48 min read

In Cloud Computing This Week [Feb 24th 2023]

February 24, 2023

 

Cloud_News_Roundup

Hello,

We are well over the February hump, heading into the end of Q1, are you getting it done. When you are ready to chat about diagram automation, please reach out.

Here's the weekly cloud round up of all things Hava, GCP, Azure and AWS for the week ending Friday Feb 24th 2023.

All the lastest Hava news can be found on our Linkedin Newsletter.

Subscribe On Linkedin

Of course we'd love to keep in touch at the other usual places. Come and say hello on:

Facebook.      Linkedin.     Twitter.


Getting_Started_aws_logo

AWS Updates and Releases

Source: aws.amazon.com

Amazon CloudWatch RUM now supports customer defined metrics for troubleshooting and monitoring

Amazon CloudWatch Real User Monitoring (RUM) adds the ability for customers to define custom metrics that will be sent to CloudWatch Metrics. Customers can define metrics based on data in customer-defined events (Custom Events), pre-defined RUM events and customer- defined metadata attributes (Custom Attributes).

The customer-defined metrics gives customers flexibility to monitor specific parts of their application, troubleshoot end user impacting issues unique to their application, and get alerted for anomalies. For example, a customer could define a metric on the number of dropped calls in a video application sending customer defined events that capture details like call duration, wi-fi or cellular network, network bandwidth etc of a dropped call.

CloudWatch RUM gives customers visibility into their web application’s client side performance by helping them to collect performance and error data in real time. RUM can reduce MTTR (Mean Time To Recovery) by providing visualizations that allow customers to troubleshoot and debug issues such as high page load times, error messages and stack traces. Customers can define custom metrics by using RUM APIs.

Amazon Forecast now supports built-in holiday data for 251 countries to improve your forecasting accuracy

Amazon Forecast now supports holidays from 251 countries as a built-in featurization, improving the accuracy of your Forecast. Amazon Forecast uses machine learning (ML) to generate more accurate demand forecasts with just a few clicks, without requiring any prior ML experience.

Often times, external factors like holidays and weather changes impact the demand and supply of goods. This results in either surplus inventory or shortage causing disruption. Amazon Forecast provides you with an option to include built-in featurization like “holidays” and “weather” for your model training.

With this launch, when selecting “Holidays”, you can now choose a country from a list of 251 countries whose holiday data will be leveraged to improve your forecast results. This feature is available in all Regions where Forecast is publicly available.

AWS Systems Manager for SAP is now generally available, with initial support for backing up SAP HANA databases using AWS Backup

AWS Systems Manager for SAP is now generally available, with initial support for backing up SAP HANA databases using AWS Backup.

AWS Systems Manager is a secure end-to-end management solution for resources on AWS, on premises, and on other clouds. AWS Systems Manager for SAP helps AWS services understand SAP-specific nuances around landscape topology and identify the components of an SAP landscape, such the SAP NetWeaver application server, SAP HANA database, and their interdependencies. It provides automation capabilities to help customers manage and operate their SAP applications on AWS more efficiently. The service enables customers to capture this specific metadata via registration and is able to reflect system state before and after execution of workload automation and also record evidence that an activity was performed properly.

With this launch, customers can use Systems Manager to automate backup and restore processes using AWS Backup to protect data in SAP HANA databases on AWS, including the use of AWS Backup vaults. This feature leverages AWS Backint Agent to connect to AWS Backup via the Systems Manager APIs. We’ve also released a new version of AWS Backint Agent; you will need to install it take advantage of this feature.

AWS Transit Gateway is now available in Europe (Zurich) Region

AWS Transit Gateway is now available in the Europe (Zurich) AWS Region. AWS Transit Gateway enables customers to connect thousands of Amazon Virtual Private Clouds (Amazon VPCs) and their on-premises networks using a single gateway.

As you grow the number of workloads across multiple AWS accounts, you need the ability to scale your networks, better control your policies, and effectively monitor your resources. With AWS Transit Gateway, you only have to create and manage a single connection from a central gateway to each Amazon VPC, on-premises data center, or remote office.

AWS Transit Gateway acts as a hub where traffic is routed to all the connected networks, the spokes. The hub and spoke model significantly simplifies management and reduces operational costs because each network only has to connect to the AWS Transit Gateway.

With routing policies on the Transit Gateway, you have centralized control over how your Amazon VPCs and on-premises networks connect to each other. This model simplifies how you scale and monitor your networks.

AWS Resilience Hub adds application change capabilities and simplified APIs

AWS Resilience Hub has added application change capabilities and new APIs to streamline and simplify use of the service and improve the precision of its recommendations. Resilience Hub provides a single place to define, validate, and track the resilience of your applications so that you can avoid unnecessary downtime caused by software, infrastructure, or operational disruptions.

Following today’s launch, you can now view, update, or delete import sources to more effectively manage your Resilience Hub applications, including AWS CloudFormation stacks, AWS Resource Groups, Terraform state files, and AWS Service Catalog AppRegistry.

Resilience Hub has also introduced new APIs that help manage applications with complex resource relationships and application component groupings. This makes it easier to maintain resource and application component groupings in single-Region and cross-Region workloads by using simplified create, read, update, and delete capabilities.

In addition, Resilience Hub has improved its integration with AWS Elastic Disaster Recovery. You can now designate a failover Region for cross-Region resilience assessments and recommendations. This allows Resilience Hub to provide more precise recommendations for your applications.

The new capabilities are available in all of the AWS Regions where Resilience Hub is supported. See the AWS Regional Services List for the most up-to-date availability information.

Amazon EC2 C6in, M6in, M6idn, R6in, and R6idn instances are now available in Asia Pacific (Tokyo, Singapore) and AWS GovCloud (US-West)

Starting this week, Amazon Compute Cloud (Amazon EC2) C6in, M6in, M6idn, R6in, and R6idn instances are available in Asia Pacific (Singapore), Asia Pacific (Tokyo), and AWS GovCloud (US-West) regions. These instances are powered by 3rd Generation Intel Xeon Scalable processors with an all-core turbo frequency of up to 3.5 GHz. They are the first x86-based Amazon EC2 instances to offer up to 200 Gbps network bandwidth, and 2x higher packet performance over comparable fifth-generation instances. 

These instances are built on the AWS Nitro System, a collection of AWS designed hardware and software innovations that enables the delivery of efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage. You can take advantage of the higher network bandwidth to scale the performance of applications, such as network virtual appliances, Telco 5G User Plane Function (UPF), high performance computing (HPC), CPU-based AI/ML workloads, in-memory databases (SAP HANA), distributed web scale in-memory caches, caching fleets and real-time big data analytics.

These instances deliver up to 80 Gbps of Amazon Elastic Block Store (Amazon EBS) bandwidth and up to 350K input/output operations per second (IOPS), the highest Amazon EBS performance across Amazon EC2, benefiting workloads such as relational and non-relational databases, high-performance file systems, enterprise applications, and media workflows. They are available in 9 different instance sizes with up to 128 vCPUs, and offer Elastic Fabric Adapter (EFA) networking support on 32xlarge sizes. 

Amazon RDS for MariaDB adds new disaster recovery (DR) capabilities with Cross-Region Automated Backups

Starting this week Amazon Relational Database Service (Amazon RDS) for MariaDB supports Cross-Region Automated Backups. This feature extends the existing Amazon RDS backup functionality, giving you the ability to setup automatic replication of system snapshots and transaction logs from a primary AWS Region to a secondary AWS Region. 

The Amazon RDS Cross-Region Automated Backups feature enables additional disaster recovery capabilities for mission critical databases by providing you the ability to restore your database to a specific point in time within your backup retention period. This allows you to quickly resume operations in the event that the primary AWS Region becomes unavailable. 

Cross-Region automated backup pricing is comprised of the storage for snapshots and the data transfer of the snapshots and the transaction logs. Data transfer between the primary AWS Region to a secondary AWS Region is billed based on the data transfer pricing of the applicable AWS Regions. See Amazon RDS for MariaDB pricing for up-to-date pricing of instances, storage, data transfer and regional availability.

Amazon EMR on EKS is now available in the AWS GovCloud (US) Regions

We are excited to announce that Amazon EMR on EKS is now available in AWS GovCloud (US-East, US-West) Regions. These regions are in addition to the existing Asia Pacific (Beijing, Mumbai, Ningxia, Seoul, Singapore, Tokyo), Australia (Sydney), Canada (Central), Europe (Frankfurt, Ireland, London, Paris, Stockholm), South America (São Paulo) and US (Northern California, N. Virginia, Ohio, Oregon) regions.

Amazon EMR on EKS allows customers to automate the provisioning and management of open-source big data frameworks on EKS. With EMR on EKS, customers can now run Spark applications alongside other types of applications on the same EKS cluster to improve resource utilization and simplify infrastructure management.

Customers can deploy EMR applications on the same EKS cluster as other types of applications, which allows them to share resources and standardize on a single solution for operating and managing all their applications.

Customers get access to the same EMR capabilities on EKS that they use on Amazon EC2 today, such as access to the latest performance optimized Spark runtime, EMR Studio for application development, and a persistent Spark UI for debugging.

Amazon RDS for MySQL adds new disaster recovery (DR) capabilities with Cross-Region Automated Backups

Starting this week Amazon Relational Database Service (Amazon RDS) for MySQL supports Cross-Region Automated Backups. This feature extends the existing Amazon RDS backup functionality, giving you the ability to setup automatic replication of system snapshots and transaction logs from a primary AWS Region to a secondary AWS Region. 

The Amazon RDS Cross-Region Automated Backups feature enables additional disaster recovery capabilities for mission critical databases by providing you the ability to restore your database to a specific point in time within your backup retention period. This allows you to quickly resume operations in the event that the primary AWS Region becomes unavailable. 

Cross-Region automated backup pricing is comprised of the storage for snapshots and the data transfer of the snapshots and the transaction logs. Data transfer between the primary AWS Region to a secondary AWS Region is billed based on the data transfer pricing of the applicable AWS Regions. See Amazon RDS for MySQL Pricing for up-to-date pricing of instances, storage, data transfer and regional availability.

Vertical specific bot templates in Lex Console

Amazon Lex is a service for building conversational interfaces into any application using voice and text. With Amazon Lex, you can quickly and easily build conversational bots (chatbots), virtual agents, and interactive voice response (IVR) systems. Amazon Lex is further enhancing the developer experience by providing eight pre-built bot templates, containing 50+ intents, that can be deployed in minutes. 

Amazon Lex’s pre-built bots provide real-life solutions that reduce the time it takes to deploy conversational AI solutions. Developers can simply modify existing intents, slots, and utterances to best fit their specific use case. In addition to showcasing different conversational flows, bot templates help developers learn and discover new Lex features by providing working examples of intent and slot-specific capabilities.

Bot templates are available for five industry specific verticals: Financial Services, Insurance, Retail, Telecom, and Travel. To get started, log into the Lex Console, select the option for “Bot templates,” choose the appropriate business vertical, and follow the prompts. The new bot templates are available in all AWS regions where Amazon Lex V2 operates. To learn more about the real-life customers that have used these bot templates, go to “Use Cases” from the Amazon Lex homepage. 

AWS Transfer Family announces support for sending AS2 messages over HTTPS

AWS Transfer Family now allows you to send Applicability Statement 2 (AS2) messages using HTTPS. AS2 offers security features like encryption and non-repudiation by default. With the ability to send AS2 messages over HTTPS, you can now benefit from an additional layer of in-transit encryption for your most sensitive EDI payloads and further compatibility with trading partners that require SSL/TLS communications.

Customers across verticals such as healthcare and life sciences, retail, financial services, and insurance that rely on AS2 for exchanging business-critical data use AWS Transfer Family’s highly available, scalable, and globally available AS2 endpoints to more cost effectively and securely exchange transactional data with their trading partners.

Exchanged data is natively accessible in AWS for processing, analysis, and machine learning, as well as for integrations with business applications running on AWS.

AWS Transfer Family announces AWS CloudFormation support and enhanced monitoring capabilities for AS2

You can now use AWS CloudFormation templates to create and manage AWS Transfer Family resources for AS2 including servers, connectors, partner profiles, and certificates. AWS CloudFormation makes it easy to configure the entire stack of AS2 resources required to initiate and test an end-to-end AS2 message exchange.

Additionally, you can now access Amazon CloudWatch metrics for AS2, such as number of successful and failed AS2 messages, in the AWS Transfer Family Management Console. These metrics enable you to more effectively monitor your AS2 activity using a centralized dashboard.

Customers across verticals such as healthcare and life sciences, retail, financial services, and insurance that rely on AS2 for exchanging business-critical data use AWS Transfer Family’s highly available, scalable, and globally available AS2 endpoints to more cost effectively and securely exchange transactional data with their trading partners.

Exchanged data is natively accessible in AWS for processing, analysis, and machine learning, as well as for integrations with business applications running on AWS.

Amazon CloudWatch Synthetics announces new Synthetics NodeJS runtime version 3.9

This week, AWS are announcing an update for Amazon CloudWatch Synthetics canaries to use the Synthetics NodeJS runtime version 3.9. This update updates dependency packages and addresses the planned deprecation of Synthetics NodeJS runtime versions 3.5, 3.6, 3.7, and 3.8.

Canary runs continue indefinitely after the runtime version reaches end of support. However, AWS strongly recommends that you migrate canaries to a supported runtime version so that you continue to receive security patches and remain eligible for technical support. Please refer to the runtime support policy for additional deprecation details.

You can update a canary’s runtime version by using the CloudWatch console, AWS CloudFormation, the AWS CLI or the AWS SDK. You can bulk update canaries by:

  1. Using an upgrade script. For more information, see Canary runtime upgrade script.
  2. Selecting up to five canaries at a time on the canary list page on the CloudWatch console, and then choosing Actions, Update Runtime.

Amazon EC2 Hpc6id instances are now available in additional regions

Starting today, Amazon EC2 Hpc6id instances are available in additional AWS Region Europe (Stockholm). These instances are optimized to efficiently run memory bandwidth-bound, data-intensive high performance computing (HPC) workloads, such as finite element analysis and seismic reservoir simulations. With EC2 Hpc6id instances, you can lower the cost of your HPC workloads while taking advantage of the elasticity and scalability of AWS.

EC2 Hpc6id instances are powered by 64 cores of 3rd Generation Intel Xeon Scalable processors with an all-core turbo frequency of 3.5 GHz, 1,024 GB of memory, and up to 15.2 TB of local NVMe solid state drive (SSD) storage. EC2 Hpc6id instances, built on the AWS Nitro System, offer 200 Gbps Elastic Fabric Adapter (EFA) networking for high-throughput inter-node communications that enable your HPC workloads to run at scale.

The AWS Nitro System is a rich collection of building blocks that offloads many of the traditional virtualization functions to dedicated hardware and software. It delivers high performance, high availability, and high security while reducing virtualization overhead.

With this regional expansion EC2 Hpc6id instances are available in the following AWS Regions: US East (Ohio), AWS GovCloud (US-West) and Europe (Stockholm). To optimize EC2 Hpc6id instances networking for tightly coupled workloads, you can access EC2 Hpc6id instances in a single Availability Zone in each Region.

Amazon ECS increases the number of provisioning tasks quota to deliver faster Cluster Auto Scaling

Amazon Elastic Container Services (Amazon ECS) has increased the “Tasks in PROVISIONING state per cluster“ service quota to deliver a faster Cluster Auto Scaling experience. Customers who need to launch a large number of tasks (>300) in their Amazon ECS clusters will now see their cluster infrastructure scale faster.

Amazon ECS is a fully managed container orchestration service that makes it easier for you to deploy, manage, and scale containerized applications. ECS Capacity Providers is the infrastructure management capability designed to perform Cluster auto scaling by automatically scaling Amazon Elastic Compute Cloud (EC2) Auto Scaling groups on your behalf, so that you can focus on just running your tasks.

ECS performs the scale-out operation iteratively for tasks being provisioned that require additional EC2 instances for placement. ECS can now increase capacity for 500 provisioning tasks in a single step, up from the previous 300 tasks, which translates to fewer scaling iterations, faster cluster autoscaling performance, and speedier task launches.

Announcing Smart Data Validation for Amazon Fraud Detector

This week, Amazon Fraud Detector (AFD) announced the launch of Smart Data Validation, a new feature which helps customers streamline their data preparation process for a successful batch import. Smart Data Validation helps customers save time and resources by validating data at the time of import. This new feature reduces the time to validate and fix customer’s data from days to minutes.

Before this launch, data preparation in AFD could be a complex and time-consuming process for customers. It required manual effort to identify, clean, and validate the data before importing it to AFD for training a ML fraud model. It also required customers to follow carefully after data guidelines, as each of Amazon Fraud Detector fraud models has unique requirements on the quality and format of the data. Previously, this process resulted with customers making a few attempts before successfully importing data into AFD. 

Smart Data Validation now automates the process of data validation during data import. It identifies abnormalities in your data and provides with a simple and effective data validation report to help ensure that each data point is formatted properly and ready for training a ML fraud model. It also helps clear up ambiguities around data requirements and formatting. Starting today, customers can ensure their data is accurate and complete in a fraction of the time. 

Amazon QuickSight enables role-based access control to data sources that connect to Amazon S3 and Athena

Amazon QuickSight now enables you to add role-based access policies to QuickSight data sources that connect to Amazon S3 and Amazon Athena. With this launch of the Run-as IAM Role for S3 and Athena, QuickSight account administrators will be able to provide an IAM Role to individual S3 or Athena data sources in their QuickSight account, rather than enabling account-wide access to connect from QuickSight to S3 or Athena.

When a specific business team needs to access certain data via S3 or Athena, Amazon QuickSight administrators can run an API and assign an AWS Identity and Access Management (IAM) role to specific QuickSight data sources while preventing other business teams from accessing S3 via QuickSight. With the role in place, you can ensure that QuickSight runs with the least-privileged permissions necessary to connect to S3 or run queries in Athena.

Amazon EKS and Amazon EKS Distro now support Kubernetes version 1.25

Kubernetes 1.25 introduced several new features and bug fixes, and AWS is excited to announce that you can now use Amazon EKS and Amazon EKS Distro to run Kubernetes version 1.25. Starting today, you can create new 1.25 clusters or upgrade your existing clusters to 1.25 using the Amazon EKS console, the eksctl command line interface, or through an infrastructure-as-code tool.

Some things to note in this release are the removal of PodSecurityPolicy (PSP), the graduation of Pod Security Admission to stable, and enhancements to cluster authentication. If you are using PSP in your cluster, then before upgrading your cluster to version 1.25, you must migrate your PSP to the built-in Kubernetes Pod Security Standards or to a policy-as-code solution to avoid interruptions and to protect your workloads.

You can learn more in the PSP removal FAQ page and in  the EKS Best Practices Guide. For detailed information on major changes in Kubernetes 1.25, see the Amazon EKS blog post and the Kubernetes project release notes.

Kubernetes 1.25 support for Amazon EKS is available in all AWS Regions where Amazon EKS is available, including the AWS GovCloud (US) Regions.

AWS App Runner now supports HTTP to HTTPS redirect

AWS App Runner now redirects incoming HTTP based requests to an App Runner service endpoint to HTTPS. Until now, incoming requests to an HTTP endpoint failed with timeout status response. Now, you can use both HTTP and HTTPS endpoints from your client to access your application running on App Runner.

App Runner will redirect the incoming request to an HTTPS endpoint with 301 “Moved Permanently” status code. You do not need to make any configuration change to your App Runner service to enable HTTP to HTTPS redirect.

App Runner makes it easier for developers to quickly deploy containerized web applications and APIs to the cloud, at scale, and without managing infrastructure. By default, App Runner supports HTTPS endpoints. With App Runner, you do not need to configure TLS cipher suites or any other parameters. App Runner manages the TLS termination for you. 

Amazon RDS Custom for Oracle is now available in Canada (Central) and South America (São Paulo) AWS Regions

Amazon Relational Database Service (Amazon RDS) Custom for Oracle, a managed database services for legacy, custom, and packaged applications that require access to the underlying operating system and database environment, is now available in the AWS Regions of Canada (Central) and South America (São Paulo).

By using Amazon RDS Custom for Oracle, you can benefit from the agility of a managed database service, with features such as automated backups and point-in-time recovery, and also meet database application’s customization requirements.

By allowing more applications to move to a managed database service, you can save time on the undifferentiated heavy lifting of database management and focus on higher level tasks.

AWS Lake Formation is now available in AWS Asia Pacific (Jakarta) Region

AWS Lake Formation is a service that allows you to set up a secure data lake in days. A data lake is a centralized curated, and secured repository that stores all your data, both in its original form and prepared for analysis.

A data lake enables you to break down data silos and combine different types of analytics to gain insights and guide better business decisions.

Creating a data lake with Lake Formation allows you to define where your data resides and what data access and security policies you want to apply. Your users can then access the centralized AWS Glue Data Catalog which describes available data sets and their appropriate usage.

Your users then leverage these data sets with their choice of analytics and machine learning services, like Amazon EMR for Apache Spark, Amazon Redshift Spectrum, AWS Glue, Amazon QuickSight, and Amazon Athena.

Amazon Detective adds the ability to export data from Summary page panels and search results

Amazon Detective now supports the ability to export data from Summary page panels and search results in comma-separated values (CSV) format. You can use this new capability to export data from the Detective management console and enrich your security investigations by manipulating the data using other AWS services, third-party applications, or spreadsheet programs that support CSV import.

Detective’s Summary page has panels that can help you identify unusual activity like IAM roles with high API call volume or EC2 instances with the most traffic. You can use these panels as starting points for your security investigations and can now export data from the panels Roles and users with the most API call volume, EC2 instances with the most traffic volume, and EKS clusters with the most Kubernetes pods.

Detective’s search allows you to look for specific Amazon GuardDuty findings or entities like AWS accounts, S3 buckets, or EC2 instances. You can use search to get an overview of specific entities and review new behavior that may present risk like communicating with malicious IP addresses or multiple failed API calls.

When you complete the search, Detective displays a list of matching results and you now have an Export option to download the list of results.

Announcing AWS Telco Network Builder

AWS announces the general availability of AWS Telco Network Builder to help communications service providers (CSPs) automate the deployment and management of telco networks on AWS. CSPs want to take advantage of the cost efficiencies, agility, and elasticity of the cloud, but it’s complicated to map traditional network requirements to a cloud environment.

To set up a large network, you need to deploy hundreds of compute, storage, and networking components on AWS across thousands of locations. You also need to set up and maintain secure networking between locations, then manage and scale ongoing network operations.

AWS Telco Network Builder is a network automation service that makes it easier and faster to deploy and manage telco networks on AWS while still using telecom industry standards. With AWS Telco Network Builder, you define network requirements by using telecom industry standards.

AWS Telco Network Builder maps the requirements to a cloud architecture and provisions the right compute, storage, and networking resources automatically. AWS Telco Network Builder simplifies network lifecycle management by allowing you to deploy, update, and upgrade network functions and services.

The service also provides a centralized dashboard so that you can monitor and manage your network functions and AWS services from one place.

Launch Amazon SageMaker Model Monitor from SageMaker Model Dashboard

You can now launch and configure Amazon SageMaker Model Monitor from the SageMaker Model Dashboard using a code-free point and click set-up experience. Amazon SageMaker Model Dashboard gives you unified monitoring across to all your models by providing insights into deviations from expected behavior, automated alerts, and troubleshooting to improve model performance.

After models are deployed in production, data in the real-world may deviate over time from the data that was used to train the model, which may eventually lead to lower model accuracy. For example, changes in macro-economic conditions such as interest rates could impact the quality of model used to predict housing prices.

Model Monitor can detect drift in data quality, model quality, bias, and feature attribution, and alert you to take remedial actions when such changes occur. 

AWS Expands Torn Write Prevention to EC2 Im4gn, Is4gen instances and additional EBS regions

Torn Write Prevention (TWP) is a feature that ensures 16KiB write operations are not torn in the event of operating system crashes or power loss during write transactions. Starting this week, this feature is available for AWS customers using instance store on AWS Nitro SSD based EC2 Im4gn and Is4gen storage optimized instances, and in additional Amazon Elastic Block Store (EBS) regions, a block storage service, when attached to all EC2 Nitro-based instances.

TWP enables customers running databases such as MySQL or MariaDB on EC2, EBS, and managed services like Amazon RDS, to turn off the double write operation, thereby accelerating database performance Transactions per Second (TPS) without compromising the resiliency of their workloads. 

For customers using AWS EC2 I4i, Im4gn and Is4gen instances, they can use TWP in the regions where those instances are available. For customers with EBS volumes attached to Nitro instances, TWP is available in all public AWS Regions, including the AWS GovCloud (US) Regions and AWS China Regions. 

Amazon RDS for Oracle now supports early notifications of Auto minor Version Upgrades (AmVU)

Amazon Relational Database Service (Amazon RDS) for Oracle now supports early notifications of Auto minor Version Upgrades (AmVU) for instances via Pending Maintenance Actions (PMA), enhancing usability of AmVU. 

Customers with AmVU enabled for their Amazon RDS for Oracle instances will benefit from the early notification of AmVU, which will give them more time to prepare and take downtime during patches.

While the exact amount of notice may vary, customers will receive at least 3 weeks prior notice for an impending AmVU in any region. Customers will be able to manage their own fleets, testing minor versions in pre-production environments before applying them in production environments. To learn more, read Maintaining a DB instance documentation.

Amazon OpenSearch Service now lets you schedule service software updates during off-peak hours

Amazon OpenSearch Service now lets you schedule service software and auto-tune updates during off-peak hours, helping you plan deployments to your domain better. In addition, with improved notifications through EventBridge events, and notifications on the OpenSearch Service console, you have better visibility of scheduled updates, when the updates start, and complete.

With the new off-peak hours feature, you can define a ten-hour daily window when you experience comparatively lower traffic load, and choose to schedule service software updates or auto-tune updates to your domain during these hours, helping you reduce the risk of any potential disruption to your cluster operations.

In addition, you can optionally choose to automatically schedule software updates once they are available during off-peak hours. You will receive a notification with the exact date and hour of the update, which you can reschedule if required, as per your preference.

The off-peak hours feature is available across 31 regions globally. Please refer to the AWS Region Table for more information about Amazon OpenSearch Service availability.

Amazon Kinesis Data Analytics is now available in the Middle East (UAE) region

Amazon Kinesis Data Analytics makes it easier to transform and analyze streaming data in real time with Apache Flink. Apache Flink is an open source framework and engine for processing data streams. Amazon Kinesis Data Analytics reduces the complexity of building and managing Apache Flink applications.

Amazon Kinesis Data Analytics for Apache Flink integrates with Amazon Managed Streaming for Apache Kafka (Amazon MSK), Amazon Kinesis Data Streams, Amazon Opensearch Service, Amazon DynamoDB streams, Amazon Simple Storage Service (Amazon S3), custom integrations, and more using built-in connectors. You can learn more about Amazon Kinesis Data Analytics for Apache Flink here.

Amazon Connect Cases is now available in 5 additional regions

Amazon Connect Cases can now be used by Amazon Connect customers in the Europe (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), and Europe (London) AWS regions.

Amazon Connect Cases provides built-in case management capabilities that make it easy for your contact center agents to create, collaborate on, and quickly resolve customer issues that require multiple customer conversations.

Agents can follow-up tasks, all without having to build custom applications or integrate with third-party products. Amazon Connect Cases is available in US East (N. Virginia), US West (Oregon), Europe (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), and Europe (London) AWS regions.

Amazon Connect Cases now supports AWS PrivateLink

You can now use AWS PrivateLink to privately access Amazon Connect Cases from your Amazon Virtual Private Cloud (Amazon VPC) without using public IPs, and without requiring the public internet.

AWS PrivateLink provides private connectivity among VPCs, AWS services, and your on-premises networks, without exposing your traffic to the public internet. Now, you can manage your Amazon Connect Cases agents and admins without requiring an internet gateway in your VPC. AWS PrivateLink comes with private internet connectivity, security groups, and VPC endpoint policies to help meet your compliance requirements.

Amazon Connect Cases provides built-in case management capabilities that make it easy for your contact center agents to create, collaborate on, and quickly resolve customer issues that require multiple customer conversations and follow-up tasks, all without having to build custom applications or integrate with third-party products.

To use AWS PrivateLink, create an interface VPC endpoint for Amazon Connect Cases in your VPC using the Amazon VPC console, EC2 SDK, or CLI. You can also access the VPC endpoint from on-premises environments or from other VPCs using AWS VPN, AWS Direct Connect, or VPC Peering.

Announcing AWS ParallelCluster 3.5 with a new UI for AWS ParallelCluster

AWS ParallelCluster 3.5 is now generally available and expands your choices and flexibility by adding the graphical user interface for AWS ParallelCluster to help you set up, monitor, and manage High Performance Computing (HPC) clusters on AWS. Other important features in this release include:

  • Enhancements designed to improve visibility for cluster errors during compute node bootstrap, execution of pre and post install script
  • Enhancements designed to improve reliability for compute node reboot
  • Support of long cluster names up to 40 characters
  • Programmatic interface you can use to access AWS ParallelCluster via a Python library

For more details on the release, review the AWS ParallelCluster 3.5 release notes

Amazon Detective launches an interactive workshop for investigating potential security issues

You can now learn to use Amazon Detective with a new self-paced workshop in AWS Workshop Studio. AWS Workshop Studio is a collection of self-paced tutorials designed to teach practical skills and techniques to solve business problems.

Amazon Detective Workshop is designed to teach you how to use the primary features of Detective through a series of interactive modules that cover topics such as security alert triage, security incident investigation, and threat hunting.

Together with an updated Amazon GuardDuty Workshop, you can learn how to identify security findings and more quickly analyze and determine the nature and extent of those security issues.

Detective makes it easier to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Once enabled, Detective automatically collects log data from AWS resources and uses machine learning, statistical analysis, and graph theory to build interactive visualizations to run faster and more efficient security investigations.

Detective analyzes events from multiple data sources such as Amazon Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail logs, Amazon GuardDuty findings, and Amazon Elastic Kubernetes Service (EKS) audit logs to create a unified, interactive view of your resources, users, and the interactions between them.

With this unified view, you can visualize all the details and context in one place to identify the underlying reasons for security findings, drill down into relevant historical activities, and quickly determine root cause.


Getting_Started_gcp_logo
Google Cloud Releases and Updates
Source: cloud.google.com

 

Anthos clusters on bare metal

Anthos clusters on bare metal 1.13.5 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.13.5 runs on Kubernetes 1.24.

Anthos Service Mesh

You can now download 1.15.5-asm.2 for in-cluster Anthos Service Mesh. It includes the features of Istio 1.15.5 subject to the list of supported features.

1.16.2-asm.2 is now available for in-cluster Anthos Service Mesh.

You can now download 1.16.2-asm.2 for in-cluster Anthos Service Mesh. It includes the features of Istio 1.16.2 subject to the list of supported features.

Managed Anthos Service Mesh 1.16 isn't rolling out to the rapid release channel at this time. You can periodically check this page for the announcement of the rollout of managed Anthos Service Mesh to the rapid channel. See Select a managed Anthos Service Mesh release channel for more information.

Anthos Service Mesh now supports multi-cluster meshes on Amazon EKS and Microsoft AKS. See Install Anthos Service Mesh and Set up a multi-cluster mesh outside Google Cloud for more information.

Anthos Service Mesh now supports Mesh CA on all supported platforms.

Anthos Service Mesh now supports Anthos Clusters on Azure as a preview feature.

Anthos Service Mesh 1.13 is no longer supported. For more information, see Supported versions.

Apigee API hub

On February 20, 2023 Apigee API hub released a new version of the software.

App Engine flexible environment Go

The Go runtime versions 1.18 and 1.19 are now available in preview and are built on a modern and secure operating system (Ubuntu 22). These new runtime versions use Google Cloud's buildpacks and require updates to your app.yaml. Learn more.

App Engine flexible environment Python

The Python runtime versions 3.8, 3.9, 3.10, and 3.11 are now available in preview and are built on modern and secure operating systems (Ubuntu 18 and 22). These new runtime versions use Google Cloud's buildpacks and require updates to your app.yaml. Learn more.

BigQuery

 

Authorized stored procedures are now in preview. This feature lets you share stored procedures with users or groups without giving them direct access to the underlying tables.

Fixed linked datasets querying shared dataset that has data ingested through streaming inserts or the BigQuery Storage Write API.

Cloud DNS

Health checks for internal load balancers and automatic failovers in Cloud DNS routing policies are now available in GA.

Cloud Interconnect 

HA VPN over Cloud Interconnect is generally available. With HA VPN over Cloud Interconnect, you can use Cloud VPN to encrypt your Cloud Interconnect traffic by deploying HA VPN tunnels over your VLAN attachments.

For more information, see the HA VPN over Cloud Interconnect overview.

Cloud Load Balancing

Network Load Balancing logging and Internal TCP/UDP Load Balancing logging are now available in General availability.

Cloud Storage

You can now attach a maximum of 50 tag bindings to a storage bucket.

Cloud VPN

HA VPN over Cloud Interconnect is generally available. With HA VPN over Cloud Interconnect, you can use Cloud VPN to encrypt your Cloud Interconnect traffic by deploying HA VPN tunnels over your VLAN attachments.

For more information, see the HA VPN over Cloud Interconnect overview.

Compute Engine

 

Generally available: NVIDIA® T4 GPUs are now available in the following region and zones:

  • Warsaw, Poland, Europe: europe-central2-b,c

For more information about using GPUs on Compute Engine, see GPU platforms.

Generally available: The image import tool now supports importing SUSE Linux Enterprise Server 15 SP4 and SUSE Linux Enterprise Server 15 SP4 for SAP images to Google Cloud.

Regional metrics for Compute Engine API limits are now available. Regional migration of API limits reduces the scope of global or multi-regional outages. For more information about the new regional metrics and changes in API limits, see API rate limits.

Due to this change, you might want to update your Cloud Monitoring dashboards, queries and alerts to use the regional metrics. For more information, see Migrate Compute Engine API quota from global metrics to regional metrics.

Preview: You can autoscale a regional managed instance group with a BALANCED target distribution shape. With the BALANCED shape, the autoscaler is aware of the capacity in each zone and creates VMs in zones that have resource availability. For more information, see Autoscaling a regional MIG.

Datastream

You can now set the number of maximum concurrent backfill tasks for a stream using the Datastream API. To learn more, see Manage streams.

Discovery Engine API

Discovery for Media

Preview recommendations is now available in Preview mode.

Use this feature to preview and evaluate what documents your serving configs will recommend to your users. This allows you to test models and serving configs quickly before you go into production.

For information about this feature, see Preview Recommendations.

Document AI

When creating a TIFF file type document, we will also convert it to a PNG image for UI rendering.

Deprecate the procedure for granting Cloud Storage roles to the Document AI Warehouse service account for future provisioned projects.

This launch upgrades the lifecycle stage of the Custom Document Extractor (CDE) component of the DocAI Workbench from Public Preview to Generally Available (GA). CDE covers essential workflows for developing custom document extraction processors with end-to-end UI support:

  • Data import
  • Schema creation and annotation
  • Processor model training
  • Evaluation and troubleshooting
  • Model deployment and version management
  • Human-in-the-loop (HITL) integration for "last-mile" processor quality assurance

Notable new Generally Available Custom Document Extractor (CDE) features include:

  • Public APIs
  • Automatic schema label creation from pre-labeled documents
  • Schema label data type and occurrence editable pre-training
  • New DocAI Toolkit with a labeled document converter

The following features have been upgraded:

  • Processor Gallery
  • Schema editor
  • Labeling UI
  • Training pipeline
  • Manage versions table

Google Cloud VMware Engine

VMware Engine private clouds support the addition of a Trusted Platform Module (TPM) 2.0 virtual cryptoprocessor to a virtual machine.

For details about this feature, see About Virtual Trusted Platform Module.

Google Distributed Cloud Edge

This is a minor release of Distributed Cloud Edge (version 1.3.0).

The following new features have been introduced in this release of Google Distributed Cloud Edge:

The following changes have been introduced in this release of Distributed Cloud Edge:

  • Getting information about a Machine resource now returns the version of the Distributed Cloud Edge cluster stack.
  • You can now connect Distributed Cloud Edge clusters to a Virtual Private Cloud network in a Cloud project other than your Distributed Cloud Edge cluster project.
  • When creating a cross-project VPN connection, you can no longer specify a VPC project service account. Distributed Cloud Edge now uses your cluster project service account.

GKE

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and for opt-in control plane upgrades and node upgrades for existing clusters. For more information on versioning and upgrades, see GKE versioning and support and Upgrades.

Live Stream API

Added content encryption support

Added new channel events: mute, unmute, return to program, and switch input

Added the timecode feature which supports synchronizing media workflows with live stream content

Migrate to Virtual Machines

Preview: Migrate to Virtual Machines from an Azure source lets you migrate Azure VM instances to Compute Engine.

Vertex AI Workbench

This update of the M104 release of Vertex AI Workbench managed notebooks includes the following:

  • Fixed a bug where local and remote kernels are not displayed. This happens when remote kernels are not accessible.
  • Minor bug fixes and improvements.

Workflows

An issue where one shared variable in a subworkflow overwrote another in a calling subworkflow during a workflow's execution is resolved. This affected calling a subworkflow with a parallel step from within a parallel step.


Getting_Started_Azure_Logo
Microsoft Azure Releases And Updates
Source: azure.microsoft.com

Public Preview: Azure NetApp Files volume user and group quotas

 Azure NetApp Files now supports volume user and group quotas to manage storage utilization on a per user or group basis
 

Public Preview: Azure NetApp Files now support large volumes up to 500TiB in size

You can now create Azure NetApp Files large volumes between 100TiB to 500TiB in size.

Public preview: Incremental snapshots for Premium SSD v2 Disk Storage

To ensure business continuity, incremental snapshots for Premium SSD V2 Disk Storage are now available in public preview in the US East and West Europe Azure region

Generally Available: Azure Red Hat OpenShift in Qatar Central

Azure Red Hat OpenShift is now available in Qatar Central region.

General availability: Stream Analytics no-code editor updates in Feb 2023

New features are now available in Stream Analytics no-code editor GA including Power BI output support, and data preview optimization. Power BI output feature enables you to build real-time dashboard in minutes and low-cost.

GA: Create disks from CMK-encrypted snapshots across subscriptions and in the same tenant

To ease manageability, we are making disks encrypted with customer-managed keys (CMK) more flexible by allowing creation of disks and snapshots from CMK-encrypted source across subscriptions. 

Public preview: Azure Managed Lustre

Accelerate HPC and AI workloads with a managed parallel file system

General availability: Azure Sphere OS version 23.02

This quality release includes bug fixes in the Azure Sphere OS.

General availability: Azure IoT Edge supports Ubuntu 22.04

The latest Azure IoT Edge releases provide official packages for Ubuntu 22.04 on AMD64 and ARM64 devices.

Now Available: Azure Monitor Query client module for Go

The initial stable release of the Azure Monitor Query module for Go is now available. Build apps that perform read-only queries in Azure Monitor's Logs and Metrics platforms.

General availability: Azure Data Explorer Dashboards

We are thrilled to announce the much-anticipated General Availability of ADX Dashboards!

Public Preview: Customer-managed keys for Azure NetApp Files volume encryption

Azure NetApp Files volumes now support encryption with customer-managed keys (CMK), using Azure Key Vault for key storage, to enable an extra layer of security for data at rest.

Public preview: New General-Purpose VMs - Dlsv5 and Dldsv5

The Dlsv5 and Dldsv5 VM series provide 2GiBs per vCPU and can offer lower price points within the general-purpose Azure Virtual Machines portfolio.

Read-write premium caching now in public preview

Now you can do more with Azure HPC Cache at the same cost you’ve come to expect.

 

  

All_Hava_Diagrams
Have you tried Hava automated diagrams for AWS, Azure, GCP and Kubernetes.  Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.

Not knowing exactly what is in your cloud accounts, or those of your client's can be a worry. What exactly is running in there and what is it costing? What obsolete resources are you still being charged for? What legacy dev/test environments can be switched off? What open ports are inviting in hackers? You can answer all these questions with Hava.
 
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure, GCP accounts or stand alone K8s clusters. Once diagrams are created, they are kept up to date, hands free. 

When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
 
Check out the 14 day free trial here (No credit card required and includes a forever free tier):


Learn More!

 

Topics: aws azure gcp news
Team Hava

Written by Team Hava

The Hava content team

Featured