This week's roundup of all the cloud news.
Here's a cloud round up of all things Hava, GCP, Azure and AWS for the week ending Friday 27th May 2022.
This week saw the release of EKS auto imports. When AWS EKS clusters are connected to Hava a new auto generated EKS diagram is produced.
To stay in the loop, make sure you subscribe using the box on the right of this page.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
Source: aws.amazon.com
Amazon Lightsail containers now supports deploying images from Amazon ECR private repositories
Amazon Lightsail now supports creating deployments for Lightsail container services using the container images on Amazon ECR private repositories. This launch will enable you to run containers with the simplified experience of Lightsail while utilizing the images you may already have in your private ECR repositories, thus enabling greater portability.
With just a few clicks, you will be able to create a trust relationship between your Lightsail container service and an Amazon ECR private repository in your AWS account, pick the container images and deploy them on your Lightsail container service, all without leaving the Lightsail console. There is no additional cost for using this feature on Lightsail. The usual cost for storing and using your images in Amazon ECR will apply. Lightsail already supports utilizing public images from sources like ECR public and DockerHub without having to link your private repositories and also the ability to upload container images directly to a container service at no extra cost.
Announcing preview of Amazon EC2 P4de GPU instances for ML training and HPC
AWS are excited to announce preview of Amazon EC2 P4de instances, these latest GPU-based instances provide the highest performance for machine learning (ML) training and High-Performance Computing (HPC) applications such as object detection, semantic segmentation, natural language processing, recommender systems, seismic analysis, and computational fluid dynamics.
P4de instances are powered by 8 NVIDIA A100 GPUs with 80GB high-performance HBM2e GPU memory, 2X higher than the GPUs in our current P4d instances. The new P4de instances provide a total of 640GB of GPU memory, which provide up to 60% better ML training performance along with 20% lower cost to train when compared to P4d instances. The improved performance will allow customers to reduce model training times and accelerate time to market. Increased GPU memory on P4de will also benefit workloads that need to train on large datasets of high-resolution data.
Amazon ElastiCache now supports Memcached 1.6.12
Amazon ElastiCache for Memcached has added support for Memcached version 1.6.12. This version is a cumulative update and contains all changes and improvements between version 1.6.6 to 1.6.12.
For the full list of improvements and bug fixes in Amazon ElastiCache for Memcached 1.6.12, see the release notes. You can create an Amazon ElastiCache cluster with Memcached 1.6.12 using the AWS Management Console, AWS CLI or the AWS SDK.
Memcached version 1.6.12 is now available in all AWS public and AWS GovCloud (US) Regions.
AWS Launch Wizard now supports SQL Server deployments using Amazon FSx for NetApp ONTAP
AWS Launch Wizard announces support for SQL Server Always On Failover Cluster Instances (FCI) with Amazon FSx for NetApp ONTAP. Now you can use a simple console wizard to deploy SQL Server FCI on Amazon EC2 with FSx for NetApp ONTAP as the shared storage. This feature will save you time and effort replacing a complex manual deployment process with a simple to use, guided wizard that accelerates the migration of your on-premises SQL Server workloads that rely on shared storage.
AWS Launch Wizard enables you to easily size, configure, and deploy SQL Server workloads on EC2. Customers choose SQL Server FCI for high availability because of its license-cost efficiency and simplified administration. FSx for NetApp ONTAP provides fully managed shared storage with the popular data access and management capabilities of ONTAP. You can now choose FSx for NetApp ONTAS as the FCI shared storage option in the Launch Wizard console. In addition, you can enable one-click monitoring of SQL Server with CloudWatch Application Insights to simplify post-deployment configuration. You can also choose to save the CloudFormation templates and associated configuration scripts to your Amazon S3 bucket for repeated deployments.
Introducing Amazon EC2 M6id instances
Amazon Web Services (AWS) announced the general availability of new general purpose Amazon Elastic Compute Cloud (Amazon EC2) M6id instances. M6id instances are powered by third generation Intel Xeon Scalable processors (code name Ice Lake) with an all-core turbo frequency of 3.5 GHz, equipped with up to 7.6 TB of local NVMe-based solid state disk (SSD) block-level storage, and deliver up to 15% better price performance compared to M5d instances.
Compared to previous generation instances, M6id instances offer up to 58% higher TB storage per vCPU and 34% lower cost per TB. M6id instances also come with always-on memory encryption by using Intel Total Memory Encryption (TME). Like all modern EC2 instances, M6id instances are built on AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers most of the compute and memory resources of the host hardware to your instances. M6id instances are ideal for workloads that require a balance of compute and memory resources along with high-speed, low-latency local block storage, including data logging and media processing. M6id instances will also benefit applications that need temporary storage of data, such as batch and log processing, and applications that need caches and scratch files.
To meet AWS customer demands for increased scalability, M6id instances provide a new instance size (32xlarge), with 128 vCPUs and 512 GiB of memory (both 33% more than the largest previous generation instances), and up to 20% higher-memory bandwidth per vCPU compared to previous generation instances. M6id instances also provide customers up to 50 Gbps of networking speed and 40 Gbps of bandwidth to Amazon Elastic Block Store, twice that of comparable previous generation instances.
Amazon ElastiCache for Memcached now supports encryption of data in transit
Amazon ElastiCache for Memcached now supports encryption of data in transit using Transport Layer Security (TLS) version 1.2. When using encryption in transit, all network traffic between your clients and Memcached cluster are encrypted.
You can easily set up in-transit encryption by enabling it when creating your Memcached cluster via the AWS Management Console, AWS CLI, or the AWS SDK. ElastiCache automatically manages the issuance, renewal, and expiration of your TLS certificates. TLS support was also added for Memcached PHP and Java clients, both available for download from the AWS Management Console for ElastiCache.
Introducing Amazon EC2 C6id instances
Amazon Web Services (AWS) announced the general availability of the new compute optimized Amazon Elastic Compute Cloud (Amazon EC2) C6id instances. C6id instances are powered by third generation Intel Xeon Scalable processors (code name Ice Lake) with an all-core turbo frequency of 3.5 GHz, equipped with up to 7.6 TB of local NVMe-based solid state drive (SSD) block level storage, and deliver up to 15% better price performance compared to C5d instances. Compared to previous generation instances, C6id instances offer up to 138% higher TB storage per vCPU and 56% lower cost per TB. C6id instances also come with always-on memory encryption by using Intel Total Memory Encryption (TME). Like all modern EC2 instances, C6id instances are built on AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers most of the compute and memory resources of the host hardware to your instances. C6id instances are ideal for compute-intensive workloads, including those that need access to high-speed, low-latency local storage, such as video encoding, image manipulation, and other forms of media processing. C6id instances will also benefit applications that need temporary storage of data, such as batch and log processing, and applications that need caches and scratch files.
AWS Backup Audit Manager adds support for Amazon S3 and AWS Storage Gateway
AWS Backup Audit Manager now allows you to audit and report on the compliance of your data protection policies for Amazon S3 and AWS Storage Gateway. Using AWS Backup Audit Manager, you can now continuously evaluate the backup activity of your Amazon S3 and AWS Storage Gateway resources and generate audit reports that can help you demonstrate compliance with organizational best practices or regulatory standards.
AWS Backup Audit Manager provides automated alerting that you can now use to identify your Amazon S3 and AWS Storage Gateway resources that are not attached to a backup plan, audit whether your backups are immutable using AWS Backup Vault Lock’s WORM (write-once, read-many) capabilities, and track whether your AWS Storage Gateway backups are protected by storing separable copies across AWS Regions and AWS accounts. You can use AWS Backup Audit Manager’s automated alerting to detect violations of your organizational data protection policies and take corrective actions to meet your business continuity and compliance needs.
AWS IoT Device Management increases Active Jobs Limit to 100k per AWS account per region
AWS were excited to announce that AWS IoT Device Management customers will now be able to create up to 100,000 Active Jobs per AWS account per region. The prior limit was 1,000 Active Jobs per AWS account per region. This new limit will apply to the total number of Jobs created - both continuous and snapshot jobs. Customers that require a large number of Active Jobs - for example, to apply bespoke configurations to thousands of individual targets in parallel – are now unblocked by this upgrade.
Amazon EC2 Hpc6a instances now available in additional regions
Starting this week, Amazon Web Services (AWS) announced general availability of Amazon EC2 Hpc6a instances in additional regions. These instances are optimized to efficiently run compute-intensive, high performance computing workloads, such as computational fluid dynamics, reservoir modeling, weather simulations, and finite element analysis. Hpc6a instances offer up to 65% better price performance over comparable Amazon EC2 x86 based, compute-optimized instances. With Hpc6a instances, you can significantly lower the cost of your HPC workloads, while taking advantage of the elasticity and scalability of AWS.
AWS Config supports Amazon CloudWatch metrics
This week, AWS are announcing the availability of Amazon CloudWatch metrics for usage monitoring on AWS Config. AWS Config tracks changes made to supported resources and records them as configuration items (CIs), which are then delivered to an Amazon Simple Storage Service (Amazon S3) bucket. Amazon CloudWatch metrics is a monitoring service which provides data about the usage of your systems, including the ability to search, graph, and build alarms on metrics about AWS resources. With this release, you can now use Amazon CloudWatch metrics to verify your setup and understand your usage of AWS Config.
To help you gain insight into your cloud environment, AWS Config now captures several usage metrics relating to your resources, such as the number of CIs recorded by resource type, the number of failed configuration history exports to your Amazon S3 buckets, and the number of times AWS Config recording received permissions errors from AWS Identity Access and Management (IAM). With these metrics, you can identify which resource types generated the most changes in your account and verify that your configuration recording is set up correctly. To visualize these metrics, Amazon CloudWatch dashboards are now available by default in the AWS Config console. They are also viewable in the Amazon CloudWatch metrics console, where you can set up Amazon CloudWatch alarms.
Amazon Connect Customer Profiles launches in Africa (Cape Town)
Amazon Connect now allows you to use Amazon Connect Customer Profiles in the Africa (Cape Town) AWS region. When a customer contacts your customer service department, you can now provide your agents and interactive voice response (IVR) solutions with up to date information about the customer, enabling faster and more personalized customer service. Customer Profiles brings together customer information (e.g, address, purchase history, contact history) from multiple applications such as Salesforce, Amazon S3, and ServiceNow into a unified customer profile.
Amazon FSx for Lustre now supports root squash
Amazon FSx for Lustre, a service that provides cost-effective, high-performance, and scalable file storage for compute workloads, now supports root squash. This administrative feature adds an additional layer of file access control on top of the current network-based access control and POSIX file permissions that FSx for Lustre provides. Using the root squash feature, you can restrict root level file system access from clients that access an FSx for Lustre file system as root.
Announcing JSON support for Amazon ElastiCache for Redis and Amazon MemoryDB for Redis
Amazon ElastiCache for Redis and Amazon MemoryDB for Redis now support natively storing and accessing data in the JavaScript Object Notation (JSON) format. With this launch, application developers can effortlessly store, fetch, and update their JSON data inside Redis without needing to manage custom code for serialization and deserialization. Using ElastiCache and MemoryDB, you can now efficiently retrieve and update specific portions of a JSON document without needing to manipulate the entire object, which can help improve performance and help reduce cost. You can also search your JSON document contents using the JSONPath query syntax.
Two new storage locations available for AWS DataSync
This week, AWS are announcing the general availability of two additional storage locations for AWS DataSync, an online data movement service that makes it easy to sync your data both into and out of the AWS Cloud. This release expands the number of supported storage locations from 10 to 12, spanning on-premises, edge, and other cloud storage services. With DataSync, you can quickly and securely access your data across various storage locations and move it to AWS to support your workflows, processing, and data retention needs, as well as share and exchange data across more locations.
With this release, DataSync now supports Google Cloud Storage and Azure Files storage locations in addition to Network File System (NFS) shares, Server Message Block (SMB) shares, Hadoop Distributed File Systems (HDFS), self-managed object storage, AWS Snowcone, Amazon Simple Storage Service (Amazon S3), Amazon Elastic File System (Amazon EFS), Amazon FSx for Windows File Server, Amazon FSx for Lustre, and Amazon FSx for OpenZFS.
Amazon Managed Grafana now supports a new API for creating Grafana API tokens, as well as support for new plugins, Grafana version 8.4, and workspace tags. With CreateWorkspaceApiKey, customers can create Grafana API tokens without having to log into the Grafana workspace console, enabling users to programmatically create, delete, and manage Grafana resources such as dashboards, alerts, and data sources.
Amazon Managed Grafana adds support for Github, Moogsoft, Pixie, and Windrose plugins, enabling customers to connect, query, and visualize data from additional data sources. Existing and new Amazon Managed Grafana workspaces now support Grafana version 8.4, with no action required from users. Customers can now tag Amazon Managed Grafana workspaces to help simplify organization and cost management of workspaces. Tags are labels in the form of key-value pairs that may be attached to Amazon Managed Grafana workspaces to search, filter, or allocate costs.
AWS Single Sign-On is now available in the AWS Asia Pacific (Osaka) region
AWS Single Sign-On (SSO) is now available in the AWS Asia Pacific (Osaka) region. For a full list of the regions where AWS SSO is available, see the AWS Regional Services List.
AWS Single Sign-On (AWS SSO) is where you create, or connect, your workforce identities in AWS once and manage access centrally across your AWS organization. You can choose to manage access just to your AWS accounts or cloud applications. You can create user identities directly in AWS SSO, or you can bring them from your Microsoft Active Directory or a standards-based identity provider, such as Okta Universal Directory or Azure AD. With AWS SSO, you get a unified administration experience to define, customize, and assign fine-grained access. Your workforce users get a user portal to access all of their assigned AWS accounts or cloud applications. AWS SSO can be flexibly configured to run alongside or replace AWS account access management via AWS IAM.
Amazon Personalize now supports offline model metrics for recommenders
Amazon Personalize now provides offline model metrics for recommenders enabling you to evaluate the quality of recommendations. A recommender is a resource that provides recommendations optimized for specific use cases, such as “Frequently bought together” for Retail and “Top picks for you” for Media and Entertainment. Offline metrics are metrics that Amazon Personalize generates when you create a recommender. You can use offline metrics to analyze the performance of the recommender's underlying model. Offline metrics allow you to compare the model with other models trained on the same data. The metrics provided include coverage, mean reciprocal rank, normalized discounted cumulative gain (NDCG) and precision.
AWS AppSync introduces new simplified console experience to deploy generic real-time Pub/Sub APIs
AWS AppSync is a fully managed service that enables developers to build digital experiences based on real-time data. With AppSync, you can easily configure data sources to push and publish real-time data updates to subscribed clients. AppSync handles connection management, scalability, fan-out and broadcasting, allowing you to focus on your application business needs instead of managing complex infrastructure.
AWS AppSync introduces a new simplified “Getting Started” experience in the console that allows customers to easily deploy a generic Pub/Sub API with a click of a button. Now, developers can start leveraging AppSync’s subscriptions with no or very little knowledge of GraphQL to deploy APIs for users to publish data and subscribe to receiving data in real-time. The new experience allows developers to download an auto-generated configuration and code that they can quickly integrate in their existing code base. The resulting generic pub/sub API can be added to an existing app to enable real-time updates, without changing how the app interacts with existing APIs or data sources. For developers just getting started, the experience also provides a code snippet that shows how to leverage the auto-generate code.
Announcing Multi-Account Support for AWS Transit Gateway Network Manager
AWS Transit Gateway Network Manager now supports centralized management and monitoring of global networks across multiple AWS accounts within an organization, created using AWS Organizations. With this feature, Network Manager reduces the operational complexity of managing a large global network across AWS accounts over a single unified operational dashboard.
Until now, AWS customers could use Network Manager to monitor and visualize their global network for a single AWS account. With the launch of multi-account support, Network Manager extends its management capabilities to work across multiple accounts. By registering AWS Transit Gateways from different accounts within an AWS Organization and defining on-premises resources, customers can visualize their global private network in a topology diagram and in a geographic map. Customers can also monitor their network using CloudWatch metrics and events for network topology changes, routing updates, and connection status updates. This reduces the overall operational burden for customers when managing a large network that is dispersed across accounts, providing them a comprehensive view of their entire global network over a centralized operational dashboard.
Offer acceptance email notifications is now available on AWS Marketplace
This week, AWS Marketplace announced general availability of Offer Acceptance Email Notifications which will notify users by email when a customer completes an offer subscription. With this launch, customers can now have real-time visibility into Offer Acceptance and Subscription by buyers, allowing them to track the overall progress of an AWS Marketplace transaction. Buyers, ISVs and Channel Partners can now receive relevant details like Agreement ID, Offer ID, and Customer details at the time of subscription, to initiate procurement workflows, internal order creation, revenue recognition and software provisioning/deployment. This feature is available for all AWS Marketplace product types.
Amazon Comprehend is a natural language processing (NLP) service that uses machine learning (ML) to find insights and relationships like people, places, sentiments, and topics in unstructured text. You can use Amazon Comprehend ML capabilities to detect and redact personally identifiable information (PII) in customer emails, support tickets, product reviews, social media, and more. For example, you can analyze support tickets and knowledge articles to detect PII entities and redact the text before you index the documents in the search solution.
Previously, Amazon Comprehend supported 22 PII entities across multiple categories, including Financial (e.g., credit card number, bank account number), Personal (e.g., name, email, age), Technical Security (e.g., username, password), and National (e.g., social security number, passport number). Starting today, Amazon Comprehend PII will support 14 new entity types, with localized support for entities within the United States, Canada, United Kingdom, and India. Customers can now detect and redact 36 entities to protect sensitive data. Specifically, the new entities are:
- United States (US Individual Tax Identification Number)
- United Kingdom (National Insurance Number, UK Unique Taxpayer Reference Number, National Health Service Number)
- Canada (Social Insurance Number, Canada Health Number)
- India (Aadhaar Card, Permanent Account Number, NREGA, Voter Number)
- Others (Vehicle Identification Number, SWIFT code, License Plate, International Bank Account Number)
Amazon Kinesis Data Analytics is now FedRAMP compliant
Amazon Kinesis Data Analytics is now authorized as FedRAMP Moderate in US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon) and as FedRAMP High in AWS GovCloud (US-West) and AWS GovCloud (US-East).
The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that delivers a standard approach to the security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses the National Institute of Standards and Technology (NIST) Special Publication 800 series and requires cloud service providers to receive an independent security assessment conducted by a third-party assessment organization (3PAO), to ensure that authorizations are compliant with the Federal Information Security Management Act (FISMA). US Federal agencies and commercial customers working with the US Federal government can now utilize Amazon Kinesis Data Analytics to process streaming data in real time.
Announcing new Amazon EC2 C7g instances powered by AWS Graviton3 processors
The latest generation compute optimized Amazon EC2 C7g instances are generally available. C7g instances are the first instances powered by the latest AWS Graviton3 processors and deliver up to 25% better performance over Graviton2-based C6g instances for a broad spectrum of applications such as application servers, microservices, batch processing, electronic design automation (EDA), gaming, video encoding, scientific modeling, distributed analytics, high performance computing (HPC), CPU-based machine learning (ML) inference, and ad serving.
Google Cloud Releases and Updates
Source: cloud.google.com
Anthos Clusters on bare metal
Anthos clusters on bare metal 1.11.2 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.11.2 runs on Kubernetes 1.22.
Starting with Anthos clusters on bare metal release 1.11.2, you can enable or disable Anthos VM Runtime by updating the VMRuntime
custom resource only. The legacy spec.kubevirt
settings in the cluster configuration are no longer supported. The VMRuntime
custom resource is installed by default on version 1.10 and later hybrid, standalone, and user clusters. The VMRuntime
custom resource can't be applied to admin clusters.
If you have Anthos VM Runtime enabled for your Anthos clusters on bare metal, you must disable it before upgrading clusters to version 1.11.2 or higher. If this step is not completed, your cluster upgrade will fail. You can re-enable Anthos VM Runtime after the upgrade is complete.
Starting with Anthos clusters on bare metal release 1.11.2, the Anthos VM Runtime API version has changed from v1alpha1
to v1
. This version change doesn't affect the VMRuntime
custom resource, but most other resources are affected.
Anthos Clusters on VMware
Anthos clusters on VMware 1.11.1-gke.53 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.11.1-gke.53 runs on Kubernetes 1.22.8-gke.200.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.11, 1.10, and 1.9.
Anthos clusters on VMware 1.10.4-gke.32 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.10.4-gke.32 runs on Kubernetes 1.21.5-gke.1200.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.11, 1.10, and 1.9.
Apigee Connectors
On May 20, 2022, GCP released the preview version of the Connectors for Apigee.
The Zendesk connector is available for Apigee. For more information, see Zendesk connection.
Apigee UI
You can now create and manage Private Service Connect (PSC) endpoint attachments in the Apigee UI. For details, see Creating an endpoint attachment.
App Engine flexible environment
You can now disable external ephemeral IP addresses for App Engine Flex services. Read our documentation to learn how. This feature is at the Preview launch stage.
Applies to .Net / Go / Java / Node.js / PHP / Python / Ruby
Artifact Registry
Apt and Yum repositories are now generally available.
Artifact Registry is now available in the us-east5
region (Columbus, United States).
BigQuery
You can now load data into BigQuery using Informatica Data Loader. This feature is generally available. Informatica provides connectors that can ingest data into BigQuery.
Metrics for query/statement_scanned_bytes and query/statement_scanned_bytes_billed are no longer delayed for 6 hours in order to smooth reporting over the duration of the job. Values are now reported every 180 seconds without smoothing. For more information about metrics, see Google Cloud metrics.
Chronicle
The following supported default parsers have changed, listed by product name and ingestion label:
- Apache Hadoop (HADOOP)
- Suricata IDS (SURICATA_IDS)
- GCP Compute (GCP_COMPUTE)
- Elastic Audit Beats (ELASTIC_AUDITBEAT)
- Cloudflare (CLOUDFLARE)
- Proofpoint On Demand (PROOFPOINT_ON_DEMAND)
- FortiGate (FORTINET_FIREWALL)
- CSV Custom IOC (CSV_CUSTOM_IOC)
- CrowdStrike Falcon (CS_EDR)
- Cisco Firepower NGFW (CISCO_FIREPOWER_FIREWALL)
- CIS Albert Alerts (CIS_ALBERT_ALERT)
- SonicWall (SONIC_FIREWALL)
- Okta User Context (OKTA_USER_CONTEXT)
- Elastic Windows Event Log Beats (ELASTIC_WINLOGBEAT)
- Check Point (CHECKPOINT_FIREWALL)
- Barracuda Email (BARRACUDA_EMAIL)
- Microsoft Azure Activity (AZURE_ACTIVITY)
- Carbon Black App Control (CB_APP_CONTROL)
- OpenSSH (OPENSSH)
- OneLogin (ONELOGIN_SSO)
- Office 365 (OFFICE_365)
- FireEye NX (FIREEYE_NX)
- ExtraHop RevealX (EXTRAHOP)
- Cisco Umbrella DNS (UMBRELLA_DNS)
- Kaspersky AV (KASPERSKY_AV)
- IBM Guardium (GUARDIUM)
- F5 ASM (F5_ASM)
- Cisco Email Security (CISCO_EMAIL_SECURITY)
- Workspace Activities (WORKSPACE_ACTIVITY)
- Forcepoint Proxy (FORCEPOINT_WEBPROXY)
- Azure AD Organizational Context (AZURE_AD_CONTEXT)
- Tanium Stream (TANIUM_TH)
- Apache (APACHE)
For details about the changes in each parser, see Supported default parsers.
Cloud Asset Inventory
The following resource types are now publicly available through the Analyze Policy APIs (AnalyzeIamPolicy
and AnalyzeIamPolicyLongrunning
):
- Cloud KMS
cloudkms.googleapis.com/EkmConnection
- Cloud Run
run.googleapis.com/Job
run.googleapis.com/Execution
Cloud Build
Users can now receive build status notifications in Google Chat via a Google Chat notifier. The Google Chat notifier is available as an experimental release. To learn more, see Configuring Google Chat notifications.
Cloud Composer
Private Service Connect support in Cloud Composer 2 is now generally available (GA).
Cloud Functions
Google have updated the documentation to clarify that to get the updates and security patches for runtimes and their dependencies, you need to deploy a function. Security patches are not applied otherwise.
Cloud KMS
Cloud KMS is available in the following region:
us-east5
For more information, see Cloud KMS locations.
Cloud Load Balancing
Regional external and regional internal HTTP(S) load balancers now support regional SSL policies. SSL policies give you the ability to control the features of SSL that your Google Cloud load balancers negotiate with clients.
For details, see:
Cloud Monitoring
You can now configure an uptime check to validate a specific JSONpath. For more information, see Validate response data.
A new version of Managed Service for Prometheus is now available. Version 0.4.1 of managed collection has been released, along with v2.35.0-gmp.2 of the managed-service binary that v0.4.1 depends on (container image: gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0
). For details about the changes included, see the release page on GitHub.
You can now collect IIS logs and additional metrics from the Ops Agent, starting with versions 2.14.0 (logs) and 2.15.0 (additional metrics). For more information, see Monitoring third-party applications: IIS.
You can now collect Varnish logs and metrics from the Ops Agent, starting with versions 2.16.0 (logs) and 2.15.0 (metrics). For more information, see Monitoring third-party applications: Varnish.
You can now collect Active Directory Domain Services logs and metrics from the Ops Agent, starting with version 2.15.0. For more information, see Monitoring third-party applications: Active Directory Domain Services.
Cloud Run
The following new region is now available: us-east5
.
Cloud SQL for MySQL
Cloud SQL for MySQL now supports minor version 8.0.29. To upgrade your existing instance to the new version, see Upgrade the database minor version.
The following new region is now available: us-east5
.
Cloud Storage
JSON copy requests and XML copy requests now return a permanent error on timeouts for objects larger than 2.5 GiB and a retryable error on timeouts for objects smaller than 2.5 GiB.
Compute Engine
Generally available: Columbus, Ohio, USA us-east5-a,b,c
has launched with E2, N2, and N2D VMs in all three zones. Additionally, you can create C2 VMs in zones a and b.
See VM instance pricing for details.
Config Connector
Config Connector version 1.86.0 is now available.
Added support for ComputeRegionNetworkEndpointGroup
resource.
Added spec.serviceDirectoryRegistrations
field to ComputeForwardingRule
.
Fixed issue where webhooks were unintentionally returning 500 errors when rejecting immutable field changes.
Dataflow
Dataflow is now available in Columbus (us-east5
).
Dataproc
New sub-minor versions of Dataproc images:
1.5.66-debian10
, 1.5.66-ubuntu18
, 1.5.66-rocky8
2.0.40-debian10
, 2.0.40-ubuntu18
, 2.0.40-rocky8
Upgraded Spark to 3.1.3 in Dataproc image version 2.0.
Dialogflow
Dialogflow CX now supports version-specific webhooks.
Dialogflow CX now supports fine-grained webhook errors for built-in events.
GKE
Kubernetes 1.24 is now available in the Rapid channel. Before upgrading, read the Kubernetes 1.24 Release Notes, especially the action required and deprecation sections.
You can now easily assess the running cost implications at cluster creation time. The GKE cluster cost widget lets you get an estimated cost range when you are creating a cluster.
This information can help you get a better understanding of the upper and lower monthly cost to expect based on your cluster autoscaling setup. This feature is now available in Preview.
For more information, see Introducing GKE cost estimator, built right into the Google Cloud console.
The us-east5
region in Columbus, Ohio is now available.
Google Cloud Armor
Google Cloud Armor integration with reCAPTCHA Enterprise is now in General Availability. See the Cloud Armor bot management overview and the Overview of reCAPTCHA Enterprise for WAF and Google Cloud Armor integration.
Google Distributed Cloud Edge
This is a patch release of Google Distributed Cloud Edge (version 1.0.2).
The following changes have been introduced in this release of of Distributed Cloud Edge:
-
Configuring a maintenance window now controls the scheduling of software updates for the Kubernetes control plane and Kubernetes nodes.
-
You can now deploy KubeVirt virtual machines on Distributed Cloud Edge in unmanaged namespaces with support for the Containerized Data Importer (CDI) plug-in.
Microsoft Azure Releases And Updates
Source: azure.microsoft.com
General availability: Enhanced IPv6 functionality for MultiValue profiles in Azure Traffic Manager
Azure Traffic Manager now enables you to specify minimum children property separately for IPv4 and IPv6 endpoints for MultiValue profiles.
Public preview: Automate scheduled emails of your saved cost views via API
Automate the creation and management of Azure Cost Management scheduled emails with the ScheduledActions API.
Generally available Azure Ebsv5 now available in 13 additional regions
Azure Virtual Machines Ebsv5 and Ebdsv5 are now available in 13 additional regions.
Public preview: JavaScript and Python support in Azure SQL bindings
You can connect Azure SQL to Azure Functions more easily with input and output bindings, now available in public preview for C#, JavaScript, and Python.
Public preview: Autoscale Stream Analytics jobs
Autoscaling allows you to define the minimum and maximum streaming units. Stream Analytics will automatically take care of dynamically optimizing the number of streaming units needed for your workload.
Public preview: Azure Digital Twins 3D Scenes Studio
3D Scenes Studio allows you to build lightweight 3D visualization with contextual data visualizations that can be consumed easily from web browsers.
General availability: Azure Backup supports backup of Write Accelerator enabled disks
TARGET AVAILABILITY: Q2 2022
Azure Virtual Machine backup protects Write Accelerator enabled disks
IoT Hub IP address change notification
IoT Hub will be updating the underlying infrastructure and will go through an internal service update. The update will change the underlying DNS record for IoT Hub, resulting in a change of the IP address.
Generally available: Stream Analytics query development improvements
See improvements to the Stream Analytics query development experience on the Azure portal to increase productivity.
Generally available: Increased size of Stream Analytics jobs and cluster
Maximum size of a Stream Analytics job and a cluster is increased from 192 SUs to 396 SUs.
Public preview: Stream Analytics no code editor
Stream Analytics no code editor provides a rich, no code, drag and drop experience for you to build you streaming pipeline within minutes.
Public preview: NGINX for Azure
Natively integrate SaaS solution for advanced traffic management and monitoring on Azure.
In development: Dynatrace for Azure
TARGET AVAILABILITY: Q2 2022
Natively integrated SaaS solution that provides deep cloud observability, advanced AIOps, and continuous runtime application security capabilities on Azure.
Generally available: Microsoft Purview Data Estate Insights
Microsoft Purview Data Estate Insights (in GA July 1, 2022) provides a bird's eye view of your data estate's health.
Public preview: Microsoft Purview Data Policy for SQL dev ops roles
Microsoft Purview Data Policy enables policies for data access, now including SQL dev ops roles.
Public preview: Azure Applied AI Services enhancements
Enhancements in preview include Power Virtual Agents to enable sophisticated conversational flows; Azure Form Recognizer helps to streamline patient check-in and verification; Azure Metrics Advisor has simplified service customization.
Public preview: Azure Cognitive Services updates
Azure Cognitive Services is announcing the following preview updates at Build: Azure OpenAI Service and summarization capabilities in Azure Cognitive Service for Language.
Generally available: Azure Cognitive Service for Language
Cognitive Service for Language now includes custom named entity recognition and custom text classification.
Generally available: Ledger in Azure SQL Database
Enable proof that your database has not been tampered with and restore it back to the original value if needed by enabling ledger in Azure SQL Database.
Public preview: Azure Synapse Link for SQL
Synapse Link for SQL enables seamless near-real-time data movement from relational sources to analytical stores without the need to build ETL pipelines.
Public preview: New modern capabilities for Azure SQL Database
Simplify and expedite application development and reduce time-to-market with new features for Azure SQL Database.
Public preview: Azure Machine Learning updates
Azure Machine Learning now offers a Responsible AI dashboard and scorecard as well as additional enhancements in preview.
Generally available: Azure Machine Learning managed endpoints and Command Line Interface v2
Deploy your machine learning models in a turnkey manner across powerful GPU and GPU machines. CLI v2 now also generally available.
General availability: Azure Database for MySQL - Flexible Server Business Critical service tier
Run your production workloads on the Business Critical service tier, best for high-performance transactional or analytical applications and achieve a 1.5x performance improvement over Single Server on open-source community MySQL.
Generally available: Azure Database for MySQL – Flexible Server 80 vCore Business Critical
Azure Database for MySQL Flexible server is now offering 80 vCore compute for tier 1 workloads.
Public preview: Azure Cosmos DB API for MongoDB data plane RBAC
The API for MongoDB now includes the ability to create users and roles and configure fine-grained access to your database account data.
Public preview: Enhanced elasticity features for Azure Cosmos DB
Elasticity features for Azure Cosmos DB help achieve the best scalability and performance, including increased serverless capacity, database traffic burst handling, partition throughput redistribution, partition merge, and hierarchical partition keys.
General availability: Azure Cosmos DB Python SDK async IO support
Improve database performance by running I/O tasks concurrently using the Azure Cosmos DB Python SDK IO async support capability
Generally available: Azure Container Apps
Run microservices in containers without managing infrastructure.
Generally available: Azure Communication Services sample app builder and Microsoft Teams support
Quickly create and deploy a "virtual visits" experience connecting your applications with Microsoft Teams bookings.
Public preview: Azure Communication Services APIs in US Government cloud
Use Azure Communication Services APIs for voice, video, and messaging in US Government cloud.
Public preview: Azure Communication Services Email
Add email notifications to your apps using Azure Communication Services Email.
Generally available: Azure Communication Services mobile UI library
Save time with Azure Communication Services mobile UI library.
Public preview: Durable functions support for managed identity for Azure Storage
Durable functions in Azure Functions now support using managed identity when using Azure Storage.
Public preview: Azure Functions .NET Framework support in the isolated worker model
Apps using Azure Functions isolated worker model for .NET can now target .NET Framework.
Generally available: Dynamic concurrency in Azure Functions
Azure Functions dynamic concurrency feature simplifies configuring concurrency for your function apps using Service Bus, Storage Blobs, and Storage Queue triggers.
Public preview: Durable functions support for isolated .NET worker process
Build applications that need durable functions and run them in the isolated worker process within Azure Functions.
Generally available: Updated extension defaults for new Azure Functions projects
Extension bundles for new Azure Functions projects will now default to v3 in the client tools.
Generally available: Azure Functions Kafka trigger support
You can now detect and respond to real time messages streaming into Kafka Topics.
Public preview: Manage your Log Analytics Tables in the Azure portal
Log Analytics Tables can now be managed from a new Tables (preview) entry of the Azure portal in Log Analytics workspaces.
General availability: Azure Stack HCI single-node
Bring the benefits of hybrid to a single-node Azure Stack HCI configuration.
Public preview: Azure Monitor application insights JavaScript web snippet auto-injection for node.js
Azure Monitor application insights node.js customers can enable web monitoring with a simple configuration.
Public preview: ContainerLogv2 schema in Azure Monitor container insights
Container insights now offers a new, lightweight schema for the container logs in ContainerLogv2.
Public preview: AIOps powered intelligent view in application maps
You can now use AIOps powered intelligent view in application map to filter out noise and find real issues faster.
Generally available: Subnet per node pool
You can expand your AKS clusters across multiple subnets in the same virtual network.
Public preview: Windows Server 2022 host support in AKS
You can now use Windows Server 2022 with AKS and benefit from its many performance-related improvements.
Public preview: Draft extension for Azure Kubernetes Service (AKS)
Use Draft through the Azure CLI, Azure Portal, and Visual Studio Code to create a Dockerfile for your application and the necessary Kubernetes manifests.
Public preview: Web application routing add-on for Azure Kubernetes Service (AKS)
Enable an ingress controller with SSL termination to quickly and securely access your applications in AKS.
Public preview: KEDA add-on for AKS
Quickly and easily deploy clusters with KEDA enabled, or enable KEDA on existing AKS clusters
Public preview: Azure Disk CSI driver v2 in AKS
Improve scalability and reduce pod failover latency by using Azure Disk CSI driver v2 in AKS.
Generally available: AKS cluster extensions
You can now leverage a rich set of first party solutions on AKS via an Azure Resource Manager driven experience.
Public preview: ARM64 agent node support in AKS
You can now create AKS clusters with mixed architecture nodes made up of Intel and ARM chips.
Generally available: Alias minor version support in AKS
You no longer need to specify the exact patch number in your AKS setup.
CIS benchmark for Linux containers
You can now attest to the state of CIS compliance for their AKS Ubuntu worker nodes.
Draft 2: An open-source project for developers building apps on Kubernetes
Create a Dockerfile for your application and the necessary Kubernetes manifests needed.
Generally available: Custom node configuration on AKS
Configure your operating system (OS) settings or the kubelet parameters to match the needs of the workloads.
Generally available: Dynamic IP allocation and enhanced subnet support in AKS
You can now deploy AKS clusters in a more IP efficient manner while still having pods with VNet IPs.
Public preview: App Service Environment v3 Migration Feature in additional regions
Migration guidance allows you to move to App Service Environment v3 and take advantage of refreshed infrastructure, better performance, and the removal of the stamp fee found on older versions.
Generally available: Landing zone accelerator for Azure Arc-enabled Kubernetes
New landing zone accelerator for Azure Arc-enabled Kubernetes gives you tools to accelerate and simplify hybrid and multicloud Kubernetes deployments.
Generally available: App Service enhancements for WordPress on App Service for Linux
Wordpress users benefit from improved performance and security.
General availability: App Service landing zone accelerator
Facilitate moving applications from on-premises to App Service using landing zone accelerator.
Public preview: App Service Google Remote Procedure Call support
Host Google Remote Procedure Call (gRPC) apps on App Service.
Public preview: App Service new migration capabilities
Facilitates discovery, assessment, and migration to App Service and Azure Kubernetes Service.
Public preview: Synthetic GraphQL
You can now easily create a GraphQL API to support modern client application development.
General availability: GraphQL passthrough support in Azure API Management
GraphQL APIs are considered to be more efficient, flexible, and powerful and have benefits such as faster performance, longer API call limit threshold, and lesser time retrieving data.
Generally available: DCsv3 and DCdsv3 series Virtual Machines
Confidential computing DCsv3 and DCdsv3-series virtual machines (VMs) are generally available.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check out the 14 day free trial here: