Hava Blog and Latest News

In Cloud Computing This Week [Jul 9th 2021]

Written by Team Hava | July 9, 2021

This week's roundup of all the cloud news.


Here's a round up of all things GCP, Azure and AWS for the week ending Friday 9th July 2021. 

To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of. 

Of course we'd love to keep in touch at the usual places. Come and say hello on:

Facebook.      Linkedin.     Twitter.

AWS Updates and Releases

Source: aws.amazon.com

New digital course: Amazon S3 Business Continuity and Disaster Recovery

AWS Training and Certification is pleased to introduce a free digital course: Amazon Simple Storage Service (Amazon S3) Business Continuity and Disaster Recovery. This advanced, 50-minute course will help you learn how to implement a business continuity and disaster recovery plan for your Amazon S3 implementation. Designed for cloud architects, storage architects, developers, and operations engineers, it includes interactive lessons and a quiz to check your knowledge.

AWS Amplify allows you to mix and match authorization modes in DataStore

With this week's release, Amplify DataStore now supports multiple authorization modes, making it easy for developers to control how their users can access app data. DataStore provides frontend app developers the ability to build real-time apps with offline capabilities by storing data on-device (web browser or mobile device) and automatically synchronizing data to the cloud and across devices on an internet connection. Customers can configure authorization rules visually using Amplify Admin UI or by editing a GraphQL schema file using the Amplify CLI.


Following the announcement of updates to the PostgreSQL database , AWS have updated Amazon RDS for PostgreSQL to support PostgreSQL minor versions 13.3, 12.7, 11.12, 10.17, and 9.6.22. This release closes security vulnerabilities in PostgreSQL and contains bug fixes and improvements done by the PostgreSQL community.

AWS IoT Core for LoRaWAN is now available in Sydney, Tokyo, and Oregon AWS regions

AWS IoT Core for LoRaWAN is now available in the Asia Pacific (Sydney), Asia Pacific (Tokyo), and US West (Oregon) AWS Regions, extending the footprint to 5 AWS Regions. This is in addition to the IoT Core for LoRaWAN availability in US East (N. Virginia) and EU (Ireland) AWS regions.

AWS Distro for OpenTelemetry adds support for Container metrics in Amazon CloudWatch Container Insights (Preview)

This week, AWS Distro for OpenTelemetry (ADOT) added support for Amazon Elastic Kubernetes Service (EKS) metrics running on Amazon Elastic Cloud Compute (EC2) in Amazon CloudWatch Container Insights (preview), enabling customers to easily collect container metrics and analyze them along with other metrics in Amazon CloudWatch. With this launch, you can use the ADOT Collector to collect infrastructure metrics such as CPU, memory, disk, and network status from Amazon EKS and Kubernetes clusters running on EC2, providing the same experience as Amazon CloudWatch agent. 

AWS lowers data processing charges for AWS PrivateLink

Effective July 1, 2021, AWS is reducing data processing charges for VPC Interface Endpoints (powered by AWS PrivateLink). The new tiered pricing will reduce the costs for accessing high-volume, data intensive services over AWS PrivateLink. AWS PrivateLink enables customers to access AWS services or any other service hosted on AWS in a secure and scalable manner, while keeping all the network traffic within the AWS network. 

AWS Firewall Manager now supports central monitoring of VPC routes for AWS Network Firewall

AWS Firewall Manager allows customers to centrally monitor route configurations for AWS Network Firewall, and get alerts on routes non-compliant with their configuration. With this launch, customers can now monitor VPC routes to ensure traffic egressing through Internet Gateway (IGW) is inspected by the Network Firewall deployed by Firewall Manager in each VPC. Customers get alerted on route configurations that are non-compliant, such as, routes that bypass firewall inspection, or routes that lead to asymmetric traffic, and get suggestions to remediate the routes.

Amazon AppStream 2.0 adds support for real-time audio-video using a web browser

Amazon AppStream 2.0 now supports real-time audio-video (AV) by seamlessly redirecting local webcam video input to AppStream 2.0 streaming sessions using a web browser. Previously, this feature was available only for the AppStream 2.0 client for Windows. With real-time AV support available in the web browser, your users can use AV collaboration and media applications within their AppStream 2.0 streaming sessions, and connect from a broad range of client devices, including Windows PCs, Macs, Chromebooks, and thin clients. Your users can collaborate without having to leave their AppStream 2.0 sessions, and without additional client software to manage.

AWS Storage Gateway adds support for AWS Privatelink for Amazon S3 and Amazon S3 Access Points

AWS Storage Gateway adds support for AWS Privatelink for Amazon S3 and Amazon S3 Access Points.  If you use Amazon S3 File Gateway for your on-premises gateway (VMware, Microsoft Hyper V, Linux Kernel-based Virtual Machine (KVM) or AWS Storage Gateway Hardware Appliance), you can now create a private connection from your gateway directly to Amazon S3 without the need for an HTTP proxy.

Amazon CloudFront announces new APIs to locate and move alternate domain names (CNAMEs)

Amazon CloudFront announces two new APIs, ListConflictingAliases and AssociateAlias, that help locate and move Alternate Domain Names (CNAMEs) if you encounter the CNAMEAlreadyExists error code. These new APIs let you see which distribution has the CNAME and move the CNAME to a target distribution as long as the source distribution is in the same account or if the source distribution in another account is disabled. To move a CNAME between accounts where the source distribution is still enabled, you must contact AWS Support and follow these steps.

AWS Systems Manager Application Manager now supports full lifecycle management of AWS CloudFormation templates and stacks


This week, AWS announced a new feature of Application Manager, a capability of AWS Systems Manager, which customers can use to manage and provision their AWS CloudFormation templates and stacks without leaving the Application Manager console. With Application Manager, customers can discover and manage applications across multiple AWS services like AWS Launch Wizard, AWS Service Catalog App Registry, AWS Resource Groups, Amazon Elastic Kubernetes Service (Amazon EKS), and Amazon Elastic Container Service (Amazon ECS). This new feature provides customers with a ready-to-use solution to manage the lifecycle of CloudFormation templates and stacks without having to set up Amazon Simple Storage Service (Amazon S3) or version control systems for template management.


AWS Lambda now supports Amazon MQ for RabbitMQ  as an event source, allowing customers to quickly and easily build applications that are triggered from messages in their RabbitMQ queue. Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers in the cloud. Customers can build applications quickly and easily with Lambda functions that are invoked based on messages posted to Amazon MQ message brokers without needing to worry about provisioning or managing servers.


Today we are announcing the general availability of AWS Local Zones in Dallas and Philadelphia. Customers can now use these new AWS Local Zones to deliver applications that require single-digit millisecond latency to end-users or on-premises installations in Dallas and Philadelphia metro areas.

AWS Application Migration Service is now available in the US West (Northern California), Asia Pacific (Osaka), Canada (Central), and South America (São Paulo) Regions

AWS Application Migration Service (AWS MGN) is now available in four additional AWS Regions: US West (Northern California), Asia Pacific (Osaka), Canada (Central), and South America (São Paulo).

The Amazon Chime SDK adds media capture pipelines to enable capture of meeting video, audio, and content streams

The Amazon Chime SDK lets developers add real-time audio, video, screen share, and messaging capabilities to their web or mobile applications. Starting today, developers can capture the contents of their Amazon Chime SDK meeting and save them to an Amazon Simple Storage Service (Amazon S3) bucket of their choice with media capture pipelines. This new feature captures meeting audio, video, and content share streams in 5 second segments and directly delivers them, along with meeting events and data messages, to developer’s designated S3 bucket.

Announcing Workflow Studio, a new low-code visual workflow designer for AWS Step Functions

Workflow Studio is a new visual workflow designer for AWS Step Functions that makes it faster and easier to build workflows using a drag and drop interface in the AWS console.

AWS AppConfig now enables customers to compare two application configuration versions

AWS customers can now compare any two application configuration versions side by side within AWS AppConfig, a feature of AWS Systems Manager. This new functionality highlights the differences between the changed configuration values in the two versions, and helps Developers and Devops professionals to understand how their configuration data has changed over time. This adds additional safety features when deploying the intended configuration values to mitigate the risk of any application outages.


Starting today, Amazon EC2 M6g, C6g, R6g, and T4g instances are available in EU (Paris, Milan) regions. Additionally, Amazon EC2 M6g instances are also available in Middle East (Bahrain) regions.

Amazon EC2 adds Resource Identifiers and Tags for VPC Security Group Rules

VPC now supports resource identifiers and tags for security group rules. You can now manage VPC security group rules using the assigned rule IDs and resource tags.

Amazon Kendra releases Web Crawler to enable web site search

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting today, AWS customers can use the Amazon Kendra web crawler to index and search webpages.

Amazon RDS for Oracle Supports Oracle Management Agent (OMA) version 13.5 for Oracle Enterprise Manager Cloud Control 13cR5

Amazon RDS for Oracle now supports Oracle Management Agent (OMA) version 13.5 for Oracle Enterprise Manager (OEM) Cloud Control 13c Release 5. OEM 13c  offers web-based tools to monitor and manage your Oracle databases. Amazon RDS for Oracle installs OMA, which then communicates with your Oracle Management Service (OMS) to provide monitoring information. Customers running OMS 13.5 can now manage databases by installing OMA 13.5.

Amplify Admin UI now supports importing existing Amazon Cognito User Pools and Identity Pools

Amplify Admin UI now supports importing existing Amazon Cognito User Pools and Identity Pools. This means you can link your Cognito User Pool and Identity Pool resources to your Amplify app to take advantage of authorization scenarios for your data model, and manage users and groups directly from the Admin UI.

CloudWatch Container Insights for Amazon ECS now available in the AWS Middle East (Bahrain) region

Amazon CloudWatch Container Insights for Amazon Elastic Container Service (Amazon ECS) is now available in the AWS Middle East (Bahrain) region. Using Container Insights, DevOps and systems engineers can monitor, isolate, and diagnose containerized applications and microservices environments through automated dashboards. This helps you visualize the performance and health of Amazon ECS and AWS Fargate resources including clusters, tasks, containers, and services.

Amazon Athena adds parameterized queries to improve reusability and security

Amazon Athena users can now leverage the reusability, simplification, and security benefits of parameterized queries. Available today, analysts can save time and eliminate errors by converting queries that have frequently modified criteria, such as date filters or aggregation periods, into a parameterized query that serves multiple use cases. Application developers can use them to safeguard against SQL injection risks and simplify application integrations that generate SQL based on a user’s selections.

Amazon MQ for RabbitMQ now supports the consistent hash exchange type

You can now use the consistent hash exchange type on your Amazon MQ for RabbitMQ brokers. This exchange type uses consistent hashing to uniformly distribute messages across queues. Consistent hash exchanges are useful in applications like transaction processing to maintain the order of dependent messages while scaling up the number of consumers.


Google Cloud Releases and Updates

Source: cloud.google.com

Anthos GKE on AWS

Anthos clusters on AWS aws-1.8.0-gke.8 is now available.

Anthos clusters on AWS aws-1.8.0-gke.8 clusters run the following Kubernetes versions:

    • 1.17.17-gke.11000
    • 1.18.19-gke.2300
    • 1.19.11-gke.2300
    • 1.20.7-gke.2400


BigQuery now supports materialized views without aggregation and materialized views with inner join. This feature is in Preview.

Cloud Functions

Cloud Functions now logs pending queue requests abort error messages.

Cloud Load Balancing

External TCP/UDP Network Load Balancing now allows you to configure a connection tracking policy. A connection tracking policy introduces the following new properties to let you customize your load balancer's connection tracking behavior:

To learn about how connection tracking works, see Backend selection and connection tracking.

To learn how to configure a connection tracking policy, see Configure a connection tracking policy.

This feature is available in Preview.

Cloud Logging

The Share link feature for queries in the Logs Explorer now lets you choose whether to include an absolute time range or a relative time range. With an absolute time range, the query includes static time values for the results, so the query always returns the same results. With a relative time range, you can set a value like "last 1 hour", and the results change as time passes.

Preview: Cloud Logging now supports alerts based on matching the content of your logs. When triggered, a log-based alert notifies you that a match has appeared in your logs and opens an incident in Cloud Monitoring. You can create log-based alerts by using the Logs Explorer or the Monitoring API. For more information, see Monitoring your logs and Using log-based alerts.

Cloud Monitoring

Preview: Cloud Logging now supports alerts based on matching the content of your logs. When triggered, a log-based alert notifies you that a match has appeared in your logs and opens an incident in Cloud Monitoring. You can create log-based alerts by using the Logs Explorer or the Monitoring API. For more information, see Monitoring your logs and Using log-based alerts.

Microsoft Azure Releases And Updates

Source: azure.microsoft.com

General availability: Updates to secrets configuration options in App Service and Azure Functions


App Service and Azure Functions have been updated to better support management of secrets as part of your secure application development process.


App Service Environment v3 now generally available


App Service Environments v3 is now available with no stamp fee and a simplified deployment experience for isolated workloads.


Direct routing for Azure Communication Services now available in public preview


Developers will be able to use or extend their existing telephony infrastructure to the calling capabilities they build with Azure Communication Services.


Public preview of OWASP ModSecurity Core Rule Set 3.2 for Azure Web Application Firewall


Try our new rule set and increased limits with OWASP Core Rule Set 3.2, now in public preview for Azure Web Application Firewall.


IoT Hub IP address change notification

IoT Hub will be updating the underlying infrastructure and will go through an internal service update. The update will change the underlying DNS record for IoT Hub, resulting in a change of the IP address.


Public Preview: Form Recognizer container support


Announcing the public preview release of Form Recognizer containers. Form Recognizer is now also available in the following docker containers - Layout, Business Card, ID Document, Receipt, Invoice and Custom containers for you to run locally.


Virtual Machine (VM) bursting is now generally available on more VM types


Virtual Machine (VM) bursting is now available for the following virtual machines: Dsv4, Dasv4, Ddsv4, Esv4, Easv4, Edsv4, Fsv2 and B-series virtual machines. VM bursting enables customers’ workloads to handle unforeseen disk traffic spikes smoothly without the need to over-provision their virtual machine.



Have you tried Hava automated diagrams for AWS, Azure and GCP.  Get back your precious time and possibly your sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.  When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: