Hi folks, it's been a reasonably busy week in cloud computing , as usual we've read all the cloud computing news from the big three; AWS, Azure and GCP, so you don't have to.
AWS lead the way again this week with lots of new enhancements to existing services.
Very little news out of the Azure camp (probably busy practicing their tik tok moves) where as the activity at Google has ramped up a bit this week.
Here at Hava we continue to roll out the product roadmap with new custom diagram layout controls becoming generally available this week
Here's what's happening out in the cloud marketplace:
AWS Site-to-Site VPN now supports IKE initiation
You can now initiate Internet Key Exchange (IKE) negotiations for your VPN connections from AWS. This feature is available for new and existing Site-to-Site VPN connections and can be accessed through the AWS Management console, AWS Cloud Development Kit (CDK), or the AWS Command Line Interface (CLI).
AWS Site-to-Site VPN connections offer IPSec tunnels which use the IKE protocol to establish a tunnel. With this feature, AWS VPN endpoints will send the initial IKE message to your Customer Gateway (CGW). AWS endpoints will initiate when new VPNs are created or if the tunnel goes down.
Seamlessly join EC2 for Linux instance to AWS Directory Service
You can now join your Amazon EC2 for Linux instances to a domain configured with AWS Directory Service seamlessly. The new capability automates the previously manual approach for integrating Linux-based EC2 instances to your AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD), or to an existing on-premises Active Directory (AD) using AD Connector.
This makes it easier for you to launch and manage your Amazon EC2 for Linux instances, reducing deployment time and administration effort.
Amazon AppFlow API's and SDK
Amazon AppFlow is a fully managed integration service that enables customers to securely transfer data between AWS services and software-as-a-service (SaaS) applications, now can be accessed programmatically. The Amazon AppFlow APIs and SDK enable developers to set up flows between source and destinations supported by Amazon AppFlow, create connector profiles and execute flows programmatically.
Using the Amazon AppFlow APIs and the SDK, developers can incorporate Amazon AppFlow directly into their DevOps pipelines for data integrations.
Amazon Route53 Resolver now supports VPC DNS query logging
This week AWS announced the availability of Route 53 Resolver Query Logging, which lets you log the DNS queries that originate in your Amazon Virtual Private Clouds (VPCs). With query logging enabled, you can see which domain names have been queried, the AWS resources from which the queries originated—including source IP and instance ID—and the responses that were received.
Route 53 Resolver is the Amazon DNS server (also sometimes referred to as “AmazonProvidedDNS” or the “.2 resolver”) that is available by default in all Amazon VPCs. Route 53 Resolver responds to DNS queries from AWS resources within a VPC for public DNS records, Amazon VPC-specific DNS names, and Amazon Route 53 private hosted zones.
AWS customers concerned about security, or those under compliance mandates, may need the ability to monitor, debug, search, and archive a record of the DNS lookups originating from inside of their Amazon VPCs. With today’s release, Route 53 Resolver now supports the logging of DNS queries and responses for DNS queries originating from within customer VPCs, whether those queries are answered locally by Route 53 Resolver, resolved over the public internet, or are forwarded to on-premises DNS servers via Resolver Endpoints.
AWS AppFlow now supports Eventbridge as a destination
Amazon AppFlow, a fully managed integration service that enables AWS customers to securely transfer data between AWS services and software-as-a-service (SaaS) applications in just a few clicks, now supports Amazon EventBridge as a destination.
This allows AWS customers to publish events ingested by Amazon AppFlow to a partner event bus in Amazon EventBridge. Amazon AppFlow supports ingestion of Salesforce Platform events and Change Data Capture events.
AWS customers can configure rules in Amazon EventBridge to match patterns from events such as those from Salesforce and route them to AWS services such as AWS Lambda, AWS Step Functions, Amazon SQS, and others.
AWS customers can use AppFlow’s private data transfer option to ensure that events do not get exposed to the public internet during transfers between AWS and Salesforce, improving security and minimizing risks of Internet-based attack vectors.
AWS Provisioned IOPS Volume io2 for Amazon EBS
New Elastic Block Store (EBS) Provisioned IOPS volume, io2, features higher durability of 99.999%, and supports provisioning 500 IOPS for every provisioned GB. This means that with io2, AWS customers get 100x better volume durability and a 10x higher IOPS to storage ratio – all at the same price as io1. io2 is ideal for performance intensive, business critical applications such as SAP HANA, Oracle, Microsoft SQL Server and IBM DB2 that will benefit from higher uptime.
AWS SDK for .NET v3.5 is now generally available
This week AWS announced the general availability of AWS SDK for .NET v3.5. This release transitions support for all non-Framework versions of the SDK to .NET Standard 2.0+.
Unity, Xamarin, and UWP users can now utilize the .NET Standard 2.0 distribution to gain access to the same services and AWS vended libraries as .NET Core users.
AWS Firewall manager now supports security groups on ALBs & CLBs
AWS Firewall Manager now supports security groups on Application Load Balancers and Classic Load Balancers, allowing you to centrally configure and audit security groups associated with these resource types, across multiple accounts in your organization.
Firewall Manager today supports security groups associated with EC2 instances and Elastic Network Interfaces (ENIs). With this launch, you can now utilize Firewall Manager’s capabilities to also centrally manage security groups associated with Application Load Balancers and Classic Load Balancers.
You can audit security groups associated with these resource types to ensure they are only accessing IP CIDRs or ports mandated by your organization.
GCP Cloud SQL supports MySQL8
This week Google announced that Cloud SQL, their fully managed database service for MySQL, PostgreSQL, and SQL Server, now supports MySQL 8. This means you get access to a variety of powerful new features—such as instant DDL statements (e.g. ADD COLUMN), atomic DDL, privilege collection using roles, window functions, and extended JSON syntax - to help you be more productive.
And, as a managed service, Google will ensure your MySQL 8 deployments help you stay stable and more secure. You'll get automatic patches and updates, as well as GCP maintenance controls so you can reduce the risk associated with upgrades. More so, they’ve fully integrated it with Cloud SQL’s high availability configuration and security controls, to make sure your MySQL 8 database instance is enterprise ready.
Accelerated GCP application development and delivery
This week, Google are announcing new additions to their application development and delivery platform to help developers, operators, and security professionals deliver better quality software to production, faster. These new capabilities embed best practices GCP have learned at Google over the years while building applications at scale. They’re also consistent with research performed by DORA over the past six years with over 31,000 IT professionals.
The new additions include CloudRun support, Google cloud buildpacks, and Artifact Registry to name a few.
Google announce several Anthos enhancements
Earlier today, G announced Google Cloud App Modernization Program, or Google CAMP. They built this program to help you innovate faster, so you can reach your customers with world-class, secure, reliable applications, all while saving on costs. Google CAMP does this with a consistent development and operations experience, tools, best practices and industry leading-guidance on how to develop, run, operate and secure applications.
A key component of Google CAMP is Anthos, the hybrid and multi-cloud cloud modernization platform. They recently announced BigQuery Omni, a multi-cloud analytics solution, powered by Anthos. And this week, building on that momentum, Google were excited to share several new Anthos capabilities.
Dataflow Runner v2 Multi-language Dataflow pipelines
What do you do when your development and data science teams work in different language SDKs or if there are features available in one programming language, but not available in your preferred language? Traditionally, you’d either need to create workarounds that bridge the various languages, or else your team would have to go back and recode. Not only does this cost time and money, it puts real strain on your team’s ability to collaborate.
To overcome this, Google Cloud has added a new, more services-based architecture called Runner v2 (available to anyone building a pipeline) to Dataflow that includes multi-language support for all of its language SDKs. This addition of what the Apache Beam community calls “multi-language pipelines” lets development teams within your organization share components written in their preferred language and weave them into a single, high-performance, distributed processing pipeline.
Google Cloud Next OnAir
Google's 9 Week Digital Event kicks off on July 14th with diverse topics being covered each week. The remaining include:
|Cloud AI||September 1st|
|Business Application Platform||September 8th|
Full Information and Session times here: https://cloud.withgoogle.com/next/sf
Azure Virtual Events
Microsoft have a full schedule of Virtual Events
A full list including session times and details are here : https://azure.microsoft.com/en-us/community/events/
AWS events are pretty fluid at the moment, with most in-person events being cancelled or postponed. There are a number that have been taken online and full details can be found here: https://aws.amazon.com/events/
Thanks for reading again this week, we hope you found something useful.
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what the GCP, Azure and AWS automated diagram generator can do for your workflow, security and compliance needs - please get in touch.
You can reach us on chat, email firstname.lastname@example.org to book a callback or demo.