This week's roundup of all the cloud news.
Here's a round up of all things GCP, Azure and AWS for the week ending Friday 30th April 2021.
To stay in the loop, make sure you subscribe on the right - There's a new Newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
Facebook. Linkedin. Twitter.
AWS Updates and Releases
Today we announced AWS Identity and Access Management (IAM) Access Control for Amazon MSK. IAM Access Control is a security option offered at no additional cost that simplifies cluster authentication and Apache Kafka API authorization using IAM role or user policies to control access. By using IAM Access Control, customers no longer need to build and run one-off access management systems to control client authentication and authorization for Apache Kafka, and MSK clusters are secured using least privileged permissions by default.
Starting this week, AWS Transit Gateway Connect is now available in the Europe (Milan), Asia Pacific (Hong Kong), Africa (Cape Town), and Middle East (Bahrain) Regions.
AWS Audit Manager now offers three new prebuilt standard frameworks: NIST Cybersecurity Framework version 1.1, AWS Foundational Security Best Practices, and AWS Well-Architected framework. These frameworks add to the existing prebuilt frameworks provided in Audit Manager. With this release, you can launch an assessment from any of these frameworks with just a few clicks. Audit Manager will map your AWS resources to the requirements in the framework you choose and start gathering evidence automatically to help you scale your audit capability in the cloud as your business grows.
Amazon Web Services (AWS) announces expansion of AWS Ground Station to the Asia Pacific (Seoul) region. This is now the 9th Ground Station connected to the AWS Global Network.
This week, Amazon Pinpoint announced the ability for customers to pause and resume Journeys — being able to temporarily halt the execution of message sends. Previously, customers needed to stop and recreate their Journey entirely if there was a situation such as: a conflicting campaign, a seasonal event, or an issue. Journeys are multi-step campaigns that can be executed across SMS, email, and push messages. Journeys are intended for customers with user engagement use cases, and want to send targeted messaging to their users to drive high value actions.
Host Resource Groups , which is a logical collection of Dedicated Hosts that you can manage as a single entity, now support AWS CloudFormation , allowing customers to create Host Resource Groups using CloudFormation templates and automate EC2 Dedicated Host management.
Starting May 1st 2021, all data transfer over a VPC Peering connection that stays within an Availability Zone (AZ) is now free. All data transfer over a VPC Peering connection that crosses Availability Zones will continue to be charged at the standard in-region data transfer rates. You can use the Availability Zone-ID to uniquely and consistently identify an Availability Zone across different AWS accounts.
Posted On: May 5, 2021Read More »
Today, we are excited to announce support for customer-managed customer master keys to encrypt your code repositories in Amazon CodeGuru Reviewer. Customer-managed customer master keys allow you to create, own, and manage your encryption keys, giving you more control over how you manage the security of your CodeGuru Reviewer code.
This week, AWS reduced the price of metric samples ingested by up to 84% for Amazon Managed Service for Prometheus (AMP). Amazon Managed Service for Prometheus (AMP) is a fully managed Prometheus-compatible monitoring service that makes it easy to monitor containerized applications at scale. With AMP, you can use the open source Prometheus Query Language (PromQL) to monitor the performance of containerized workloads on AWS or on-premises. AMP automatically scales the ingestion, storage, and querying of operational metrics (from, for example, your Amazon Kubernetes Service (Amazon EKS) clusters) as workloads grow or shrink, and is integrated with AWS security services such as AWS Identity and Access Management (IAM), AWS PrivateLink, and AWS CloudTrail to enable fast and secure access to data.
Amazon Elasticsearch Service now offers instances from the AWS Graviton2 instance family. Instance types include general purpose (M6g), compute optimized (C6g), and memory optimized (R6g, R6gd). Customers can enjoy up to 38% improvement in indexing throughput, 50% reduction in indexing latency, and 30% improvement in query performance when compared to the corresponding x86-based instances from the current generation (M5, C5, R5).
Porting Assistant for .NET is now available as a Visual Studio IDE extension. With this release, developers can access Porting Assistant for .NET directly from the Visual Studio IDE to assess incompatibilities and be more productive with an integrated experience for porting their .NET applications. Along with rich source code editing features provided by the IDE, this extension provides developers with feedback on lines of code that need to be modified to make the source code compatible with .NET Core. Developers can now run automated porting and take advantage of continuous assessment of incompatibilities as they make updates to the code.
Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. As a document database, Amazon DocumentDB makes it easy to store, query, and index JSON data at scale.
Amazon QuickSight can now notify users of changes to important metrics in their dashboards with threshold-based alerts. Readers and authors can set up personalized rules on key metrics in their dashboards and be automatically notified via email when data crosses the defined thresholds, highlighting important changes in their business. For instance, a manager might want to track the sales of their business and know when weekly sales drop below $100,000. To set up an alert, users can go to any QuickSight dashboard and click on a KPI or gauge visual and then use the ‘alert’ icon in order to configure the alert. Threshold alerts are billed per metric processed (which means each time an alert rule is checked) at tiered rates starting at $0.50 per 1000 metrics processed.
This week AWS announced the general availability (GA) of Amazon DevOps Guru – a machine learning (ML) powered service that gives you a simpler way to measure and improve an application’s operational performance and availability and reduce expensive downtime.
Amazon Personalize enables you to personalize your website, app, ads, emails, and more, using the same machine learning technology as used by Amazon.com, without requiring any prior machine learning experience. Using Amazon Personalize, you can generate personalized recommendations for your users through a simple API interface. Amazon Personalize now offers a new set of APIs to enable customers to export the data present in their Users, Items and Interactions Datasets to their own S3 buckets.
AWS OpsWorks for Configuration Management now supports the current long term support (LTS) version of Puppet Enterprise for its fully managed service. Customers are upgraded automatically during the weekly system maintenance window scheduled individually by each customer.
AWS Identity and Access Management (IAM) now supports policy conditions to help manage permissions for AWS services that access your resources. Many AWS services require access to your internal resources to perform tasks, and they often use their own service identity called a service principal to achieve this. Using the new service principal conditions, it is simple to author rules that enforce a rule for all your service principals, or exclude service principals from certain permission rules that are intended only for your own identities.
We are excited to announce that you can now hierarchically delete resources in Amazon Forecast at a parent level without having to locate the child resources. You can stay focused on building value adding forecasting systems and not worry about trying to manage individual resources that are created in your workflow. Amazon Forecast uses machine learning (ML) to generate more accurate demand forecasts, without requiring any prior ML experience. Amazon Forecast brings the same technology used at Amazon.com to developers as a fully managed service, removing the need to manage resources or rebuild your systems.
Starting today Amazon Relational Database Service (RDS) for Oracle and Amazon RDS for PostgreSQL now support Amazon RDS Encrypted Cross-Region Automated Backups. This feature extends the existing RDS backup functionality, giving you the ability to set up automatic replication of system snapshots and transaction logs from a primary AWS Region to a secondary AWS Region. These backups are encrypted using an AWS KMS customer master key in the destination Region.
Starting today, AWS Transit Gateway Network Manager is now available in the AWS Asia Pacific (Osaka) Region.
Amazon FinSpace is a new fully managed data management and analytics service that makes it easy to store, catalog, and prepare financial industry data at scale, reducing the time it takes for financial services industry (FSI) customers to find and access all types of financial data for analysis from months to minutes.
You now can use the AWS SDK for Java 2.x with DynamoDB local, the downloadable version of Amazon DynamoDB. With DynamoDB local, you can develop and test applications by using a version of DynamoDB running in your local development environment without incurring any additional costs. DynamoDB local does not require an internet connection, and it works with your existing DynamoDB API calls.
Google Cloud Releases and Updates
Anthos clusters on VMware
Anthos clusters on VMware 1.7.1-gke.4 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.7.1-gke.4 runs on Kubernetes 1.19.7-gke.2400.
The supported versions that offer the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.7, 1.6, and 1.5.
The ability to restore from a Cloud Bigtable backup to a different instance is now generally available.
You can now add custom fields in the Logs Explorer to better analyze logs and refine your queries
The Query Editor for Monitoring Query Language (MQL) has been reimplemented. In addition to autocompletion and error detection, it now supports code folding and a find-and-replace capability.
The Inventory tab on the Cloud Monitoring VM Instances dashboard now offers the ability to filter and sort the instance table by any combination of columns. In addition, new health scorecards report a variety of metrics and statistics related to the health and status of your VMs and agents.
You can now use Identity-aware Proxy with Cloud Run to use identity and context to guard access to your applications. (Available in public preview.)
Generally available: Create virtual machines for high performance computing (HPC) workloads using the HPC VM image.
Security Command Center
Security Command Center Premium has launched Continuous Exports for Pub/Sub in general availability. The feature simplifies the process of creating a
NotificationConfig and automates the export of new findings to Pub/Sub.
You must be a Security Command Center Premium customer to use the feature. Security Command Center Standard continues to support one-time exports. To subscribe to Security Command Center Premium, contact your sales representative or fill out our inquiry form
Microsoft Azure Releases And Updates
Applications can now create append blobs in addition to block blobs in Azure Data Lake Storage accounts and append to them using Append Block operations. Applications that need to add information to existing files efficiently and continuously can leverage append blobs.
Take advantage of multiple new enhancements and features that are now generally available in Azure VPN Gateway.
Review the Microsoft Custom Translator new features, improvements, bug fixes, and new/refreshed models for May 2021.
Operational backup for Azure Blobs gives you a managed data protection solution for block blobs in your storage accounts.
Azure Log Analytics for May 2021 include a new and updated experience for custom logs management and pinned parts filter integration.
TARGET RETIREMENT DATE: AUGUST 01, 2021
Beginning August 1, 2021, you will no longer be able to access Azure Data Share preview API versions (2018-11-01-preview, 2020-06-01-preview) through REST API or SDK.
New Xilinx Alveo U250 FPGA NPv1 VMs are now generally available in West US 2, East US, West Europe, and Southeast Asia.
Access your secrets securely via the container's file system.
Get new Azure Maps features and potential cost savings with Gen2 pricing.
New enhancements and updates released for general availability (GA) in Azure Security Center in April 2021.
Public preview enhancements and updates released for Azure Security Center in April 2021
Hava Automated Diagrams for AWS, Azure and GCP. Get back your precious time and possibly your sanity and rid yourself of manual drag and drop diagram builders forever. Check it out for free here:
Read more about Hava Azure Network Topology Diagrams here.
Read more about Hava AWS Network Topology Diagrams here.
Read more about Hava GCP Network Topology Diagrams here