Hava Blog and Latest News

In Cloud Computing This Week [Aug 27th 2021]

Written by Team Hava | August 27, 2021

This week's roundup of all the cloud news.

 

Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 27th August 2021. 

To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting later this year that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of. 

Of course we'd love to keep in touch at the usual places. Come and say hello on:

Facebook.      Linkedin.     Twitter.

AWS Updates and Releases

Source: aws.amazon.com

 

AMAZON SAGEMAKER MODEL REGISTRY NOW SUPPORTS INFERENCE PIPELINES

Amazon SageMaker Pipelines, the first purpose-built continuous integration and continuous delivery (CI/CD) service for machine learning (ML), now supports registering and deploying SageMaker inference pipelines with the model registry. SageMaker Pipelines includes a model registry, which is a central repository for cataloging models for production, managing model versions, associating metadata with models, managing approval statuses of models, and automating their deployment with CI/CD. An inference pipeline is a SageMaker model that is composed of a linear sequence of two to fifteen containers that process requests for inferences on data. In the past, the model registry supported only models that were composed of a single container for processing requests for inference. Now, customers can register inference pipelines in the model registry as well. Each model package version of an inference pipeline will now jointly track all containers of the pipeline. An approved model package version can then be deployed as an inference pipeline hosted on a SageMaker inference endpoint with CI/CD.

Amazon Aurora supports PostgreSQL 13

Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL major version 13. PostgreSQL 13  includes improved functionality and performance from enhancements such as de-duplication of B-tree index entries, improved performance for queries that use partitioned tables, incremental sorting to accelerate data sorts, parallel processing of indexes with the VACUUM command, more ways to monitor activity within a PostgreSQL database, new security capabilities, and more. This release also adds support for bool_plperl, which simplifies writing Perl procedures.

AMAZON TEXTRACT ANNOUNCES REDUCED PRICING OF UP TO 32% ON ANALYZEDOCUMENT AND DETECTDOCUMENTTEXT REQUESTS IN EIGHT GLOBAL AWS REGIONS

Amazon Textract is a managed service that leverages computer vision and machine learning to automatically extract printed and handwritten text, tables and forms data from scanned documents with no machine learning experience necessary. Today, we are excited to announce that effective September 1, 2021, customers will see a price reduction of up to 32% and save even more on the use of AnalyzeDocument and DetectDocumentText requests in eight global AWS Regions.

AWS Compute Optimizer Now Helps Customers Understand Impact of Migrating to Graviton2-based Instances

AWS Compute Optimizer now helps customers understand impact of migrating to Graviton2-based instances by recommending up to 3 Graviton2-based instance type options for x86-based Linux instances.

AWS Snowcone is now available in the AWS Asia Pacific (Singapore) and AWS Asia Pacific (Tokyo) regions

The AWS Snowcone service is now available for customer orders in the AWS Asia Pacific (Singapore) and, AWS Asia Pacific (Tokyo) Regions. With this launch, Snowcone is now available for order in AWS Asia Pacific (Singapore), Asia Pacific (Tokyo), Canada (Central), Asia Pacific (Sydney), EU (Frankfurt), EU (Ireland), US East (N. Virginia), and US West (Oregon) Regions. AWS Snowcone is the smallest member of the AWS Snow Family of edge computing, edge storage, and data transfer devices. Snowcone is portable, rugged, and secure – small and light enough to fit in a backpack, and able to withstand harsh environments. Customers use Snowcone to deploy applications at the edge, and to collect data, process it locally, and move it to AWS either offline (by shipping the device to AWS) or online (by using AWS DataSync on Snowcone to send the data to AWS over the network).

Amazon Rekognition improves the accuracy of celebrity recognition, adds new attributes

Amazon Rekognition is a machine learning (ML) based service that can analyze images and videos to detect objects, people, faces, text, scenes, activities, and inappropriate content. Celebrity Recognition  makes it easy for customers to automatically recognize tens of thousands of well-known personalities in images and videos using ML. Celebrity recognition significantly reduces the repetitive manual effort required to tag produced media content and make it readily searchable. Starting today, customers can get higher accuracy (lower false detections and rejections) and increased coverage of global celebrities. In addition, customers get three new attributes for each celebrity recognized: presentation of gender, expression, and smile. This metadata helps further refine content search and filtering workflows. For example, customers can now easily search for images where a particular actor is smiling, or measure the coverage of female versus male celebrities in event photos to ensure fair representation.

IPv6 endpoints are now available for the Amazon EC2 Instance Metadata Service, Amazon Time Sync Service, and Amazon VPC DNS Server

The Amazon EC2 Instance Metadata Service, Amazon Time Sync Service, and Amazon VPC DNS server can now be accessed over IPv6 endpoints by instances built on the Nitro System . These local instance services have IPv6 addresses that can be accessed from your Amazon EC2 instances. These IPv6 endpoints use Unique Local Addresses (ULA); IPv6 for local instance services is useful for running software and containers in an IPv6-only single stack configuration. Additionally, if you are starting your transition to IPv6 in a dual-stack environment, the endpoints for the Instance Metadata Service, Amazon Time Sync Service, and Amazon VPC DNS are available over both IPv4 and IPv6.

Amazon Elasticsearch Service now supports three Availability Zone deployments in AWS GovCloud (US-EAST) Region

Amazon Elasticsearch Service (Amazon ES) now enables you to deploy your instances across three Availability Zones (AZs) providing better availability for your domains. If you enable replicas for your Elasticsearch indices, Amazon Elasticsearch Service distributes the primary and replica shards across nodes in different AZs to maximize availability.

AWS DataSync enhances task filtering and queuing

When you create an AWS DataSync task to transfer your data to and from AWS Storage, you can now specify include filters as well as exclude filters, providing you with even greater control over how your data is transferred. With this enhancement, you can now schedule tasks that utilize both exclude and include filters to transfer only a subset of files in your source location. Additionally, you can now queue multiple executions of a task when the filter settings differ between executions.

The new Amazon DynamoDB console is now your default experience to help you manage data and resources more easily

The new Amazon DynamoDB console is now your default experience to help you manage data and resources more easily through simpler navigation and by providing you richer contextual information.

IAM Access Analyzer helps you generate fine-grained policies that specify the required actions for more than 50 services

IAM Access Analyzer helps you achieve least privilege by generating fine-grained policies that specify the required actions for more than 50 services. In April 2021, IAM Access Analyzer added policy generation to help you create IAM policies based on your AWS CloudTrail activity. Now, we are extending policy generation to identify actions used for more than 50 services such as Amazon ECR, Amazon Athena, and AWS Security Hub. When you request a policy, IAM Access Analyzer gets to work and generates a policy by analyzing your AWS CloudTrail logs to identify actions used. For other services, IAM Access Analyzer helps you by identifying the services used and guides you to add the necessary actions. The generated policy makes it easier to grant only the required permissions for your workloads.

Comprehend launches support for tagging with analysis jobs

Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to analyze text documents and identify insights such as sentiment, entities, and topics in text. Today, we are announcing support for tagging with analysis jobs. In order to scale AI/ML within organizations, it is important to tag analysis jobs so that organizations can track jobs and users using the service. Now, a user can add tags during an analysis job creation in Amazon Comprehend. They can subsequently use these tags to charge back costs associated with the job to the appropriate cost center or user, analyze the number of jobs associated with a given project, or keep their AI/ML analyses organized with appropriate access control.

Amazon MSK adds metrics for increased visibility of capacity

Amazon Managed Streaming for Apache Kafka (Amazon MSK) now offers greater insight into the usage of Amazon MSK resources through 19 new metrics published to Amazon CloudWatch. These metrics offer customers additional visibility into resource utilization across CPU, storage, and the network, enabling customers to maximize the performance and uptime of their Apache Kafka applications interacting with Amazon MSK.

Amazon RDS for PostgreSQL Supports Boolean DB Parameter Expressions

Amazon Relational Database Service (Amazon RDS) now supports Boolean DB parameter expressions in PostgreSQL parameter groups, which enables database administrators to optimize more database configurations with fewer parameter groups.

Introducing the new AWS Level 1 MSSP Competency

This week, AWS announced the AWS Level 1 MSSP Competency to support AWS customers looking for AWS Partners with deep specialization and expertise protecting and monitoring essential AWS resources on behalf of their customers.

AMAZON TRANSCRIBE NOW SUPPORTS RESOURCE TAGGING FOR BETTER ACCESS CONTROL

Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for you to add speech-to-text capabilities to your applications. Starting today, you can assign tags to easily organize, track, or control access your resources. This can be used to allocate costs or get detailed billing reports across your Transcribe jobs. You can attach tags to resources such as transcription jobs, vocabulary, vocabulary filter, and custom language models within Transcribe.

Introducing AWS Backup Audit Manager

AWS Backup announces AWS Backup Audit Manager, a new feature that allows you to audit and report on the compliance of your data protection policies to help you meet your business and regulatory needs. AWS Backup enables you to centralize and automate data protection policies across AWS services based on organizational best practices and regulatory standards, and AWS Backup Audit Manager helps you maintain and demonstrate compliance with those policies.

Amazon Polly launches Aria, a New Zealand English neural text-to-speech voice

Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of Aria, Polly’s first New Zealand English voice. Aria is a neural text-to-speech (NTTS) voice that is expressive, natural and easy to follow.

AWS IoT Core now supports MQTT retained messages

Retained messages is a standard MQTT feature that provides an easy way for you to store the latest important message on a topic for future subscribers. With AWS IoT Core, you can now use retained messages to easily push configuration information or important updates to devices without knowing exactly when they will come online.

AWS Database Migration Service now supports Redis as a target

AWS Database Migration Service (AWS DMS) expands functionality by adding support for Redis and Amazon ElastiCache for Redis as a target. Redis is a fast, open-source, in-memory key-value data store for use as a database, cache, message broker, and queue. Amazon ElastiCache for Redis combines the speed, simplicity, and versatility of open-source Redis with manageability, security, and scalability from Amazon to power the most demanding real-time applications. Using AWS DMS, you can now migrate data live from any AWS DMS supported sources  to Redis data store with minimal downtime.

AWS Database Migration Service now supports MongoDB 4.2 and 4.4 as sources

AWS Database Migration Service (AWS DMS) expands functionality by adding support for MongoDB 4.2 and 4.4 as a source. Using AWS DMS, you can now migrate data live from MongoDB 4.2 and 4.4 clusters to any AWS DMS supported targets  including Amazon DocumentDB (with MongoDB compatibility) with minimal downtime.

AWS Database Migration Service now supports parallel threads when using Redshift as a target during full load

AWS Database Migration Service (AWS DMS) expands its functionality by supporting parallel threads when using Redshift as a target during full load. Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. You can start with just a few hundred gigabytes of data and scale to a petabyte or more. By taking advantage of the multithreaded full load task settings, you can improve the performance of your initial migration from any DMS supported sources  to Amazon Redshift.

AWS Database Migration Service now supports automatic segmentation using MongoDB and Amazon DocumentDB (with MongoDB compatibility) as a source

AWS Database Migration Service (AWS DMS) expands functionality by supporting automatic segmentation using MongoDB and Amazon DocumentDB (with MongoDB compatibility) as a source. Using AWS DMS, you can configure DMS tasks to segment the collection of a MongoDB cluster automatically and migrate them in parallel to any AWS DMS supported target  including Amazon DocumentDB (with MongoDB compatibility) with minimal downtime.

Amazon Data Lifecycle Manager now automates deprecation of Amazon Machine Images (AMIs)

Starting this week, AWS customers will be able to automatically deprecate their Amazon Machine Images (AMIs) with Amazon Data Lifecycle Manager (Amazon DLM). Deprecating an AMI prevents outdated images from being accessed by new users after a specific time, helping to ensure that any new EC2 Instances are launched from only the most up-to-date AMIs. With Amazon DLM, customers can automate when to deprecate their AMIs, removing the need for complicated custom scripts.

Amazon EC2 M6i instances are now available in 2 additional regions

Starting this week, Amazon EC2 M6i instances are available in additional AWS Regions US West (N. California) and Asia Pacific (Tokyo). Designed to provide a balance of compute, memory, storage and network resources, M6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances. These instances are SAP-Certified and are ideal for workloads such as web and application servers, back-end servers supporting enterprise applications (e.g. Microsoft Exchange Server and SharePoint Server, SAP Business Suite, MySQL, Microsoft SQL Server, and PostgreSQL databases), gaming servers, caching fleets, as well as for application development environments.

AWS IoT Greengrass v2.4 release includes new features for provisioning large device fleets and managing device software resources

AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software. Our version 2.4 release includes two new sets of features that simplify the provisioning of large fleets of IoT devices and allow fine-grained control of IoT device system resources from the cloud:

Send data from SAP applications to AWS services using Amazon Appflow

You can now send data from SAP ERP applications (ECC, BW, BW4/HANA and S/4HANA) to AWS services in just a few clicks using Amazon AppFlow and SAP Operational data provisioning (ODP) framework.

 

 


 
Google Cloud Releases and Updates
Source: cloud.google.com

Anthos Service Mesh

The asmcli script is now available in preview. With this script you can install and upgrade Anthos Service Mesh on GKE and On-premises. For more information, see About the asmcli.

Google-managed data plane is now available in preview as a part of managed Anthos Service Mesh. Google-managed data plane helps you upgrade data plane proxies automatically. For more information see Configure managed Anthos Service Mesh.

Anthos Service Mesh for Compute Engine VMs now uses gcloud commands and supports Google-managed control planes. For more information, see Add Compute Engine virtual machines to Anthos Service Mesh.

1.10.4-asm.6 is now available.

This patch release contains the fixes for the security vulnerabilities listed in GCP-2021-016. For details on upgrading Anthos Service Mesh, refer to the following upgrade guides:

BigQuery

BigQuery Admin Resource Charts are now generally available (GA) for reservation users, enabling administrators to more easily monitor and troubleshoot their BigQuery environment. They provide visibility into key metrics such as slot consumption, job concurrency, job execution time, job errors, and bytes processed across the entire organization.

BigQuery Slot Estimator is now in Preview for reservation users. This tool analyzes slot utilization data to help administrators estimate the right number of slots to purchase, and provides insights on how job performance might be impacted by adding or reducing slot capacity for the entire organization or specific reservations.

 

Cloud Armor

Google Cloud Armor now has rate-based throttling and ban rules that enable you to limit requests from clients. These rules help you protect your applications from a large volume of requests that flood your instances and block access for legitimate users.

 

Cloud Billing

Proportional attribution for spend-based committed use discounts is now generally available (GA).

Proportional attribution applies the subscription fees from your committed use discounts to the projects in your Cloud Billing account, directly in proportion to the amount of eligible credit consumed by each project. Any subscription fees that are not attributed to a project are charged at the Cloud Billing account level.

Starting from August 2021, all spend-based commitments you purchase for any of your Cloud Billing accounts use proportional attribution by default. If you purchased spend-based commitments before then, you can request that they be converted from account to proportional attribution.

To understand proportional attribution for your spend-based commitments and how to enable it, see the documentation.

Cloud Functions

Cloud Functions has added support for a new runtime, Node 16, at the Preview release level.

Cloud Functions offers a native integration with Secret Manager, available at the Preview release level. For more information, see the blog post.

Cloud Load Balancing

Added Terraform examples to automate load balancer configuration:

Cloud Run

 

Deploying to Cloud Run from source code is now at General Availability (GA).

Cloud SQL for MySQL, PostgreSQL, SQL Server

Cloud SQL now supports IAM Conditions.

You can use IAM Conditions to define and enforce conditional, attribute-based access control for Google Cloud resources, including Cloud SQL instances. See Overview of IAM Conditions for more information.

Compute Engine

Generally available: You can now collect core dumps for uses such as debugging of unresponsive VMs. For more information, see Collecting core dumps.

Dataproc

New sub-minor versions of Dataproc images: 1.4.69-debian10, 1.4.69-ubuntu18, 1.5.44-centos8, 1.5.44-debian10, 1.5.44-ubuntu18, 2.0.18-centos8, 2.0.18-debian10, and 2.0.18-ubuntu18.

Configured YARN ResourceManager to use port 8554 and Druid to use port 17071 for JMX Remote RMI port.

Dataproc Metastore

Fixed the issue causing metadata changes introduced through imports and backups to not be reflected in Data Catalog due to broken batch sync.

GKE

Identity Service for GKE (Preview) is available. Identity Service for GKE extends existing identity solutions for authentication into GKE clusters by supporting OpenID Connect (OIDC). For more information, see Authenticating with Identity Service for GKE.

You can now enable Google Virtual NIC in a new GKE cluster on GPU nodes. For more information, see Using Google Virtual NIC.

VPC 

Private Service Connect service attachment deletions are now logged in Cloud Logging.


 


Microsoft Azure Releases And Updates
Source: azure.microsoft.com
 

Azure Functions support for Node 8 is ending on 28 February 2022

Functions App support for Node 8 apps is ending on 28 February 2022, Azure recommend you upgrade to Node 14.

 

Azure Functions support for Python 3.6 is ending on 30 September 2022

Functions App support for Python 3.6 is ending on 30 September 2022, we recommend you upgrade to Python 3.8.

 

Azure Synapse Analytics Compute Optimized data flows will be retired on 31 August 2024

Transition from Compute Optimized data flows to General Purpose data flows by 31 August 2024.

GENERAL AVAILABILITY: AZURE SPHERE OS VERSION 21.08

This quality release includes bug fixes and security updates of the Azure Sphere OS.

 

Hard coded IP address for Azure Site Recovery will be retired on 31 August 2024

Hard coded IP for Azure Site Recovery will be retired on 31 August 2024 – transition to using service tags.

Retiring version Async 2.x of the Azure Cosmos DB Java SDK on 31 August 2024

Update to Java Async 2.x to Java SDK 4.x by 31 August 2024.

Multi-step web tests will be retired on 31 August 2024

Transition to custom availability tests in Application Insights by 31 August 2024.

ND-series Azure Virtual Machines will be retired by 31 August 2022

Transition to new HPC virtual machines by 31 August 2022.

Community support for Azure Database PostgreSQL version 10 ends on 10 November 2022

Upgrade your Azure Database for PostgreSQL from version 10 to 11.

Java 7 will be retired from App Service on 29 July 2022

Transition to Java 11 or 8 by 29 July 2022.

 

Transition to new work item integration in Application Insights by 31 August 2022

Work item integration (classic) will be retired on 31 August 2022.

Machine Learning Studio (classic) will retire on 31 August 2024

Machine Learning Studio (classic) will be retired by 31 August 2024 – transition to Azure Machine Learning.

Cloud Services (classic) deployment model is retiring on 31 August 2024

Migrate your cloud services to a new deployment model before 31 August 2024.

Azure Data Factory Compute Optimized data flows will be retired on 31 August 2024

Transition from Compute Optimized data flows to General Purpose data flows by 31 August 2024.

Community support for PHP 7.3 is ending on 6 December 2021

Upgrade to PHP 7.4 before 6 December 2021.

 

Basic and Standard A-series VMs will retire on 31 August 2024

Migrate your Azure workloads to Av2-series VMs before 31 August 2024.

 

Azure AD B2C redirect URL login.microsoftonline.com will be retired on 31 August 2022

TARGET AVAILABILITY: Q3 2022

Update apps using Azure AD B2C to new redirect b2clogin.com.

 

PUBLIC PREVIEW: APPLY SETTINGS INSIDE MACHINES USING AZURE POLICY'S GUEST CONFIGURATION 

Azure Policy can audit or configure settings inside a machine, both for machines running in Azure and Arc-enabled hybrid machines.

 

Azure expands HITRUST certification across 51 Azure regions

Azure expands offering and region coverage to Azure customers with its 2021 HITRUST validated assessment.

Windows 11 public preview is now available on Azure Virtual Desktop

You can now run Windows 11 preview images on Azure Virtual Desktop.

 
 


 

Have you tried Hava automated diagrams for AWS, Azure and GCP.  Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
 
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free. 

When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
 
Check it out for free here: