49 min read

In Cloud Computing This Week [June 3rd 2022]

June 3, 2022

This week's roundup of all the cloud news.

 

Cloud_News_Roundup

Here's a cloud round up of all things Hava, GCP, Azure and AWS for the week ending Friday 3rd June 2022.

To stay in the loop, make sure you subscribe using the box on the right of this page.

Of course we'd love to keep in touch at the usual places. Come and say hello on:

Facebook.      Linkedin.     Twitter.


Getting_Started_aws_logo

AWS Updates and Releases

Source: aws.amazon.com

SageMaker JumpStart now supports automatic tuning

Amazon SageMaker JumpStart now supports model tuning with Sagemaker Automatic Model Tuning from its pre-trained model, pre-built solution templates, and example notebooks. This means AWS customers can automatically tune their machine learning models to find the hyperparameter values with highest accuracy within the range customers provide through SageMaker API.

SageMaker JumpStart allows AWS customers to fine-tune and deploy a wide variety of pre-trained models across popular ML tasks, as well as a selection of end-to-end solutions that solve common business problems. These features remove the heavy-lifting from each step of the ML process, making it easier to develop high-quality models and reducing time-to-deployment. Customers can access JumpStart via APIs in notebook, and UI in SageMaker Studio with just few clicks.

Amazon Kendra releases GitHub OnPrem connectors

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting this week, AWS customers can use the Amazon Kendra Github OnPrem connector to index and search documents from GitHub Enterprise Server data source.

Many organizations use GitHub as a code hosting platform for version control and to redefine collaboration of open-source software projects. A GitHub account repository can include many content types, such as files, issues, issue comments, issue comment attachments, pull requests, pull request comments, pull request comment attachments, and more. This data is scattered across multiple locations and content repositories (public, private, and internal) within an organization. Organizations can now use the Github OnPrem connector to index these documents and provide search results and answers to their users about this project content using Amazon Kendra intelligent search.

NoSQL Workbench for Amazon DynamoDB adds support for CreateTable, UpdateTable, and DeleteTable operations

NoSQL Workbench for Amazon DynamoDB  is a client-side application to help visualize and build scalable, high-performance data models. Starting today, NoSQL Workbench adds support for table and global secondary index (GSI) control plane operations such as CreateTable, UpdateTable, and DeleteTable.

Previously, you could use NoSQL Workbench to build and perform data plane operations on tables and GSIs. However, for control plane operations, you had to use tools such as the AWS Management Console or AWS Command Line Interface (AWS CLI). With the new updates in NoSQL Workbench, you can perform all data plane and control plane operations from one convenient application.

You can now update the storage and IOPS capacity on your Amazon FSx for OpenZFS file systems

You can now update the storage and IOPS capacity on your Amazon FSx for OpenZFS file systems with the click of the button, making it even easier to adapt to your evolving storage and performance needs.

Amazon FSx for OpenZFS provides fully managed cost-effective shared file storage powered by the popular OpenZFS file system. When you create an FSx for OpenZFS file system, you can specify its storage capacity, its throughput capacity, and its disk IOPS capacity. Until today, FSx for OpenZFS only supported updating the throughput capacity of an active file system. Now, you can also increase the storage capacity or change the disk IOPS capacity on your file system in seconds, without disrupting your end users or applications. With this capability, you can now dynamically update all of the primary aspects of your FSx for OpenZFS file system configuration.

Amazon Connect launches an API to programmatically transfer tasks

Amazon Connect now provides a TransferContact API to programmatically transfer tasks to another flow, to an agent queue, or to a shared queue for distribution to an available agent. Amazon Connect Tasks empowers contact center managers to prioritize, assign, track, and automate customer service tasks across the disparate applications used by agents.

Using this API, contact center managers can now directly transfer tasks from their custom analytics dashboards for time resolution. You can already dynamically prioritize and assign tasks using Connect Flows based on agent skill set, availability, and information about the task (e.g., type, priority/urgency, category).

Amazon Kendra releases GitHub SaaS Connector

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting today, AWS customers can use the Amazon Kendra Github SaaS connector to index and search documents from GitHub Enterprise Cloud data source.

Many organizations use GitHub as a code hosting platform for version control and to redefine collaboration of open-source software projects. A GitHub account repository can include many content types, such as files, issues, issue comments, issue comment attachments, pull requests, pull request comments, pull request comment attachments, and more. This corpus data is scattered across multiple locations and content repositories (public, private, and internal) within an organization. Organizations can now use the Github SaaS connector to index these documents and provide search results and answers to their users about this project content using Amazon Kendra intelligent search.

Amazon Connect now supports custom templates for agent tasks

Amazon Connect now allows you to create custom task templates, making it easy for agents to capture the right information to create and complete tasks. Amazon Connect Tasks empowers you to prioritize, assign, and track all contact center agent tasks to completion, improving agent productivity and ensuring customer issues are quickly resolved. You can easily compose templates for a variety of scenarios such as such as investigating billing issues or new insurance claims, allowing agents to choose the template that best suits the situation. For example, when handling a billing inquiry, a task template can pre-populate data and guide agents to gather additional information needed to quickly resolve the issue. Task templates are supported out-of-the box without the need for manual configuration for the Amazon Connect agent application. To learn more, see the API reference guidehelp documentation, or visit our webpage.

Amazon Braket adds support for Borealis, the first publicly accessible quantum computer that is claimed to offer quantum advantage

Amazon Braket, the quantum computing service from AWS, adds support for Borealis, a new photonic quantum processing unit (QPU) from Xanadu. The Borealis device is the first publicly available quantum computer that is claimed to have achieved quantum advantage: the technical milestone when a quantum computer outperforms the world’s fastest supercomputers on a well-defined task, in a peer-reviewed study published in the journal of Nature. Until now, none of the devices that have been claimed to demonstrate quantum advantage have been accessible to the public, but for the first time, customers can test a quantum advantage claim for themselves on Amazon Braket while also exploring potential applications for this technology.

One of the limiting factors slowing down research in quantum computing today is access to diverse quantum hardware. With this launch, Amazon Braket expands the hardware available on the service to include a photonic quantum computer, in addition to the existing superconducting, ion trap, and quantum annealing-based quantum hardware. The Borealis device is designed to support continuous-variable (CV) quantum computing, a paradigm of quantum computing that uses continuous quantum states known as qumodes, instead of discrete two-level systems (often called qubits).

The 216-qumode Borealis device is not a universal quantum computer, capable of arbitrary computations, but rather implements a specific protocol known as Gaussian Boson Sampling (GBS). With this launch, researchers anywhere can access and experiment with a state-of-the-art CV device with the same familiar pay-as-you-go pricing model as other devices on Amazon Braket. 

Amazon Chime SDK now supports centralized attendee controls

The Amazon Chime SDK now lets developers centrally control each participant’s ability to send and receive audio, video, and screen share within a WebRTC session. Amazon Chime SDK lets developers add intelligent real-time audio, video, and screen share to their web and mobile applications. Enforcement of attendee capabilities is centralized in the WebRTC session, so developers do not have to rely on logic within client applications, which may be outdated in older versions.

Developers can align each participant’s capabilities with their role within their application use case and dynamically adjust them as needed. For example, an attendee in a webinar can only listen to audio and view webcam video and screen share. If an attendee wants to ask a question, they can be granted permission to share only audio. However, suppose the presenter needs to interrupt and stop the attendee from talking - the attendee’s audio can be immediately cut off by revoking their permission to share audio.

Announcing AWS PrivateLink support for AWS Panorama

AWS Panorama customers can now use AWS PrivateLink to access AWS Panorama from their Amazon Virtual Private Cloud (Amazon VPC) without using public endpoints, and without requiring the traffic to traverse the Internet. Using AWS PrivateLink, you can access AWS Panorama endpoints easily and securely by keeping your traffic within the AWS network, while simplifying your internal network architecture. You no longer need to use an internet gateway, Network Address Translation (NAT) devices, or firewall proxies to connect to AWS Panorama.

AWS Panorama is a collection of machine learning (ML) devices and a software development kit (SDK) that brings computer vision (CV) to on-premises internet protocol (IP) cameras. With AWS Panorama, companies can use compute power at the edge (without streaming video to the cloud) to improve their operations, by automating visual inspection tasks like improving supply chain logistics, optimizing traffic management, and evaluating manufacturing quality. AWS PrivateLink provides private and encrypted connectivity between customer VPCs and AWS services (such as AWS Panorama), without requiring your traffic to ever leave the Amazon network.

Amazon SageMaker supports incremental training for JumpStart models

Amazon SageMaker JumpStart helps you quickly and easily solve your machine learning problems with one-click access to (a) more than 300 popular model collections from TensorFlow Hub, PyTorch Hub, Hugging Face and Gluon CV, and (b) 18 end-to-end solutions that solve common business problems such as demand forecasting, fraud detection and document understanding. The available models can be used for a wide range of machine learning tasks including image classification, object detection, semantic segmentation, instance segmentation, image embedding, text classification, sentence pair classification, question answering, text embedding, text summarization, text generation, machine translation, tabular classification and tabular regression.

Amazon CloudWatch adds Elemental MediaTailor to Vended Logs pricing

Amazon CloudWatch now supports AWS Elemental MediaTailor logs as part of Vended Logs. Vended logs are specific AWS service logs natively published by AWS services on behalf of the customer and available at volume discount pricing.

AWS Elemental MediaTailor logs now takes advantage of volume-based tiered pricing for Vended logs. Please visit the Amazon CloudWatch pricing page to learn more about Vended logs pricing available in all public regions. Please visit our documentation to learn more about Amazon CloudWatch.

Amazon S3 on Outposts now supports AWS PrivateLink for management of buckets and access points

Amazon S3 on Outposts now supports AWS PrivateLink, providing direct access to manage your S3 on Outposts storage capacity via a private endpoint within your virtual private network. This allows you to simplify your internal network architecture and perform management operations on your S3 storage by using private IP addresses in your Virtual Private Cloud (VPC), eliminating the need to use public IPs or proxy servers.

AWS customers today connect on-premises applications with Amazon S3 on Outposts using private IP addresses within their VPC, privately transferring object data in and out of S3 on Outposts. Many AWS customers, however, also want to manage their S3 on Outposts capacity without configuring public IPs or proxy servers. With full S3 on Outposts support for PrivateLink, you can now provision interface VPC endpoints for the S3 on Outposts Control API in your VPC. This allows you to seamlessly create buckets, manage endpoints, and apply security policies from within your own VPC via the AWS Command Line Interface (CLI) or programmatically via AWS Software Development Kits (SDKs). Interface VPC endpoints are private endpoints that are assigned private IPs from your VPC.

Amazon RDS adds support for publishing events to encrypted Amazon SNS topics

Amazon Relational Database Service (Amazon RDS) can now publish events to Amazon Simple Notification Service (Amazon SNS) topics that have server-side encryption (SSE) enabled, for additional protection of events that carry sensitive data. Amazon RDS groups events into categories that you can subscribe to so that you can be notified when an event in that category occurs, enabling routing and automation.

When you publish messages to encrypted topics, Amazon SNS immediately encrypts your messages. The encryption takes place on the server, using a 256-bit AES-GCM algorithm and an encryption key managed by the AWS Key Management Service (AWS KMS). Amazon SNS encrypted topics work with both customer managed keys and AWS managed keys. The messages are stored in encrypted form, in multiple Availability Zones (Multi-AZs), and decrypted only as they are delivered to subscribing endpoints, such as Amazon Simple Queue Service (Amazon SQS) queues, AWS Lambda functions, and HTTP/S webhooks.

Announcing Geofence Management in Amplify Geo (JavaScript), powered by Amazon Location Service

This week AWS announced the general availability of Geofences for Amplify Geo. Amplify Geo enables frontend developers to add location-aware features to their web applications. Developers looking to display geometric boundaries or Geofences on a map, can now implement a complete Geofence management solution in minutes using the cloud-connected UI widget and APIs from Amplify Geo, powered by Amazon Location Service. Geofences are geometric boundaries that can be drawn around places of interest or areas on a map.

With this release, developers can add an interactive Geofence management UI widget to view, create, and edit Geofences on a map. This UI widget is built on top of the popular MapLibre open-source library and developers can choose from the wide array of community-contributed plugins to further customize their Geofence UI components. Amplify Geo also provides developers with client APIs powered by Amazon Location Service to manage Geofences programmatically from their frontend web application. Developers can use the guided workflow in the Amplify Command Line Interface (CLI) to provision all the necessary cloud resources to create Geofences, or they can use existing Geofence resources.

Amazon Route 53 announces IP-Based Routing for DNS Queries

This week, AWS announced the launch of IP-based routing for Amazon Route 53, AWS’s Domain Name System (DNS) cloud service. Route 53 provides AWS customers with multiple routing options, such as geolocation routing, geoproximity routing, latency-based routing, and weighted routing to route their end users to optimal endpoints. With the addition of IP-based routing, customers are now additionally empowered to fine-tune their DNS routing approach based on the Classless Inter-Domain Routing (CIDR) block that the query-originating IP address belongs to, allowing them to leverage knowledge of their end user base to optimize performance or network transit costs.

AWS Storage Gateway Hardware Appliance now available for purchase through resellers

AWS Storage Gateway is expanding the ways you can purchase the AWS Storage Gateway Hardware Appliance, and for the first-time enabling resellers to offer the appliance. Now you can procure the hardware appliance through the reseller of your choice, and leverage your existing purchasing agreements.

AWS Storage Gateway is a hybrid cloud storage service that provides on-premises applications access to virtually unlimited storage in the cloud. You can use AWS Storage Gateway for backing up and archiving data to AWS, providing on-premises file shares backed by cloud storage, and providing on-premises applications low latency access to data in the cloud. The AWS Storage Gateway Hardware Appliance provides you with a simple out-of-the-box experience to deploy storage gateway on-premises. The hardware appliance is a physical, standalone, validated server configuration that comes pre-loaded with Storage Gateway software, and provides all the required compute, memory, network, and storage resources for creating and configuring the gateway for on-premises hybrid cloud storage deployments, and is managed from the AWS Console. The hardware appliance supports Amazon S3 File Gateway, Amazon FSx File Gateway, Tape Gateway, and Volume Gateway.

AWS Elastic Disaster Recovery now supports multiple staging and target accounts

AWS are excited to announce that AWS Elastic Disaster Recovery (DRS) has added support for multiple staging and target accounts. Today you can replicate and protect up to 300 source servers per AWS Region. By using multiple staging and target accounts, you can now also recover up to 3,000 replicating source servers into any target AWS account. This feature makes disaster recovery setup, implementation, and monitoring easier and more efficient, especially for large-scale projects.

You can use multiple staging and target accounts to separate your staging accounts (where replication is managed) from your target accounts (where you can recover your source servers). With the new capability, you can recover source servers from multiple staging accounts into a single AWS target account. This provides a separation that can be useful for many purposes, including security, billing, and project management. You can also recover any single source server into multiple target accounts, and this can be used for many purposes, including testing, sandboxing, development, and production.

 

Amazon Pinpoint launches journey custom channel input and response support

Amazon Pinpoint journeys now include the ability to pass data into a custom channel, and be able to perform a yes/no or multivariate split based on the response. Journeys in Amazon Pinpoint were designed for customers who want to send targeted communications that drive high-value user actions. Journeys can include custom channel activities, which can be used to send messages through channels that Amazon Pinpoint doesn’t support natively, such as WhatsApp or Signal.

Custom channel activities use AWS Lambda functions to call external APIs or perform other operations. AWS customers can now pass the custom channel activity a message intended for an end user, or other data to customize the send. In addition, Journey yes/no and multivariate splits can now listen to the response from the AWS Lambda function, and use that response to determine the next action in the journey. For example, you could design a custom channel activity to send a message through WhatsApp, and the Lambda function could return a value of “Success” if the message is successfully delivered, or “Failure” if it wasn’t. Your journey can then be split based on this success or failure response, and recipients who weren’t able to receive the message through WhatsApp could then be sent a communication through another channel, such as SMS.

AWS Proton introduces service components

AWS Proton introduces service components, a new feature that allows developers complement the standard infrastructure of Proton templates with additional resources for their services. Platform engineers use Proton to define the core infrastructure of their services and keep it consistent and updated across services, and now with components developers can complement that core infrastructure with the additional resources they need to meet the needs of their particular application. Proton components enable platform engineers to expand the use cases they support without having to drastically increase the number of templates that they manage.

AWS Proton is a managed service for platform engineers to increase the pace of innovation by defining, vending, and maintaining infrastructure templates for self-service deployments. With Proton, customers can standardize centralized templates to meet security, cost, and compliance goals. Proton helps platform engineers scale up their impact with a self-service model, resulting in higher velocity for the development and deployment process throughout an application lifecycle.

 

Amazon Pinpoint launches journey custom channel input and response support

Amazon Pinpoint journeys now include the ability to pass data into a custom channel, and be able to perform a yes/no or multivariate split based on the response. Journeys in Amazon Pinpoint were designed for customers who want to send targeted communications that drive high-value user actions. Journeys can include custom channel activities, which can be used to send messages through channels that Amazon Pinpoint doesn’t support natively, such as WhatsApp or Signal.

Custom channel activities use AWS Lambda functions to call external APIs or perform other operations. Customers can now pass the custom channel activity a message intended for an end user, or other data to customize the send. In addition, Journey yes/no and multivariate splits can now listen to the response from the AWS Lambda function, and use that response to determine the next action in the journey. For example, you could design a custom channel activity to send a message through WhatsApp, and the Lambda function could return a value of “Success” if the message is successfully delivered, or “Failure” if it wasn’t. Your journey can then be split based on this success or failure response, and recipients who weren’t able to receive the message through WhatsApp could then be sent a communication through another channel, such as SMS.

AWS Proton introduces service components

AWS Proton introduces service components, a new feature that allows developers complement the standard infrastructure of Proton templates with additional resources for their services. Platform engineers use Proton to define the core infrastructure of their services and keep it consistent and updated across services, and now with components developers can complement that core infrastructure with the additional resources they need to meet the needs of their particular application. Proton components enable platform engineers to expand the use cases they support without having to drastically increase the number of templates that they manage.

Amazon EC2 Dedicated Hosts are now available on AWS Outposts

This week, AWS are announcing support for Amazon Elastic Compute Cloud (EC2) Dedicated Hosts on AWS Outposts, which makes it easier for AWS customers to bring their existing software licenses and workloads that require a dedicated physical server to their Outpost Racks. In addition, customers now have greater flexibility in instance type deployment and more granular placement control, all with consistent hybrid experience on AWS Outposts.

Amazon EC2 Dedicated Hosts allow customers to use their eligible software licenses that are bound to VMs, sockets, or physical cores on EC2 instances, so that customers get the flexibility and cost effectiveness of using their own licenses. While Outposts has always been a single tenant environment eligible for Bring Your Own License (BYOL) workloads, Dedicated Hosts allows customers to limit licenses to a single host as opposed to the entire Outpost.

 

Amazon EMR Serverless is now generally available

AWS are happy to announce the general availability of Amazon EMR Serverless, a new serverless deployment option in Amazon EMR that makes it easy and cost effective for data engineers and analysts to run petabyte-scale data analytics in the cloud. Amazon EMR is a big data solution that you can use to run large-scale distributed data processing jobs, interactive SQL queries, and machine learning (ML) applications built on open-source analytics frameworks such as Apache SparkApache Hive, and Presto. With EMR Serverless, you can run your Spark and Hive applications without having to configure, optimize, tune, or manage clusters.

AWS Step Functions launches an interactive workshop for building and deploying application workflows

You can now learn to use AWS Step Functions with a new workshop called The AWS Step Functions Workshop. This self-paced tutorial teaches you how to use the primary features of Step Functions through a series of interactive modules. Each module contains lesson materials you can deploy to your AWS account, covering topics such as coordinating and orchestrating application workflows, managing workflow states, creating SDK integrations with other AWS services, and more.

AWS Step Functions is a low-code, visual workflow service that you can use to connect to over 220 AWS services and 10,000 API actions. Developers use Step Functions to build distributed applications, automate IT and business processes, and create data and machine learning pipelines. With this launch you now can get hands-on experience building resilient workflows with robust error handling using Step Functions in a workshop environment.

Price reductions on Amazon EC2 instances running SUSE Linux Enterprise Server (SLES) OS

AWS are excited to announce the following price reductions for Amazon EC2 instances running SLES. When you run SLES on Amazon EC2, you are charged one combined price for the Amazon EC2 infrastructure and the SUSE OS.

Starting May 28th 2022, there will be a:

  1. Price reduction on SLES On-Demand EC2 instances which can result in savings of up to 24% vs. the current On-Demand rates. For example, running a c5.large SLES EC2 instance in US East (N.Virginia) region could save you 24%, m5.large 22%, and r5.xlarge 18%. If applicable, these savings would be reflected in your next billing cycle.
  2. Price reduction on Savings Plans when running SLES OS EC2 instances can result in savings of up to 52% vs. the current Savings Plans rates. With this price reduction, SLES OS Savings Plans customers will not only benefit from the same significant savings as Reserved Instances but also benefit from the flexibility and ease of use of Savings Plans. For example, running a m5.xlarge SLES OS EC2 instance in US East (N.Virginia) region with shared tenancy can result in 52% savings on a 3-year term and 44% on a one-year term vs. the current Compute Savings Plans rates for the same SLES OS EC2 instance. With a Compute Savings Plan, you will get the flexibility to change instance type (e.g. from M5 to C5), or shift a workload from one AWS Region to another (e.g. US East (N.Virginia) to Europe (Ireland)) and continue to benefit from the applicable lower prices up to your Savings Plans commitment. This pricing change will apply to all new Savings Plans.

Access the AWS re:Post community from the AWS Well-Architected Tool

AWS Well-Architected Tool now features direct access to AWS re:Post, a community-driven, questions-and-answers service designed to help AWS customers remove technical roadblocks, accelerate innovation, and enhance operation. AWS re:Post has 40+ topics including a community specific to AWS Well-Architected.

To get started, from AWS Well-Architected Tool select “Ask an Expert” and access the AWS re:Post community dedicated to AWS Well-Architected. In this community, customers can ask questions related to designing, building, deploying, and operating workloads on AWS. During workload reviews with the AWS Well-Architected Tool, customers can reference AWS re:Post for questions related to specific topics, or ask questions to start a discussion and get answers. The re:Post community includes AWS customers, partners, and employees. The topics and posts within this community are monitored by AWS Well-Architected subject matter experts.

Amazon Timestream achieves FedRAMP Moderate compliance

Amazon Timestream is now in scope for FedRAMP Moderate in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon). You can now use Amazon Timestream to collect, store, query, and visualize time series data in various applications within your Amazon Virtual Private Clouds (Amazon VPC) to help you meet FedRAMP Moderate controls.

Amazon Timestream is a fast, serverless, secure, and purpose-built time series database for analytics, DevOps, and IoT applications that can scale to process trillions of time series events per day. Amazon Timestream simplifies data lifecycle management through the use of data tiers and user-defined data retention policies. The purpose-built query engine lets you access and analyze recent and historical data across these tiers. Additionally, visualizing your data is simple with integration and connector support through Amazon Quicksight, Grafana, and JDBC. Amazon Timestream also automatically scales up or down to adjust capacity and performance, so you don’t need to manage the underlying infrastructure, freeing you to focus on building your applications.

AWS DataSync adds support for Amazon EFS security features

AWS DataSync now provides additional security options when moving data to and from Amazon Elastic File System (Amazon EFS). AWS DataSync is an online data movement service that simplifies, automates, and accelerates moving data between on-premises, edge, or cloud storage and AWS Storage services. Amazon EFS is a serverless, fully elastic file system that makes it easy to set up, scale, and cost-optimize file storage in the AWS Cloud. With this launch, DataSync can now access your file systems using EFS Access Points, enabling you to copy data to and from specific datasets. You can also configure DataSync to connect to your EFS file systems using TLS encryption, giving you greater protection of your data in-flight when copying to and from EFS. Additionally, you can configure DataSync with an IAM role for use with your EFS file system policies, giving you greater control over how DataSync accesses your file systems.

Amazon Connect now allows you to get started with high-volume outbound communications (public preview) with just a few clicks

Amazon Connect now lets you get started with high-volume outbound communications with just a few clicks, enabling you to begin testing this feature. On the Amazon Connect navigation panel, choose the Telephony page, check the box to Enable high-volume outbound communication, and then choose Save. In a few minutes you will be ready to use this feature.

Use high-volume outbound communications for calls, texts, and emails to contact from hundreds to millions of customers daily for communications like upcoming delivery notifications, marketing promotions, appointment reminders, and debt collection without having to integrate third-party tools. An optional integrated list management capability provided by Amazon Pinpoint can also be used to build customer journeys and multi-channel user experiences. This feature is available out-of-the box and can be enabled within the AWS Connect Console.

Amazon EBS now supports Elastic Volumes and Fast Snapshot Restore (FSR) for io2 Block Express

You can now use Elastic Volumes to dynamically increase the capacity and tune the performance of your io2 Block Express volumes with no downtime or performance impact, in the same manner as other EBS volumes. Additionally, you can now create a fully initialized io2 Block Express volume from a Fast Snapshot Restore (FSR) enabled snapshot. Volumes that are created from FSR-enabled snapshots instantly deliver their provisioned performance. These features add to the capabilities of the highest-performance EBS volume type - io2 Block Express.

Launched in July 2021, io2 Block Express volumes deliver up to 4x higher throughput, IOPS, and capacity than io2 volumes, and are designed to deliver sub-millisecond latency and 99.999% durability. io2 Block Express refers to io2 volumes that run on the EBS Block Express architecture. You can provision a single io2 volume that delivers up to 256,000 IOPS, 4000 MB/s of throughput, and storage capacity of up to 64 TiB for running mission-critical deployments of Oracle, SAP HANA, Microsoft SQL Server, and SAS Analytics. With Elastic Volume support, you can dynamically increase the volume size and change the performance (IOPS), providing you greater flexibility to right-size the volume for your workload. In addition, with FSR you can get predictable performance from an io2 Block Express volume created from a snapshot without the need to initialize volumes yourself. This improved and predictable performance helps with various use cases, such as bringing up VDI environments, backup & restore, and creating test/development volume copies.

Announcing Athena connector for Amazon Lookout for Metrics

AWS Lookout for Metrics announces the launch of the Athena connector, a new connector in Lookout for Metrics that allows you to query data from various data sources such as Data Lake on AWS, Amazon S3, Amazon Redshift to ingest into Amazon Lookout for Metrics for anomaly detection. The Athena connector reduces the need to setup complex ETL jobs and data preparation time for anomaly detection. You can query large datasets using standard SQL and analyze it before ingesting in an anomaly detector. The Athena connector supports data formatted in CSV, JSON, ORC (Optimized Row Columnar), Parquet, XML, plain text and AVRO.

Starting this week Athena connector for Lookout for Metrics is available in all regions where Amazon Lookout for Metrics is supported. To learn more, see this blog. You can use this capability in all Regions where Amazon Lookout for Metrics is publicly available. For more information about Region availability, see AWS Regional Services.

Single account enrollment and update is now available in AWS Control Tower

AWS Control Tower now gives you the capability to enroll and update member accounts individually, from within your AWS Control Tower landing zone, with a single click. You can update your landing zone, remediate account drift, or enroll an account into a registered organizational unit (OU), in a few streamlined steps.

When you update an account, there’s no need to include an account’s entire OU in each update action. As a result, the time required to update an individual account is greatly reduced. You can more easily ensure that your existing accounts include the latest configurations.

You can bring accounts under AWS Control Tower governance quickly, in fewer steps. The Enroll account button is now also separated from the Create account workflow in account factory, to create more distinction between these similar processes, and help avoid setup errors when you’re entering account information.

AWS Resource Access Manager achieves ISO and SOC compliance

AWS Resource Access Manager (AWS RAM) can now be used for workloads subject to Service Organization Control (SOC) compliance and International Organization for Standardization (ISO) ISO 9001, ISO 27001, ISO 27017, ISO 27018 and ISO 27701 standards. Now, customers in finance, healthcare, and other regulated sectors can get insights into the security processes and controls that protect customer data which can be found in the SOC reports, AWS ISO and CSA STAR certificates in AWS Artifact. AWS' alignment with these standards in addition to the independent third-party assessment of these internationally recognized code of practices demonstrates AWS' commitment to the privacy and protection of customers' content.

Amazon Connect high-volume outbound communications capabilities are now available in public preview in the Asia Pacific (Sydney) AWS Region

Amazon Connect now supports high-volume outbound communications in the Asia Pacific (Sydney) AWS region, making it easy to contact from hundreds to millions of customers daily for communications like delivery notifications, marketing promotions, appointment reminders, or debt collection. Amazon Connect’s high-volume outbound communications for calls, text and emails gives organizations a simple, embedded, cost-effective way to proactively contact customers without having to integrate third-party tools. An optional integrated list management capability provided by Amazon Pinpoint can also be used to build customer journeys and multi-channel user experiences. With this launch, high-volume outbound calls can now be made to customers in Australia and New Zealand. This feature is available out-of-the box and can be enabled within the AWS Console.

Amazon Cognito improves risk evaluation for Advanced Security Features

Amazon Cognito now enables application developers to propagate IP address as part of the caller context data in unauthenticated calls to Amazon Cognito. When Amazon Cognito’s Advanced Security Features (ASF) are enabled, this feature improves risk calculation and resulting authentication decisions performed in flows such as sign-up, account confirmation, and password change. Prior to this change, the end user IP address was not available in unauthenticated calls if these calls were initiated behind a proxy. With this new feature, developers who build identity micro-services, authentication modules or identity proxies can now leverage APIs to gain visibility into the client’s IP address and utilize them in other security applications to better understand the risk of a particular user activity.

AWS IAM now supports WebAuthn and Safari browser for multi-factor authentication with security keys

AWS Identity and Access Management (IAM) now supports the Web Authentication (WebAuthn) standard for strong and phishing-resistant authentication across all supported browsers. WebAuthn is part of the FIDO2 set of specifications that succeed FIDO U2F API, enabling secure multi-factor authentication with security keys based on public key cryptography.

This capability extends the existing multi-factor authentication (MFA) functionality to ensure compatibility with the latest internet browsers and FIDO-compliant authenticators. The Safari browser is also now supported for authentication and registration of security keys, in addition to other major browsers such as Mozilla, Opera, Firefox, and Chrome. Users that already have FIDO-compliant authenticators, such as FIDO U2F security keys, will be able to continue to use these authenticators.

AWS AppSync simplifies GraphQL API development with expanded GraphQL Utility Helper Library

AWS AppSync is a fully managed service that makes it easy to create and manage GraphQL and Real-time APIs, allowing developers to securely access, manipulate, and combine data from one or more data sources via a single API endpoint. With GraphQL, special functions called Resolvers are used to implement business logic linking or “resolving” types, fields, or operations defined in the GraphQL schema with the data in data sources such as Amazon DynamoDB, AWS Lambda, HTTP APIs, and more.

Resolvers in AppSync support flexible integrated utilities that allow developers to automatically generate identifiers ($util.autoId and $util.autoUlid), parse ($util.parseJson) or convert JSON ($util.toJson), perform URL/base64 encoding ($util.urlEncode) or decoding ($util.base64Decode), generate and convert timestamps ($util.time.nowISO8601), convert XML to JSON ($utils.xml), perform authorization checks, validate formatting and conditions, and much more, all directly in the AppSync API layer. There is no need to create your own logic to perform these tasks in AppSync resolvers

AWS Marketplace introduces free trials for SaaS contracts

AWS Marketplace introduces free trials for SaaS contracts so you can try products before you buy them. Previously, customers would either need to commit to a contract before trying the product, or go to third-party websites for free trials offered by software vendors directly.

With this release, you can discover SaaS contract products that offer free trials, review usage terms and trial duration, and start a free trial in a few clicks directly in AWS Marketplace. SaaS contract free trials do not require an upfront payment, allowing you to evaluate software without a commitment. During the trial period you can choose to subscribe to the available public offer, or negotiate a private offer with the seller. SaaS contract free trials won’t automatically convert into paid agreements, so if you decide that the product is not the right fit, you can simply let the free trial expire.

AWS announces support for Dart Signature V4 for interacting with AWS services

The new Dart Signature V4 client allows developers to securely integrate with all 200+ AWS services using signed HTTP requests. This functionality enables Dart developers to make native calls to AWS backends in their Flutter or Dart applications, to make changes to the data or configurations of AWS services.

Developers can add the Signature V4 client as a dependency to their Flutter or dart application, and use it to interact with AWS services. For example, using the Dart Signature V4 client, a developer can interact with the Amazon Simple Storage Service (Amazon S3) using signed HTTP requests to create a new S3 Bucket. Developers can then choose to upload files to their S3 buckets and also manage the read/write permissions for the files within these buckets.

AWS WAF and AWS Shield Advanced are now available in the Asia Pacific (Jakarta) Region

AWS WAF and AWS Shield Advanced are now available in the Asia Pacific (Jakarta) Region.

AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. AWS WAF can be deployed on Amazon CloudFront, Application Load Balancer, and Amazon API Gateway. To learn more about AWS WAF, visit the AWS WAF product page.

Amazon Genomics CLI v1.5.0 adds support for the Common Workflow Language (CWL) with Toil

This week, AWS were excited to announce that the Amazon Genomics CLI v1.5.0 has added support for workflows written in the Common Workflow Language (CWL) using the Toil workflow engine. In addition to CWL, the Amazon Genomics CLI supports workflows written with Workflow Definition Language (WDL), Nextflow, and Snakemake enabling customers to run a wide variety of genomics data analyses like joint calling of genome variants and single-cell RNAseq.

The Amazon Genomics CLI simplifies and automates the deployment of cloud resources like workflow engines and compute clusters, providing genomics and life science customers with an easy-to-use command line to quickly setup and run genomics workflows on Amazon Web Services (AWS).

Amazon ECS simplifies Capacity Provider integration with Auto Scaling groups

Amazon Elastic Container Services (Amazon ECS) provides a Cluster Auto Scaling (CAS) capability to dynamically manage the scaling of your Amazon Elastic Compute Cloud (EC2) Auto Scaling groups (ASG) on your behalf, so that you can focus on running your containers. Capacity Providers is the compute interface that links your Amazon ECS cluster with your ASG. With Capacity Providers, you can define flexible rules for how containerized workloads run on different types of compute capacity, and manage the scaling of the capacity. Capacity Providers improve the availability, scalability, and cost of running tasks and services on ECS. Starting today, we are simplifying the integration mechanism between Capacity Providers and ASGs by directly integrating with target-tracking scaling policy instead of relying on AWS Auto Scaling scaling plan.

Capacity Providers automatically scale the infrastructure capacity within your ASG, based on your target capacity configuration. Previously, Amazon ECS created an AWS Auto Scaling scaling plan containing a singular target-tracking scaling policy to manage the target capacity for the associated ASG. The target-tracking scaling policy ensured that your ASG had the requisite number of Amazon EC2 instances to support your workloads. With today’s launch, we have simplified the Capacity Provider-ASG integration by removing the additional layer of scaling plan, such that Capacity Provider will now directly create the same target-tracking policy for managing CAS. This change will automatically apply to all new Capacity Providers you create. You do not need to take any action to update your existing Capacity Providers. They will continue to function as before, with a scaling plan that contains the target-tracking scaling policy.

The AWS Panorama Appliance is now available for purchase in India and Taiwan

AWS customers in India and Taiwan can now purchase an AWS Panorama Appliance through the AWS Elemental purchase order process, a streamlined sales assisted ordering experience through the AWS Console that matches your corporate procurement workflow with the ability to pay via purchase order. With the expansion, customers can purchase Panorama through AWS Elemental in 49 countries, including United States, Canada, Mexico, Australia, New Zealand, Singapore, Malaysia, United Kingdom, and countries in the European Union.

AWS Panorama is a machine learning (ML) appliance and software development kit (SDK) that brings computer vision (CV) to on-premises internet protocol (IP) cameras. With AWS Panorama, companies can use compute power at the edge (without streaming video to the cloud) to improve their operations, by automating visual inspection tasks like evaluating manufacturing quality, finding bottlenecks in industrial processes, and assessing worker safety within their facilities.

AWS Systems Manager announces support for port forwarding to remote hosts using Session Manager

AWS Systems Manager announces support for port forwarding to remote hosts using Session Manager. AWS Systems Manager is the operations hub for your AWS applications and resources, providing a secure end-to-end management solution for hybrid cloud environments. Session Manager, a capability of Systems Manager, provides secure access to managed instances in your cloud, on-premises, or edge devices, without the need to open inbound ports, manage Secure Shell (SSH) keys, or use bastion hosts.

Session Manager port forwarding is used to tunnel communications between a client machine and a Systems Manager managed instance. Starting today, Session Manager supports forwarding connections from a client machine to ports on remote hosts. With remote port forwarding, you can now use a managed instance as a “jump host” to securely connect to an application port on remote servers, such as databases and web servers, without exposing those servers to outside network.

Getting_Started_gcp_logo 
Google Cloud Releases and Updates
Source: cloud.google.com

Anthos Clusters on bare metal

Anthos clusters on bare metal 1.10.5 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.10.5 runs on Kubernetes 1.21.

Apigee Hybrid

On June 2, 2022 GCP released an updated version of the Apigee hybrid software, v1.7.1.

For information on upgrading, see Upgrading Apigee hybrid to version 1.7.

BigQuery

Column-level data masking is now available in preview. You can use data masking to selectively obscure column data for groups of users, while still allowing access to the column. When you use data masking in combination with column-level access control, you can configure a range of access to column data, from full access to no access, based on the requirements of different groups of users.

Cloud BigTable

Cloud Bigtable now provides increased observability by letting you identify and monitor hot tablets in a cluster. This feature is generally available (GA). To learn more, see Hot tablets.

Cloud Composer

Cloud Composer 1.18.11 and 2.0.15 release started on June 1, 2022. Get ready for upcoming changes and features as we roll out the new release to all regions. This release is in progress at the moment. Listed changes and features might not be available in some regions yet.

Web server restarting is available in Preview in Cloud Composer 2.

IP Masquerade agent support is now generally available (GA) in Cloud Composer 1 and Cloud Composer 2. At the moment, we gradually roll out this feature to all regions.

Cloud Logging

The Logs Explorer has now replaced the Legacy Log Viewer.

The Logs Explorer is the updated version of the Logging interface, and lets you quickly and efficiently retrieve, view, and analyze logs from your queries. For a detailed tour of the Logs Explorer's features, see Using the Logs Explorer.

 
 

Cloud Spanner

Granular instance sizing is now generally available. You can now create production instances of fewer than 1000 processing units. To learn more, see Compute capacity, nodes and processing units.

Cloud Storage

Turbo replication is generally available (GA).

Cloud TPU

Cloud TPU now supports Tensorflow 2.8.2 and 2.9.1. For more information see TensorFlow 2.8.2 release notes and TensorFlow 2.9.1 release notes.

Compute Engine

Generally available: NVIDIA A100 GPUs are now available in the following additional regions and zones:

Seoul, South Korea, APAC : asia-northeast3-a,b

For more information about using GPUs on Compute Engine, see GPU platforms.

Preview: You can now use the SSH troubleshooting tool from the Cloud console to help you determine the cause of failed SSH connections.

Config Connector

Config Connector version 1.87.0 is now available.

Added spec.pscTargetService field to ComputeRegionNetworkEndpointGroup.

Added spec.enableDynamicPortAllocation field to ComputeRouterNAT.

Added spec.maintenancePolicy.maintenanceExclusion[].exclusionOptions field to ContainerCluster.

Added spec.settings.activeDirectoryConfig field to SQLInstance.

Added spec.gateways field to NetworkServicesTCPRoute.

Dataproc

Dataproc is now available in the us-east5 region (Columbus, Ohio).

Dataproc is now available in the europe-southwest1 region (Madrid, Spain).

Dataproc is now available in the europe-west9 region (Paris, France).

New sub-minor versions of Dataproc images:

1.5.67-debian10, 1.5.67-ubuntu18, 1.5.67-rocky8

2.0.41-debian10, 2.0.41-ubuntu18, 2.0.41-rocky8

Deep Learning Containers

M93 Release

Eventarc

dedicated user interface is now generally available (GA).

Firestore

Support for VPC Service Controls is now available in General Availability.

 

Google Cloud Deploy

Google Cloud Deploy support for Skaffold version 1.37.1 has been updated to version 1.37.2, which is now the default Skaffold version.

Google Cloud VMware Engine

Private cloud creation now uses the HCX Enterprise license level by default, enabling the following premium HCX features:

  • HCX Replication Assisted vMotion (bulk, no-downtime migration)
  • Migrations from KVM and Hyper-V to vSphere
  • Traffic engineering
  • Mobility groups
  • Mobility-optimized networking

Pub/Sub

The Pub/Sub Java client library now supports gRPC compression to save networking costs before your publisher client sends out the publish request.

Security Command Center

The compliances, exfiltration, and processes attributes were added to the Finding object.

  • The compliances attribute provides details about security standards that are unmet.
  • The exfiltration attribute provides details about the sources and targets of an exfiltration attempt.
  • The processes attribute provides details about operating system processes relevant to a finding.

For more information, see the API documentation for the Finding object

VPC Service Controls

General availability for the following integrations:

 

General availability for the following integration:

Workflows

Workflows is now available in the europe-west8 (Milan, Italy) region.

 

Getting_Started_Azure_Logo
Microsoft Azure Releases And Updates
Source: azure.microsoft.com

Public preview: Azure Percept DK May (2205) software update

The Azure Percept March update includes fixes related to security.

 

General availability: Storage optimized Azure VMs deliver higher performance for data analytics.

 

The new Lasv3 and Lsv3 VM series are well suited for high throughput and high IOPS workloads including big data applications, SQL and NoSQL databases, data intensive applications and more.

Generally available: Azure NC A100 v4 virtual machines for AI

Perfect for a range of AI workloads, this new virtual machines series can give you a significant performance boost over our previous NC generation series.

General availability: Conversational language understanding

Conversational language understanding includes multilingual transformer-based models as the underlying model architecture and results in significant accuracy improvements over its predecessor, LUIS.

Public preview: Manage Azure Web Application Firewall policies in Azure Firewall Manager

 

Azure Firewall Manager now supports the ability to manage Azure Web Application Firewall (WAF) policies for application delivery platforms, Application Gateway, and Azure Front Door, at scale within a centralized place.

General availability: Azure Bastion IP based connection

You can now use Azure Bastion to connect to on-premises resources over ExpressRoute and Site-to-Site VPN

General availability: New portal experience for Microsoft Artifact Registry

 

You can now browse for Microsoft artifacts and container images on the Microsoft Artifact Registry website.



 
All_Hava_Diagrams
Have you tried Hava automated diagrams for AWS, Azure, GCP and Kubernetes.  Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
 
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure, GCP accounts or stand alone K8s clusters. Once diagrams are created, they are kept up to date, hands free. 

When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
 
Check out the 14 day free trial here:
Learn More!

 

Topics: aws azure gcp news
Team Hava

Written by Team Hava

The Hava content team

Featured