This week's roundup of all the cloud news.
Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 27th August 2021.
To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting later this year that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL major version 13. PostgreSQL 13 includes improved functionality and performance from enhancements such as de-duplication of B-tree index entries, improved performance for queries that use partitioned tables, incremental sorting to accelerate data sorts, parallel processing of indexes with the VACUUM command, more ways to monitor activity within a PostgreSQL database, new security capabilities, and more. This release also adds support for bool_plperl, which simplifies writing Perl procedures.
AMAZON TEXTRACT ANNOUNCES REDUCED PRICING OF UP TO 32% ON ANALYZEDOCUMENT AND DETECTDOCUMENTTEXT REQUESTS IN EIGHT GLOBAL AWS REGIONS
Amazon Textract is a managed service that leverages computer vision and machine learning to automatically extract printed and handwritten text, tables and forms data from scanned documents with no machine learning experience necessary. Today, we are excited to announce that effective September 1, 2021, customers will see a price reduction of up to 32% and save even more on the use of AnalyzeDocument and DetectDocumentText requests in eight global AWS Regions.
AWS Compute Optimizer Now Helps Customers Understand Impact of Migrating to Graviton2-based Instances
AWS Compute Optimizer now helps customers understand impact of migrating to Graviton2-based instances by recommending up to 3 Graviton2-based instance type options for x86-based Linux instances.
AWS Snowcone is now available in the AWS Asia Pacific (Singapore) and AWS Asia Pacific (Tokyo) regions
The AWS Snowcone service is now available for customer orders in the AWS Asia Pacific (Singapore) and, AWS Asia Pacific (Tokyo) Regions. With this launch, Snowcone is now available for order in AWS Asia Pacific (Singapore), Asia Pacific (Tokyo), Canada (Central), Asia Pacific (Sydney), EU (Frankfurt), EU (Ireland), US East (N. Virginia), and US West (Oregon) Regions. AWS Snowcone is the smallest member of the AWS Snow Family of edge computing, edge storage, and data transfer devices. Snowcone is portable, rugged, and secure – small and light enough to fit in a backpack, and able to withstand harsh environments. Customers use Snowcone to deploy applications at the edge, and to collect data, process it locally, and move it to AWS either offline (by shipping the device to AWS) or online (by using AWS DataSync on Snowcone to send the data to AWS over the network).
Amazon Rekognition is a machine learning (ML) based service that can analyze images and videos to detect objects, people, faces, text, scenes, activities, and inappropriate content. Celebrity Recognition makes it easy for customers to automatically recognize tens of thousands of well-known personalities in images and videos using ML. Celebrity recognition significantly reduces the repetitive manual effort required to tag produced media content and make it readily searchable. Starting today, customers can get higher accuracy (lower false detections and rejections) and increased coverage of global celebrities. In addition, customers get three new attributes for each celebrity recognized: presentation of gender, expression, and smile. This metadata helps further refine content search and filtering workflows. For example, customers can now easily search for images where a particular actor is smiling, or measure the coverage of female versus male celebrities in event photos to ensure fair representation.
IPv6 endpoints are now available for the Amazon EC2 Instance Metadata Service, Amazon Time Sync Service, and Amazon VPC DNS Server
The Amazon EC2 Instance Metadata Service, Amazon Time Sync Service, and Amazon VPC DNS server can now be accessed over IPv6 endpoints by instances built on the Nitro System . These local instance services have IPv6 addresses that can be accessed from your Amazon EC2 instances. These IPv6 endpoints use Unique Local Addresses (ULA); IPv6 for local instance services is useful for running software and containers in an IPv6-only single stack configuration. Additionally, if you are starting your transition to IPv6 in a dual-stack environment, the endpoints for the Instance Metadata Service, Amazon Time Sync Service, and Amazon VPC DNS are available over both IPv4 and IPv6.
Amazon Elasticsearch Service now supports three Availability Zone deployments in AWS GovCloud (US-EAST) Region
Amazon Elasticsearch Service (Amazon ES) now enables you to deploy your instances across three Availability Zones (AZs) providing better availability for your domains. If you enable replicas for your Elasticsearch indices, Amazon Elasticsearch Service distributes the primary and replica shards across nodes in different AZs to maximize availability.
When you create an AWS DataSync task to transfer your data to and from AWS Storage, you can now specify include filters as well as exclude filters, providing you with even greater control over how your data is transferred. With this enhancement, you can now schedule tasks that utilize both exclude and include filters to transfer only a subset of files in your source location. Additionally, you can now queue multiple executions of a task when the filter settings differ between executions.
The new Amazon DynamoDB console is now your default experience to help you manage data and resources more easily
The new Amazon DynamoDB console is now your default experience to help you manage data and resources more easily through simpler navigation and by providing you richer contextual information.
IAM Access Analyzer helps you generate fine-grained policies that specify the required actions for more than 50 services
IAM Access Analyzer helps you achieve least privilege by generating fine-grained policies that specify the required actions for more than 50 services. In April 2021, IAM Access Analyzer added policy generation to help you create IAM policies based on your AWS CloudTrail activity. Now, we are extending policy generation to identify actions used for more than 50 services such as Amazon ECR, Amazon Athena, and AWS Security Hub. When you request a policy, IAM Access Analyzer gets to work and generates a policy by analyzing your AWS CloudTrail logs to identify actions used. For other services, IAM Access Analyzer helps you by identifying the services used and guides you to add the necessary actions. The generated policy makes it easier to grant only the required permissions for your workloads.
Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to analyze text documents and identify insights such as sentiment, entities, and topics in text. Today, we are announcing support for tagging with analysis jobs. In order to scale AI/ML within organizations, it is important to tag analysis jobs so that organizations can track jobs and users using the service. Now, a user can add tags during an analysis job creation in Amazon Comprehend. They can subsequently use these tags to charge back costs associated with the job to the appropriate cost center or user, analyze the number of jobs associated with a given project, or keep their AI/ML analyses organized with appropriate access control.
Amazon Managed Streaming for Apache Kafka (Amazon MSK) now offers greater insight into the usage of Amazon MSK resources through 19 new metrics published to Amazon CloudWatch. These metrics offer customers additional visibility into resource utilization across CPU, storage, and the network, enabling customers to maximize the performance and uptime of their Apache Kafka applications interacting with Amazon MSK.
Amazon Relational Database Service (Amazon RDS) now supports Boolean DB parameter expressions in PostgreSQL parameter groups, which enables database administrators to optimize more database configurations with fewer parameter groups.
This week, AWS announced the AWS Level 1 MSSP Competency to support AWS customers looking for AWS Partners with deep specialization and expertise protecting and monitoring essential AWS resources on behalf of their customers.
Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for you to add speech-to-text capabilities to your applications. Starting today, you can assign tags to easily organize, track, or control access your resources. This can be used to allocate costs or get detailed billing reports across your Transcribe jobs. You can attach tags to resources such as transcription jobs, vocabulary, vocabulary filter, and custom language models within Transcribe.
AWS Backup announces AWS Backup Audit Manager, a new feature that allows you to audit and report on the compliance of your data protection policies to help you meet your business and regulatory needs. AWS Backup enables you to centralize and automate data protection policies across AWS services based on organizational best practices and regulatory standards, and AWS Backup Audit Manager helps you maintain and demonstrate compliance with those policies.
Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of Aria, Polly’s first New Zealand English voice. Aria is a neural text-to-speech (NTTS) voice that is expressive, natural and easy to follow.
Retained messages is a standard MQTT feature that provides an easy way for you to store the latest important message on a topic for future subscribers. With AWS IoT Core, you can now use retained messages to easily push configuration information or important updates to devices without knowing exactly when they will come online.
AWS Database Migration Service (AWS DMS) expands functionality by adding support for Redis and Amazon ElastiCache for Redis as a target. Redis is a fast, open-source, in-memory key-value data store for use as a database, cache, message broker, and queue. Amazon ElastiCache for Redis combines the speed, simplicity, and versatility of open-source Redis with manageability, security, and scalability from Amazon to power the most demanding real-time applications. Using AWS DMS, you can now migrate data live from any AWS DMS supported sources to Redis data store with minimal downtime.
AWS Database Migration Service (AWS DMS) expands functionality by adding support for MongoDB 4.2 and 4.4 as a source. Using AWS DMS, you can now migrate data live from MongoDB 4.2 and 4.4 clusters to any AWS DMS supported targets including Amazon DocumentDB (with MongoDB compatibility) with minimal downtime.
AWS Database Migration Service now supports parallel threads when using Redshift as a target during full load
AWS Database Migration Service (AWS DMS) expands its functionality by supporting parallel threads when using Redshift as a target during full load. Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. You can start with just a few hundred gigabytes of data and scale to a petabyte or more. By taking advantage of the multithreaded full load task settings, you can improve the performance of your initial migration from any DMS supported sources to Amazon Redshift.
AWS Database Migration Service now supports automatic segmentation using MongoDB and Amazon DocumentDB (with MongoDB compatibility) as a source
AWS Database Migration Service (AWS DMS) expands functionality by supporting automatic segmentation using MongoDB and Amazon DocumentDB (with MongoDB compatibility) as a source. Using AWS DMS, you can configure DMS tasks to segment the collection of a MongoDB cluster automatically and migrate them in parallel to any AWS DMS supported target including Amazon DocumentDB (with MongoDB compatibility) with minimal downtime.
Starting this week, AWS customers will be able to automatically deprecate their Amazon Machine Images (AMIs) with Amazon Data Lifecycle Manager (Amazon DLM). Deprecating an AMI prevents outdated images from being accessed by new users after a specific time, helping to ensure that any new EC2 Instances are launched from only the most up-to-date AMIs. With Amazon DLM, customers can automate when to deprecate their AMIs, removing the need for complicated custom scripts.
Starting this week, Amazon EC2 M6i instances are available in additional AWS Regions US West (N. California) and Asia Pacific (Tokyo). Designed to provide a balance of compute, memory, storage and network resources, M6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances. These instances are SAP-Certified and are ideal for workloads such as web and application servers, back-end servers supporting enterprise applications (e.g. Microsoft Exchange Server and SharePoint Server, SAP Business Suite, MySQL, Microsoft SQL Server, and PostgreSQL databases), gaming servers, caching fleets, as well as for application development environments.
AWS IoT Greengrass v2.4 release includes new features for provisioning large device fleets and managing device software resources
AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software. Our version 2.4 release includes two new sets of features that simplify the provisioning of large fleets of IoT devices and allow fine-grained control of IoT device system resources from the cloud:
You can now send data from SAP ERP applications (ECC, BW, BW4/HANA and S/4HANA) to AWS services in just a few clicks using Amazon AppFlow and SAP Operational data provisioning (ODP) framework.
Google Cloud Releases and Updates
Anthos Service Mesh
Google-managed data plane is now available in preview as a part of managed Anthos Service Mesh. Google-managed data plane helps you upgrade data plane proxies automatically. For more information see Configure managed Anthos Service Mesh.
Anthos Service Mesh for Compute Engine VMs now uses
gcloud commands and supports Google-managed control planes. For more information, see Add Compute Engine virtual machines to Anthos Service Mesh.
1.10.4-asm.6 is now available.
This patch release contains the fixes for the security vulnerabilities listed in GCP-2021-016. For details on upgrading Anthos Service Mesh, refer to the following upgrade guides:
BigQuery Admin Resource Charts are now generally available (GA) for reservation users, enabling administrators to more easily monitor and troubleshoot their BigQuery environment. They provide visibility into key metrics such as slot consumption, job concurrency, job execution time, job errors, and bytes processed across the entire organization.
BigQuery Slot Estimator is now in Preview for reservation users. This tool analyzes slot utilization data to help administrators estimate the right number of slots to purchase, and provides insights on how job performance might be impacted by adding or reducing slot capacity for the entire organization or specific reservations.
Google Cloud Armor now has rate-based throttling and ban rules that enable you to limit requests from clients. These rules help you protect your applications from a large volume of requests that flood your instances and block access for legitimate users.
Proportional attribution for spend-based committed use discounts is now generally available (GA).
Proportional attribution applies the subscription fees from your committed use discounts to the projects in your Cloud Billing account, directly in proportion to the amount of eligible credit consumed by each project. Any subscription fees that are not attributed to a project are charged at the Cloud Billing account level.
Starting from August 2021, all spend-based commitments you purchase for any of your Cloud Billing accounts use proportional attribution by default. If you purchased spend-based commitments before then, you can request that they be converted from account to proportional attribution.
To understand proportional attribution for your spend-based commitments and how to enable it, see the documentation.
Cloud Load Balancing
Added Terraform examples to automate load balancer configuration:
Deploying to Cloud Run from source code is now at General Availability (GA).
Cloud SQL for MySQL, PostgreSQL, SQL Server
Cloud SQL now supports IAM Conditions.
You can use IAM Conditions to define and enforce conditional, attribute-based access control for Google Cloud resources, including Cloud SQL instances. See Overview of IAM Conditions for more information.
Generally available: You can now collect core dumps for uses such as debugging of unresponsive VMs. For more information, see Collecting core dumps.
New sub-minor versions of Dataproc images: 1.4.69-debian10, 1.4.69-ubuntu18, 1.5.44-centos8, 1.5.44-debian10, 1.5.44-ubuntu18, 2.0.18-centos8, 2.0.18-debian10, and 2.0.18-ubuntu18.
Configured YARN ResourceManager to use port 8554 and Druid to use port 17071 for JMX Remote RMI port.
Backported the following Trino (PrestoSQL) BigQuery connector patches in image 2.0:
- Make BigQuery views cache ttl configurable
- Fix wrong result due to column position mismatch in BigQuery
- Escape single quote in BigQuery string condition
information_schemaquery failures in BigQuery connector
- Add support for
- Fasten listing tables in BigQuery connector
- Implement case insensitive name matching for BigQuery
BigQuerySqlExecutorand refactor tests to use it
view_definitionsystem table for BigQuery view
- Add test for aggregating BigQuery view more than once
- Upgrade Google Could library bom to 16.3.0
- Enable views in BigQuery tests
- Fix incorrect result when aggregating count BigQuery view
- Remove dependency on
presto-testsfrom Druid, BigQuery
- Refactor unused var in
- Fix projection pushdown in BigQuery connector
- Add test for yearly partitioned table in BigQuery
- Upgrade BigQuery library to 11.0.0
- Add BigQuery smoke test for HOUR-ly partitioned table
- Update BigQuery dependencies to support HOURLY partitioning of tables
Fixed the issue causing metadata changes introduced through imports and backups to not be reflected in Data Catalog due to broken batch sync.
Identity Service for GKE (Preview) is available. Identity Service for GKE extends existing identity solutions for authentication into GKE clusters by supporting OpenID Connect (OIDC). For more information, see Authenticating with Identity Service for GKE.
You can now enable Google Virtual NIC in a new GKE cluster on GPU nodes. For more information, see Using Google Virtual NIC.
Private Service Connect service attachment deletions are now logged in Cloud Logging.
Using Private Service Connect with consumer HTTP(S) service controls to access supported regional service endpoints is now available in Preview.
Converting a single-region legacy network to a VPC network is now available in Preview.
Microsoft Azure Releases And Updates
Functions App support for Node 8 apps is ending on 28 February 2022, Azure recommend you upgrade to Node 14.
Functions App support for Python 3.6 is ending on 30 September 2022, we recommend you upgrade to Python 3.8.
Transition from Compute Optimized data flows to General Purpose data flows by 31 August 2024.
This quality release includes bug fixes and security updates of the Azure Sphere OS.
Hard coded IP for Azure Site Recovery will be retired on 31 August 2024 – transition to using service tags.
Update to Java Async 2.x to Java SDK 4.x by 31 August 2024.
Transition to custom availability tests in Application Insights by 31 August 2024.
Transition to new HPC virtual machines by 31 August 2022.
Upgrade your Azure Database for PostgreSQL from version 10 to 11.
Transition to Java 11 or 8 by 29 July 2022.
Work item integration (classic) will be retired on 31 August 2022.
Machine Learning Studio (classic) will be retired by 31 August 2024 – transition to Azure Machine Learning.
Migrate your cloud services to a new deployment model before 31 August 2024.
Transition from Compute Optimized data flows to General Purpose data flows by 31 August 2024.
Upgrade to PHP 7.4 before 6 December 2021.
Migrate your Azure workloads to Av2-series VMs before 31 August 2024.
TARGET AVAILABILITY: Q3 2022
Update apps using Azure AD B2C to new redirect b2clogin.com.
Azure Policy can audit or configure settings inside a machine, both for machines running in Azure and Arc-enabled hybrid machines.
Azure expands offering and region coverage to Azure customers with its 2021 HITRUST validated assessment.
You can now run Windows 11 preview images on Azure Virtual Desktop.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: