This week's roundup of all the cloud news.
Here's a round up of all things GCP, Azure and AWS for the week ending Friday 18th June 2021.
To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
Amazon MQ is now available in a total of 24 regions, with the addition of both AWS GovCloud (US) Regions. AWS GovCloud (US) Regions are isolated AWS Regions designed to host sensitive data and regulated workloads in the cloud, assisting customers who have United States federal, state, or local government compliance requirements.
AWS Key Management Service (AWS KMS) is introducing multi-Region keys, a new capability that lets you replicate keys from one AWS Region into another. With multi-Region keys, you can more easily move encrypted data between Regions without having to decrypt and re-encrypt with different keys in each Region. Multi-Region keys are supported for client-side encryption in the AWS Encryption SDK, AWS S3 Encryption Client, and AWS DynamoDB Encryption Client. They simplify any process that copies protected data into multiple Regions, such as disaster recovery/backup, DynamoDB global tables, or for digital signature applications that require the same signing key in multiple Regions.
This week, AWS Copilot announced the release of version 1.8. With this release, AWS Copilot now allows you to configure a friendly DNS name for your load balanced web services deployed with Amazon Elastic Container Service (Amazon ECS) Customers can now provide a friendly DNS name, such as api.example.com, directly in the manifest file and Copilot will provision and manage the necessary infrastructure to associate the domain name with the application load balancer.
This week, AWS announced the general availability of AWS Wavelength on the Vodafone 4G/5G network in London. Independent Software Vendors (ISVs), enterprises, and developers can now use the AWS Wavelength Zone in London to build ultra-low latency applications for mobile devices and users in the United Kingdom.
AWS are excited to announce that Amazon Personalize now enables customers to unlock the information trapped in their product descriptions, reviews, movie synopses or other unstructured text to generate highly relevant recommendations for users. Product descriptions contain important information and insights about products. The investments made to create these narratives enable the creation of more relevant user recommendations for products, movies, TV shows, news articles and more. Customers provide unstructured text as part of their catalog and, using state-of-the-art natural language processing (NLP) techniques, Amazon Personalize automatically extracts key information about the items in your catalog to use when generating recommendations for your users.
Amazon RDS for PostgreSQL adds support for extension allowlists to provide database administrators more control over usage of extensions.
AWS Amplify CLI now supports IAM permission boundaries to limit Amplify-generated IAM roles. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud that include IAM roles controlling access to AWS resources. With IAM permissions boundaries, Amplify-generated IAM roles can perform only the actions that are allowed by both the roles’ policies and permissions boundary.
AWS EC2 F1 instances have been used by customers to accelerate a growing set of applications from genomic processing, data analytics, security, image/video analytics, machine learning and more. Developers have taken advantage of the FPGA developer kit and current standard F1.X.1.4 shells to easily build and deploy their applications.
Amazon Lex is a service for building conversational interfaces into any application using voice and text. With Amazon Lex, you can quickly and easily build sophisticated, natural language, conversational bots (“chatbots”), virtual agents, and IVR systems. Today, Amazon Lex introduces multi-valued slots. A slot is used to capture user responses as the bot gathers information to fulfill a user request. In some cases, the information can be a list of multiple values. For example, when conversing with an insurance bot, a customer may request quotes for insurance premiums. When the bot requests them to specify which insurance type, the customer may respond with more than one type and say “I need quotes for home, auto, and boat premiums.” With multi-value slots, Amazon Lex can now capture the customer’s response in a single response with no special coding required.
AWS Certificate Manager Private Certificate Authority now supports more flexibility for CAs shared across accounts
AWS Certificate Manager (ACM) Private Certificate Authority (CA) has extended support for sharing CAs via Resource Access Manager (RAM). Customers can now share CAs across accounts to issue certificates defined as client only TLS and server only TLS, as well as fully customizable certificates. Customer’s can also choose to share a CA to allow issuance of CA certificates and provide the revocation function to other accounts.
Amazon Translate – a fully managed neural machine translation service that delivers high-quality, affordable, and customizable language translation in 71 languages and variants – is now integrated with Amazon CloudWatch Events and Amazon EventBridge. Starting today, you can use CloudWatch events to monitor the progress and completion of your Batch Translation jobs.
AWS Resource Access Manager (RAM) helps you securely share your resources across AWS accounts within your organization or organizational units (OUs) in AWS Organizations, and now also with IAM roles and IAM users for supported resource types. Also with this release, AWS RAM now provides additional managed permissions that you can use to define access to shared resources. In addition to the default managed permission defined for each shareable resource type, you now have more flexibility to choose which permissions to grant to whom for resource types that support additional managed permissions.
Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of the Neural Text-to-Speech (NTTS) version of Vicki, a German Polly voice. Now, Amazon Polly customers can enjoy Vicki either as an NTTS or a Standard German voice.
AWS App Mesh Controller for Kubernetes v1.4.0 is now available and includes support for enhanced ingress traffic management capabilities. The AWS App Mesh Controller for Kubernetes provides a way to configure and manage AWS App Mesh using Kubernetes directly. AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and allowing high availability for your applications.
AWS BACKUP NOW SUPPORTS CRASH-CONSISTENT BACKUPS OF AMAZON EBS VOLUMES ATTACHED TO AN AMAZON EC2 INSTANCE
AWS Backup, now, by default, creates crash-consistent backups of Amazon EBS volumes that are attached to an Amazon EC2 instance. Customers no longer have to stop their instance, or coordinate between multiple Amazon EBS volumes attached to the same Amazon EC2 instance to ensure crash-consistency of their application state.
Amazon EC2 now allows you to create crash-consistent AMIs from instances with multiple EBS volumes without rebooting instances
You will now be able to create crash-consistent Amazon Machine Images (AMIs) of your Amazon EBS-backed multi-volume instance without requiring a reboot. The AMI created will retain data from all completed I/O operations of each volume attached to the instance. This ensures that you can launch an instance from the AMI and return to the exact state prior to creation of the image.
AWS IoT Analytics now supports custom partitioning on AWS IoT Analytics data stores, enabling customers to partition their data stores based on both timestamp and non-timestamp attributes. You can use this feature to create partitioned data stores so that your queries can run more efficiently as they will scan less data and hence run faster. The option to define a custom partition scheme on an AWS IoT Analytics data store will be made available at the time of creation for both customer managed and service managed data stores. Partitions can be created either on top of channel message attributes or data store attributes resulting from pipeline activities
The AWS App Mesh introduces enhanced ingress traffic management capabilities. Now you can control how App Mesh rewrites external requests, so that they reach the correct destination within your mesh. You also have greater flexibility controlling how the requests are matched to the destinations in the Gateway and Virtual Router Routes. AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and options to tune for high-availability of your applications.
Effective Jun 11, 2021, AWS has extended per second billing to Windows Server and SQL Server instances running on Amazon EC2. Customers will only pay for Windows Server and SQL Server instances that are launched in On-Demand, Reserved, and Spot form running on Amazon EC2 in one second increments, with a minimum of 1 minute.
Google Cloud Releases and Updates
Anthos Service Mesh
Google-managed control plane is now a generally available (GA) feature. This feature lets you move from managing Istiod in your clusters to configuring the control plane as a service. Google will manage the availability, scalability and security of the control plane.
In addition, it offers these new features:
Using the Google-managed control plane also simplifies multi-cluster mesh configuration and reduces the Kubernetes Engine privileges needed to install Anthos Service Mesh. For more information see Configuring the Google-managed control plane.
Flexible environments PHP, Python, Go, .NET, Java, Node.js, Ruby and custom runtimes are available in us-west1 (Oregon), Asia-southeast1 (Singapore) and asia-east1 (Taiwan)
Cloud Load Balancing
Cloud Scheduler is now available in
You can now find common queries for monitoring and troubleshooting on the Query page in the Cloud Console. This page now has query templates to help you to access these introspection system tables: Query Stats, Read Stats, Transaction Stats, Lock Stats, and Oldest active queries.
Cloud SQL for MySQL / PostgreSQL / SQL Server
Cloud Tasks is now available in
Config Connector 1.52.0 is now available.
IAMServiceAccount: added support for resourceID.
Support for Identity and Access Management custom roles.
Support available in us-west1 (Oregon), Asia-southeast1 (Singapore) and asia-east1 (Taiwan)
GKE Multi-cluster Services support for pod-specific addressing is now generally available.
Microsoft Azure Releases And Updates
Directly host static content from Azure Data Lake Storage and view that content from a browser by using the public URL of that website.
Azure private multi-access edge compute (MEC) enables operators and systems integrators to simplify the consumption of secure and private 5G networks, and to easily deliver ultra-low-latency networking, applications, and services at the enterprise edge.
Confidential computing DCsv2-series virtual machines (VMs) are now available in Australia
May updates include device template DTDL editing, displaying external content on dashboards, other UI and doc enhancements, and CDE parity with CDE v1.
Start using or migrating to the new Azure Monitor Agent and Data Collection Rules in your production environments to leverage key new capabilities and save on ingestion costs. With support for private links and direct proxies coming soon, you would be able to use these features without compromising on your networking requirements.
SQL Server is now available as a data flow source sink from your on-premises and VM-based instances in ADF and Synapse Analytics.
Take advantage of Bridge for Kubernetes for development scenarios that Azure Dev Spaces previously supported.
Call recording for Azure Communication Services helps to simplify and improve the recording process during calls.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and possibly your sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free. When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: