This week's roundup of all the cloud news.
Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 12th November 2021
To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
AWS Amplify announces new observeQuery API for Amplify DataStore to help apps with real-time data open faster
With this week's release, developers can use AWS Amplify DataStore’s new observeQuery API to help open apps faster using locally stored data, and then update the app UI with real-time data using no additional code. DataStore provides frontend app developers the ability to build real-time apps with offline capabilities by storing data on-device (web browser or mobile device) and automatically synchronizing data to the cloud and across devices on an internet connection. With the new observeQuery API, developers can retrieve both locally stored data and subscribe to subsequent data changes synced from the cloud with a single API call.
Achieve up to 30% better performance with Amazon DocumentDB (with MongoDB compatibility) using new Graviton2 instances
Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. As a document database, Amazon DocumentDB makes it easy to store, query, and index JSON data at scale.
Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. Starting today, AWS customers can index and search documents from Microsoft SharePoint 2013 or Microsoft SharePoint 2016 servers.
Amazon Elastic Kubernetes Service (EKS) now allows you to configure tags, endpoint access control, and control plane logging through AWS CloudFormation.
AWS CloudTrail announces CloudTrail error rate Insights, a new feature of CloudTrail Insights that enables customers to identify unusual activity in their AWS account based on API error codes and their rate.
Starting this week, Amazon EC2 M6i instances are available in additional AWS Regions Asia Pacific (Mumbai), Europe (Paris), South America (Sao Paulo), Asia Pacific (Seoul), and Asia Pacific (Sydney). Designed to provide a balance of compute, memory, storage and network resources, M6i instances are built on the AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances. These instances are SAP-Certified and are ideal for workloads such as web and application servers, back-end servers supporting enterprise applications (e.g. Microsoft Exchange Server and SharePoint Server, SAP Business Suite, MySQL, Microsoft SQL Server, and PostgreSQL databases), gaming servers, caching fleets, as well as for application development environments.
Starting this week, Amazon Quantum Ledger Database (QLDB) is available in the Canada (Central) region. With this launch, QLDB is now available in 11 Regions globally: Canada (Central), US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), Europe (Ireland), Europe (London), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Tokyo).
Amazon Nimble Studio launches the ability to test launch profile configurations via the Nimble Studio console.
Amazon Nimble Studio today supports the ability for administrators to test their launch profile configurations directly from the console, which can reduce the number of errors artists experience when provisioning a workstation.
Since AWS' last update in August 2021, AWS CloudFormation Registry has expanded to include support for 34 new resource types (refer to the complete list below) between August and October 2021. A resource type includes schema (resource properties and handler permissions) and handlers that allow API interactions with the underlying AWS or third-party services. Customers can now configure, provision, and manage the lifecycle of these newly supported resources as part of their cloud infrastructure through CloudFormation, by treating the infrastructure as code. Furthermore, we are pleased to announce that 4 new AWS services added CloudFormation support on the day of launch. These services include: Amazon Managed Service for Prometheus, Amazon OpenSearch Service, Amazon MemoryDB for Redis, and Amazon Connect Wisdom. CloudFormation now supports 165 AWS services spanning over 800 resource types , along with over 40 third-party resource types.
Amazon Translate is a neural machine translation service that delivers fast, high-quality, affordable, and customizable language translation. This week, AWS are introducing multidirectional custom terminology, to give you more control and flexibility over your translation workflows. Custom terminology is a feature of Amazon Translate that enables you to customize your translation of named entities such that your brand names, character names, model names, and other unique content using your terminology file. With multidirectional custom terminology, you no longer have to constrain yourself to set the first column of your terminology file as your source language. You will be now able to use the same terminology file to translate both to and from a specific language.
Starting this week, general-purpose Amazon EC2 M6gd instances are now available in Asia Pacific (Mumbai), and Europe (London). The compute-optimized Amazon EC2 C6gd instances are now available in Asia Pacific (Mumbai), Canada (Central), and Europe (London).
AWS Security Hub has released three new controls for its Foundational Security Best Practice standard (FSBP) to enhance customers’ Cloud Security Posture Management (CSPM). These controls conduct fully-automatic checks against security best practices for Elastic Load Balancing and AWS Systems Manager. If you have Security Hub set to automatically enable new controls and are already using AWS Foundational Security Best Practices, these controls are enabled by default. Security Hub now supports 162 security controls to automatically check your security posture in AWS.
Amazon Elastic Container Services (Amazon ECS) has improved Amazon ECS Capacity Providers to deliver a faster Cluster Auto Scaling experience. Customers who need to launch a large number of tasks (>100 tasks) on their Amazon ECS clusters will now see their cluster infrastructure scale faster.
Amazon QuickSight launches 4 new administration features including IP-based access restrictions and Bring-you-own-role for account setup
Amazon QuickSight now supports 4 new features that make it easier for AWS administrators to secure and roll out Amazon QuickSight to more users and accounts within their organizations - IP-based access restrictions, AWS Service Control Policy-based restrictions, automated email syncing for federated SSO users and bring-your-own-role during QuickSight account sign up.
AWS Control Tower now supports concurrent operations for detective guardrails to help expedite guardrail management. You can now enable multiple detective guardrails without needing to wait for individual guardrail operations to complete. AWS Control Tower provides customers with out-of-the-box preventive and detective guardrails that you can deploy to increase your security, operational, and compliance posture.
AWS CDK releases v1.126.0 - v1.130.0 with high-level APIs for AWS AppRunner and hotswap support for Amazon ECS and AWS Step Functions
Amazon Web Services (AWS) has announced the general availability of AWS Resilience Hub, a new service that provides you with a single place to define, validate, and track the resilience of your applications so that you can avoid unnecessary downtime caused by software, infrastructure, or operational disruptions.
This week, Amazon Lex announced language support for South African English. Amazon Lex is a service for building conversational interfaces into any application using voice and text. Amazon Lex provides deep learning powered automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text so you can build applications with highly engaging user experiences and lifelike conversational interactions. With the addition of South African English, you can build and expand your conversational experiences to better understand and engage your customer base.
Amazon Elastic Kubernetes Service (EKS) on Fargate now supports the use of Kubernetes Fluent Bit filters which provide enriched Kubernetes-specific metadata to Fluent Bit logs. Customers can now more easily observe and troubleshoot their applications by using the Kubernetes pod, container, or namespace name, among other Kubernetes metadata, to associate with their applications’ logs.
AWS Marketplace sellers can now submit multiple, self-service change requests simultaneously using AWS Marketplace Management Portal (AMMP) or AWS Marketplace Catalog API. Now, AWS Marketplace sellers can start multiple self-serve change requests for AMI, Container, Professional Services, and Machine Learning products via AMMP, and via the AWS Marketplace Catalog API for AMI, and Container products. Sellers will no longer have to wait to submit a subsequent change request for a product while prior change requests are in progress. For example, if a seller wants to update product information and version information of their product, they can now submit these requests one after another in quick succession without having to wait for the first request to complete.
Customers can now connect their CyberArk Workforce Identity (CyberArk) to AWS Single Sign-On (SSO) once, manage access to AWS centrally in AWS SSO, and enable end users to sign in using CyberArk Workforce Identity to access all their assigned AWS accounts. The integration helps customers simplify AWS access management across multiple accounts while maintaining familiar CyberArk Workforce Identity experiences for administrators who manage identities, and for end users as they sign in. AWS SSO and CyberArk Workforce Identity use standards-based automation to provision users and groups into AWS SSO, saving administration time and increasing security.
Customers can now connect their JumpCloud Directory Platform (JumpCloud) to Amazon Web Services Single Sign-On (SSO) once, manage access to AWS centrally in AWS SSO, and enable end users to sign in using JumpCloud to access all their assigned AWS accounts. The integration helps customers simplify AWS access management across multiple accounts while maintaining familiar JumpCloud experiences for administrators who manage identities, and for end users as they sign in. AWS SSO and JumpCloud use standards-based automation to provision users and groups into AWS SSO, enabling customers to save administration time and increase security.
Amazon Elastic Container Service (Amazon ECS) now provides customers enhanced visibility into the health of their compute infrastructure. Customers running containerized workloads using Amazon ECS on Amazon Elastic Compute Cloud (Amazon EC2) or on-premises with Amazon ECS Anywhere can now query the health status of the container runtime (i.e Docker) for their container instances directly from the Amazon ECS API. This helps customers improve application resiliency.
Amazon SageMaker Inference now supports new model deployment options to update your machine learning models in production. Using the new deployment guardrails , you can easily switch from the current model in production to a new one in a controlled way. This launch introduces canary and linear traffic shifting modes so that you can have granular control over the shifting of traffic from your current model to the new one during the course of the update. With built-in safeguards such as auto-rollbacks, you can catch issues early and automatically take corrective action before they cause significant production impact.
AWS Backup introduces new resource assignment options that help make it easier to manage data protection of your applications at scale. The new resource assignment options allow you to define your selection criteria using AWS-supported resource types , a combination of AWS tags and Resource IDs, enabling you to automatically identify the AWS resources that store data of your business critical applications and protect your data using immutable backups.
This week AWS Batch introduced fair-share scheduling for AWS Batch job queues, making it easier to run different workloads in a single queue. Now, AWS customers can determine whether to run jobs in first-in, first-out (FIFO) or determine a “fair-share” policy, which can allocate resources equally or based on admin-defined weights and priorities. With fair-share scheduling of jobs, AWS Batch will handle assigning compute among multiple users and workloads based on factors other than just whichever workload showed up first, resulting in enhanced processing efficiency and better respecting user or workload priority.
Amazon Simple Notification Service (Amazon SNS) now supports token-based authentication for sending mobile push notifications to Apple devices. When creating a new platform application in the Amazon SNS console or API, you can now choose between token-based (.p8 key file) or certificate-based (.p12 certificates) authentication.
AWS Device Farm’s Desktop Browser Testing feature lets you test your web applications on different desktop versions of Chrome, Firefox, Internet Explorer, and Microsoft Edge browsers. With this week’s launch, AWS are adding support for testing web applications that are hosted in an Amazon Virtual Private Cloud (VPC).
This week, AWS were excited to announce the general availability (GA) of Incident Manager from AWS Systems Manager in 7 additional AWS regions: Asia Pacific (Mumbai), Asia Pacific (Seoul), Canada (Central), Europe (London), Europe (Paris), South America (Sao Paulo), US West (N. California). To learn about Incident Manager, see the Incident Manager product page.
AWS announces a new capability to switch license types for Windows Server and SQL Server applications on Amazon EC2
AWS now offers the ability to easily switch between AWS provided licenses and bring your own licenses (BYOL) for Windows Server and SQL Server workloads using AWS License Manager. License switching capabilities can be used as your business and licensing needs evolve. Changing the license type associated with your instance will still retain the application, instance, and networking configuration associated with the workload, saving your time and effort. You will be billed per the new license type from the next billing second. As an optional flexibility, AWS will also provide the ability to change the tenancy from Shared to Dedicated or vice-versa.
AWS Fault Injection Simulator now supports Amazon CloudWatch Alarms and AWS Systems Manager Automation Runbooks.
You can now create and run AWS Fault Injection Simulator (FIS) experiments that check the state of Amazon CloudWatch alarms and run AWS Systems Manager (SSM) Automations. You can also now run new FIS experiment actions that inject I/O, network black hole, and packet loss faults into your Amazon EC2 instanes using pre-configured SSM Agent documents. Because it can be difficult to predict how applications will respond to stress under real world conditions whether in testing or production environments, integrating alarm checks and automated runbooks into your FIS experiments can help you gain more confidence when injecting disruptive events such as network problems, instance termination, API throttling, or other failure conditions.
Amazon Translate Now Adds Support for four more languages and variants - Irish, Marathi, Portugal Portuguese and Punjabi
Amazon Translate is a fully managed neural machine translation service that delivers real-time, high-quality, affordable, and customizable language translation. This week, AWS announced that Amazon Translate now adds supports to the following languages and variants - Irish, Marathi, Portuguese Portugal, and Punjabi.
Amazon SageMaker Pipelines, a purpose-built service which enables customers to define and orchestrate their model building steps, now supports resuming execution of a failed/stopped pipeline, and retry policies for pipeline steps.
AWS Backup announces support for Amazon DocumentDB (with MongoDB compatibility), allowing you to centrally manage data protection of your DocumentDB clusters along with other supported AWS services for database, storage, and compute.
The Amazon Chime SDK now has meeting API endpoints in the US West (Oregon), Europe (Frankfurt) and Asia Pacific (Singapore) AWS Regions, providing customers a choice of which AWS Region they use to create and manage meetings which can be hosted in any of the 18 Amazon Chime media regions.
AWS Backup announces the addition of Amazon Neptune to its portfolio of supported services. This is a new functionality in AWS Backup that allows you to create automated periodic snapshots of Amazon Neptune clusters using your centralized data protection policy across the supported AWS services for database, storage, and compute.
Amazon Polly, a service that turns text into speech (TTS), launches 2 new neural TTS voices. You can now use Lucia for Castilian Spanish and Bianca for Italian. With this launch, we now offer 22 neural TTS voices across 12 languages. With these voices, you can create applications that talk, and build entirely new categories of speech-enabled products.
Google Cloud Releases and Updates
The following scripting statements have been added to Google Standard SQL for BigQuery.
- CASE: Executes the first list of SQL statements where a boolean expression is
- CASE search_expression: Executes the first list of SQL statements where the search expression matches a
- LABELS: Provides an unconditional jump to the end of the block or loop associated with a label.
- REPEAT: Repeatedly executes a list of SQL statements until the boolean condition at the end of the list is
- FOR...IN: Loops over every row in a table expression.
- CASE: Executes the first list of SQL statements where a boolean expression is
These features are generally available (GA).
The following INFORMATION_SCHEMA views now support a
DDL column. The value of the column is the DDL statement that can be used to create the resource.
This feature is generally available (GA).
Cloud Asset Inventory
- Service Management
- Certificate Authority Service
- Service Management
You can now view the project-scoped log entries for all projects in a metrics scope on a custom dashboard. For more information, see View logs on a dashboard.
Terraform now supports use of the metrics scope API. For sample code, see
You can now save a copy of a chart from the Observability tab on Compute Engine's VM instance details page to one of your custom dashboards. To save a copy of the chart, select Add to Custom Dashboard from the More Options menu on the chart. You then select a new or existing custom dashboard, and have the option of renaming the new copy of the chart.
Cloud Run support for referencing Secret Manager Secrets is now at general availability (GA).
Cloud VMware Engine
VMware Engine nodes are now available in the following additional zone:
- Frankfurt, Germany:
- Frankfurt, Germany:
Generally available: You can now use the
gcloud command-line and the OS Config API to get inventory and vulnerability report data for your VMs in a specific zone. For more information, see Viewing operating system details.
If you use local SSDs with sync-heavy workloads, you will now more consistently reach write IOPS limits and experience lower latency, without having to disable cache flushing. This is due to a recent SSD firmware update.
You can now save a copy of a chart from the Observability tab on Compute Engine's VM instance details page to one of your custom dashboards. To save a copy of the chart, select Add to Custom Dashboard from chart option. You then select a new or existing custom dashboard, and have the option of renaming the new copy of the chart.
GCP have lowered the price for many processors. For more information, see the Pricing page.
Speech-to-Text has launched two new medical speech models, which are tailored for recognition of words that are common in medical settings. See the medical models documentation for more details.
Microsoft Azure Releases And Updates
Speed up big data processing in Azure Synapse with hardware-accelerated Spark pools.
Reduce high-priority retrieval costs for Archive Storage by deferring the decision to rehydrate with high priority, then updating the priority while the operation is pending.
Configure high availability and disaster recovery for SQL Server on Azure Virtual Machines using multiple subnets that’s easier and natively supported by SQL Server.
Public preview enhancements and updates released for Azure SQL Managed Instance for mid-November 2021.
The support of Citus 10.2 with PostgreSQL 14 is now included in Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure
New enhancements and updates released for general availability (GA) in Azure Security Center in October 2021.
Public preview enhancements and updates released for Azure Security Center in October 2021.
General availability enhancements and updates released for Azure SQL Managed Instance for mid-November 2021.
Create and drop named indexes while defining a new index or on existing data using the Cassandra API within Azure Cosmos DB.
Get better monitor application performance using Glowroot support for the Azure Cosmos DB Cassandra API.
Azure Backup for Azure Database for PostgreSQL – Single Server: Long-term retention generally available
Azure Backup supports long term data retention and improved compliance for your Single Server on Azure Database PostgreSQL, a managed service running the open source Postgres database on Azure.
Generate automated configuration files used with Terraform to automate provisioning and configuration on your Flexible Server for Azure Database for MySQL.
Create Hyperscale (Citus) server groups with PostgreSQL 14 (or PostgreSQL 11, PostgreSQL 12, and PostgreSQL 13) on Azure Database for PostgreSQL, a managed service running the open-source Postgres database.
With the release of .NET 6.0, Application Insights is offering day-zero auto-instrumentation support for it on Azure App Services
Deploy and scale .Net 6-based web apps on an enterprise-grade service
WebSockets support enables loosely coupled, scalable, real-time messaging applications.
Azure Bastion native client support brings you the ability to connect to target VMs from the command line and log in using their Azure Active Directory credentials.
Public preview: Azure Sphere expands SoC portfolio with NXP i.MX 93-CS family
The versatility of the i.MX 93-CS and the secured Azure Sphere platform will make it easier and faster to bring IoT innovation to market.
Azure Data Explorer always supported to cache the latest ingested data for best performance. It now supports selectively caching older data which is ideal when auditing a given time period.
You can now develop Azure Functions PowerShell apps locally and deploy them to Azure Functions on Linux OS.
Version 4.0 of the Azure Functions runtime supports .NET 6. It also supports Node.js, Python, Java, PowerShell, and other languages using custom handlers.
Both the in-process and isolated models are supported in .NET 6.0 Azure Functions.
Azure Static Web Apps now supports building and deploying .NET 6 Blazor WebAssembly and Azure Functions apps.
General availability: ExpressRoute now supports Azure Virtual Desktop Shortpath RDP over Private Peering
ExpressRoute enables direct connectivity between on-premises and Microsoft global network. You can connect to virtual machines and private endpoints defined in an Azure virtual network with private peering.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: