This week's roundup of notable cloud news.
Hello cloud land, we've read all the cloud news again this week, so you don't have to.
There's a little bit of everything going on this week. Nothing huge but a few cool services made it to general release.
AWS SSO expands integration to include Okta Universal Directory
Enterprises adopting the AWS Cloud want to effectively manage identities. Having one central place to manage identities makes it easier to enforce policies, to manage access permissions, and to reduce the overhead by removing the need to duplicate users and user permissions across multiple identity silos.
Having a unique identity also simplifies access for all of us, the users. We all have access to multiple systems, and we all have challenges remembering multiple distinct passwords. Being able to connect to multiple systems using one single combination of user name and password is a potential daily security and productivity gain.
Being able to link an identity from one system with an identity managed on another trusted system is known as “Identity Federation“, which single sign-on is a subset of. Identity Federation is made possible thanks to industry standards such as Security Assertion Markup Language (SAML), OAuth, OpenID and others.
Recently, AWS announced a new evolution of AWS Single Sign-On, allowing users to link AWS identities with Azure Active Directory identities. They did not stop there. This week, AWS announced the integration of AWS Single Sign-On with Okta Universal Directory.
AWS Amplify Libraries for Android and iOS
When you develop mobile applications, you must develop a set of cloud-powered functionalities for each project. For example, most applications require user authentication or detailed in-app analytics. Your application most probably calls REST or GraphQL APIs and is required to support offline scenarios and data synchronization. AWS Amplify makes it easy to integrate such functionalities in your mobile and web applications.
AWS Amplify is a set of tools and services for building secure, scalable mobile and web applications. It is made out of three components: an open source set of libraries and UI components for adding cloud-powered functionalities, a command line interactive toolchain to create and manage a cloud backend, and the AWS Amplify Console, an AWS Service to deploy and host full stack serverless web applications.
This week AWS announced the availability of Amplify iOS and Amplify Android libraries and tools, to help mobile application developers to easily build secure and scalable cloud-powered applications.
Server-side encryption of ephemeral storage using AWS Fargate-managed keys in AWS Fargate platform version 1.4
This week, AWS introduced server-side encryption of ephemeral storage in AWS Fargate platform version 1.4. The ephemeral task storage is automatically encrypted with industry-standard AES-256 encryption algorithm using AWS Fargate-managed keys for the updated platform version.
This feature requires no additional configuration from AWS customers for new Amazon ECS tasks and services launched in platform version 1.4. Amazon EKS pods launched on AWS Fargate use platform version 1.4, hence any pods launched starting today will also use encrypted ephemeral storage with Fargate-managed keys.
How to replicate Amazon FSx for Windows File Server data across AWS Regions
AWS Customers who have special compliance or disaster recovery requirements have asked for the ability to replicate data in Amazon FSx for Windows File Server (Amazon FSx) to another AWS Region. Although AWS Regions and Amazon FSx have multiple tiers of resiliency built-in, replication can protect customer data in the unlikely scenario of a catastrophic loss of an AWS Region.
For example, a customer could have their Amazon FSx infrastructure on the east coast of the United States, and may want to have a copy of that data in on the west coast (as in the graphic: N. Virginia and Oregon Regions).
In this blog post, Dean Suzuki details how to set it up.
Centralize Amazon CloudWatch Logs using AWS CDK
One of the most common use cases that AWS customers try to implement is to centralize various types of logs in their AWS infrastructure so that these logs can be utilized for security, monitoring or analytics purposes.
Centralizing AWS services logs means pushing all the logs generated by the various AWS services used to one single location. With a central location, AWS customers can easily manage logs generated across all the accounts in their organization and enforce restrictions and security for this data. Centralizing logs also allows to setup a process to backup this data and setup life-cycle policies for data retention.
In this article, Naveen Balaraman explains how to use Amazon Kinesis Data Firehose, AWS Lambda, S3 and the AWS CDK to set this up.
Optimize for internet traffic with Peering Service and the routing preference option
Last week at the Microsoft Build conference, Azure announced that Azure Peering Service is now generally available. They also introduced “routing preference,” a new option for Azure customers to further architect and optimize their traffic to and from Azure over the “public Internet.”
Microsoft and Docker collaborate on new ways to deploy containers on Azure
Now more than ever, developers need agility to meet rapidly increasing demands from customers. Containerization is one key way to increase agility. Containerized applications are built in a more consistent and repeatable way, by way of defining desired infrastructure, dependencies, and configuration as code for all stages of the lifecycle. Applications often start and stop faster at runtime too, which often helps quickly start, stop, scale out, and update in the cloud.
With this in mind, Azure announced a new partnership earlier today between Microsoft and Docker to integrate Docker Desktop more closely with Microsoft Azure and the Visual Studio line of products.
Azure Arc enabled Kubernetes preview and new ecosystem partners
In November 2019, Azure announced the preview of Azure Arc, a set of technologies that unlocks new hybrid scenarios for customers by bringing Azure services and management to any infrastructure across datacenters, edge, and multi-cloud.
Based on the feedback and excitement of all the customers in the private preview, Microsoft are able to deliver Azure Arc enabled Kubernetes in preview to thier customers. With this, anyone can use Azure Arc to connect and configure any Kubernetes cluster across customer datacenters, edge locations, and multi-cloud.
Google Cloud adds smart analytics frameworks for AI Platform Notebooks
Google Cloud is announcing the beta release of smart analytics frameworks for AI Platform Notebooks. Smart Analytics Frameworks brings closer the model training and deployment offered by AI Platform with the ingestion, preprocessing, and exploration capabilities of our smart analytics platform.
With smart analytics frameworks for AI Platform Notebooks, you can run petabyte-scale SQL queries with BigQuery, generate personalized Spark environments with Dataproc Hub, and develop interactive Apache Beam pipelines to launch on Dataflow, all from the same managed notebooks service that provides Google Cloud AI Platform.
Java 11 on Google Cloud Functions
The Java programming language recently turned 25 years old, and it’s still one of the top-used languages powering today's enterprise application customers. On Google Cloud, you can already run serverless Java microservices in App Engine and Cloud Run.
This week GCP announced Java 11 was delivered to Google Cloud Functions, an event-driven serverless compute platform that lets you run locally or in the cloud without having to provision servers. That means you can now write Cloud Functions using your favorite JVM languages (Java, Kotlin, Groovy, Scala, etc) with our Functions Framework for Java, and also with Spring Cloud Functions and Micronaut!
Security Dev Day: Automating Security and Compliance
for Applications and Workloads
Wednesday, June 10th from 8:30 AM - 12:30 PM PT | 11:30 AM - 2:30 PM ET
Whether you are just beginning to deploy applications on Amazon Web Services (AWS) or have a fully running environment, identifying strategies to automate security in your development life cycle will help you identify threats, implementing shift left principles and helping you save costs.
Check Point Software Technologies and AWS are working together to bring you this virtual workshop to learn how to utilize tools, controls, and design models to automate security for your cloud applications while also ensuring compliance.
In this virtual workshop, you will learn how to deploy Check Point CloudGuard Security on AWS, and quickly visualize your applications and workloads, all through one centralized and customizable dashboard. You will learn how to manage compliance rule-sets, auto-remediate compliance violations, while also gaining real-time threat intelligence on your AWS account. Our instructors will be there live, to assist in answering any questions you may have.
- Lean how to quickly deploy automated security on AWS
- Manage your overall cloud security and compliance posture
- Visualize events triggering AWS resources
- Identify threats impacting your security posture with complete forensic analysis and remediation
Dev Day - Building Modern ML Applications
Whether you are building a startup or adding to a data-intensive application, taking advantage of a cloud data platform and machine learning technologies is key to innovating and gaining a competitive advantage.
Snowflake and AWS (Amazon SageMaker) are bringing you a series of DevDay events to show how to build data-intensive applications with ML.
These events will show how to use Snowflake Cloud Data Platform to build data pipelines. You will learn how to leverage Amazon SageMaker to bring predictive power to your business; analyze data at a deeper level; and develop, test, and deploy ML models at scale. Our instructors will help you follow along using your Snowflake and AWS accounts and answer your questions live.
YOU’LL HAVE THE OPPORTUNITY TO:
- Ingest data for analytics powered by Snowflake
- Launch a SageMaker Notebook instance with the Snowflake Python connector pre-installed
- Build a connection to your Snowflake instance to pull data into a Pandas Data Frame
- Train a machine learning model using Amazon SageMaker
- Learn how to persist predictions in Snowflake for easy evaluation and analytics
- Join the on-demand Q&A with your Snowflake and Amazon peers
AWS Summit Online - Europe, UK, Middle East & Africa
Join the AWS Summit Online on June 17 and deepen your cloud knowledge with this free, virtual event.
Hear from your local AWS country leaders about the latest trends, customers and partners in your market, followed by the opening keynote with Werner Vogels, CTO, Amazon.com. After the keynote, dive deep in 55 breakout sessions across 11 tracks, including getting started, building advanced architectures, app development, DevOps and more. Tune in live to network with fellow technologists, have your questions answered in real-time by AWS Experts and claim your certificate of attendance. All sessions will be available in English with subtitles in French, Italian, German and Spanish.
So, whether you are just getting started on the cloud or are an advanced user, come and learn something new at the AWS Summit Online.
When: June 17 Online Starts 09:00 (UTC+1)
Virtual Masterclass: Cloud Practitioner Bootcamp with AWS
About this Event
This introductory-level course is intended for APN Partners who seek an overall understanding of the AWS Cloud. It provides a detailed overview of cloud concepts, AWS services, security, architecture, pricing, and support.
Delivered through an interactive online format, at the end of the course there will be an online assessment which will provide a certification upon successful completion.
Ran by AWS and Ingram Micro expert trainers, this course will teach you how to succeed both technically and commercially.
The tailored training will teach you how to:
- Define the AWS Cloud
- Describe the key services on the AWS platform using common use cases
- Describe basic AWS Cloud architectural principles
- Describe the AWS Shared Responsibility Model with reference to basic security and compliance
- Define pricing models
- Identify sources of documentation, including where to go for further information, how to describe the AWS Cloud value proposition, and the different ways to define characteristics of deployment/operation in the AWS Cloud
This course covers the following concepts:
Module 1: AWS Cloud Concepts
Module 2: AWS Core Services
Module 3: AWS Security
Module 4: AWS Architecting
Module 5: AWS Pricing and Support
Please note you will be required to follow the registration link in the confirmation email to secure your place.
If you need a fix of AWS goodness, there is an extensive program of online tech talks scheduled:
Join AWS for live, online presentations led by AWS solutions architects and engineers. AWS Online Tech Talks cover a range of topics and expertise levels, and feature technical deep dives, demonstrations, customer examples, and live Q&A with AWS experts.
Note – All sessions are free and in Pacific Time. Can’t join them live? Access webinar recordings and slides on the On-Demand Portal
Microsoft also has a full training and events calendar underway :
Some are going ahead, but we'd suggest contacting the organisers before putting any concrete plans in place.
Thanks for reading, we hope you found something useful. Talking of useful:
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what it can do for your workflow, security and compliance needs - please get in touch.
You can reach us on chat, email firstname.lastname@example.org or book a callback or demo below.