Here's a round up of all things GCP, Azure and AWS for the week ending Friday 18th June 2021.
To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
Source: aws.amazon.com
AWS recently updated AWS DevOps Monitoring Dashboard, a reference implementation that automates the setup of DevOps metrics dashboards so that customers developing on AWS can measure development activity and identify areas for continued improvement.
Database Activity Streams (DAS) for Amazon Relational Database Service (Amazon RDS) for Oracle provides a near real-time stream of all audited statements (SELECT, DML, DDL, DCL, TCL) executed in your DB instance. The audit data is collected from the unified database audit, while the storage and processing of database activity is managed outside your database. This prevents database users and administrators from modifying the audit stream.
Starting this week, Amazon Quantum Ledger Database (QLDB) is available in the Europe (London) region. Amazon QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log. You can use QLDB to track all application data changes, and maintain a complete and verifiable history of changes to your data over time.
You now can further enhance the security of your applications by encrypting data in transit between your applications and your Amazon DynamoDB Accelerator (DAX) clusters, and between the nodes within a DAX cluster. To use this new feature, enable encryption in transit when creating a DAX cluster and use the latest version of any of the DAX clients. If you enable encryption in transit for a DAX cluster, all requests and responses between your applications and clusters are encrypted by Transport Layer Security (TLS), and connections to the cluster can be authenticated by verification of a cluster X.509 certificate. In addition, the data in transit between the nodes within a cluster also is encrypted. You can enable encryption in transit in the DynamoDB console, AWS CLI, AWS SDKs, and AWS CloudFormation.
You can now use Tax Registration Numbers (TRN) as an additional filter for mapping your purchase orders to your invoices with AWS Purchase Order Management. AWS Purchase Order Management allows you to easily manage your purchase orders (POs) in a self-service manner, define PO-invoice association rules, track PO balance and expiration, and receive email alerts for POs approaching expiration or running out of balance.
You can now build serverless applications with new AWS-supported container images that simplify continuous integration tasks. Container images work natively with continuous integration systems such as CloudBees CI/Jenkins, GitLab CI/CD, GitHub Actions, CircleCI, and AWS CodeBuild. These make it easier to build and package serverless applications using Serverless Application Model CLI (AWS SAM CLI) – a developer tool that makes it easier to build, locally test, package, and deploy serverless applications.
With Advance Pay, you can now pay for your AWS usage in advance, and pay your future invoices automatically. Once you add funds to Advance Pay, AWS will automatically use them to pay for your invoices when they become due for payment.
Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. Amazon DocumentDB makes it easy and intuitive to store, query, and index JSON data.
You can now specify up to 30 EC2 instance types for each of your master, core, and task node groups when using EMR Instance Fleets with allocation strategy. Previously, this was limited to 15 for tasks nodes, and only 5 for master and core nodes. This increase allows you to specify a broader range of instance sizes, generations, and families that your workloads can operate across to improve your access to both Spot and On-Demand capacity.
Amazon CodeGuru Reviewer is a developer tool that leverages automated reasoning and machine learning to detect potential defects that are difficult to find in your code and offers suggestions for improvements. Today, we are announcing a new CI/CD experience for CodeGuru Reviewer that allows you to trigger code quality and security analysis as a step within your CI workflow using GitHub Actions. Additionally, we are also introducing 20+ new detectors for CodeGuru Reviewer to help identify security vulnerabilities and check for security best practices in your Java code.
You can now simplify the process of configuring GitHub Actions workflows for building serverless applications with a single line. The new AWS-supported setup-sam GitHub Action makes it easier to keep consistency across GitHub Actions runners, stay up-to-date with AWS Serverless Application Model CLI (AWS SAM CLI) tooling, and select its versions. The AWS SAM CLI is a developer tool that makes it easier to build, locally test, package, and deploy serverless applications. GitHub Actions is a service that helps automate tasks within the software development lifecycle. GitHub Actions runner is the application that runs a job from a GitHub Actions workflow.
Amazon Redshift, a fully-managed cloud data warehouse, now supports case-insensitive collation with column and expression level overrides. Starting today, you can use the COLLATE clause within a CREATE DATABASE statement to specify the default collation for all CHAR and VARCHAR columns in the database as case-sensitive or case-insensitive. You can also specify a COLLATE clause in a CREATE TABLE statement to specify collation for columns in that table. In addition, the COLLATE() function allows you to override the collation of a string column or an expression.
Amazon EMR on Amazon EKS announced support for Custom Images, a new capability that enables customers to customize the Docker container images used for running Apache Spark applications on Amazon EMR on EKS. Custom images enables you to install and configure packages specific to your workload that are not available in the public distribution of EMR’s Spark runtime into a single immutable container. An immutable container promotes portability and simplifies dependency management for each workload and enables you to integrate developing applications for EMR on EKS with your own continuous integration (CI) pipeline.
AQUA (Advanced Query Accelerator) for Amazon Redshift is now generally available in three additional AWS regions: Europe (Frankfurt), Asia Pacific (Sydney), and Asia Pacific (Singapore).
AWS Serverless Application Model (AWS SAM) framework launches four new templates for building machine learning inference-based applications on AWS Lambda. Now, customers can leverage these templates as a starting point to build, test, and deploy their container-based Serverless ML applications.
AWS Managed Services (AMS) now offers self-service reporting on key operational metrics. AWS Managed Services provides operational reports on your Managed Environment for both traditional and next generation workloads. You can access the rich set of operational reports in your managed accounts through AWS Managed Services console. You can also access the operational reporting data through a secure S3 bucket that AMS provides for your analytics and business intelligence needs.
AWS Training and Certification is excited to announce the updated one-day classroom course and new digital course, AWS Technical Essentials. These courses are ideal for technical learners who need to understand fundamental AWS Cloud concepts to make informed decisions about IT solutions based on business requirements.
Amazon Translate – a fully managed neural machine translation service that delivers high-quality, affordable, and customizable language translation in 71 languages and variants –now supports translation of XML Localization Interchange File Format – XLIFF documents. Starting today, customers can submit their XLIFF documents for batch processing by Amazon Translate. Amazon Translate only translates sections where the target segment is empty. If the target section contains non-empty strings or pre-translated strings, Amazon Translate will not modify or overwrite the translation. You only pay for what you translate. This feature allows customers to continue using Translation Memory to translate content prior to machine translation and keep the machine translation costs low
Starting this week, you can launch additional configurations of the R5 instance class when using Amazon Relational Database Service (RDS) for Oracle. Featuring up to 4x the RAM per vCPU of existing R5 instance classes, the new configurations are available in the following AWS Regions:
South America
Europe, Middle East and Africa
Asia Pacific
AWS Client VPN now supports SAML based federated authentication for opening a VPN connection from a Linux Desktop Operating system (Ubuntu 64bit 18.04 and 20.04 LTS). The Linux Desktop client has feature parity with the existing Windows and macOS Desktop clients. AWS Client VPN Desktop Clients are available free of charge, and can be downloaded here.
AWS Outposts is now supported in AWS Asia Pacific (Osaka) Region. AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any customer datacenter, co-location space, or on-premises facility. Outposts is ideal for workloads that require low latency access to on-premises systems, local data processing, data residency, and migration of applications with local system interdependencies.
AWS Lambda customers can now enable functions to access Amazon Elastic File System (Amazon EFS) in the Asia Pacific (Osaka) region. With AWS Lambda support for Amazon EFS, customers can easily share data across function invocations, read large reference data files, and write function output to a persistent and shared data store.
Amazon SageMaker customers can now select ml.G4dn instances to run Batch Transform and Processing Jobs. Amazon SageMaker Batch Transform enables you to run predictions on datasets stored in Amazon S3. It is ideal for scenarios where you are working with large batches of data and don’t need sub-second latency. Amazon SageMaker Processing enables you to run your pre- or post-processing workloads, such as feature engineering, data validation, model evaluation, and model interpretation with a fully managed experience.
AWS Control Tower announces enhancements to accessibility and improvements in both the console and overall performance of the service.
Amazon Textract is a machine learning service that automatically extracts text, handwriting and data from scanned documents that goes beyond simple optical character recognition (OCR) to identify, understand, and extract data from forms and tables. We continuously improve the underlying machine learning models based on customer feedback to provide even better accuracy. Today, we are pleased to announce an accuracy enhancement update to our forms extraction feature. Starting today, Textract more accurately detects the checkboxes and key-value pairs within documents and images. The accuracy is especially improved for invoices and receipts, but customers will see improvements across many documents in finance, healthcare, legal, public sector, and more.
We are excited to announce that Amazon Lookout for Metrics now allows you to detect anomalies on your Amazon CloudWatch data. Amazon Lookout for Metrics uses machine learning (ML) to automatically detect and diagnose anomalies (outliers from the norm) without requiring any prior ML experience. Amazon CloudWatch provides you with actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.
Amazon Connect now allows you to enable Amazon Connect Customer Profiles in Canada (Central) region, equipping contact center agents with the most up to date information about the incoming contact to provide faster and more personalized customer service. Customer Profiles automatically brings together customer information from multiple applications such as Salesforce, Amazon S3 and ServiceNow into a unified customer profile, delivered to agents at the beginning of the customer interaction.
Amazon Aurora now allows you to create clones between Aurora Serverless v1 and provisioned Aurora DB clusters to enable quick sharing of data.
Amazon Keyspaces (for Apache Cassandra), a scalable, highly available, and fully managed Apache Cassandra–compatible database service, now helps you monitor and improve application read/write performance and throughput by using new Amazon CloudWatch metrics.
The MariaDB audit plug-in is now available for Amazon Relational Database Service (Amazon RDS) for MySQL instances using MySQL major version 8.0. The MariaDB audit plug-in is also available for instances using MySQL major versions 5.6 and 5.7, and provides event logging for database activity to help customers meet compliance and audit requirements, and troubleshoot application issues. Some of the key details for implementing the plugin are:
AWS CloudFormation announces the launch of the CloudFormation Public Registry , a new searchable collection of extensions that allows you to discover, provision, and manage third-party extensions, which include resource types (provisioning logic) and modules published by AWS Partner Network (APN) Partners and the developer community. You can also create and publish your own extensions on the CloudFormation Public Registry, allowing anyone to use them. Today, you can centrally search and use over 35 extensions published on the Public Registry by APN Partners and AWS Quick Starts. You can view the identity verification for each extension publisher on the Public Registry. APN Partners who collaborated on this launch include MongoDB, Datadog, Atlassian Opsgenie, JFrog, Trend Micro, Splunk, Aqua Security, FireEye, Sysdig, Snyk, Check Point, Spot by NetApp, Gremlin, Stackery, and Iridium.
Source: cloud.google.com
Anthos Clusters on Bare Metal
Anthos clusters on bare metal release 1.8.0 is now available. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.8.0 runs on Kubernetes 1.20.
Extended installation support:
profile: edge
to the cluster config file when you create a standalone cluster to produce a cluster that has significantly reduced system resource requirements. The edge profile is only available for standalone clusters, it is ignored for other cluster types. For more information, see Creating standalone clusters.controlPlane.nodePoolSpec.nodes.providerID
) to support deploying on OpenStack using Load Balancing as a Service (LBaaS) resources. For more information, see Configure your clusters to use OpenStack.gcr.io
. For instructions and additional information, see Installing Anthos Bare Metal using registry mirror.Improved upgrade:
Updated user cluster lifecycle management:
bmctl
improvements for resetting user cluster and adding additional preflight checks to confirm machine and network readiness for cluster creation:Enhanced monitoring and logging:
Introduced new networking capabilities in preview:
Enhanced security:
Expanded support for newer versions of operating systems:
Anthos Config Management
The Config Sync admission webhook serving port is switched from 8676 to 10250. If you use Config Sync in multi-repo mode in private GKE clusters, you no longer need to add a firewall rule to open port 8676.
The Hierarchy Controller admission webhook serving port has switched from 9443 to 10250. If you use Hierarchy Controller in private GKE clusters you no longer need to add a firewall rule to open port 9443.
The Anthos Policy Controller admission webhook serving port is switched from 8443 to 10250. If you use Policy Controller in private GKE clusters you no longer need to add a firewall rule to open port 8443.
Anthos Policy Controller now supports the ability for users to mutate resources as a preview feature. For more information see Mutating resources.
BigQuery
BigQuery now supports the following function:
Row-level security on table data is now generally available in BigQuery.
BigQuery is now available in the Melbourne (australia-southeast2) region.
BigQuery BI Engine / Datatransfer / ML
is now available in the Melbourne (australia-southeast2) region.
Cloud Bigtable
Console Table Management for Cloud Bigtable is now generally available. You can now use the Google Cloud Console to create, edit, and delete Cloud Bigtable tables, column families, and garbage collection policies.
Cloud CDN
External HTTP(S) Load Balancing and Cloud CDN now support HTTP/3. HTTP/3 is based on the IETF QUIC transport protocol. Compared to HTTP/2, it reduces request latency, improves throughput, and mitigates head-of-line blocking. HTTP/3 is already supported on most major web browsers.
To learn how to enable HTTP/3 on your external HTTP(S) load balancer, visit the documentation.
Cloud Load Balancing
External HTTP(S) Load Balancing and Cloud CDN now support HTTP/3. HTTP/3 is based on the IETF QUIC transport protocol. Compared to HTTP/2, it reduces request latency, improves throughput, and mitigates head-of-line blocking. HTTP/3 is already supported on most major web browsers.
To learn how to enable HTTP/3 on your external HTTP(S) load balancer, visit the documentation.
Symmetric hashing for internal TCP/UDP load balancers as next hops—When load balancing to multiple NICs on the backends, you no longer need to use source network address translation (SNAT). SNAT isn't required because Google Cloud uses symmetric hashing. This means that when packets belong to the same flow, Google Cloud calculates the same hash. In other words, the hash doesn't change when the source IP address:port is swapped with the destination IP address:port.
This feature is in General Availability.
Cloud Router
Cloud Router now supports the following:
Cloud Run
Cloud Run support for WebSockets, HTTP/2, and gRPC streaming are now at general availability (GA).
Cloud SQL for MySQL / PostgreSQL / SQL Server
Cloud SQL storage limits are now increased to support up to 64 TB. See Cloud SQL storage limits for more information.
MySQL 5.6.50 is upgraded to 5.6.51 MySQL 5.7.32 is upgraded to 5.7.33
Support is now available in the Melbourne (australia-southeast2) region.
Cloud Storage
Melbourne region (australia-southeast2
) launched.
Cloud VPN
Melbourne region (australia-southeast2
) launched.
Compute Engine
Preview: Use patch alerting to monitor the patch jobs running in your environment. For more information, see Monitoring patch jobs.
Melbourne, Australia australia-southeast2-a,b,c
has launched with E2, N2, N1, and M1 machines. M1 machines are only available in zones b
and c
.
See VM instance pricing for details.
Config Controller
Config Controller is available for Public Preview. Config Controller is a managed service to provision and orchestrate Anthos and Google Cloud resources. Config Controller allows you to define and operate with simple, declarative configuration in Kubernetes style. For information on Config Controller, please see Config Controller Overview.
Config Controller can be used to deploy a landing zone blueprint.
Config Connector
Config Connector 1.53.0 is now available
Added support for NetworkSecurityClientTLSPolicy
Added support for
NetworkSecurityServerTLSPolicy
Dataflow
Dataflow is now able to use workers, Dataflow Shuffle, Streaming Engine, FlexRS, and regional endpoints in zones in Melbourne
(australia-southeast2).
Dataproc
Dataproc is now available in the australia-southeast2
region (Melbourne).
Google Kubernetes Engine
Internal load balancer subsetting for GKE is now generally available in GKE versions 1.18.19-gke.1400 and later.
GKE is now available in the australia-southeast2
region (Melbourne).
Memorystore for Memcached
Added new Memorystore for Memcached region: Melbourne (australia-southeast2
).
Memorystore for Redis
Added new Memorystore for Redis region: Melbourne (australia-southeast2).
Virtual Private Cloud
For auto mode VPC networks, added a new subnet 10.192.0.0/20
for the Melbourne australia-southeast2
region. For more information, see Auto mode IP ranges.
Source: azure.microsoft.com
Azure are changing the regional capacity quota for Azure NetApp files at no additional cost to you.
Adding context to IoT data just became easier. Azure Digital Twins and Azure Data Explorer now seamlessly integrate, allowing you to allow you to contextualize time-series IoT data.
Use the IoT Plug and Play phone app as an IoT device to get started quickly with IoT Central or IoT Hub.
With this update, we've added a new set of policies which can be used to restrict the scope and lifespan of your organization’s Azure DevOps personal access tokens.
Now generally available, use Text Analytics for Health to detect words and phrases mentioned in unstructured text as entities in the healthcare and biomedical domain.
Azure Container Registry is now generally available in West US 3 region. Azure Container Registry handles private Docker container images as well as related content formats, such as Helm charts, OCI artifacts, and images built to the OCI image format specification.
This quality release of the OS includes bug fixes for apps using SPI Flash.
TARGET RETIREMENT DATE: OCTOBER 05, 2021
Transition to Bing Maps Routes API and/or Moovit Public Transit API’s by 5 October 2021
TARGET RETIREMENT DATE: JULY 05, 2021
Take advantage of Azure Data Lake Storage Gen 2 for all of your analytic needs after July 5, 2021.
TARGET AVAILABILITY: Q1 1980
Azure Blob Storage is the only storage platform that supports NFS 3.0 protocol over object storage natively (no gateway or data copying required), with object storage economics. With multi-protocol support, customers can run their applications on a single storage platform with no application rewrites necessary, therefore eliminating data silos.
Credit-based disk bursting, which allows you to handle unexpected disk traffic and batch jobs smoothly without the need to over-provision your disk, is now available on Azure Standard SSDs E30 and smaller.
The restart server group capability is now available in preview for Hyperscale (Citus) on Azure Database for PostgreSQL, a managed service running the Postgres open-source database on Azure.
Public preview enhancements and updates released for Azure SQL in late June 2021.
New features include data scientist built-in role, text classification labeling, and environments UI.
General availability enhancements and updates released for Azure SQL in late June 2021
Use self-serve to enable/disable full text query to deobfuscate your queries in diagnostic logs with the full-text query for Azure Cosmos DB feature.
Leverage existing Windows expertise and seamlessly connect Azure IoT Edge for Linux on Windows devices to Microsoft Azure and quickly bring cloud intelligence to your edge.
Forced failover capability is available in preview in all zone redundant regions on Flexible Server for Azure Database for PostgreSQL, a managed service running the open-source Postgres database on Azure.
Azure Key Vault Managed HSM (hardware security module) is now generally available. Managed HSM offers a fully managed, highly available, single-tenant, high-throughput, standards-compliant cloud service to safeguard cryptographic keys for your cloud applications, using FIPS 140-2 Level 3 validated HSM