Happy Friday the 13th cloud nation. We hope you're observing the world contemplating self imposed isolation, not mixing with people, locking themselves away in small rooms with only a computer and internet connection for survival. It's like everyone just became IT consultants!
Still there's been plenty going on in cloud land, some major releases and lots of event cancellations, but first we spotted this great article on a subject close to our hearts from IDG's CSO enterprise security content.
If this is the first time you have discovered Hava, we help you automatically generate network topology diagrams for AWS, GCP, and Azure.
How to write an effective information security policy
An information security policy is the foundation of an enterprise security program, ideally establishing in clear language what the organization expects from its security operations based on both its tolerance for risk and on its regulatory obligations.
Yet security advisers say many organizations fail to give adequate attention to writing and maintaining strong information security policies, instead filling in blanks on generic templates and filing them away.....
https://www.csoonline.com/article/3528773/how-to-write-an-effective-information-security-policy.html
AWS Launch Bottlerocket - Open Source OS for Container Hosting
" It is safe to say that our industry has decided that containers are now the chosen way to package and scale applications. Our customers are making great use of Amazon ECS and Amazon EKS, with over 80% of all cloud-based containers running on AWS.
Container-based environments lend themselves to easy scale-out, and customers can run host environments that encompass hundreds or thousands of instances. At this scale, several challenges arise with the host operating system. For example:
Security – Installing extra packages simply to satisfy dependencies can increase the attack surface.
Updates – Traditional package-based update systems and mechanisms are complex and error prone, and can have issues with dependencies.
Overhead – Extra, unnecessary packages consume disk space and compute cycles, and also increase startup time.
Drift – Inconsistent packages and configurations can damage the integrity of a cluster over time.
Introducing Bottlerocket
Today I would like to tell you about Bottlerocket, a new Linux-based open source operating system that we designed and optimized specifically for use as a container host. "
https://aws.amazon.com/blogs/aws/bottlerocket-open-source-os-for-container-hosting/
Delloitte's Cloud Computing Guru David Linthicum considers in his regular Inforworld column:
3 cloud architecture problems that need solutions
"For the most part, cloud architecture is not that exciting. By now we know basically what works, what does not, and the process to get to the right target architecture. This means both the meta or logical architecture and added technology to get to the physical architecture.
Although we know the best patterns for most of what cloud architecture requires, some problems are still being debated. No de facto solution or best practice has emerged yet. Here are my top three:" -
https://www.infoworld.com/article/3531630/3-cloud-architecture-problems-that-need-solutions.html
Google introduces Cloud AI Platform Pipelines
"When you're just prototyping a machine learning (ML) model in a notebook, it can seem fairly straightforward. But when you need to start paying attention to the other pieces required to make a ML workflow sustainable and scalable, things become more complex. A machine learning workflow can involve many steps with dependencies on each other, from data preparation and analysis, to training, to evaluation, to deployment, and more. It’s hard to compose and track these processes in an ad-hoc manner—for example, in a set of notebooks or scripts—and things like auditing and reproducibility become increasingly problematic.
Today, we’re announcing the beta launch of Cloud AI Platform Pipelines. Cloud AI Platform Pipelines provides a way to deploy robust, repeatable machine learning pipelines along with monitoring, auditing, version tracking, and reproducibility, and delivers an enterprise-ready, easy to install, secure execution environment for your ML workflows."
https://cloud.google.com/blog/products/ai-machine-learning/introducing-cloud-ai-platform-pipelines
Host Your Apps with AWS Amplify Console from AWS Amplify CLI
Have you tried out AWS Amplify and AWS Amplify Console yet? In my opinion, they provide one of the fastest ways to get a new web application from idea to prototype on AWS. So what are they? AWS Amplify is an opinionated framework for building modern applications, with a toolchain for easily adding services like authentication (via Amazon Cognito) or storage (via Amazon Simple Storage Service (S3)) or GraphQL APIs, all via a command-line interface. AWS Amplify Console makes continuous deployment and hosting for your modern web apps easy. It supports hosting the frontend and backend assets for single page app (SPA) frameworks including React, Angular, Vue.js, Ionic, and Ember. It also supports static site generators like Gatsby, Eleventy, Hugo, VuePress, and Jekyll.
With today’s launch, hosting options available from the AWS Amplify CLI now include Amplify Console in addition to S3 and Amazon CloudFront. By using Amplify Console, you can take advantage of features like continuous deployment, instant cache invalidation, custom redirects, and simple configuration of custom domains.
https://aws.amazon.com/blogs/aws/host-your-apps-with-aws-amplify-console-from-the-aws-amplify-cli/
GCP Compute Engine instance creation made easy with machine images
Google were pleased to introduce machine images, a new type of Compute Engine resource that contains all the information you need to create, backup or restore a virtual machine, reducing the amount of time you spend managing your environment.
If you administer applications that run on Compute Engine, you probably spend a lot of time creating images that you can use to create new instances. But even though Compute Engine features like custom images capture necessary information like disk data, you still need to manually capture instance configuration and metadata to create a new virtual machine. Machine images eliminates these extra steps and streamlines your operations.
https://cloud.google.com/blog/products/compute/compute-engine-gets-machine-images
AWS CodeCommit Introduces git-remote-codecommit, a New Git Credential Helper
AWS CodeCommit, a fully-managed source control service, released a new Git remote helper that supports customers using CodeCommit with multiple accounts, or with short-lived credentials. This remote helper, git-remote-codecommit, uses the profile information configured for the AWS CLI. It also introduces a new protocol (codecommit://) that enables a URL pattern that uniquely identifies CodeCommit repositories.
The AWS CodeCommit remote helper provides better integration with the AWS CLI profiles. The remote helper does not require adding configuration to the gitconfig file. This release provides a more robust option for customers who previously used the credential helper included with the AWS CLI.
https://aws.amazon.com/about-aws/whats-new/2020/03/aws-codecommit-introduces-open-source-remote-helper/
Create deployment pipelines for GKE workloads in a few clicks
"With Kubernetes becoming the de facto standard for container orchestration, many development teams are looking to build, test, and deploy code quickly in a frictionless manner to Kubernetes. Traditional continuous integration and continuous delivery (CI/CD) tools not designed for cloud-native environments often fall short as developers spend many hours looking for best practices to automate deployments, scaling pipelines, and worrying about other implementation details.
For teams just getting started with Kubernetes, a bunch of time-consuming, error-prone chores further complicate these efforts. These steps include creating configuration files for the application, setting up a CI/CD server, ensuring configuration files are updated, or deploying images with correct credentials to a Kubernetes cluster. Not surprisingly, it’s easy to get frustrated. You’d rather spend time writing code, than worrying about these steps or what the right pipeline looks like for a specific environment. And even when CI/CD pipelines are set up, they are way too complex, and scripts keep being added over time.
To help you overcome these problems with continuous delivery, we’re pleased to announce an automated deployment feature that lets you create continuous delivery pipelines for Google Kubernetes Engine (GKE) in a few clicks."
Azure Monitor Application Insights now supports Python
Azure Monitor now supports distributed tracing, metric collection, and logging of Python applications through integration with OpenCensus.
Amazon Cloudwatch now allows you to combine multiple alarms
With Amazon CloudWatch composite alarms, you can now combine multiple alarms to reduce alarm noise and focus on critical operational issues. You can easily combine multiple alarms together into alarm hierarchies that only trigger once when multiple alarms fire at the same time. This helps you stay focused on finding the root cause of operational issues to reduce system and application downtime.
CloudWatch composite alarms can provide an overall state for a grouping of resources like an application, AWS Region, or Availability Zone. This helps you focus on a smaller number of alarm signals which aggregate impact from all parts of your system or application. If an application issue affects several resources in the application, you will receive a single alarm notification for the entire application instead of one for each affected service component or resource.
Register for this free, 60-minute online event to learn about strategies, insights, and technologies to optimize your hybrid cloud across on-premises, multicloud, and the edge. And, be among the first to hear about the latest innovations in Azure Arc and Azure Stack—two game-changing hybrid cloud offerings from Microsoft.
Join live and learn about:
You’ll also get to ask experts your questions about hybrid cloud during the live Q&A.
https://info.microsoft.com/ww-registration-azure-hybrid-virtual-event.html
Where: Sydney AU
When : 6-7th April 2020
For the first time HashiDays is coming to APAC: get ready for HashiDays Sydney at the Roslyn Packer Theatre on 7 April.
https://hashidays.com/
However - there's a Virtual Day being held instead on the 7th of April: https://www.hashicorp.com/webinars/hashicorp-virtualdays-apac-april2020/
DevOps Talks Conference (DOTC) attracts leaders and engineers who are practicing DevOps in startups and leading-edge enterprise companies. World-class speakers from cutting-edge IT startups and enterprises such as CHEF, AWS, Google, ANZ, NAB present about DevOps, Cyber Security, Containers, Cloud, Serverless, SRE, Blockchain, ChatOps and other advanced High Tech subjects and technologies.
Praised by several articles as being one of the best DevOps Conferences, including two consecutive years by Tech Beacon: “The Best DevOps Conferences of 2019”. Similarly, they were featured by the Net Guru as one of the “17 Must Attend Devops Conferences in 2019”, and HPE’s “16 Devops and System Admin Conferences Worth Your Attention in 2019”.
Some of their previous presentations are available on DevOps Talks Channel,
DevOps Talks Conference, 19-20 March, 2020 Melbourne, Australia
The Melbourne conference will be held at the Melbourne Convention and Exhibition Centre and workshops will take place on 18th March 2020.
DevOps Talks Conference, 24-25 March, 2020, Auckland, New Zealand
The Auckland conference will be held at the Stamford Plaza Auckland and workshops will take place on 23rd March 2020.
For more details please refer to their website: https://devops.talksplus.com/
Where: Darling Harbour Sydney AU ** Cancelled **
When : Mar 31 - Apr 2 2020
AWS Summits were happening all over the globe - however due to the COVID-19 health warnings, it looks like all events in the AWS Summit lineup have been cancelled.
| Location | Date |
| Paris, France | March 17, 2020 ** Cancelled ** |
| Dubai UAE | March 24, 2020 ** Cancelled ** |
| Brussels, Belgium | April 2, 2020 ** Cancelled ** |
| Amsterdam, Netherlands | April 8, 2020 ** Cancelled ** |
| Mumbai, India | April 8, 2020 ** Cancelled ** |
| San Francisco, CA USA | April 14, 2020 ** Cancelled ** |
| Singapore | April 15, 2020 ** Cancelled ** |
| Seoul, South Korea | April 16, 2020 ** Cancelled ** |
| London, UK | April 29, 2020 ** Cancelled ** |
Online AWSome Days: 19th March 2020
AWS experts are there to help accelerate your cloud journey, get up and running with AWS services fast and start adding value to your business as soon as possible. All you need to do is register to attend the free, AWSome Day Online Conference on 19.03.20!
Content will be available in English, French, Spanish, Italian, German and Hebrew.
AWSome Day attendees will receive free, step-by-step introductions and training on core AWS services for compute, storage, database and networking. Plus, they'll share best practices for architecting and cost optimization.
AWS technical experts will provide detailed explanations of key service features, share real-world use cases, walk through technical demos, and be available to answer all your questions live.
https://pages.awscloud.com/EMEA-AWSome-Day-Online-Conference-2020.html
Source : https://azure.microsoft.com/en-us/community/events/
Some are going ahead, but we'd suggest contacting the organisers before putting any concrete plans in place.
Thanks for reading, we hope you found something useful. Talking of useful:
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what it can do for your workflow, security and compliance needs - please get in touch.