19 min read

In Cloud Computing This Week [Mar 5th 2021]

March 5, 2021

This week's roundup of all the cloud news.

 

cloud_tags_and_labels

Here's a round up of all things GCP, Azure and AWS for the week ending Friday 5th March 2021 and there were plenty of announcements from all three cloud vendors that Hava currently supports.

How is it even March already?

Here at Hava we've been doing lots of cool design planning and self-hosted streamlining to make it even easier for you to host Hava internally to keep your security team super happy.

More details soon.

To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of. 

Of course we'd love to keep in touch at the usual places. Come and say hello on:

Facebook

Linkedin

Twitter


Getting_Started_aws_logo

AWS Updates and Releases

 

AWS Secrets Manager now provides support to replicate secrets in AWS Secrets Manager to multiple AWS Regions

 

AWS Secrets Manager now enables you to replicate secrets across multiple AWS Regions. You can now give your multi-Region applications access to replicated secrets in the corresponding Regions and rely on AWS Secrets Manager to keep the replicas in sync with the primary secret. In scenarios such as disaster recovery, you can read replicated secrets from your recovery Region, even if your Primary Region is unavailable. You can use this functionality through the AWS Secrets Manager console , CreateSecret  and ReplicateSecretToRegions  API, or via AWS CloudFormation  to replicate secrets in one or more Regions.


AWS Network Firewall is now available in the US East (Ohio), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Stockholm) AWS Regions

Starting today, AWS Network Firewall is available in the US East (Ohio), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Stockholm) AWS Regions.

 

Amazon EC2 P4d Instances now available in the US East (Ohio) and Asia Pacific (Tokyo) regions

Amazon EC2 P4d instances which provide the highest performance for machine learning training and high performance computing in the cloud are now available in the US East (Ohio) and Asia Pacific (Tokyo) regions.


Amazon EventBridge introduces support for API Destinations

Amazon EventBridge now supports API Destinations, a simple and reliable way for customers to send events to any HTTP API, such as self-managed or Software-as-a-Service (SaaS) applications, allowing customers to easily extend their existing applications without writing code. Authorization is built in so customers don’t have to write or manage additional code to authorize their requests.
 

AWS Step Functions adds tooling support for YAML

AWS Step Functions now supports YAML state machine definitions within the AWS Toolkit for Visual Studio Code and in AWS CloudFormation, making it possible to define workflows in the same language as your infrastructure as code.

 

AWS Systems Manager OpsCenter now displays an aggregated view of all operational issues for a specified resource

Starting this week, you can view all operational issues (OpsItems) for an impacted resource in AWS Systems Manager OpsCenter. OpsCenter allows operations engineers and IT professionals to investigate, diagnose, and resolve operational issues related to AWS resources from a central place. This enables you to understand the greater context while troubleshooting an issue such as an instance failure, and helps you to resolve issues faster.

 

AWS Certificate Manager now provides certificate expiry monitoring through Amazon CloudWatch

AWS Certificate Manager (ACM) now publishes certificate metrics and events through Amazon CloudWatch  and Amazon EventBridge . Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates are used to secure network communication and establish the identity of websites over the internet. Certificates have a defined lifetime and for continued use need to be renewed before they expire. These new metrics and events help administrators keep track of certificate expiration dates and take necessary action or configure automation to prevent certificate expiry and related outages.


Amazon VPC Flow Logs now reflects AWS Service name, Traffic Path and Flow Direction

You can now add four additional metadata fields in your Amazon Virtual Private Cloud (Amazon VPC) flow logs, namely flow-direction, traffic-path, pkt-src-aws-service and pkt-dst-aws-service. With these enriched fields you can derive insights into the AWS services that your workloads are communicating with, differentiate between ingress and egress traffic flows and identify the next hop of your egress traffic, such as an internet gateway, a VPC peering connection or a virtual private gateway.
 
 

AWS Glue DataBrew extends its datasets to support files without an explicit file extension or a header row

AWS Glue DataBrew extends its datasets to support files without an explicit file extension or a header row. Often times, extensionless files are tricky to work with and require visually exploring the data to understand it. Similarly, customers often work with files without an explicit row that defines the header in the file. In both of these cases, you can now define both these configurations when you create a dataset in DataBrew.

 

Announcing General Availability of Ethereum on Amazon Managed Blockchain

Amazon Web Services (AWS) announces general availability of Ethereum on Amazon Managed Blockchain. Ethereum is a popular decentralized blockchain framework that establishes a peer-to-peer network allowing participants to transact without a trusted central authority. It enables popular use cases such as decentralized finance (DeFi), a network of financial applications built on top of blockchain networks. DeFi is different from existing financial networks because it is open and programmable, operates without a central authority, and enables customers to offer new methods for payments, investing, lending and trading. As customers build these Ethereum-based applications, they find it complicated and time-consuming to operate and manage their Ethereum infrastructure. Specific concerns include data reliability due to out-of-sync nodes, data storage scaling challenges, and time-sensitive Ethereum software upgrades.

 

Amazon Elasticsearch Service now supports tag-based authorization for configuration APIs

Amazon Elasticsearch Service now supports tag-based authorization for easy management of access to configuration APIs that are used for operations such as creating, modifying, or updating Amazon Elasticsearch Service domains.

 

The AWS Lambda console now features a new navigation design

AWS reorganized features on the console based on key tasks such as, writing code, testing, monitoring and configuring. With this update, we reduced the amount of scrolling needed to access common configuration options by creating a dedicated configuration tab. In addition, the new navigation design orients your work on the Lambda console towards the tasks you want to complete and focuses your work around relevant features. This change will also help you find new features more easily when they are available in the console.
 
 

Amazon EKS now supports adding KMS envelope encryption to existing clusters to enhance security for secrets

Amazon Elastic Kubernetes Service (EKS) now allows you to implement envelope encryption of Kubernetes secrets using AWS Key Management Service (KMS) keys for existing EKS clusters. Envelope encryption adds an addition, customer-managed layer of encryption for application secrets or user data that is stored within a Kubernetes cluster. Implementing envelope encryption is considered a security best practice for applications that store sensitive data and is part of a defense in depth security strategy .


AWS CodePipeline now supports 1000 pipelines per account

Starting today, AWS CodePipeline supports 1,000 pipelines per account by default, an increase from the previous limit of 300. You can request a limit increase beyond 1,000 pipelines per Region/Account through the Support Center Console.

 

Amazon CloudWatch Synthetics now supports cross region bucket access and upgraded dependencies

CloudWatch Synthetics now supports storing your canary run artifacts, including log files, screenshots, and HAR files, in an Amazon Simple Storage Service (S3) bucket in another Region with a new major runtime version, syn-nodejs-puppeteer-3.0. CloudWatch Synthetics now also supports upgraded major versions of the Puppeteer, Chromium, and Node.js dependencies.


Announcing the newly expanded AWS Asia Pacific (Osaka) Region

Posted On: Mar 1, 2021
Amazon Web Services (AWS) is announcing the launch of Asia Pacific (Osaka) as a standard AWS Region, expanding Osaka from its design as a Local Region. The number of Availability Zones (AZs) in Asia Pacific (Osaka) is increasing from one to three, the service portfolio is expanding, and new pricing options are available.
 
Getting_Started_gcp_logo
 

Google Cloud Releases and Updates

 Cloud Composer

Support for the Airflow Role-Based Access Control (RBAC) UI is now generally available.

Cloud Run

Cloud Run reports a new Cloud Monitoring metric: Instance count, which counts the number of container instances that exist, broken down by state (active or idle).

Cloud Run is now available in the following regions:

    • us-west2 (Los Angeles)
    • us-west3 (Salt Lake city)
    • us-west4 (Las Vegas)

Cloud Scheduler

The maximum job size (payload) is now 1 MB total, including ~1KB request overhead.

Cloud Spanner

Cloud Spanner now supports point-in-time recovery (PITR), which lets you recover data from a specific point in time in the past.

You can now optionally receive the mutation count for a transaction in the commit response to optimize the transactions while staying within the mutation count limit. For more information, see Retrieving commit statistics for a transaction.

Cloud SQL for PostgreSQL

PostgreSQL 13.0 is now the default version when you create a new database.

Dataproc

Dataproc 2.0 image version will become a default Dataproc image version in 2 weeks on March 15, 2021.

Dialogflow

Dialogflow now supports VPC Service Controls for both CX and ES agents.

Google Cloud Armor

Google Cloud Armor Managed Protection Plus Tier is in General Availability. Managed Protection Plus Tier offers a monthly subscription that includes all of the features of Standard Tier, and bundles Google Cloud Armor WAF policy, rules, HTTP request usage, and named IP lists.

Identity and Access Management

For workload identity federation, available in beta, you can now use updated client libraries for C++, Go, Java, Node.js, and Python to automatically obtain Google credentials.

Pub/Sub

Pub/Sub message schemas are now available in the Preview launch stage.

Note: This feature release is still in progress. Some regions may not yet have access.

 

Getting_Started_Azure_Logo

Microsoft Azure Releases And Updates

New Simplified NSX networking experience for Azure VMware Solution is GA

 

Azure VMware Solution helps simplify migration to the cloud by running VMware environments natively on Azure. With the new simplified NSX networking experience, it is now easier for VMware administrators to execute networking operations for Azure VMware Solution from the Azure portal.

Azure trusted launch for Virtual Machines now in public preview

Azure offers trusted launch as a seamless way to bolster the security of Generation 2 VMs. Designed to protect against boot kits, rootkits, and kernel-level malware, trusted launch is comprised of secure boot, virtual trusted platform module (vTPM), and boot integrity monitoring

Automatic VM guest patching is now in public preview for Linux VMs

Automatic VM guest patching provides safe and automatic patching for virtual machines to simplify update management and maintain security compliance

Public preview: Azure Purview Resource Set configuration enhancements

You can now customize how Azure Purview Data Catalog assets are grouped into resource sets and are named as well

New orchestration mode for Azure Virtual Machine Scale Sets now in public preview

Increase the availability at scale of business-critical applications with new Azure Virtual Machine Scale Sets features. Simplify workload deployment, management, and scalability with Virtual Machine Scale Sets flexible orchestration mode, now in public preview.

 

Public preview: Register Azure subscriptions and Resource Groups with Azure Purview

Manage your data with greater ease by using Azure Purview to register multiple sources at the same time.

Improve Azure Spot Virtual Machines runtime and simulate evictions with new features in public preview

New Azure Spot Virtual Machines capabilities – ‘try & restore’ and REST APIs to simulate VM evictions - are now in public preview.

General availability: Azure API Management now has named values integration with Azure Key Vault

API Management’s named values can now be stored and managed in Azure Key Vault.

Azure API Management extension for Visual Studio Code now generally available

Perform common management operations on your Azure API Management service instances without switching away from Visual Studio Code.

On-demand capacity reservations in public preview

Reserve compute capacity and obtain a capacity SLA for Azure virtual machine deployments with on-demand capacity reservations.

Generally available: Plan your migration to Azure VMware Solution using Azure Migrate

 

Azure Migrate assessments for Azure VMware Solution with improved node sizing logic is now generally available.

Confidential computing nodes (DCSv2) on Azure Kubernetes Service (AKS) is generally available

 

Confidential computing capability now available on AKS for your container workloads.

Azure Remote Rendering is now generally available

Build immersive mixed reality experiences with Azure Remote Rendering, now generally available. Use it to enable high fidelity 3D visualization of objects and view models with a billion or more polygons without decimation.

Microsoft Power Fx: The open-source low-code programming language is in public preview

Reduce development costs and time using the new public preview features in Microsoft Power Fx.

Multiple new features for Azure VPN Gateway in public preview

Take advantage of multiple new enhancements and features that are now available in Azure VPN Gateway.

Azure Object Anchors is now in public preview

 

In many of today's mixed reality scenarios, there is a need to align digital content with physical objects. Azure Object Anchors, now in preview, eliminates the need for markers or manual holographic alignment within mixed reality applications.

General availability: Application insights no-code enablement on Node.js Linux App Service Environments

Azure Monitor application insights App Service integration on Node.js Linux environments provides no-code enablement of application insights via Azure portal, PowerShell, or ARM Templates.

Public preview: At scale discovery and assessment for SQL Server migration to Azure SQL

Azure Migrate now has unified discovery and assessment for SQL Server natively within the Azure Migrate experience.

UPComing Training & Events: 

Getting_Started_aws_logo    Getting_Started_Azure_Logo      Getting_Started_gcp_logo

 

Four new AWS digital training offerings for AWS End User Computing

 

AWS introduced four new digital training offerings that help you learn how to plan, deploy, secure, and manage cloud-based desktops and applications. The offerings are designed for desktop or virtual desktop infrastructure managers, IT administrators, and technical professionals interested in cloud-based virtualization. These free self-paced courses and curriculums include presentations, interactive e-learning modules, videos, demonstrations, and quizzes.

 

New digital curriculum: Managing Amazon S3

AWS were excited to announce a free new digital curriculum: Managing Amazon Simple Storage Service. This advanced 150-minute curriculum covers techniques to simplify the management of Amazon S3 storage. Designed for cloud architects, storage architects, developers, and operations engineers, it includes interactive lessons, video demonstrations, a self-paced lab, and quizzes. The self-paced lab costs up to 15 USD per lab (this cost is not included with free digital training on aws.training).

 

New digital class and lab on DevOps on AWS

AWS are excited to announce the launch of their new digital course, Getting Started with DevOps on AWS, together with the optional Getting Started with DevOps on AWS self-paced lab. This course explores the basics of developing, delivering, and maintaining high-quality secure applications and services at high velocity on AWS. The course covers the philosophies, practices, and tools used to implement a DevOps environment on AWS, while the lab gives you practical experience with the technologies discussed in the course.

 

Updated digital course on Coursera and edX - AWS Cloud Practitioner Essentials

AWS Training and Certification were excited to announce the launch of the updated AWS Cloud Practitioner Essentials digital course on Coursera and edX. If you’re new to the cloud or in a technical or non-technical role such as finance, legal, sales, or marketing, this course provides you with an understanding of fundamental AWS Cloud concepts to help you gain the confidence to contribute to your organization’s cloud initiatives.

 

Azure Virtual Events

Microsoft have a full schedule of Virtual Events

A  full list including session times and details are here :  Azure Events

AWS Events:

AWS events are pretty fluid at the moment, with most in-person events being cancelled or postponed. There are a number that have been taken online and full details can be found here: AWS Events


Thanks for reading again this week, we hope you found something useful. 

hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.

If you haven't opened a free hava.io account to see what the GCP, Azure and AWS automated diagram generator can do for your workflow, security and compliance needs, you can below - if you have questions, please get in touch. 

You can reach us on chat, email sales@hava.io to book a callback or demo.

 

Learn More!

 

 

Topics: aws azure gcp news
Team Hava

Written by Team Hava

The Hava content team

Featured