiler infrastructure. The MLIR bridge is enabled by default. To explicitly disable it at runtime, add the following code snippet to your model's code:
Deep Learning Containers / VM Images
Dialogflow CX GA (generally available) launch of Experiments to compare the performance of flow versions to a control version while handling live traffic.
- Version 1.19.12-gke.2100 is now the default version in the Stable channel.
Security Command Center
Event Threat Detection, a built-in service of Security Command Center Premium, has launched new detectors to protect your Google Workspace domains in general availability. The detectors identify suspicious activities in member accounts and your Admin Console, including leaked passwords, attempted account breaches, settings changes, and possible government-backed attacks. For more information, see Event Threat Detection overview.
Container Threat Detection, a built-in service of Security Command Center Premium, has launched a new detector,
Malicious Script Executed, in general availability. The detector uses natural language processing to evaluate bash scripts and determine if they are malicious. For more information, see Container Threat Detection overview
Security Command Center findings now include two new attributes that provide additional information about the type of finding and the activity that triggered it. The attributes include the following:
- Indicator: displayed as
indicator. This is an indicator of compromise (IoC), or artifact, observed on a network or in an operating system that, with high confidence, indicates a computer intrusion.
- Finding Class: displayed as
findingClass. Indicates the type of finding. The following list includes finding classes and their descriptions:
- Threat: unwanted or malicious activity
- Vulnerability: a potential weakness in software that increases risk to the confidentiality, integrity, and availability of your resources
- Misconfiguration: a potential weakness in a resource's configuration that increases risk
- Observation: a security observation provided for informational purposes
To learn more about findings, see the Findings tab in Using the Security Command Center dashboard.
VPC Service Controls
General availability for the following integration:
Microsoft Azure Releases And Updates
New features Cross Location Compute, Hierarchical Time Series, and Compute Instance auto-shutdown and auto-start capabilities are now available in preview in Azure Machine Learning.
Participate in the retail evaluation now to ensure full compatibility. The OS evaluation period provides 14 days for backward compatibility testing.
GitHub Codespaces is now available to all GitHub Teams and GitHub Enterprise Cloud customers.
Automatic extension upgrade provides safe and automatic upgrades for extensions on Azure Virtual Machines and Virtual Machine Scale Sets, keeping your environments more secure and up to date.
Secure your connection to Azure Migrate services with Azure Migrate Private Link
Azure Migrate: App Containerization helps you containerize and migrate ASP.NET and Java web applications to Azure Kubernetes Service and Azure App Service.
Azure VPN Client for macOS enables you to utilize features of Azure AD natively, such as multi-factor authentication, conditional access, and user-based policies for you Mac clients.
Replicate your virtual machines to any Azure region on the planet to safeguard your applications from disaster.
The Azure Percept July update includes fixes related to security, Wi-Fi/Network, and OOBE UI localization.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and possibly your sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free. When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: