This week's roundup of all the cloud news.
Here's a round up of all things AWS, Azure, GCP and Hava for the week ending Friday 4th December 2020. This week at Hava we've made a few updates to the Azure Architecture Diagram as well as some more UI improvements.
Announcing table charts for AWS IoT SiteWise
AWS IoT SiteWise now supports table charts in AWS IoT SiteWise Monitor . With table charts, you can have a compact representation of the latest data from your equipment in a simple table simply by dragging and dropping the data and metrics you are interested in monitoring into a table. For example, you can now easily tabulate and visualize the latest key operational metrics like equipment properties, status, or aggregate functions such as the production lines’ Overall Equipment Effectiveness (OEE) in a single table, making it easy for you to get a bird’s eye view of your plant and also do a side by side comparison of how these assets are performing.
AWS Security Hub adds open source tool integrations with Kube-bench and Cloud Custodian
AWS Security Hub can now automatically receive findings from the open source tool Kube-bench Kube-bench checks whether your Kubernetes cluster is configured in accordance with the recommendations from the Center for Internet Security (CIS), supporting both the CIS Kubernetes Benchmark and the CIS Amazon Elastic Kubernetes Service (Amazon EKS) Benchmark. Kube-bench’s findings about non-compliant configuration settings can be viewed within Security Hub. In addition, Security Hub’s integration with Cloud Custodian is now available in the AWS China (Beijing) Region operated by Sinnet and in the AWS China (Ningxia) Region operated by NWCD. The open source tool Cloud Custodian can both send and receive findings to/from Security Hub. This brings the total number of AWS service and AWS Partner Network (APN) Technology Partner integrations available in Security Hub to 61.
Amazon Machine Images (AMIs) now support tag-on-create and tag-based access control
Amazon EC2 now allows you to add tags to your Amazon Machine Images (AMIs) and EBS Snapshots during AMI creation. Tags are simple key-value pairs that you can assign to resources to easily organize, search, and identify resources, create cost allocation reports, and control access to resources. You can define fine-grained access controls using tags and AWS Identity and Access Management (IAM) policies to control access to resources and actions.
AWS CloudTrail provides more granular control of data event logging through advanced event selectors
AWS CloudTrail now provides more granular control of data event logging with advanced event selectors. Data events provide visibility into the data plane resource operations performed on or within a resource. You can currently log data events on two resource types: Amazon S3 object-level API activity (e.g. GetObject, DeleteObject, and PutObject API operations), and AWS Lambda function execution activity (the Invoke API). With advanced event selectors, you can include or exclude values on fields such as EventSource, EventName, and ResourceARN. Advanced event selectors also support including or excluding values based on the first few characters (where applicable) providing more control over which CloudTrail data events you want to log and pay for. For example, you can log S3 DeleteObject APIs to narrow the CloudTrail events you receive to only destructive actions, enabling you to identify security issues while controlling costs. If you detect unauthorized activity, you can also take immediate action to restrict access.
Amazon API Gateway now supports integration with Step Functions StartSyncExecution for HTTP APIs
Customers can now create HTTP APIs that route requests to the new AWS Step Functions Synchronous Express Workflows.
Amazon EMR now provides up to 30% lower cost and up to 15% improved performance for Spark workloads on Graviton2-based instances
Amazon EMR now supports Amazon EC2 M6g, C6g and R6g instances with EMR Versions 6.1.0, 5.31.0 and later. These instances are powered by AWS Graviton2 processors that are custom designed by AWS utilizing 64-bit ArmNeoverse cores to deliver the best price performance for cloud workloads running in Amazon EC2.
Amazon ECS Announces the Preview of ECS Deployment Circuit Breaker
Amazon Elastic Container Service (Amazon ECS) announced in preview, Amazon ECS deployment circuit breaker, for EC2 and Fargate launch types. With this feature, Amazon ECS customers can now automatically roll back unhealthy service deployments without the need for manual intervention. This empowers customers to quickly discover failed deployments, without worrying about resources being consumed for failing tasks, or indefinite deployment delays.
Python Support for Amazon CodeGuru is available in preview
Today, we are excited to announce Python Support for Amazon CodeGuru Reviewer and Profiler to help you improve code quality and optimize performance for Python applications.
Customers can now use AWS Service Catalog AppRegistry to define and describe their AWS applications
AWS Service Catalog AppRegistry provides a place to collect your AWS CloudFormation stacks and associate your customer-defined attribute groups (metadata) that describe your AWS applications. Customers can automate updates of stack and metadata changes by calling AppRegistry from within their CI/CD processes. IT and business stakeholders have up-to-date information on their applications, such as organizational ownership, data sensitivity, and cost center.
AWS Well-Architected Tool now Supports AWS SaaS Lens
The AWS SaaS Factory Program and AWS Well-Architected teams have combined their expertise in architectural best practices and knowledge of SaaS solutions to launch the new AWS Well-Architected SaaS Lens.
Introducing AWS SaaS Boost
Today we are excited to announce the preview release of AWS SaaS Boost. AWS SaaS Boost is an open source ready-to-use reference environment that enables Independent Software Vendors (ISVs) to accelerate the move to Software-as-a-Service (SaaS). From small specialized software businesses to large global solution providers, AWS SaaS Boost helps ISVs rapidly migrate applications to AWS with minimal modifications. ISVs can build, provision, and manage SaaS environments with greater confidence based on AWS best practices and proven patterns from hundreds of successful SaaS companies.
Serverless Batch Scheduling with AWS Batch and AWS Fargate
Today AWS Batch introduced the ability for customers to specify AWS Fargate as a compute resource for their AWS Batch jobs. With AWS Batch support for AWS Fargate, customers now have a way to run jobs on serverless compute resources, fully managed from job submission to completion. Now, you only need to submit your analytics, map reduce, and other batch workloads and let AWS Batch and AWS Fargate handle the rest.
Announcing Amazon CloudWatch Lambda Insights (General Availability)
Amazon CloudWatch Lambda Insights enables you to monitor, troubleshoot, and optimize the performance of AWS Lambda functions. You have access to automated dashboards summarizing the performance and health of your Lambda functions that provide visibility into issues such as memory leaks or performance changes caused by new function versions.
AWS Marketplace Announces APIs for Private Marketplace
Today, AWS Marketplace announced that buyers can now programmatically manage their Private Marketplace through a set of publicly available APIs. With Private Marketplace, customers can curate a catalog of approved third-party software available in AWS Marketplace. This enables their organization to easily purchase software from AWS Marketplace knowing that it complies with their internal policies. This release also makes it easy for Consulting Partners that manage a customer’s AWS accounts to modify the list of approved products in a Private Marketplace on behalf of their customers.
Announcing Three New Digital Courses for AWS Snowcone
AWS are excited to introduce three free digital courses to help you learn how to order, configure, deploy, manage, and return AWS Snowcone edge computing and storage devices. Designed for storage engineers, cloud architects, and migration engineers, these introductory and intermediate courses include reading modules, video demonstrations, and quizzes. The time required to complete each course ranges between 50 and 90 minutes.
Introducing new Amazon EBS general purpose volumes, gp3
Today AWS announced the availability of gp3, the next-generation general purpose SSD volumes for Amazon Elastic Block Store (Amazon EBS) that enable customers to provision performance independent of storage capacity and provides up to 20% lower price-point per GB than existing gp2 volumes. With gp3 volumes, customers can scale IOPS (input/output operations per second) and throughput without needing to provision additional block storage capacity, and pay only for the resources they need.
Amazon CodeGuru Reviewer announces Security Detectors to help improve code security
Today, we are excited to announce additional capabilities with Amazon CodeGuru Reviewer to help you find and remediate security issues in your code before you deploy. CodeGuru Reviewer Security Detectors helps identify security risks from the top ten Open Web Application Security Project (OWASP) categories (OWASP is a standard awareness document for developers and web application security), security best practices for AWS APIs, and common Java crypto libraries.
AWS Lambda now supports up to 10 GB of memory and 6 vCPU cores for Lambda Functions
AWS Lambda customers can now provision Lambda functions with a maximum of 10,240 MB (10 GB) of memory, a more than 3x increase compared to the previous limit of 3,008 MB. This helps workloads like batch, extract, transform, load (ETL) jobs, and media processing applications perform memory intensive operations at scale.
Amazon EKS simplifies installation and management for Kubernetes cluster add-ons
Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to install and manage Kubernetes operational software (add-ons) as part of the Amazon EKS console, CLI, and API. Today, EKS supports managing the Amazon VPC CNI networking plugin , with more add-ons coming soon.
Introducing Amazon EKS Distro - an open source Kubernetes distribution used by Amazon EKS.
Amazon Elastic Kubernetes Service (EKS) Distro is the same Kubernetes distribution used by Amazon EKS for customers who create Kubernetes clusters manually wherever their applications are deployed. Amazon EKS Distro provides builds and code of open source Kubernetes, etcd, CoreDNS, upstream CNI Core binaries, CSI Sidecar Containers, and the latest security patches. Amazon EKS Distro is available as an open source project from GitHub and Amazon ECR Public Gallery .
Announcing AWS Glue Elastic Views Preview
Now in preview, AWS Glue Elastic Views is a new capability of AWS Glue that makes it easy to build materialized views that combine and replicate data across multiple data stores without you having to write custom code. With AWS Glue Elastic Views, you can use familiar Structured Query Language (SQL) to quickly create a virtual table—a materialized view—from multiple different source data stores. AWS Glue Elastic Views copies data from each source data store and creates a replica in a target data store. AWS Glue Elastic Views continuously monitors for changes to data in your source data stores, and provides updates to the materialized views in your target data stores automatically, ensuring data accessed through the materialized view is always up-to-date.
Amazon WorkSpaces Streaming Protocol now Generally Available
The Amazon WorkSpaces Streaming Protocol (WSP) is now generally available. WSP is a cloud-native streaming protocol that enables a consistent user experience when accessing your WorkSpaces across global distances and unreliable networks.
Introducing Amazon Monitron, an end-to-end system to detect abnormal equipment behavior
AWS are excited to announce Amazon Monitron, an end-to-end system that uses machine learning (ML) to detect abnormal behavior in industrial machinery, enabling you to implement predictive maintenance and reduce unplanned downtime.
Amazon Web Services Announces AWS Proton
Amazon Web Services, Inc. (AWS), an Amazon.com (NASDAQ: AMZN) company, launched AWS Proton, the first fully managed deployment service for container and serverless applications. Platform teams can use Proton to connect and coordinate all the different tools needed for infrastructure provisioning, code deployments, monitoring, and updates.
AWS Amplify announces new Admin UI
Admin UI offers frontend web and mobile developers an easy way to develop app backends and manage app content outside the AWS console. Every Amplify app backend is now automatically set up with the admin UI which can be used to model data, add authentication and authorization, and manage app content, users, and groups. Team members without AWS access can be invited to join the admin UI via email, giving both developers and non-developers easier access to configure and manage the app backend and app data.
AWS announces AQUA for Amazon Redshift (preview)
AQUA (Advanced Query Accelerator) for Amazon Redshift is available in preview. AQUA provides a new distributed and hardware accelerated cache that brings compute to the storage layer for Amazon Redshift and delivers up to 10x faster query performance than other cloud data warehouses.
Introducing Amazon EC2 M5zn instances, with high frequency processors and 100 Gbps networking
Starting today, general purpose Amazon EC2 M5zn instances are available. These new instances are a high frequency, high speed and low-latency networking variant of Amazon EC2 M5 instances, powered by custom 2nd Generation Intel Xeon Scalable Processors (Cascade Lake). M5zn instances deliver the highest all-core turbo CPU performance from Intel Xeon Scalable processors in the cloud, with a frequency up to 4.5 GHz.
Amazon S3 Replication adds support for two-way replication
Amazon S3 Replication now gives you the flexibility of replicating object metadata changes for two-way replication between buckets. With this new feature, replica modification sync, you can easily replicate metadata changes like object access control lists (ACLs), object tags, or object locks on the replicated objects. This two-way replication is important if you want to build shared datasets across multiple regions and keep all object and object metadata changes in sync.
Announcing Amazon Elasticsearch Service support for AWS Glue Elastic Views
You can now use Amazon Elasticsearch Service as a target data store with AWS Glue Elastic Views. Now in limited preview, AWS Glue Elastic Views is a new capability of AWS Glue that makes it easy to combine and replicate data across multiple data stores without you having to write custom code. With AWS Glue Elastic Views, you can use familiar Structured Query Language (SQL) to quickly create a virtual table—called a view—from multiple different source data stores. Based on this view, AWS Glue Elastic Views copies data from each source data store and creates a replica—called a materialized view—in a target data store. AWS Glue Elastic Views monitors for changes to data in your source data stores continuously, and provides updates to your target data stores automatically, ensuring data accessed through the materialized view is always up-to-date.
Amazon S3 now delivers strong read-after-write consistency automatically for all applications
Amazon S3 now delivers strong read-after-write consistency automatically for all applications. Unlike other cloud providers, Amazon S3 delivers strong read-after-write consistency for any storage request, without changes to performance or availability, without sacrificing regional isolation for applications, and at no additional cost.
Introducing the next version of Amazon Aurora Serverless in preview
Aurora Serverless v2 scales to hundreds of thousands of transactions in a fraction of a second, delivering up to 90% cost savings compared to provisioning for peak capacity.
Amazon S3 Bucket Keys reduce the costs of Server-Side Encryption with AWS Key Management Service (SSE-KMS)
Amazon S3 Bucket Keys reduce the request costs of Amazon S3 server-side encryption (SSE) with AWS Key Management Service (KMS) by up to 99% by decreasing the request traffic from S3 to KMS. With a few clicks in AWS Management Console and no changes to your client applications, you can configure your buckets to use an S3 Bucket Key for KMS-based encryption on new objects.
Announcing Amazon ECR Public and Amazon ECR Public Gallery
Amazon Elastic Container Registry Public (Amazon ECR Public) is a fully managed registry that makes it easy for a developer to publicly share container software worldwide for anyone to download. Anyone (with or without an AWS account) can use Amazon ECR Public to pull container software for use. Amazon ECR Public Gallery is a website that allows anyone to browse and search for public container images, view developer-provided details, and see pull commands. Developers no longer need to use different private and public registries when building and sharing their public container artifacts. And everyone, including anonymous users and logged-in AWS customers, can now pull artifacts from a highly available public registry using a single, global registry URL when building and running their applications.
AWS announces Amazon DevOps Guru in Preview, an ML-powered cloud operations service to improve application availability for AWS workloads
Amazon DevOps Guru is a new machine learning (ML) powered service that gives you a simpler way to measure and improve an application’s operational performance and availability and reduce expensive downtime – no machine learning expertise required.
Introducing Amazon EC2 D3 and D3en, the next generation of dense HDD storage instances
Starting this week, storage optimized Amazon EC2 D3 and D3en instances are available. These new instances are powered by 2nd generation Intel Xeon Scalable Processors (Cascade Lake) with a sustained all core frequency up to 3.1 GHz, and offer the highest density local HDD storage in the cloud.
AWS Lambda now supports container images as a packaging format
You can now package and deploy AWS Lambda functions as a container image of up to 10 GB. This makes it easy to build Lambda based applications using familiar container tooling, workflows, and dependencies. Just like functions packaged as ZIP archives, functions deployed as container images will benefit from AWS Lambda’s operational simplicity, automatic scaling with sub-second startup times, high availability, and native integrations with 140 AWS services. Customers can start building functions as container images by using either a set of AWS base images for Lambda, or by using one of their preferred community or enterprise images.
Announcing Amazon EC2 Mac instances for macOS
Starting today, Amazon Elastic Compute Cloud (EC2) Mac instances for macOS are generally available. Built on Apple Mac mini computers, EC2 Mac instances enable customers to run on-demand macOS workloads in the AWS cloud for the first time, extending the flexibility, scalability, and cost benefits of AWS to all Apple developers. With EC2 Mac instances, developers creating apps for iPhone, iPad, Mac, Apple Watch, Apple TV, and Safari can now provision and access macOS environments within minutes, dynamically scale capacity as needed, and benefit from AWS’s pay-as-you-go pricing.
Azure Virtual Events
Microsoft have a full schedule of Virtual Events
A full list including session times and details are here : https://azure.microsoft.com/en-us/community/events/
AWS events are pretty fluid at the moment, with most in-person events being cancelled or postponed. There are a number that have been taken online and full details can be found here: https://aws.amazon.com/events/
Thanks for reading again this week, we hope you found something useful.
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what the GCP, Azure and AWS automated diagram generator can do for your workflow, security and compliance needs - please get in touch.
You can reach us on chat, email firstname.lastname@example.org to book a callback or demo.