Here's a round up of all things GCP, Azure and AWS for the week ending Friday 16th July 2021.
To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
Source: aws.amazon.com
Amazon HealthLake, now in General Availability, is a HIPAA-eligible service that enables healthcare providers, health insurance companies, and pharmaceutical companies to securely store, transform, query, and analyze health data at petabyte scale.
AWS are delighted to announce that Amazon Lex now supports Indian English. Amazon Lex is a service for building conversational interfaces into any application using voice and text. Amazon Lex provides deep learning powered automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational interactions. With Indian English, you can deliver a robust and localized conversational experience that accurately understands Indian dialects. You can also respond to users with natural sounding Amazon Polly Indian voices to provide a fully localized conversational experience.
This week AWS are launching Simple File Manager for Amazon EFS into the AWS Solutions Implementations portfolio. Simple File Manager for Amazon EFS is a serverless solution that provides a user interface for managing data in your Amazon Elastic File System (Amazon EFS) file systems. Deploying this solution allows you to seamlessly browse any EFS file system in your Amazon Web Services, Inc. (AWS) account and upload, download, or delete data from virtually any device, without the need to setup or maintain any dedicated Amazon Elastic Compute Cloud (Amazon EC2) or networking infrastructure. As an example, you can use this solution to upload large machine learning (ML) model files to an Amazon EFS file system that is used by an AWS Lambda function for ML inference.
AWS CloudFormation now supports increased limits on the default number of stacks allowed per AWS account. The number of stacks that can be created in an account is now 2000 (previously 200).
FreeRTOS AWS reference integrations are pre-integrated FreeRTOS projects ported to microcontroller-based evaluation boards that demonstrate end-to-end connectivity to AWS IoT Core. This helps developers save months of development effort and accelerate time to market. FreeRTOS AWS reference integrations now include the new managed AWS IoT Over-the-Air update (OTA) library, AWS IoT Jobs library, and the AWS IoT Device Defender custom metrics feature from the FreeRTOS 202012.01 LTS release, and the coreMQTT Agent library from the FreeRTOS 202104.00 release.
AWS IoT Core is now integrated with AWS PrivateLink, enabling you to create private IoT Core data endpoints in your Virtual Private Cloud (VPC) using Interface VPC Endpoints . AWS PrivateLink is an AWS technology that enables private communication between your VPC and AWS services, such as IoT Core, by using private IP addresses that are not reachable from the public internet and do not require an internet gateway or NAT device to access. When used in conjunction with one of the many network-to-VPC connectivity options, your IoT Core VPC endpoint can function as though it were hosted directly on your private network.
AWS IoT SiteWise is a managed service that makes it easy to collect, store, organize and monitor data from industrial equipment at scale to help you make better, data-driven decisions.
Forty-four new or updated datasets from the National Library of Medicine, Digital Earth Africa, Amazon, and others are available on the Registry of Open Data in the following categories.
Amazon Data Lifecycle Manager (DLM) now offers a new console experience that makes it easier for you to create, modify and manage your DLM policies. The new console allows you to create policies and modify existing policies in a more streamlined manner and provides you more information and easier access to additional resources.
Healthcare and life science organizations are undergoing transformation from bench-top to the point of care — reinventing how they collaborate, make data-driven clinical and operational decisions, enable precision medicine, accelerate therapy development, and decrease the cost of care. Industry leaders like Wellforce, Rush Medical Center, GRAIL, Moderna, and Genomics England use the AWS Cloud to support critical functions in health, while adhering to global compliance requirements.
AWS Private Certificate Authority (CA) now supports an open source plugin for cert-manager that offers a more secure certificate authority solution for Kubernetes containers. cert-manager is a widely-adopted solution for TLS certificate management in Kubernetes. Customers who use cert-manager for application certificate lifecycle management can now use this solution to improve security over the default cert-manager CA, which stores keys in plaintext in server memory. Customers with regulatory requirements for controlling access to and auditing their CA operations can use this solution to improve auditability and support compliance.
AWS IoT SiteWise has now launched AWS PrivateLink support for control plane APIs to manage AWS IoT SiteWise resources such as gateways, asset models, and assets. You can now securely create, update or delete your AWS IoT SiteWise resources without crossing the public Internet and without using public IP addresses. For more information, please visit the updated AWS IoT SiteWise and interface VPC endpoints page in our developer guide.
Customers use AWS Glue workflows to create and visualize complex extract, transform, and load (ETL) activities involving multiple crawlers, jobs, and triggers. AWS Glue now supports event-driven workflows, a new capability that lets customers start AWS Glue workflows based on events delivered by Amazon EventBridge. With this new integration, you can trigger a data integration workflow using events generated from your applications, integrated Software-as-a-Service (SaaS) applications, and AWS services. For example, customers can trigger a data integration workflow as soon as a hundred files land in an S3 bucket.
The AWS App Mesh constructs module for AWS Cloud Development Kit (AWS CDK) is now generally available. The new AWS App Mesh service construct for AWS CDK simplifies provisioning of AWS App Mesh resources into your CDK infrastructure stacks. Strongly typed interfaces make it easy to select the appropriate configurations for your mesh, as well as integrate with other supported AWS Services.
AWS Elemental MediaPackage is a video origination and just-in-time packaging service that allows video distributors to securely and reliably deliver live streaming or on-demand content at scale. From a single video input, MediaPackage creates video streams formatted to play on connected TVs, mobile phones, computers, tablets, and game consoles. It makes it easy to implement popular video features commonly found on DVRs, such as start-over, pause, and rewind. The service can also protect your content using Digital Rights Management (DRM) technologies.
Amazon EC2 now provides customers the flexibility to specify weekly recurring time window(s) for Scheduled Events that reboot, stop or terminate EC2 instances. AWS schedules infrequent events, such as a reboot, stop, or termination, for EC2 instances when it detects irreparable failure of the underlying host or when it must perform tasks such as maintaining the underlying host. With the flexibility to specify event windows, customers can set up Scheduled Events for their EC2 instances to occur during off-peak periods. Customers can also align these time windows with their internal maintenance schedules. Software vendors can leverage this capability to customize time windows for scheduled events based on their customers’ preferences.
AWS Certificate Manager (ACM) now allows you to import Secure Sockets Layer/Transport Layer Security (SSL/TLS) X.509 certificates of additional key types and key sizes, including Elliptic Curve Digital Signature Algorithm (ECDSA) and RSA 3072 and 4096 keys and bind them with integrated services like Amazon CloudFront and Application Load Balancer. Previously, you could use AWS Identity and Access Management (IAM) to import and use these certificate types as ACM only supported usage of imported RSA 1024 or RSA 2048 key certificates.
Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it.
Amazon Lex is a service for building natural language conversational interfaces using voice and text into your application. Earlier this year, AWS launched an enhanced V2 management console and APIs. The V2 API makes it easier for bot developers to add new languages to a bot and also deliver natural conversational experiences such as wait and continue (“Can you wait while I get my credit card?”). Today, we introduce tooling to automate migration of bots from Lex V1 Console to the Lex V2 Console. The migration tool uses existing intents and slot types to create corresponding resources in the Lex V2 Console.
Amazon Lightsail now provides you with the ability to store your static content such as images, videos or HTML files in an object storage that can be used for your websites and applications. Lightsail object storage can be associated to your Lightsail CDN distribution with a few simple clicks, making it quick and easy to accelerate the delivery of your content to a global audience. It can also be used as a low cost, secure backup solution. Lightsail object storage comes with the same predicable pricing as its other offerings with three different flat rate bundles starting at $1/month.
Starting today, you can use Elliptic Curve Digital Signature Algorithm (ECDSA) P256 certificates to negotiate HTTPS connections between your viewers and Amazon CloudFront. As noted by NIST , ECDSA certificates can provide comparable security strength with smaller key sizes than RSA. As a result, conducting TLS handshakes with ECDSA certificates requires less networking and computing resources making them a good option for IoT devices that have limited storage and processing capabilities.
The AWS Well-Architected Tool (AWS WA Tool) now offers the ability for customers and AWS Partners to mark individual best practices as not applicable during their workload review.
AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, and AD Connector are now available in the AWS Asia Pacific (Osaka) Region.
Image Builder components, which are a set of documents that enable image customization in EC2 Image Builder, now support parameters as an input in the image build process. You can now reuse your existing component investments in EC2 Image Builder to create different custom images by easily passing component parameters, such as installation directory or software version, in the image recipe.
Amazon SageMaker Pipelines, the first purpose-built continuous integration and continuous delivery (CI/CD) service for machine learning (ML), is now integrated with SageMaker's automatic model tuning capability . Customers can add a model tuning step (TuningStep) in their SageMaker Pipelines which will automatically invoke a hyperparameter tuning job. The hyperparameter tuning finds the best version of a model by running many training jobs on the dataset using the algorithm and the ranges of hyperparameters specified by the customer. They can then register the best version of the model into the model registry using the RegisterModel step.
Patch Manager, a feature of AWS Systems Manager, now provides a more holistic view of the patch compliance and inventory of your fleet of instances by additionally reporting on stopped instances. This feature helps you to further simplify patch compliance and inventory reporting because information is now readily available for stopped instances.
AWS Glue DataBrew, a visual data preparation tool that makes it easy for data analysts and data scientists to clean and normalize data for analytics and machine learning, is now available in the AWS Asia Pacific (Hong Kong) Region. For a list of regions where AWS Glue DataBrew is available, see the AWS Region Table.
AWS IoT Core for LoRaWAN now supports customer endpoints in VPCs. With this feature, your IoT devices and applications can communicate with IoT Core for LoRaWAN from your Virtual Private Cloud (VPC) without the need to allow traffic from the VPC to public IP addresses. VPC endpoints are powered by AWS PrivateLink, an AWS technology that enables private communication between your VPC and AWS services, like AWS IoT Core for LoRaWAN, on the private AWS network.
This week AWS were excited to announce AWS Deep Learning Containers (DLCs) with integrated SDKs for inference that enable customers to easily deploy Hugging Face models in Amazon SageMaker at scale. This was the number one requirement from AWS customers that have been leveraging the Hugging Face AWS DLCs for training (Hugging Face training DLCs) that released in March 2021.
Amazon SageMaker is a fully managed service that provides every developer and data scientist with the ability to build, train, and deploy machine learning (ML) models quickly. To deploy ML models for real-time predictions, Amazon SageMaker provides you with a large selection of AWS compute instances, so you can find the right cost to performance ratio depending on your requirements. The Amazon Inf1 instance is powered by AWS Inferentia, a custom chip built from the ground up by AWS to accelerate ML inference workloads. Starting today, Amazon ml.Inf1 instances are additionally available on Amazon SageMaker in the Asia Pacific (Sydney), Europe (Stockholm), Europe (Milan), and AWS GovCloud (US-West) regions.
Following the announcement of updates to the PostgreSQL database , we have updated Amazon RDS for PostgreSQL to support PostgreSQL minor versions 13.3, 12.7, 11.12, 10.17, and 9.6.22. This release closes security vulnerabilities in PostgreSQL and contains bug fixes and improvements done by the PostgreSQL community.
Tag policies help you govern tag consistency across resources in your organization's accounts. For example, with tag policies, you can define rules on tag keys, including how they should be capitalized and their allowed values. With this release, the maximum size of a tag policy document has been increased from 2.5k to 10k characters for both new and existing tag policies. The number of allowed policies has also been increased from 5 to 10.
You can now use the Amazon Redshift Data API in the AWS Asia Pacific (Osaka) Region to access Amazon Redshift. The Redshift Data API simplifies data access, ingest, and egress from languages supported with the AWS SDK such as Python, Go, Java, Node.js, PHP, Ruby, and C++.
Starting today, AWS AppSync is available in the Asia Pacific (Osaka) region.
AWS Cloud Map now provides the ability to configure the negative caching for DNS queries. AWS Cloud Map is a cloud resource discovery service that allows customers to define custom names for their application resources, such as Amazon Elastic Container Services (ECS) tasks, Amazon Elastic Compute Cloud (EC2) instances, Amazon DynamoDB tables, or any other cloud resource. They can then use these custom names to discover the network location and metadata of these cloud resources from their applications using AWS SDK and authenticated API queries.
NoSQL Workbench for DynamoDB , a client-side tool that helps you design, visualize, and query nonrelational data models by using a point-and-click interface, now helps you run frequent data-plane operations more easily to modify and access table data. Now, you can save or bookmark as many as 50 DynamoDB data-plane operations in the NoSQL Workbench operation builder.
This week AWS announced that they have updated AWS Amplify’s tools and libraries for Flutter to support null safety for all AWS use cases. Flutter developers can now enjoy all the easy-to-integrate Amplify functionality with higher reliability and improved developer ergonomics. Sound null safety is a Dart language feature in which code is non-nullable by default and turns runtime null-dereference errors into edit-time analysis errors. This enables developers to reduce bugs in their code and benefit from performance improvements through smaller binaries and faster execution.
Source: cloud.google.com
Cloud Logging
The Cloud Console now supports creating Logging sinks at the organization or folder level. For information on creating sinks, see Exporting logs with the Google Cloud Console.
Starting on October 12, 2021, your Dataflow logs that are ingested and stored in Cloud Logging will be charged at the standard Cloud Logging prices. It's recommended that you review the volume of Dataflow logs ingested into Cloud Logging through Metrics Explorer in Cloud Monitoring. For information on optimizing the log volume for your Dataflow jobs, see Controlling log volume.
You can now install the Logging and Monitoring agents on multiple VMs from the Inventory tab on the Cloud Monitoring VM Instances page. You can select multiple VMs in your fleet for agent installation. The page generates the necessary installation command and provides a link to Cloud Shell, where you can run the command.
Cloud Monitoring
The VM instances page has a new Processes tab in Preview. This tab adds charts for process metrics to the charts provided by the existing CPU, Memory, Disk, and Network tabs.
You can now install the Logging and Monitoring agents on multiple VMs from the Inventory tab on the Cloud Monitoring VM Instances page. You can select multiple VMs in your fleet for agent installation. The page generates the necessary installation command and provides a link to Cloud Shell, where you can run the command.
Cloud Shell
Terraform plugin v2.12.0
The Cloud Shell Editor now comes preinstalled with the HashiCorp Terraform extension! The extension adds syntax highlighting and other editing features for Terraform files using Terraform Language Server. Review the Terraform release notes for a complete list of features/updates/bug fixes.
Compute Engine
Preview: Access the Compute Engine API using Cloud Client Libraries built on GCP's latest client library model. An updated client library is now available in the following language:
For more information, see Compute Engine client libraries.
Preview: The Observability tab on Compute Engine's VM instance details page includes a new category for process metrics. You can use the new charts and reports to troubleshoot the behavior of processes running on your VMs.
Config Connector
Config Connector 1.56.0 is now available.
Added support for ComputeInstanceGroupManager resource (Issue #314).
Added support for BinaryAuthorizationPolicy resource.
Added cluster.kmsKeyRef field to BigtableInstance.
Added expire, rotation, topics, and ttl fields to SecretManagerSecret (Issue #471).
Fixed bug that was causing CloudIdentityGroup to go through infinite updates.
Added timestamp to log messages.
Aggregated the cnrm-admin ClusterRole to the admin and edit ClusterRoles, and aggregated the cnrm-viewer ClusterRole to view ClusterRole.
Traffic Director
Traffic Director can now use internet NEGs of the type INTERNET_FQDN_PORT to route traffic to private services that are reachable using hybrid connectivity, including named on-premises, multi-cloud, and internet services. For full details, see Traffic Director with internet network endpoint groups.
Source: azure.microsoft.com
June updates include dashboard enhancements, the IoT Plug and Play smartphone app including updated quickstarts, rule condition enhancements, a new responsive UI, and a new Learn module.
Use Azure Cosmos DB as a session state and cache provider through Microsoft.Extensions.Caching.Cosmos extension package for global scaling and low latency.
Use this simple experience to migrate your data from Azure Data Lake Storage Gen1 to Gen2 to speed up your time to insights.
TARGET RETIREMENT DATE: SEPTEMBER 06, 2021
Transition to Azure Maps Creator v2 by 6 September 2021
You can now send and receive message payloads of up to 100MB in Azure Service Bus premium tier namespaces.
Learn about our new announcements and product updates for Azure Virtual Desktop at Microsoft Inspire 2021.
Upcoming changes to base units in Azure Spring Cloud Basic and Standard will result in lower costs for many customers.
Learn how you can take advantage of free Extended Security only Azure for workloads running on Windows Server 2012/R2 and SQL Server 2012 releases.
Azure API Management has now been updated to publish events to Event Grid.
Bring cloud data management to data workloads on-premises, at the edge, and in multicloud environments.
Azure Spring Cloud now supports New Relic One for performance monitoring (in preview), reduced minimum app instance sizes, automated app deployments with Terraform and Azure Pipelines, and Azure Virtual Network in Azure China.
Integration of Azure Monitor application insights with App Services now enables you to monitor your Java & Node.js apps directly from Azure portal, without making any changes to your code, with just a click of a button.
New features Custom Containers in Managed Online Endpoints and Job Creation UI are now available in preview in Azure Machine Learning.
Always Encrypted with secure enclaves helps prevent malicious admins and malware from exfiltrating sensitive data, while enabling in-place encryption and rich confidential computations, including pattern matching, range comparisons, and sorting.
Call recording for Azure Communication Services helps to simplify and improve the recording process during calls.
Now generally available, Azure Monitor insights and Azure Monitor workbooks make it easier to visualize and customize metrics for dynamic monitoring of your Azure Cosmos DB resource.
Azure Monitor application insights now supports Azure Active Directory authentication. helping you ensure that only authenticated telemetry is ingested.
Azure Monitor Application Insights is introducing a new availability test to handle most of your single request test scenarios.
You can now disable local user accounts when creating Azure Active Directory integrated Azure Kubernetes Service clusters.
A new Azure Monitor built-in policy gives you control to provision central Log Analytics workspaces and linked automation account across your subscriptions consistently.
Public preview: Azure Kubernetes Service (AKS) smart defaults
Use scenario-specific cluster configurations to get going quickly and easily, while retaining the ability to customize to meet your unique needs as needed.
Automate AKS operations by subscribing to events and handling them.
The Azure Purview product glossary provides comprehensive set of product terms and definitions used in Azure Purview features and functionality.
With disk pool, Azure VMware Solution customers can now access Azure Disk Storage for high-performance, durable block storage. Customer can scale their storage independent of compute and handle their growing data needs more cost-effectively.
Azure API Management service has been updated to provide better support to customers through policy expressions and Power platform.
Encrypt your Automation account assests using Customer-managed keys.
Administrators can set a retention policy and recover data from a deletion of a blob container without contacting support
Azure Bastion Standard SKU offers key capabilities for enterprises, unblocking critical customer scenarios.
The latest release of HPC Cache adds support for high throughput VMs as well as enhancements to storage target operations.
Add Azure HPC Cache to support new workloads in Blob NFS 3.0.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and possibly your sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free. When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: