Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 25th March 2022
To stay in the loop, make sure you subscribe using the box on the right of this page.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
Source: aws.amazon.com
AWS Panorama applications now support receiving inbound messages over the local area network
You can now configure your AWS Panorama application to receive inbound messages over the local area network, which you can use to start, stop, or adjust your AWS Panorama application. For example, you can run an ML model to visually detect paint defects when a vehicle crosses a gate on the production line. You can also use inbound messages to serve a web application accessible from another computer on the same network for human-in-the-loop review. Using human-in-the-loop review, line operators can review anomaly detections from the ML model to ensure accuracy and flag low-accuracy results for model retraining.
AWS Panorama is a machine learning appliance and software development kit (SDK) that brings computer vision (CV) to on-premises internet protocol (IP) cameras. With AWS Panorama, companies can use compute power at the edge (without streaming video to the cloud) to improve their operations, by automating visual inspection tasks like evaluating manufacturing quality, finding bottlenecks in industrial processes, and assessing worker safety within their facilities.
AWS Panorama now supports Amazon CloudWatch alarms for application errors
You can now configure Amazon CloudWatch alarms to detect when your AWS Panorama application encounters errors. These CloudWatch alarms can help to identify emergent performance and operational issues, enabling you to troubleshoot quickly and reduce mean time to resolution (MTTR).
AWS Panorama now supports the ability to bring your own machine learning libraries
You can now run models and algorithms from TensorFlow, PyTorch, and OpenCV directly on the AWS Panorama Appliance GPU for low-latency use cases, such as object tracking, traffic analysis, and worker safety. AWS Panorama also supports models optimized with Nvidia TensorRT or any machine learning library with Nvidia CUDA support. Nvidia TensorRT can double the number of camera streams that can be processed simultaneously on the AWS Panorama Appliance for a given use case.
AWS Support streamlines cases via Connector for Jira Service Management
Starting this week, AWS customers can use Atlassian Jira Service Management (JSM), Data Center version, as a single place to track and manage cases (incidents) from AWS Support via the AWS Service Management Connector for JSM. AWS Support enables users to create, track and resolve cases related to AWS resources in a central place, helping customers reduce the time to issue resolution. The dual sync integration between AWS Support cases and Jira Service Management incidents enables JSM users/developers to manage AWS Support cases while leveraging their existing workflows in Jira Service Management (incidents).
Extract custom entities from images and Textract JSON files with Amazon Comprehend
Amazon Comprehend now supports documents in image formats in addition to text, PDFs, and Word. Customers can now use Comprehend custom entity recognition to extract entities from image files (JPG, PNG, TIFF) and can also use Comprehend directly on Amazon Textract JSON outputs to extract custom entities from documents. With this launch AWS customers can simplify their intelligent document processing (IDP) workflows, taking advantage of an out-of-the-box integration between Comprehend and Textract to extract entities from documents.
AWS Lambda now allows customers to configure up to 10 GB of ephemeral storage for Lambda functions
AWS Lambda customers can now configure up to 10,240 MB of ephemeral storage for their Lambda functions, a 20x increase compared to the previous limit of 512 MB. This helps workloads such as financial analysis, machine learning inference, and media processing applications perform data intensive operations at scale.
Amazon EC2 Auto Scaling now publishes Auto Scaling instance lifecycle states in the Amazon EC2 Instance Metadata Service (IMDS), enabling you to easily initiate on-instance actions as an instance transitions from one lifecycle state to another. Instances in an Auto Scaling group transition through various lifecycle states from the time they are launched and placed in service to when they are removed from service and terminated. By polling IMDS, you can setup your on-instance application to easily determine its lifecycle state without having to setup Amazon CloudWatch Events or other services.
This week, AWS Service Catalog released a feature that helps to simplify builders’ access to the resources associated with their Provisioned Products. Previously, customers had to manually navigate through the AWS console to find a specific resource. With this feature, they can easily locate and access the resource of a provisioned product, right in the provisioned product detail page.
In the Provisioned Product detail console page, you will find a new tab called Resources that lists all your Provisioned Product’s underlying resources. If you want to work with a specific resource, just click on the resource link to access the resource’s dedicated console and perform subsequent actions on it. For example, you can navigate from one of your Provisioned Products in Service Catalog to one of its associated database instances with a single click.
AWS Proton support for Terraform Open Source is now Generally Available
AWS Proton support for defining infrastructure in HashiCorp Configuration Language (HCL) and provisioning infrastructure using Terraform Open Source is now generally available in all regions where Proton is available. Platform teams can now define AWS Proton templates using Terraform modules, in addition to CloudFormation. AWS Proton leverages the customer-managed Terraform automation to provision or update the infrastructure. Customers can use Terraform as their infrastructure definition and provisioning tool, and AWS Proton keeps modules that are used consistently up to date. This generally available launch includes support for BitBucket repositories for infrastructure management, and improved messaging across the service to further clarify the status of provisioning.
Amazon Polly now offers Neural TTS voices in Catalan and Mexican Spanish
Amazon Polly is a service that turns text into lifelike speech. This week, AWS were excited to announce the general availability of two voices: a Neural version of Mia, Polly’s Mexican Spanish female text to speech (TTS) voice and Arlet, a new Catalan Neural voice.
TTS voices simplify the way you can create, implement, update and maintain your speech-enabled applications and products. You can use Amazon Polly to enhance the user experience and improve the accessibility of your text content with the power of voice. Common use cases include interactive voice response (IVR) systems, audiobooks, newsreaders, eLearning content, and virtual assistants.
Now in Preview - Amazon GameSparks
AWS are happy to announce the preview of Amazon GameSparks, a managed AWS service that provides game developers with features for building, running, and scaling the backend for their games without having to manage servers or low-level cloud primitives. Amazon GameSparks makes building a game backend easy for game developers who have little to no cloud experience since it comes with out-of-the-box backend features that require minimal setup and is pre-integrated with the Unity game engine.
AWS Amplify announces the new @mapsTo GraphQL directive, enabling developers to iterate and rename their GraphQL models without worrying about data migration. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud. With Amplify’s GraphQL Transformer, developers can configure their backend data model using the GraphQL Schema Definition Language, and Amplify CLI automatically transforms the schema into a fully functioning GraphQL API with its underlying database tables.
Amazon QuickSight launches Groups Management UI
Amazon QuickSight now supports native groups management with an interactive user interface. With this change, administrators can efficiently and easily administer and govern user groups via the QuickSight admin console. They can create and manage groups and manage users membership within groups. Groups Management UI is available to administrators with access to the QuickSight admin console pages via IAM credentials. For more information visit here.
AWS Cost Anomaly Detection now supports resource and tag based access management
AWS Cost Anomaly Detection now supports resource and tag-based access controls for easy management and access to cost anomaly monitors and alert subscriptions. You can now define AWS Identity and Access Management (IAM) policies to specify fine-grained permissions for AWS Cost Anomaly Detection monitors and alert subscriptions based on their resource names and tags, improving governance and information security through these two granular access control features.
AWS GameKit for Unreal Game Engine is now Generally Available
This week AWS released AWS GameKit, a new solution that allows game developers to deploy and customize game backend features directly from Unreal Engine. AWS GameKit comes with AWS CloudFormation templates for each feature that follows AWS Solution Architect designs. AWS GameKit also comes with an integration code between the game backend features and Unreal Engine. AWS GameKit is for game developers looking to build AWS-powered game features directly from Unreal Engine with just a few clicks.
With this release, developers have access to four game backend features: Identity and Authentication, Achievements, Game State Cloud Saving, and User Gameplay Data. AWS GameKit uses AWS CloudFormation templates to provision and connect all the necessary AWS resources together into a cohesive solution to power these features. Each feature follows the AWS well-architected framework to provide a secure, high-performing, resilient, and efficient infrastructure deployment that is fully customizable and runs in the developer's own AWS account.
Amazon ECS now supports warm pools for Amazon EC2 Auto Scaling
Amazon Elastic Container Service (Amazon ECS) now enables customers to help applications scale out faster and save costs by using Amazon Elastic Compute Cloud (Amazon EC2) Auto Scaling Warm Pools with their Amazon ECS clusters. Warm Pools allow customers to create a pool of pre-initialized Amazon EC2 instances that are ready to quickly serve application traffic.
Warms Pools are a good fit for applications that have time-consuming initialization steps- such as pre-loading gigabytes of data or large container images, provisioning services, or running custom scripts- that can add delays before the instance is ready to serve traffic. To use Warm Pools with your Amazon ECS cluster, you simply need to set the ECS_WARM_POOLS_CHECK environment variable to true in the User data of your Amazon EC2 Auto Scaling Group launch template. Once this is enabled, Amazon ECS will prevent any Tasks from being started on warm pool instances until the instance enters the Running state.
Amazon Kendra releases Slack Connector to enable Slack messaging search
Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting today, AWS customers can use the Amazon Kendra Slack Connector to index and search messages from Slack.
Critical information can be scattered across multiple data sources in an enterprise, including messaging platforms like Slack. Amazon Kendra customers can now use the Kendra Slack Connector to index messages and search for information across this content using Kendra Intelligent Search.
AWS Cost Categories now supports resource and tag based access controls
AWS Cost Categories now supports resource and tag-based access controls for easy management and access to cost categories. You can define AWS Identity and Access Management (IAM) policies to specify fine-grained permissions for AWS Cost Categories based on resource names and tags, improving governance and information security through these two granular access control features.
With resource-level access controls, you can configure IAM policies that reference AWS Cost Categories using Amazon Resource Names (ARNs) or wildcards, and specify the users, roles and actions that are permitted on the resources. Using tag-based permissions, you can define IAM policies that specify permissions for tagged AWS Cost Categories. For example, you can tag a cost category based on a business unit and limit control over those resources to the members of that business unit.
Introducing grammar slot type on Amazon Lex
Amazon Lex is a service for building conversational interfaces into any application using voice and text. With Amazon Lex, you can quickly and easily build sophisticated, natural language, conversational bots (“chatbots”), virtual agents, and IVR systems. Today, Amazon Lex introduces grammar slot type. You can now you can author your own grammar in the XML format per the Speech Recognition Grammar Specification (SRGS) to collect information in a conversation. You can also provide semantic interpretation rules using ECMAScript tags within the grammar files. You can use the slot type to port your existing grammars to Amazon Lex. Alternately, you can choose from a list of pre-built industry grammars commonly used in domains such as financial services, insurance, and telecom. The grammar slot type provides granular control for collecting and post-processing user input so you can manage an effective dialog.
Amazon Chime SDK now supports sessions with up to 10,000 live participants
Amazon Chime SDK lets developers add intelligent real-time audio, video, and screen share to their web and mobile applications. Presenters can now deliver real-time media to 10,000 participants. Participants can be brought “on stage” with their existing WebRTC connection, allowing them to contribute to the live conversation without missing a moment of content.
Developers can link multiple WebRTC media sessions together with media replication to reach larger and global audiences. Each WebRTC media session supports 250 connections, and can be replicated up to 40 times for an additional 10,000 participants. Participants connected to a replica session can be granted access to join the primary session, and because everyone is using WebRTC, there is no transcoding delay between presenters and participants. Participants connected to a replica session receive only the content of the presenters connected to the primary session and do not have visibility of other participants, which makes media replication ideal for webinars and other use cases where privacy is desired.
Amazon RDS supports itemized billing for RDS Storage, IOPS and backup features
Starting this week, AWS Cost Explorer and Cost and Usage Reports (CURs) provide more granular and detailed billing of Amazon Relational Database Service (Amazon RDS) charges. Additional detail is reported for Amazon RDS Backups and General Purpose, Provisioned IOPS, and Magnetic Storage volumes that are provisioned in Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server database instances. Your bill will contain a detailed break down of costs by database engine for the above Amazon RDS resources and features.
In AWS Cost Explorer, you can use this itemized billing data to configure granular views and more accurately quantify your spend per different Amazon RDS database types. AWS CURs will also contain the breakdown of costs by Amazon RDS database types, so you can publish more granular reports to your Amazon Simple Storage Service (Amazon S3) bucket. Starting this week, your monthly bills and AWS CURs will feature itemized billing across all AWS regions.
Amazon EBS direct APIs is now available in the AWS Asia Pacific (Jakarta) Region
Amazon EBS direct APIs is now available in the AWS Asia Pacific (Jakarta) Region, enabling customers to create Amazon Elastic Block Store (EBS) snapshots of their block storage data regardless of where it resides, including on-premises. Customers can use EBS direct APIs to backup their on-premises workloads to EBS snapshots that can be quickly and easily recovered into EBS volumes for use cases like disaster recovery.
EBS direct APIs also provides the ability for backup providers to track incremental changes on EBS volumes via EBS snapshots and streamline their workflows to reduce backup times by up to 70%. This enables them to provide more granular recovery point objectives (RPOs) to customers at lower costs.
Amazon Corretto 18 is now generally available
Amazon Corretto 18 is now generally available. This version supports the latest Java feature release OpenJDK 18 and is available on Linux, Windows, and macOS. You can download Corretto 18 from the downloads page. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of OpenJDK. Corretto is distributed by Amazon under an open source license.
OpenJDK 18 offers a new Internet-Address resolution capability, a Simple Web Server, an updated Vector API, a new @snippet Tag for JavaDoc, a new implementation of Core Reflection, a change to UTF-8 as the default character set (charset) of the standard Java APIs, a second iteration of the foreign memory API, advancements in pattern matching for switch statements, and the deprecation of finalization.
ACM Private CA now supports custom subject names, extensions, and name constraints
AWS Certificate Manager (ACM) Private Certificate Authority (CA) now supports customizable certificate subject names. Security and public key infrastructure (PKI) administrators, builders, and developers now have greater control over the types of certificate subject names they can create using ACM Private CA. For example, it’s now possible to represent your organization’s directory structure in certificates by including multiple organizational units (OUs) in your certificate subject names. It’s also possible to create subject names representing Internet of Things (IoT) product and vendor identifiers such as those conforming to Matter, a new industry standard for secure and reliable home automation devices.
Amazon RDS for PostgreSQL now supports tds_fdw extension for SQL Server Databases
Amazon RDS for PostgreSQL adds support for tds_fdw which allows your PostgreSQL database to connect and retrieve data stored in separate SQL Server databases.
Foreign Data Wrappers are libraries for PostgreSQL databases that can communicate with an external data source, abstracting the details of connecting to the data source and obtaining data from it. tds_fdw is a PostgreSQL extension that provides a Foreign Data Wrapper for more easy and efficient access to SQL Server databases. Please see the list of supported extensions in the Amazon RDS User Guide for specific versions.
Anthos Clusters on Bare Metal
Anthos clusters on bare metal 1.9.6 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.9.6 runs on Kubernetes 1.21.
Anthos Config Management
New Nomos CLI ARM binaries for Linux and Mac (darwin) are now available. Users on these platforms can now install with gcloud components install nomos. The new binary versions will be included in Anthos Config Management downloads.
You can now specify apply and delete ordering using the new config.kubernetes.io/depends-on annotation. To learn more, see Declare resource dependencies between resource objects.
Added dependency enforcement to skip apply of objects whose dependencies are not successfully applied and fully reconciled.
Added support for multiple RootSync objects on the same cluster and multiple RepoSync objects in the same namespace. To learn more, see Configure syncing from multiple repositories.
Added new fields to the ResourceGroup inventory object to distinguish between actuation status and reconciliation status, as well as the intended actuation strategy (apply or delete) before actuation.
Updated the spec.override.resources field on RootSync and RepoSync to let you override the default resource amounts (for example, CPU or memory) requested by the corresponding containers of the reconciler Deployment. To learn more, see Troubleshoot Config Sync.
Apigee hybrid
On March 24, 2022 GCP released an updated version of the Apigee hybrid v1.5.9 software.
For information on upgrading, see Upgrading Apigee hybrid to version 1.5.
Apigee X
On March 22, 2022, GCP released an updated version of the Apigee X software.
Support for conditions in IAM policies
You can add resource conditions in your IAM policies. A resource condition lets you have granular control over your Apigee resources. For more information, see Adding resource conditions in IAM policies.
Cloud Asset Inventory
The following resource types are now publicly available through the Analyze Policy APIs (AnalyzeIamPolicy and AnalyzeIamPolicyLongrunning):
dialogflow.googleapis.com/ConversationProfiledialogflow.googleapis.com/KnowledgeBaseaiplatform.googleapis.com/PipelineJobaiplatform.googleapis.com/MetadataStoreaiplatform.googleapis.com/ModelDeploymentMonitoringJobCloud Functions
Support for Firebase Remote Config, Firebase Alerts, and Firebase Test Lab triggers is now in Preview. This only applies to Cloud Functions (2nd gen).
Cloud Logging
Customer-managed encryption keys (CMEK) for Logs Storage are now Generally Available (GA). CMEK lets you create, control, and manage encryption keys to meet your data compliance needs. For details, see Manage the keys that protect Logging storage data .
Cloud Spanner
The data type of the COLUMN_DEFAULT column in the information schema COLUMNS table has changed from BYTES to STRING. This aligns better with industry standards and enables future improvements to Cloud Spanner.
Cloud Talent Solution Job Search
The Cloud Talent Solutions dashboard management tool has added a Jobs and Companies page, which displays job statistics and metadata. You can use this page to troubleshoot data issues. The Jobs and Companies page has three tabs:
For more about this new feature, see the Jobs and Companies data documentation.
Compute Engine
General purpose Tau T2D VMs have limited availability in London (europe-west2-a,c). If you are interested in trying out T2D, speak to your Google Cloud Account Team. For pricing details, see VM instance pricing.
Preview: You can now share sole-tenant node groups with other projects or your entire organization.
Config Connector
Config Connector version 1.78.0 is now available.
Config Controller
Config Controller now uses version 1.77.0 for Config Connector (release notes)
Deep Learning Containers
Deep Learning VM Images
Eventarc
Support for Firebase Alerts triggers is now in Preview.
GKE
There is a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, on GKE Sandbox images. The misconfiguration leaves nodes potentially exposed to side channel attacks such as Microarchitectural Data Sampling (MDS) (for more context, see GKE Sandbox documentation). GCP do not recommend using the following affected versions:
For instructions and more details, see the GKE security bulletin.
GKE cluster versions have been updated.
Storage Transfer Service
Storage Transfer Service now enforces the Resource Location Restriction, which is part of the Org Policy Service. This allows an organization to define the allowed regions in which location-based Google Cloud resources, such as transfer jobs, can be created.
To learn how Storage Transfer Service chooses the region in which to run a transfer job, refer to Location of Storage Transfer Service jobs.
Microsoft Azure Releases And Updates
Source: azure.microsoft.com
TARGET RETIREMENT DATE: SEPTEMBER 30, 2023
Turn off Operator Assistance and enable automated attendant features for phone system.
TARGET RETIREMENT DATE: MARCH 31, 2023
Migrate to new data exports in Azure IoT Central before 31 March 2023.
You can now use user-assigned managed identity to authenticate your Stream Analytics jobs to inputs and outputs without ever having to worry about credential management.
Accelerate Apache Spark in Azure Synapse execution speed using the new intelligent cache feature.
Dynamically route Azure Data Explorer data to an alternate database
Machine Learning user-defined function in Stream Analytics allows you to perform high throughput, low latency, real-time predictions, allowing you to act on insights which have a very short shelf-life.
TARGET RETIREMENT DATE: MARCH 31, 2025
Start using template specs in the Azure portal before 31 March 2025.
TARGET RETIREMENT DATE: MARCH 31, 2023
IP address changes will begin affecting your ability to manage your virtual network-enabled API Management services on 31 March 2023.
TARGET RETIREMENT DATE: MARCH 31, 2025
We’re retiring Azure Time Series Insights on 31 March 2025 – transition to Azure Data Explorer
You can now specify target backend pool in inbound NAT rule for less management overhead when configuring port forwarding.
TARGET RETIREMENT DATE: DECEMBER 03, 2022
Extended support for .NET Core 3.1 is ending on 3 December 2022.
TARGET RETIREMENT DATE: MARCH 31, 2025
Migrate to custom question answering before Azure QnA Maker is retired on 31 March 2025.
TARGET RETIREMENT DATE: MARCH 31, 2025
Technical support for instrumentation key–based global ingestion in Application Insights will end on 31 March 2025.
TARGET RETIREMENT DATE: APRIL 30, 2023
Community support for Node 14 LTS is ending on 30 April 2023 – transition to Node 14 LTS by that date
TARGET RETIREMENT DATE: FEBRUARY 29, 2024
Migrate to Azure Synapse Analytics.
You now have the ability to connect your devices, send data, run commands, and create relationships without having to first create a model for them in Azure IoT Central.
Microsoft has announced plans to bring a new datacenter region to Finland, including availability zones.
A public preview of Azure Container Registry on Azure Stack Hub is available starting with Azure Stack Hub update 2108.
A public preview of Azure Kubernetes Service on Azure Stack Hub is available starting with Azure Stack Hub update 2108.
Azure HBv3 virtual machines are now upgraded to and generally available with AMD EPYC 3rd Gen processors with 3D V-Cache, codenamed “Milan-X”, in the Azure East US, South Central US, and West Europe regions.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: