Hava Blog and Latest News

In Cloud Computing This Week [Jul 23rd 2021]

Written by Team Hava | July 23, 2021

This week's roundup of all the cloud news.


Here's a round up of all things GCP, Azure and AWS for the week ending Friday 23rd July 2021. 

To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting later this year that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of. 

Of course we'd love to keep in touch at the usual places. Come and say hello on:

Facebook.      Linkedin.     Twitter.

AWS Updates and Releases

Source: aws.amazon.com

  • Amazon Aurora Supports PostgreSQL 12.6, 11.11, 10.16, and 9.6.21 in AWS GovCloud (US) Regions

    Following the announcement of updates to the PostgreSQL database  by the open source community, AWS have updated Amazon Aurora PostgreSQL-Compatible Edition to support PostgreSQL 12.6, 11.11, 10.16, and 9.6.21 in AWS GovCloud (US) regions. These releases contain bug fixes and improvements by the PostgreSQL community. As a reminder, Amazon Aurora PostgreSQL 9.6 will reach end of life on January 31, 2022.

  • Amazon Aurora PostgreSQL supports pg_cron extension for scheduling database jobs in AWS GovCloud (US) Regions

    Amazon Aurora PostgreSQL-Compatible Edition adds support for the pg_cron extension in AWS GovCloud (US) regions. pg_cron allows you to use cron syntax to schedule PostgreSQL commands directly within your database. You can use pg_cron to schedule tasks such as periodically rolling up data for analytic reports, refreshing materialized views, and scheduling vacuum jobs to reclaim storage. pg_cron includes an AWS open source contribution  that adds an audit table so that you can query the outcome of each scheduled job.

  • Amazon Aurora PostgreSQL supports the pg_bigm extension for faster full text search in AWS GovCloud (US) Regions

    Amazon Aurora PostgreSQL-Compatible Edition adds support for the pg_bigm extension in AWS GovCloud (US) regions. pg_bigm extension provides full text search capability in PostgreSQL . This extension allows a user to create *2-gram* (bigram) index for faster full text search.

  • Simplify CI/CD configuration for serverless applications and your favorite CI/CD system — Public Preview

    You can now create secure continuous integration and deployment (CI/CD) pipelines that follow your organization’s best practices with a new pipeline configuration capability for serverless applications. AWS Serverless Application Model Pipelines (AWS SAM Pipelines) is a new feature of AWS SAM CLI that gives you access to benefits of CI/CD in minutes, such as accelerating deployment frequency, shortening lead time for changes, and reducing deployment errors. AWS SAM Pipelines comes with a set of default pipeline templates for popular CI/CD systems such as CloudBees CI/Jenkins, GitLab CI/CD, GitHubActions, and AWS CodeBuild/CodePipeline that follow AWS’ deployment best practices. The AWS SAM CLI is a developer tool that makes it easier to build, locally test, package, and deploy serverless applications.

  • Amazon Virtual Private Cloud (VPC) customers can now assign IP prefixes to their EC2 instances

    Amazon Virtual Private Cloud (VPC) now allows you to assign IPv4 and IPv6 prefixes to your EC2 instances, enabling you to scale and simplify the management of your container and networking applications that require multiple IP addresses on an instance. 

  • Announcing Automatic Revision Publishing for AWS Data Exchange

    Providers using AWS Data Exchange can now publish new revisions to their data products more easily. Before this launch, providers were required to take both finalization and publishing steps to add new revisions to products. Additionally, if a revision was included in multiple products, providers had to take other publishing actions for each individual product they wanted to update.

  • Easily enable AWS Config recording and deploy Conformance Packs across your organization using Quick Setup

    This week, AWS Systems Manager Quick Setup announced support for AWS Config, allowing you to enable AWS Config recording and deploy conformance packs across all the accounts and Regions in your organization – with a few clicks. Quick Setup also lets you customize the types of resources to record and conformance packs to deploy for different groups of organizational units (OUs).

  • Amazon Athena announces data source connector for Power BI

    With the July release of Microsoft Power BI Desktop , you can now create reports and dashboards using a built in, Microsoft-certified connector for Amazon Athena. This release makes it possible for AWS customers using Power BI for business intelligence to leverage their Amazon S3 data lake and federated data sources  to analyze, visualize, and share insights with Power BI.

  • AWS announces a new AWS Training Partner program

    The new AWS Training Partner (ATP) program enables AWS customers to work with a single, trusted Partner who can offer, deliver, and/or resell official AWS-authored training. All AWS Training Partners are selected based on their quality and expertise in providing training. They must continually meet or exceed rigorous criteria to maintain their status in the program.

  • Amazon RDS Cross-Region Automated Backups Regional Expansion

    Amazon Relational Database Service (Amazon RDS) Cross-Region Automated Backups feature is now available in the AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Osaka), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), EU (Frankfurt), EU (Stockholm), EU (Ireland), EU (London), EU (Paris), South America (Sao Paulo), AWS GovCloud (US-West) and AWS GovCloud (US-East).

  • Amazon Redshift Data Sharing is now available in AWS GovCloud (US) Regions

    Amazon Redshift Data Sharing, a secure and easy way to share live data across Redshift clusters, is now available in AWS GovCloud(US) regions. Ability to share data across Redshift clusters in the same AWS account is generally available and sharing across Redshift clusters that are in separate AWS accounts in the same region is available as preview. Data Sharing enables instant, granular, and high-performance data access across Amazon Redshift clusters without the need to copy or move data. Data Sharing provides live access to the data so that your users always see most up-to-date and consistent information as it is updated in the data warehouse. Data Sharing can be used on your Amazon Redshift RA3 clusters at no additional cost.

  • AWS RoboMaker WorldForge now supports adding doors to indoor residential simulation worlds

    AWS RoboMaker WorldForge, a capability that makes it faster, simpler, and less expensive to create a multitude of virtual 3D worlds, now supports adding doors to indoor residential simulation worlds. With this new feature , robotics developers can add doors to connect rooms on the same floor of their indoor residential simulation world to test robot behaviors like navigating through doors and avoiding closed doors. Robotics developers can specify the initial angle doors are open in order to test their robot behaviors in a variety of simulated scenarios.

  • Amazon EKS and EKS Distro now support Kubernetes version 1.21

    You can now use Amazon EKS and Amazon EKS Distro to run Kubernetes v1.21 , which is currently the latest available stable version of upstream Kubernetes. Highlights of the Kubernetes version 1.21 release include Cronjobs  and Immutable Secrets and ConfigMaps  reaching stable status, and Graceful Node Shutdown  graduating to beta. You can find more details about Kubernetes 1.21 release in EKS blog post and in Kubernetes project release notes .

  • AWS CodeBuild is now available in AWS Asia Pacific (Osaka) Region

    AWS CodeBuild is now available in the AWS Asia Pacific (Osaka) Region. AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers. CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left waiting in a queue. You can get started quickly by using prepackaged build environments, or you can create custom build environments that use your own build tools. Using CodeBuild, you are charged by the minute for the compute resources you use.

  • Introducing AWS Edit in the Cloud

    AWS Edit in the Cloud is an AWS Solutions Implementation that helps the content creator to build a virtual editing environment on AWS. This allows your editors and creative professionals to work from anywhere in the world using only a laptop with a high-speed connection. Leveraging the AWS Cloud for editorial and content delivery, this solution brings collaborators together to publish content to your preferred platform using high-speed internet.

  • Announcing availability of Red Hat Enterprise Linux with Microsoft SQL Server for Amazon EC2

    This week AWS announced the availability of AWS provided License included Red Hat Enterprise Linux (RHEL) with Microsoft SQL Server Amazon Machine Images (AMI). Customers can now combine the scale, performance, and elasticity of Amazon EC2 with consistency, reliability, and high performance of Microsoft SQL Server on RHEL to deploy mission critical transactional systems and data warehouses.

  • AWS IQ now supports chat response directly through email

    You can now respond to AWS IQ messages from experts and buyers directly from your email, without logging into AWS IQ. If you are offline and receive responses from buyers or experts, you will receive unread responses via email. Reply to the email or log in to AWS IQ to continue the conversation. All responses will appear as chat messages in the AWS IQ application.

  • AWS Announces General Availability of Amazon EBS io2 Block Express Volumes

    This week AWS announced general availability of io2 Block Express volumes that deliver up to 4x higher throughput, IOPS, and capacity than io2 volumes, and are designed to deliver sub-millisecond latency and 99.999% durability. io2 Block Express refers to io2 volumes running on the EBS Block Express architecture, and supports standard io2 features such as Multi-Attach and Elastic Volumes. io2 Block Express volumes are available first with Amazon EC2 R5b instances, which delivers the highest EBS-optimized performance, with support for other instances coming soon. Using R5b instances customers can now provision a single io2 volume with up to 256,000 IOPS, 4000 MB/s of throughput, and storage capacity of 64 TiB. This makes io2 Block Express and R5b instance combination ideal for your largest, most I/O intensive, and mission critical deployments of Oracle, SAP HANA, Microsoft SQL Server, and SAS Analytics.

  • Amazon Transcribe now supports streaming transcription in Amazon Web Services China

    Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for you to add speech-to-text capabilities to your applications. We are excited to announce streaming transcription support in the Amazon Web Services China (Beijing) Region, Operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, Operated by NWCD. 

  • New AWS Solutions Implementation: Tamper Proof Quality Data Using Amazon QLDB

    AWS are delighted to announce the addition of Tamper Proof Quality Data Using Amazon QLDB to the AWS Solutions Implementations portfolio. AWS Solutions Implementations help you solve common problems and build faster using the AWS platform.


Google Cloud Releases and Updates

Source: cloud.google.com

AI Platform Training

You can now use an interactive shell to inspect your training container while it runs. The interactive shell can be helpful for monitoring and debugging training jobs.

This feature is available in preview.

App Engine Flexible Environment (Go / Java / Node.js / PHP/ Python / Ruby / Custom)

Specifying a user-managed service account for each App Engine version during deployment is now available in preview. This feature lets you grant different privileges to each version, based on the specific tasks it performs, and avoid granting more privileges than necessary.

App Engine Standard Environment (Go / Java / Node.js / Python / Ruby )

Egress settings are now available for Serverless VPC Access. Egress settings allow you to specify whether or not to send traffic with external destinations through your Serverless VPC Access connector, which is necessary if you want to set up a static outbound IP address for your App Engine service.


BigQuery now supports workload management data control language (DCL) statements:

This feature is generally available GA.

BigQuery now supports the following SQL query operators:

This feature is generally available (GA).

BigQuery standard SQL now supports the CONTAINS_SUBSTR function. This feature is generally available (GA).

Cloud CDN

Cloud CDN now treats HTTP responses with a max-age or s-maxage directive as cacheable, even if those responses do not have a Cache-Control: public directive.

This allows Cloud CDN to cache additional responses and better align with HTTP standards.

For details, see the caching documentation.

Cloud Run

Cloud Run is now covered by FedRAMP Moderate

Cloud Spanner

Granular instance sizing is now available in public preview. Historically, the most granular unit for provisioning compute capacity on Spanner has been the node. To provide more granular control, we are introducing Processing Units (PUs); one Spanner node is equal to 1,000 PUs. You can now provision in batches of 100 PUs, and get a proportionate amount of compute and storage resources. Learn more.

Key Visualizer for Cloud Spanner is now available. Key Visualizer is an interactive monitoring tool to analyze usage patterns in Spanner databases. It reveals trends and outliers in important performance and resource metrics.

Cloud Storage

gcloud alpha storage commands are now available.

    • These commands provide faster uploading and downloading performance over the gsutil command line tool.


New sub-minor versions of Dataproc images: 1.3.93-debian10, 1.3.93-ubuntu18, 1.4.64-debian10, 1.4.64-ubuntu18, 1.5.39-centos8, 1.5.39-debian10, 1.5.39-ubuntu18, 2.0.13-centos8, 2.0.13-debian10, and 2.0.13-ubuntu18.

Upgraded Cloud Storage connector to version 2.2.2 on 2.0 images.


Google Groups for RBAC is now generally available.

GKE cluster versions have been updated. see GKE versioning and support and Upgrades.

Legacy Logging and Monitoring was deprecated December 12, 2019 and was decommissioned March 31, 2021. As described in the guide for Migrating to Cloud Operations for GKE all clusters still using Legacy Logging and Monitoring are being automatically and gradually migrated to Cloud Operations for GKE during the coming weeks.


A C++ client library for IAM is now available. The client library supports the IAM API and the Service Account Credentials API.

You can now set limits on the Cloud Storage roles that a member can grant and revoke. This is possible because Cloud Storage now recognizes the modifiedGrantsByRole API attribute in conditions.



Memorystore for Redis

Added support for Maintenance Windows for Memorystore for Redis.

Network Connectivity Center

Network Connectivity Center now supports VPC Service Controls. For details, see Protecting resources with VPC Service Controls.

Secret Manager

Secret Manager now supports using a filter to customize the output of ListSecrets and ListSecretVersions. For more information, see Filtering.

Security Command Center

Security Health Analytics, a built-in service of Security Command Center, has launched a new detector, DATASET_CMEK_DISABLED, in general availability. The detector, available to Security Command Center Premium customers, detects BigQuery datasets that are not encrypted using customer-managed encryption keys (CMEK). For more information, see the DATASET_SCANNER table in Vulnerabilities findings.

Event Threat Detection, a built-in service of Security Command Center Premium, has launched a public preview of new detectors to protect your Google Workspace domains. The detectors identify suspicious activities in member accounts and your Admin Console, including leaked passwords, attempted account breaches, settings changes, and possible government-backed attacks. For more information, see Event Threat Detection overview.

Vertex AI

Private endpoints for online prediction are now available in preview. After you set up VPC Network Peering with Vertex AI, you can create private endpoints for low-latency online prediction within your private network.

Additionally, the documentation for VPC Network Peering with custom training has moved. The general instructions for setting up VPC Network Peering with Vertex AI are available at the original link, https://cloud.google.com/vertex-ai/docs/general/vpc-peering. The documentation for custom training is now available here: Using private IP with custom training.

You can now use an interactive shell to inspect your custom training container while it runs. The interactive shell can be helpful for monitoring and debugging training.

This feature is available in preview.


External IPv6 addresses for VM instances is now available in General Availability in supported regions.



Microsoft Azure Releases And Updates

Source: azure.microsoft.com

General availability: Azure Sphere version 21.07

The 21.07 update includes heap memory allocation tracking, time sync changes, and support for service principles.

General availability: New West US 3 region added to Azure HDInsight

HDInsight is now generally available for West US 3 customers.

General availability: Azure Monitor Agent and Data Collection Rules now support direct proxies and Log Analytics gateway

If you use a proxy server or Log Analytics gateway to communicate to Azure Monitor, you can now start using the new Azure Monitor Agent (AMA) and Data Collection Rules (DCR) in these network configurations.

General availability: Better integration between Azure Monitor and Grafana

Customers using Grafana for visualizing Azure Monitor metrics can now enable additional data sources and have easier authentication using managed identity.

General availability: Public IP information and inter-zone traffic among many new insights in Traffic Analytics

Azure Network Watcher Traffic Analytics solutions is used to monitor network traffic. It now provides WHOIS and Geographic data for all Public IPs interacting with your deployments and further adds DNS domain, threat type & threat description for Malicious IPs. Now, it also supports inter-zone traffic and VMSS level traffic insights.

General availability: Python Functions now support custom telemetry in Application Insights

Azure Monitor is releasing a new PyPI package that expands distributed tracing support in Application Insights for Python Functions.

General availability: Built-in Azure Policy support for Network Watcher Traffic Analytics

Traffic Analytics can now be enabled using Built-in Azure Policy, thus improving your deployment experience. Now organizations can enforce org wide standards and manage traffic monitoring at scale using these policies.


With auto-grow storage enabled, your storage automatically grows when storage consumed on the Flexible Server is nearing its provisioned limit.


The PowerShell-based experience for the Azure App Service Migration Assistant is now in public preview.


Provision new Flexible Server deployments in new regions for Azure Database for PostgreSQL, a managed service running the open source Postgres database on Azure.

Azure VMware Solution now generally available in the Canada East region

Azure VMware Solution has expanded availability to Canada East. With this release Canada East is now the second region within the Canadian sovereign area to become available (joining Canada Central).

Public preview: IoT Edge Metrics Collector module 1.0.1 release

This update provides security and reliability improvements, and support for government and regional clouds.

Announcing the Azure Firewall Premium general availability

Utilize next-generation firewall capabilities in Azure Firewall Premium

Public preview: Scan and view lineage of data stored in Erwin Mart, Google BigQuery and Looker using Azure Purview 

Azure Purview now supports automated scanning from Erwin, BigQuery and Looker soureces to extract schema and lineage between data.

Shared disks on Azure Disk Storage are now generally available on all Premium SSD and Standard SSD sizes

Shared disks can now be leveraged on smaller Premium SSDs from 4GiB to 128 GiB and all Standard SSDs from 4 GiB to 32 TiB. This expands shared disk support to Ultra Disk, Premium SSD, and Standard SSD enabling you to optimize for different price and performance options based on your workload needs.

Public preview: Alerts, Pacemaker cluster (RHEL OS) and data-size for SAP HANA

SAP on Azure customers can now set threshold-based alerts on SAP application, databases and clusters though Azur portal with few clicks.

Private preview: New telemetry for SAP Application (NetWeaver) in Azure portal

SAP on Azure customers can now view SAP Application telemetry like short dumps, SDF/SMON and STO3 in Azure portal.



Have you tried Hava automated diagrams for AWS, Azure and GCP.  Get back your precious time and possibly your sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.  When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: