Hello Cloudlandia, here's this week's round up of everything that's happening in cloud computing. Obviously there's only one subject drowning out all social media channels, so we promise this post has no mention of working from home tips, or how far a sneeze travels.
Against the tide of gloomy business news, there's a lot of increased internet traffic, organisations waiving course and training fees and a lot of online retailers setting unprecedented sales records. Many retailers and SaaS vendors are cloud based so we can imagine there are some very busy DevOps teams out there (Zoom, Jira, Skype et al), even if they are attending morning stand-ups in their pyjamas.
If you are new to Hava, we build GCP, Azure and AWS Diagram tools.
Until next week - Enjoy.
Azure March 2020 Billing Updates
Microsoft announced a raft of billing improvements this week including:
Read more about the changes here:
Amazon FSx for Windows File Server launches the lowest cost file storage in the cloud for Windows workloads at 1.3 cents per GB-month
Amazon FSx for Windows File Server announces a hard disk drive (HDD) storage option that provides highly available and durable file storage at a price of 1.3 cents per GB-month (in the US-East, N. Virginia Region). For customers who require file systems that span multiple Availability Zones, HDD storage is available at 2.5 cents per GB-month. Combined with Amazon FSx’s support for data deduplication, you can achieve an effective cost of less than 1 cent per GB-month.
Amazon DocumentDB (with MongoDB compatibility) Adds Support for Role-Based Access Control
Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. Amazon DocumentDB makes it easy and intuitive to store, query, and index JSON data.
This week, Amazon DocumentDB added support for Role-based Access Control (RBAC). RBAC gives you the ability to create users and attach built-in roles to restrict what operations the user has authorization to perform. Common scenarios for using RBAC include enforcing least privilege such as a read-only role, or building a multi-tenant application where each tenant is restricted to accessing a single database in the cluster. As part of this launch, we also increased the number of users per cluster by 10x to 1000.
To learn more about RBAC in Amazon DocumentDB, check out their blog post and the documentation. To learn more about Amazon DocumentDB, see Ramping up on Amazon DocumentDB (with MongoDB compatibility).
Protect users in your GCP apps with MFA
These days, using a password alone to secure user accounts containing sensitive, identifiable, or private information just isn’t sufficient. Passwords are often subject to reuse and can easily be phished and stolen.
With this in mind, Google recently teamed up with researchers from New York University and the University of California, San Diego to find out just how effective basic account hygiene is at preventing account takeovers. The research showed that simply adding a SMS as a second factor to a Google account can block up to 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks that occurred during the investigation.
To help you enhance the security of your apps and protect your users, Identity Platform now supports multi-factor authentication (MFA) with SMS in beta.
New Quick Start deploys AWS Database Migration Service Automation Framework
This Amazon Web Services (AWS) Quick Start deploys AWS Database Migration Service (AWS DMS) Automation Framework on the AWS Cloud in about 30 minutes. This Quick Start is for users who currently do one of the following:
You can use this Quick Start as a building block in the entire migration process.
This deployment includes AWS CodePipeline, which isn’t currently supported in all AWS Regions. For a current list of supported Regions, see Service Endpoints and Quotas in the AWS documentation.
Azure Container Registry Private Link support preview for virtual networks
Azure Container Registry announced preview support for Azure Private Link, a means to limit network traffic of resources within the Azure network.
With Private Link, the registry endpoints are assigned private IP addresses, routing traffic within a customer-defined virtual network. Private network support has been one of the top customer asks, allowing customers to benefit from the Azure management of their registry while benefiting from tightly controlled network ingress and egress.
The top four cloud IT security misconfigurations and how to fix them
Glen Maloney writes in IT Brief NZ highlighting four areas that are commonly overlooked when configuring cloud infrastructure.
Keep your cloud deployments secure during challenging times of an increased distributed workforce
As the world comes together to combat COVID-19, and remote work becomes a critical capability for many companies, customers have asked us how to best maintain the security posture of their cloud assets while enabling more remote workers to access them.
Misconfiguration of cloud security controls has been at the root of several recent data breaches, so it’s extremely important to continue monitoring your security posture as usage of cloud assets increases.
To help you prioritize the actions that you need to take, Yuri Diogenes a Senior Program Manager at Microsoft lists three common scenarios for remote workers and how to leverage Azure Security Center security controls to prioritize relevant recommendations for these scenarios:
Azure Managed Disks now have Incremental Snapshots
We're announcing the general availability of incremental snapshots of Azure Managed Disks. Incremental snapshots are a cost-effective, point-in-time backup of managed disks. Unlike current snapshots, which are billed for the full size, incremental snapshots are billed for the delta changes to disks since the last snapshot and are always stored on the most cost-effective storage, Standard HDD storage irrespective of the storage type of the parent disks. For additional reliability, incremental snapshots are stored on Zone Redundant Storage (ZRS) by default in regions that support ZRS.
Amazon Redshift now recommends sort keys for improved query performance
Amazon Redshift Advisor now recommends sort keys for frequently queried tables. With the ALTER TABLE command, you can add and change sort keys of existing Redshift tables without having to re-create the tables and without impacting concurrent read or write queries.
Choosing the most appropriate sort key for a table accelerates the performance of queries, especially those with range-restricted predicates, by requiring less data to be read from disk. Advisor can now determine the sort key for a table by analyzing the query history each table, eliminating the need to define a sort key in advance.
Advisor is like a personal database assistant that generates tailored recommendations related to database operations and cluster configuration based on analyzing your cluster's performance and usage metrics. Advisor is accessible via the left-hand navigation menu on your Amazon Redshift console. On the Advisor page, simply select the cluster for which you want to see recommendations. Advisor only displays recommendations that will improve overall query performance of your workload. Advisor refreshes recommendations regularly and once it determines that a recommendation has been addressed, it will remove it from the recommendations list. For more information, see Working with Recommendations from Amazon Redshift Advisor.
Sort key recommendation is now available with the Amazon Redshift release version 1.0.12911 or higher in US East (N. Virginia), US West (N. California, Oregon), EU (Frankfurt, Ireland), and Asia Pacific (Seoul, Singapore, Sydney, Tokyo).
What is Microsoft Azure Sphere? Everything you need to know.
Techrepublic explore how Microsoft plans to lock down IoT with it's own Linux.
The Internet of Things (IoT) is very much a modern Wild West. Devices are connected to networks without considering security, offering bad actors a tempting gateway into your systems. What's more, those devices are rarely updated, running the same insecure firmware as the day they were deployed. That makes it a matter of when, not if, you get compromised.
How can we secure devices and make sure they stay secure? That's where Azure Sphere -- Microsoft's defence-in-depth IoT platform that mixes hardware, software, and the cloud to protect your devices and your network -- comes in.
WFH routines speed up the shift to cloud-computing services.
We're pretty sure Atlassian, Zoom, Slack and most online collaboration SaaS vendors are pretty busy at the moment. Brad Slingerlend from Marketwatch seems to agree in his opinion piece.
Register for this free, 60-minute online event to learn about strategies, insights, and technologies to optimize your hybrid cloud across on-premises, multicloud, and the edge. And, be among the first to hear about the latest innovations in Azure Arc and Azure Stack—two game-changing hybrid cloud offerings from Microsoft.
Join live and learn about:
You’ll also get to ask experts your questions about hybrid cloud during the live Q&A.
Where: Sydney AU
When : 6-7th April 2020
For the first time HashiDays is coming to APAC: get ready for HashiDays Sydney at the Roslyn Packer Theatre on 7 April.
However - there's a Virtual Day being held instead on the 7th of April: https://www.hashicorp.com/webinars/hashicorp-virtualdays-apac-april2020/
Redhat Virtual Summit
When: April 28-29
When: May 28
Think 2020 IBM
When: May 5-7
Cloud Data Summit North America
When: May 26-27
Where: Darling Harbour Sydney AU ** Cancelled **
When : Mar 31 - Apr 2 2020
AWS Summits were happening all over the globe - however due to the COVID-19 health warnings, it looks like all events in the AWS Summit lineup have been cancelled.
|Brussels, Belgium||April 2, 2020 ** Cancelled **|
|Amsterdam, Netherlands||April 8, 2020 ** Cancelled **|
|Mumbai, India||April 8, 2020 ** Cancelled **|
|San Francisco, CA USA||April 14, 2020 ** Cancelled **|
|Singapore||April 15, 2020 ** Cancelled **|
|Seoul, South Korea||April 16, 2020 ** Cancelled **|
|London, UK||April 29, 2020 ** Cancelled **|
If you need a fix of AWS goodness, there is an extensive program of online tech talks scheduled:
Join AWS for live, online presentations led by AWS solutions architects and engineers. AWS Online Tech Talks cover a range of topics and expertise levels, and feature technical deep dives, demonstrations, customer examples, and live Q&A with AWS experts.
Note – All sessions are free and in Pacific Time. Can’t join them live? Access webinar recordings and slides on the On-Demand Portal.
Tech talks this month, by category, are:
March 30, 2020 | 9:00 AM – 10:00 AM PT – Optimizing Lambda Performance for Your Serverless Applications – Learn how to optimize the performance of your Lambda functions through new features like improved VPC networking and Provisioned Concurrency.
March 30, 2020 | 11:00 AM – 12:00 PM PT – Protecting Your Web Application Using AWS Managed Rules for AWS WAF – Learn about the new AWS WAF experience and how you can leverage AWS Managed Rules to protect your web application.
March 30, 2020 | 1:00 PM – 2:00 PM PT – Migrating ASP.NET applications to AWS with Windows Web Application Migration Assistant – Join this tech talk to learn how to migrate ASP.NET web applications into a fully managed AWS Elastic Beanstalk environment.
March 31, 2020 | 9:00 AM – 10:00 AM PT – Forrester Explains the Total Economic Impact™ of Working with AWS Managed Services – Learn about the 243% ROI your organization could expect from an investment in AWS Managed Services from the Forrester Total Economic Impact™ study.
March 31, 2020 | 11:00 AM – 12:00 PM PT – Getting Started with AWS IoT Greengrass Solution Accelerators for Edge Computing – Learn how you can use AWS IoT Greengrass Solution Accelerators to quickly build solutions for industrial, consumer, and commercial use cases.
March 31, 2020 | 1:00 PM – 2:00 PM PT – A Customer’s Perspective on Building an Event-Triggered System-of-Record Application with Amazon QLDB – UK’s Dept. of Vehicle and Licensing shares its perspective on building an Event-triggered System of Record Application with Amazon QLDB.
April 1, 2020 | 9:00 AM – 10:00 AM PT – Containers for Game Development – Learn the basic architectures for utilizing containers and how to operate your environment, helping you seamlessly scale and save cost while building your game backend on AWS.
April 1, 2020 | 11:00 AM – 12:00 PM PT – Friends Don’t Let Friends Manage Data Streaming Infrastructure – Eliminate the headaches of managing your streaming data infrastructure with fully managed AWS services for Apache Kafka and Apache Flink.
April 2, 2020 | 9:00 AM – 10:00 AM PT – How to Train and Tune Your Models with Amazon SageMaker – Learn how Amazon SageMaker provides everything you need to tune and debug models and execute training experiments.
April 2, 2020 | 11:00 AM – 12:00 PM PT – Enterprise Transformation: Migration and Modernization Demystified – Learn how to lead your business transformation while executing cloud migrations and modernizations.
April 2, 2020 | 1:00 PM – 2:00 PM PT – How to Build Scalable Web Based Applications for Less with Amazon EC2 Spot Instances – Learn how you can scale and optimize web based applications running on Amazon EC2 for cost and performance, all while handling peak demand.
April 3, 2020 | 9:00 AM – 10:00 AM PT – Migrating File Data to AWS: Demo & Technical Guidance – In this tech talk, we’ll touch upon AWS storage destination services in brief, and demo how you can use AWS DataSync and AWS Storage Gateway to easily and securely move your file data into AWS for file services, processing, analytics, machine learning, and archiving, as well as providing on-premises access where needed.
April 3, 2020 | 11:00 AM – 12:00 PM PT – Building Real-Time Audio and Video Calling in Your Applications with the Amazon Chime SDK – Learn how to quickly build real-time communication capabilities in your own applications for engaging customer experiences.
Some are going ahead, but we'd suggest contacting the organisers before putting any concrete plans in place.
Thanks for reading, we hope you found something useful. Talking of useful:
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what it can do for your workflow, security and compliance needs - please get in touch.
You can reach us on chat, email firstname.lastname@example.org or book a callback or demo below.