In Cloud Computing This Week [Aug 20th 2021]

AWS Updates and Releases

You can now hibernate Amazon EC2 C5d, M5d, and R5d Instances. Hibernation allows you to pause your EC2 Instances and resume them at a later time, rather than fully terminating and restarting them. Resuming your instance lets your applications continue from where they left off so that you don’t have to restart your OS and application from scratch. Hibernation is useful for cases where rebuilding application state is time-consuming (e.g., developer desktops) or an application’s start-up steps can be prepared in advance of a scale-out.

Starting this week, you can split your shared costs within your AWS Cost Categories  by defining Split Charge rules. AWS Cost Categories enables you to group your cost and usage information into meaningful categories based on dimensions such as accounts, tags, services, charge types, and even other Cost Categories. Every organization has a set of costs that are shared by multiple teams, business units, or financial owners, for instance, data transfer costs, enterprise support, or operational costs of a central infrastructure team. These costs are not directly attributable to a single owner, and so cannot be categorized into a singular Cost Category value. With Split Charge rules, you can now equitably allocate these costs across your Cost Category values.

EC2 VM Import/Export now supports migration of virtual machines that use Unified Extensible Firmware Interface (UEFI) boot. UEFI is a modern firmware that initializes your operating system. You can now use EC2 VM Import/Export APIs to bring your UEFI based virtual machines directly to AWS EC2 without converting to legacy BIOS.

Starting this week, Amazon Redshift introduces spatial query performance enhancements, 3D/4D geometries, and new spatial functions in Amazon Redshift to improve processing of spatial data.

Amazon Managed Services (AMS) Accelerate Operations Plan now supports the AWS Europe (Stockholm) region. AMS Accelerate provides operational services including monitoring, incident management, security, patch, and backup to help you with day-to-day operations management of AWS resources so that your teams can focus on business transformation in the cloud.

This week AWS were excited to announce that Amazon SageMaker notebook instance supports Amazon Linux 2. You can now choose Amazon Linux 2 for your new Amazon SageMaker notebook instance to take advantage of the latest update and support provided by Amazon Linux 2.

This week, AWS were pleased to announce AWS Glue version 3.0, a new version of AWS Glue Spark for your batch and streaming jobs that accelerates your data integration workloads in AWS. AWS Glue 3.0 introduces a performance-optimized Spark runtime that includes optimizations from AWS Glue and Amazon EMR, and is based on open-source Apache Spark 3.1.1 . The AWS Glue 3.0 runtime optimizes both read and write access to Amazon Simple Storage Service (Amazon S3), using faster vectorized readers  and Amazon S3 optimized output committers. It also optimizes access to the AWS Glue Data Catalog  with the use of partition predicates. For highly partitioned datasets, Glue 3.0 improves the execution speed by filtering out unnecessary partitions using partition indexes . AWS Glue 3.0 runtime is also fully integrated with AWS Lake Formation, so you can secure your data access in different granularities like database-, table-, column-, row-, and cell-level access control using resource names and AWS Lake Formation tag based access control . With AWS Glue 3.0, we also bring in new capabilities to improve user experience for monitoring, debugging, and tuning Spark applications. Spark 3.1.1 enables an improved Spark UI experience  that includes new Spark executor memory metrics  and Spark Structured Streaming metrics  that are useful for AWS Glue streaming jobs. Similar to AWS Glue 2.0, AWS Glue 3.0 reduces startup latency and improve the overall job completion times.

AWS IoT Analytics is now available in the Asia Pacific (Mumbai) AWS Region, extending the footprint to 9 AWS Regions.

AWS Security Hub has released 18 new controls for its Foundational Security Best Practice standard  to enhance customers’ cloud security posture monitoring. These controls conduct fully-automatic checks against security best practices for Amazon API Gateway, Amazon EC2, Amazon ECS, Elastic Load Balancing, Amazon Elasticsearch Service, Amazon RDS, Amazon Redshift, and Amazon SQS. If you have Security Hub set to automatically enable new controls and are already using AWS Foundational Security Best Practices, these controls are enabled by default. Security Hub now supports 159 security controls to automatically check your security posture in AWS.

Amazon Connect Customer Profiles is now HIPAA  (Health Insurance Portability and Accountability Act) eligible. Customer Profiles is designed to automatically bring together customer information from multiple applications and surface it to a contact agent at the moment they begin interacting with a customer. HIPAA eligibility means you can use Customer Profiles to provide agents with the Protected Health Information (PHI) data they need to resolve your customers’ questions or inquiries. You can ingest data from electronic health records (EHR) systems such as Epic, Cerner, and Siemens using Amazon S3 data connectors between EHR systems and Customer Profiles. Amazon Connect has been HIPAA eligible since 2017. Amazon Connect Customer Profiles is also ISO, IRAP certified.

Amazon WorkSpaces now offers new bundles powered by Windows Server 2019, providing a Windows 10 desktop experience along with a 64-bit Microsoft Office 2019 Professional Plus bundle option. The feature brings a refreshed Windows 10 desktop experience, and enables customers to run applications that require recent Windows versions.

Amazon CodeGuru is a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code. Developers can use Amazon CodeGuru Profiler to understand the runtime behavior of their applications, identify and remove code inefficiencies, improve performance, and significantly decrease compute costs.

AWS IoT Device SDK for Embedded C (C-SDK) release 202108.00 includes the AWS SigV4 library and a refactored AWS IoT Fleet Provisioning client library for IoT applications. This release makes it easier for developers using C-SDK to authenticate inbound API requests to AWS services from IoT devices running HTTP, and provision IoT devices that do not have unique certificates.

AWS Transfer Family now supports configuring a client side externally accessible IP address on an FTPS/FTP server, allowing clients behind a firewall or a NAT router to connect to the server. Additionally, customers can now easily scale up their workloads by creating up to 50 servers within AWS Transfer Family in a single AWS account and region, a fivefold increase in the previously supported limit of 10 servers.

AWS Systems Manager Fleet Manager, a capability in AWS Systems Manager (SSM) that helps you streamline and scale your remote server management processes, now offers the ability to generate at-a glance reporting on your SSM Managed Instances. The new feature enables you to customize the Fleet Manager information panel in which you can view alerts, status, and details of managed instances and download it for local viewing and analysis. 

Starting this week, AWS customers can use ED25519 keys to prove their identity when connecting to EC2 instances. ED25519 is an elliptic curve based public-key system commonly used for SSH authentication.

AWS Elastic Beanstalk now supports Capacity Rebalancing for Amazon EC2 Auto Scaling groups (ASG) . This feature reduces Spot Instance  interruptions to customers’ applications. When enabled, ASG Capacity Rebalancing is designed to automatically attempt to replace Spot Instances in an Auto Scaling group before they are interrupted.

Starting this week, you can use Common Access Card (CAC) and Personal Identity Verification (PIV) smart cards to authenticate users into Amazon WorkSpaces through your self-managed Active Directory (AD) and AWS Directory Service AD Connector in US East (Northern Virginia), US West (Oregon), Europe (Ireland), Asia Pacific (Tokyo), and Asia Pacific (Sydney) Regions. Additionally, you can now use the AWS Management Console to configure smart card authentication with AWS Directory Service. Previously, smart card authentication with AD Connector for Amazon WorkSpaces was only supported in the AWS GovCloud (US-West) Region and could only be configured through the AWS Directory Service API or CLI.

Amazon RDS for SQL Server now includes enhancements to the Auto Minor Version Upgrade feature for Amazon RDS for SQL Server database instances. Auto Minor Version Upgrade is a feature that you can enable to have your database automatically upgraded when a new minor database engine version is available.

Amazon Web Services (AWS) announces the general availability of Amazon EC2 M6i instances, expanding the 6th generation EC2 instance portfolio to include x86-based compute options. Designed to provide a balance of compute, memory, storage, and network resources, M6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances. M6i instances are powered by 3rd generation Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz, offer up to 15% better compute price performance over M5 instances, and always-on memory encryption using Intel Total Memory Encryption (TME). These instances are SAP-Certified and are ideal for workloads such as web and application servers, back-end servers supporting enterprise applications (e.g. Microsoft Exchange Server and SharePoint Server, SAP Business Suite, MySQL, Microsoft SQL Server, and PostgreSQL databases), gaming servers, caching fleets, as well as for application development environments. 

AWS Lambda now supports Python 3.9 as both a managed runtime and a container base image. You can now author AWS Lambda functions in Python 3.9 and use its new features, such as support for TLS 1.3, new string and dictionary operations, and improved time zone support. Python 3.9 also includes performance optimizations that you can benefit from without making any code changes. For more information on Lambda’s support for Python 3.9, see our blog post at Python 3.9 runtime now available in AWS Lambda.

Google Cloud Armor integration with reCAPTCHA Enterprise is now available in Public Preview. See the Cloud Armor bot management overview and the Overview of reCAPTCHA Enterprise for WAF and Google Cloud Armor integration.

You can now use Chef to install and manage the Google Cloud operations suite agents across your fleet of Linux and Windows VMs. For more information, refer to the Chef Integration documentation.

Cloud Code Extension updated to v1.13.1

Updates includes a simplified combined Kubernetes Explorer and GKE Explorer experience, Managed Cloud SDK performance improvements, as well as improved Cloud Run local development webview. Review the Cloud Code release notes for a complete list of features/updates/bug fixes.

Cloud Shell Editor is now built with Theia 1.16.0

Review the Theia release notes for a complete list of features/updates/bug fixes.

Cloud Shell Editor Built-in Extensions Updated to 1.45.1

All built-in VS Code Extensions used by the Cloud Shell Editor have been updated to 1.45.1 to incorporate upstream changes.

The Flutter SDK now comes preinstalled in Cloud Shell.

Visit the Flutter Docs or simply enter flutter in Cloud Shell to get started.

.Net 5.0 now comes preinstalled in Cloud Shell.

Checkout the dotnet-five documentation for more details.