Hava Blog and Latest News

In Cloud Computing This Week [Nov 19th 2021]

Written by Team Hava | November 19, 2021

This week's roundup of all the cloud news.


Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 19th November 2021 

Great news! We've released some cool new features recently that many Hava users have been requesting.

  • Projects - Assign data sources and team members to a project so they only see the environments they need to have access to. You can read more about projects here: https://docs.hava.io/account/projects
  • SSO - Currently in Beta release, Single Sign On providers SAML and OIDC are available on request. You can read more about Hava's SSO integration here: https://docs.hava.io/single-sign-on/overview We would welcome some feedback on the SSO integration as we add more providers. Please get in touch if your would like SSO enabled on your SaaS or self-hosted account.

Coming Soon: 

  • Azure Security View - a much requested, this new diagram will show inbound and outbound rules by priority for each of the network security groups in your Azure account. This feature will be available on all Professional and Business plans sometime in December. If you would like to trial the Azure Security View ahead of the Beta release, please get in touch.
  • Azure AKS View - This will show your AKS clusters, workloads and pods. Final testing is underway. Once released, GKE and EKS views are not far behind.

To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting soon that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of. 

Of course we'd love to keep in touch at the usual places. Come and say hello on:

Facebook.      Linkedin.     Twitter.

AWS Updates and Releases

Source: aws.amazon.com

AWS Service Management Connector for ServiceNow supports AWS Systems Manager Change Manager

Starting today, AWS customers can make change requests for AWS resources/services based on templates in ServiceNow via AWS Systems Manager Change Manager. Upon approval in ServiceNow, these change requests will execute the AWS Systems Manager Automation runbooks associated to the change template. AWS Systems Manager Change Manager simplifies the way you request, approve, implement, and report on operational changes to your application configuration and infrastructure on AWS . This integration enables customers to streamline and align the maintenance, management and governance of AWS resources/services with their familiar IT Change Management (enablement) processes and tools.

Amazon EMR Studio is now available in Europe (Paris) and South America (Sao Paulo)

EMR Studio is an integrated development environment (IDE) that makes it easy for data scientists and data engineers to develop, visualize, and debug  big data and analytics applications written in R, Python, Scala, and PySpark. This week AWS are excited to announce that EMR Studio is now available in the Europe (Paris), and South America (Sao Paulo) regions.

Amazon Interactive Video Service adds high resolution metrics for monitoring stream health

With Amazon Interactive Video Service (Amazon IVS) you can now monitor the health of your live stream inputs using four new Amazon CloudWatch metrics and two new APIs. These metrics and APIs can help you diagnose and troubleshoot issues with live streams either as they happen or after the streams have ended. You can also use APIs from Amazon IVS and Amazon CloudWatch to embed data into your own dashboard or application.

Contact Lens for Amazon Connect is now FedRAMP Moderate compliant and has also added support for Asia Pacific (Seoul) AWS Region

Contact Lens for Amazon Connect has now been included on the list of AWS Services in Scope for the FedRAMP Moderate baseline. The security and compliance of Contact Lens is assessed as part of multiple AWS compliance programs. Contact Lens is compliant with PCI and SOC, while also being a HIPAA eligible service. For a list of AWS services in scope of specific compliance programs, see AWS Services in Scope by Compliance Program. For general information, see AWS Compliance Programs.

Amazon Rekognition Custom Labels now offers an enhanced experience to train computer vision models more easily

Amazon Rekognition Custom Labels is an automated machine learning (AutoML) service that allows you to build custom computer vision models to detect objects and scenes specific to your business needs without the need of in-depth machine learning expertise. Starting today, we have updated the Amazon Rekognition Custom Labels console to introduce step-by-step directions on how to manage, train, and evaluate your custom models. This revamped guided experience makes it even easier for you to train your own computer vision models in four simple steps with just a few clicks.

Amazon Redshift simplifies the use of other AWS services by introducing the default IAM role

Amazon Redshift now simplifies the use of other services such as Amazon S3, Amazon SageMaker, AWS Lambda, Amazon Aurora, and AWS Glue by allowing customers to create an IAM role from the Redshift console and assigning it as the default IAM role while creating an Amazon Redshift cluster. The default IAM role helps simplify SQL operations such as COPY, UNLOAD, CREATE, EXTERNAL FUNCTION, CREATE EXTERNAL TABLE, CREATE EXTERNAL SCHEMA, CREATE MODEL, or CREATE LIBRARY that accesses other AWS services by eliminating the need to specify the Amazon Resource Name (ARN) for the IAM role .

AWS Glue DataBrew announces native console integration with Amazon AppFlow

AWS Glue DataBrew now has native console integration with Amazon AppFlow, allowing users to connect to data from Salesforce, Zendesk, Slack, ServiceNow, and other Software-as-a-Service (SaaS) applications, as well as AWS services like Amazon S3 and Amazon Redshift. When creating a new dataset in DataBrew, you can now create a flow via Amazon AppFlow that loads data (by schedule, event, or on-demand) into Amazon S3. Once the flow has been established to Amazon S3, you can easily clean, normalize, and transform this data in DataBrew and join it with datasets from other data stores or SaaS applications. DataBrew also provides information about when your flow was last refreshed and allows you to trigger flows directly from the DataBrew console. Learn more about supported AppFlow sources and destinations here .

The dashboard feature is now generally available in AWS Audit Manager

AWS Audit Manager now offers a dashboard to simplify your audit preparations with at-a-glance views of your evidence collection status per control. You can instantly track the progress of your audit assessments relative to common control domains. These control domains are general categories of controls, not specific to any one framework that allow customers to quickly assess status on common themes (E.g.- track overall issues in Identity and Compliance control domain).

AWS Glue DataBrew now allows customers to create data quality rules to define and validate their business requirements

AWS Glue DataBrew users can now create data quality rules, which are customizable validation checks that define business requirements for specific data. You can create rules to check for duplicate values in certain columns, validate that one column does not match another, or define many more custom checks and conditions based on your specific data quality use cases. You can group rules for a given dataset into a ruleset for efficiency and apply these checks as part of a standard data profile job. Results are populated in a data quality dashboard and validation report, helping you to quickly view rule outcomes and determine whether your data is fit for use.

Amazon Aurora supports MySQL 8.0

Amazon Aurora MySQL-Compatible Edition now supports MySQL major version 8.0. MySQL 8.0 includes improved performance functionality from enhancements such as instant DDL to speed up the overall process of creating and loading a table and its associated indexes and SKIP LOCKED and NOWAIT options to avoid waiting for other transactions to release row locks. MySQL 8.0 adds developer productivity features such as window functions to more easily solve query problems and common table expressions to enable use of named temporary result sets. It also includes JSON functionality additions, new security capabilities, and more. MySQL 8.0 on Aurora MySQL-Compatible Edition supports popular Aurora features including Global Database, RDS Proxy, Performance Insights, and Parallel Query.

AWS Glue DataBrew now supports custom SQL statements to retrieve data from Amazon Redshift and Snowflake

AWS Glue DataBrew customers are now able to create datasets by writing Structured Query Language (SQL) statements to retrieve data from Amazon Redshift and Snowflake using Java Database Connectivity (JDBC) connections. You can use a purpose-built query to select the data you want and limit the data returned from large tables before cleaning, normalizing, and transforming that data with DataBrew. For a list of supported input formats, please see the AWS Glue DataBrew input formats list .

Amazon S3 on Outposts now delivers strong consistency automatically for all applications

Amazon S3 on Outposts now delivers strong read-after-write and list-after-write consistency for any storage request at no additional cost. 

AWS Identity and Access Management now makes it more efficient to troubleshoot access denied errors in AWS

To help you quickly troubleshoot your permissions in Amazon Web Services (AWS), AWS Identity and Access Management (IAM) now includes the policy type that’s responsible for the denied permissions in access denied error messages. Amazon Sagemaker, AWS CodeCommit and AWS Secrets Manager are among the first AWS services that now offer this additional context, with other services following in the next few months. When you troubleshoot access-related challenges, the identified policy type in the access denied error message helps you to quickly identify the root cause and unblock your developers by updating relevant policies.

Amazon Polly Launches a new French Neural Text-to-Speech voice

Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of the Neural Text-to-Speech (NTTS) version of Léa, a French Polly voice. Now, Amazon Polly customers can enjoy Léa either as an NTTS or a Standard voice. With this launch, we now offer 23 NTTS voices across 13 languages.

AWS Service Management Connector makes installation easier through ServiceNow Guided Setup

Starting this week, AWS customers can install the AWS Service Management Connector via a guided setup in ServiceNow. This guided setup simplifies the ServiceNow scoped app configurations tasks, minimizing the expertise needed to establish the connection between AWS and ServiceNow. ServiceNow administrators, or power users with permissions to the Connector scoped app, simply follow the guided steps and mark each task complete or skipped where applicable. The AWS Service Management Connector documentation also includes an AWS CloudFormation baseline permissions  template that sets up the AWS environment. Thus, the ServiceNow Guide Setup and AWS baseline permissions give customers the ability to focus on developing guardrails and detective controls via integrated AWS services and validating that connection between AWS and ServiceNow.

Amazon SNS now supports publishing batches of up to 10 messages in a single API request

Amazon Simple Notification Service (Amazon SNS) now supports message batching for the publish action, which let’s you publish up to 10 messages in a single batch request to either Standard Topics or FIFO Topics. Batching messages into a single API request is intended for those who want to reduce their costs associated with connecting decoupled applications with Amazon SNS. Previously, Amazon SNS required individual API requests for every published message.

Bottlerocket is now available in AWS GovCloud (US) Regions

Bottlerocket, a Linux-based operating system designed to run container workloads is now available in AWS GovCloud (US) Regions.

Amazon Cognito launches new console experience for user pools

Amazon Cognito now offers a new console experience that makes it even easier for customers to manage Amazon Cognito user pools and add sign-in and sign-up functionality to their applications. Customers that wish to opt in to the new and streamlined experience can do so by navigating to the Amazon Cognito console.

Amazon Monitron launches Web App

This week, AWS are announcing the launch of the Amazon Monitron Web App. The Web App joins the existing Amazon Monitron Android App and iOS App, giving customers more options for using Amazon Monitron. Customers can now use the Amazon Monitron Web App from their desktops, laptops or tablets to monitor equipment and receive reports on operating behavior and alerts to potential failures in those equipment. They can access the Web app in a browser by clicking on the Amazon Monitron project link that can be found on the Amazon Monitron console. To commission the sensors and gateways, users will still need the Amazon Monitron Android App or iOS App since the commissioning process requires their phone’s Near Field Communication (NFC) and Bluetooth (BT) capabilities.  

Amazon ECS for Windows now supports ECS Exec

Amazon Elastic Container Service (Amazon ECS) now supports Amazon ECS Exec for workloads running on Windows operating systems. Amazon ECS Exec, launched in March 2021, makes it easier for customers to troubleshoot errors, collect diagnostic information, interact with processes in containers during development, or get “break-glass” access to containers to debug critical issues encountered in production.

AWS announces the launch of AWS AppConfig Feature Flags in preview

This week AWS are announcing the launch of AWS AppConfig Feature Flags, which will enable you to move faster and safer while releasing new features to your customers. Feature flags allow you to release features to your applications, independent of code deployments. Development teams often coordinate application feature releases along with a large-scale marketing event and are required to release features gradually to the users. Similarly, DevOps teams often respond to operational events by enabling existing functionality in their application. This launch enables Developers and DevOps teams to use AWS AppConfig to create and validate feature flag configuration data and deploy single or multiple features flags to their application in a monitored and controlled way. AWS AppConfig, a feature of AWS Systems Manager, is used as a best practice by thousands of teams within Amazon to deploy feature flags and application configuration changes to applications at run-time.

Amazon Pinpoint now supports Safari push notifications

You can now use Amazon Pinpoint to send push notifications to your website users on their Mac desktop using Apple Push Notification service. Safari push notifications display your website icon and notification text that users can click to go to your website. This allows you to reach your end users right on their desktop to inform them of new product launches, engage them in upcoming promotions, and share events as they unfold.

Amazon Rekognition reduces pricing of all Image APIs by up to 38%

Starting November 9, 2021, Amazon Rekognition Image APIs pricing has been reduced by up to 38% in all 14 supported regions . This price reduction will automatically reflect in customer bills starting from November 2021.

Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now offers - M6g - instances for Mumbai and San Francisco Regions

Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now offers AWS Graviton2 general purpose - M6g instance family. Customers can enjoy up to 38% improvement in indexing throughput, 50% reduction in indexing latency, and 30% improvement in query performance when compared to the corresponding x86-based instances from the current generation M5.

AWS Application Migration Service is now available in the Africa (Cape Town), Europe (Milan), Europe (Paris), and Middle East (Bahrain) Regions

AWS Application Migration Service (AWS MGN) is now available in four additional AWS Regions: Africa (Cape Town), Europe (Milan), Europe (Paris), and Middle East (Bahrain).

AWS Control Tower now supports nested organizational units

We are excited to announce the support for AWS Organizations nested organizational units (OUs) in AWS Control Tower. An organization is an entity that you create to consolidate a collection of AWS accounts so that you can administer them as a single unit. Within each organization, you can create organizational units which help manage and govern groups of accounts in an organization. Nested OUs provide further customization between groups of accounts within OUs, giving you more flexibility when applying policies for different workloads or applications. For example, you can separate production workloads and non-production workloads within an OU. With support for nested OUs, you can now easily organize accounts in your Control Tower environment in a hierarchical, tree-like structure that best reflects your business needs.

AWS Glue DataBrew now provides detection and data masking transformations for Personally Identifiable Information (PII)

AWS Glue DataBrew now provides customers the ability to mask Personally Identifiable Information (PII) data during data preparation. With just a few clicks, you can detect PII data as part of a data profiling job and gather statistics such as number of columns that may contain PII and potential categories, then use built-in data masking transformations including substitution, hashing, encryption, decryption, and more, all without writing any code. You can then use the cleaned and masked datasets downstream for analytics, reporting, and machine learning tasks. 

AWS Application Migration Service now supports agentless replication

AWS Application Migration Service (AWS MGN) now supports agentless replication from VMware vCenter versions 6.7 and 7.0 to the AWS Cloud. AWS Application Migration Service is the primary service for lift-and-shift migrations to AWS.

Amazon CloudWatch Container Insights adds console support for visualizing workload issues and problems via Amazon CloudWatch Application Insights problems

You can now easily setup workload specific monitoring and view the health of these workloads via Amazon CloudWatch Application Insights problems directly from the Amazon CloudWatch Container Insights console, making it easier to dive deep into issues, troubleshoot problems and reduce mean time to resolution.

Visualize all your Kubernetes clusters in one place with Amazon EKS Connector, now generally available

This week, AWS are excited to announce the general availability of Amazon Elastic Kubernetes Service (EKS) Connector. With EKS Connector, you can now extend the EKS console to view your Kubernetes clusters outside of AWS. You can use the EKS console to visualize Kubernetes clusters including your on-premises Kubernetes clusters, self-managed clusters running on Amazon Elastic Compute Cloud (EC2), and clusters from other cloud providers. Once connected, you can see all of your clusters’ statuses, configurations, and workloads in one place on the EKS console.

AWS Network Firewall achieves ISO compliance

Starting this week, AWS Network Firewall is compliant with the ISO 9001, ISO 27001, ISO 27017, ISO 27018 and ISO 27701 standards. AWS maintains certifications through extensive audits of its controls to ensure that information security risks that affect the confidentiality, integrity, and availability of company and customer information are appropriately managed.

AWS Marketplace launches upfront contract pricing for Amazon Machine Images (AMI) and Container products

This week, AWS announced that customers can purchase Amazon Machine Image (AMI) and Container products from AWS Marketplace with one, two, or three-year contracts on supported products. 

AWS Glue FindMatches now provides match scores

The FindMatches ML transform in AWS Glue now includes an option to output match scores, which indicate how closely each grouping of records match each other. The FindMatches transform allows you to identify duplicate or matching records in your dataset, even when the records do not have a common unique identifier and no fields match exactly. FindMatches helps automate complex data cleaning and deduplication tasks.

Amazon Rekognition text detection supports 7 new languages and improves accuracy

Amazon Rekognition can detect and read text in an image, and return bounding boxes for each word found. Starting today, Amazon Rekognition supports text detection in images in 7 new languages - Arabic, Russian, German, French, Italian, Portuguese and Spanish. Amazon Rekognition automatically detects and extracts text in images in all supported languages, without requiring a language parameter. In addition, Amazon Rekognition delivers higher overall accuracy, with improvements for vertical and curved text in images.

Announcing general availability of AWS Elastic Disaster Recovery

This week AWS are announcing the general availability of AWS Elastic Disaster Recovery (AWS DRS), a new service that enables organizations to minimize downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications. AWS Elastic Disaster Recovery is the recommended service for disaster recovery to AWS.

Amazon Virtual Private Cloud now supports Bring your own IP (BYOIP) in seven additional AWS Regions

Starting this week, Bring Your Own IP (BYOIP) is available in seven additional AWS Regions. These AWS Regions are Africa (Cape Town), Asia Pacific (Osaka, Seoul), Europe (Milan, Paris, Stockholm), and Middle East (Bahrain). This launch makes BYOIP available in all commercial regions, AWS GovCloud (US-East), and AWS GovCloud (US-West).

FreeRTOS cellular LTE-M interface library is now generally available

Starting this week, cellular LTE-M interface library is generally available in FreeRTOS. With this launch, developers will find it easier to build IoT devices that use the cellular LTE-M protocol to connect to the cloud. The main FreeRTOS download  includes AWS IoT reference integrations with cellular modules from vendors such as Sierra Wireless, u-blox, and Quectel.

Amazon Kendra releases AWS Single Sign-On integration for secure search

Amazon Kendra is an intelligent search service powered by machine learning, enabling organizations to provide relevant information to customers and employees, when they need it. 

Amazon Translate Now Extends Support for Active Custom Translation to all language pair combinations

Amazon Translate is a neural machine translation service that delivers fast, high-quality, affordable, and customizable language translation. This week, AWS are excited to announce the general availability of Active Custom Translation (ACT) to customize your translation between any currently supported languages . For example, you can now use ACT between German and French.

Amazon Location Service adds new capabilities to help customers better filter geographical search results

This week, Amazon Location Service added five new parameters to help developers filter and process search results for points of interest, addresses (known as geocoding), and geographical positions (known as reverse geocoding). With these new parameters, they can tailor and optimize location results to meet the needs of their specific applications. For example, developers can choose to only select the closest search result, personalize the results to the end-user's preferred language, or enable time-related features such as turning lights on and off in a home automation application.

Amazon Rekognition improves accuracy of content moderation for images

Amazon Rekognition content moderation is a deep learning-based feature that can detect inappropriate, unwanted, or offensive images and videos, making it easier to find and remove such content at scale. Amazon Rekognition provides a detailed taxonomy across 35 sub-categories and 10 distinct top-level moderation categories . Starting this week, Amazon Rekognition content moderation comes with an improved model for image moderation that significantly reduces false positive rates across all of the moderation categories, particularly ‘explicit nudity’, without reduction in detection rates for truly unsafe content. Lower false positive rates imply lower volumes of flagged images to be reviewed further, leading to a better experience for human moderators and more cost savings.

Amazon AppStream 2.0 Introduces Linux Application Streaming

Amazon AppStream 2.0 adds support for Amazon Linux 2. With this launch, you can now stream Linux applications and desktops to your users, and greatly lower the total streaming cost by migrating Matlab, Eclipse, Firefox, PuTTY, and other similar applications from Windows to Linux on Amazon AppStream 2.0.

AWS Amplify announces the ability to add custom AWS resources to Amplify-created backends using CDK and CloudFormation

This week, AWS Amplify announced a new “amplify add custom” command to add any of the 175+ AWS services to an Amplify-created backend using the AWS Cloud Development Kit (CDK) or AWS CloudFormation. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud. The new ability to add custom resources enables developers to add additional resources beyond Amplify’s built-in use cases with a single command.

AWS Transfer Family adds identity provider options and enhanced monitoring capabilities

Starting this week, you can use AWS Lambda with your AWS Transfer Family server to integrate an identity provider of your choice. This results in easier ways to authenticate and authorize your users. Additionally, you can now monitor your file transfers using a centralized CloudWatch metrics dashboard in the AWS Transfer Family Management Console.

Observe SAP HANA databases with Amazon CloudWatch Application Insights

Amazon CloudWatch Application Insights  now supports observability for SAP HANA databases so you can troubleshoot and resolve problems impacting your SAP HANA-based workloads more easily.

Amazon MQ now supports RabbitMQ version 3.8.23

You can now launch RabbitMQ 3.8.23 brokers on Amazon MQ. This patch update to RabbitMQ contains several fixes and enhancements compared to the previously supported version, RabbitMQ 3.8.22.

AWS Glue FindMatches now supports incrementally matching new data against an existing dataset

The FindMatches ML transform in AWS Glue now allows you to match newly arrived data against existing matched datasets. The FindMatches transform allows you to identify duplicate or matching records in your dataset, even when the records do not have a common unique identifier and no fields match exactly. It makes it faster and easier to clean and deduplicate data sets.

AWS Network Firewall is now SOC compliant

AWS Network Firewall is now SOC 1, SOC 2, and SOC 3 compliant. You can now use AWS Network Firewall for use cases that are subject to System and Organization Controls (SOC) reporting. AWS SOC reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives.

New and improved Amazon Athena console is now generally available

Amazon Athena’s redesigned console is now generally available in all AWS commercial and GovCloud regions where Athena is available. The new and improved console brings a modern, more personalized experience to all of the features you enjoy in the current console and includes several new features which make analyzing data with Athena more powerful and productive.

AWS Snow Family now supports external NTP server configuration

AWS Snow Family now supports external Network Time Protocol (NTP) server configuration on Snowball Edge and Snowcone devices. By providing external NTP support, customers are able to synchronize device time with the NTP servers they provide.

Amazon Connect launches API to configure security profiles programmatically

Amazon Connect now provides an API to programmatically create and manage security profiles. Security profiles help you manage who can access and perform actions in Amazon Connect, such as using the Contact Control Panel (CCP), adding a new agent, or viewing the built-in reports. Using this API, you can programmatically update security profiles as your Amazon Connect access control needs change. To learn more, see the API documentation .

Amazon Connect Customer Profiles now provides a contact block to personalize customer service

Amazon Connect Customer Profiles now offers a contact block that enables contact center managers to personalize the contact center experience without the need to write code. Using Amazon Connect’s contact flow builder’s graphical user interface and the new Customer Profiles contact block, contact center managers can create personalized experiences that leverage customer information such as name and address. For example, you can play a personalized greeting by using the customer name from the Customer Profiles block or route customers to different queues based on their address. The new flow block also enables you to update customer information using inputs customer provide, helping you keep profiles up to date with the latest customer information.

AWS Launch Wizard now supports Microsoft SQL Server deployments using Amazon EBS gp3, io2, and io2 Block Express volumes

AWS Launch Wizard supports Amazon Elastic Block Store (EBS) gp3, io2, and io2 Block Express volumes for Microsoft SQL Server deployments. Now you can take full advantage of the new generations of EBS volumes when you use Launch Wizard for the high availability or single node deployments of SQL Server on Amazon EC2.

AWS IoT Greengrass now supports Microsoft Windows devices

AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software. With this release, AWS IoT Greengrass version 2.5 adds support for Microsoft Windows devices. Windows gateway devices are commonly used in industrial IoT scenarios to automate manufacturing operations by collecting local sensor and equipment data and triggering local actions using application business logic. For example, consider an automotive assembly line where a steel stamping press creates a complex part that is prone to defects. Quality Control (QC) automation can be built using a video camera stream fed to a gateway device that uses local ML inference to check part dimensions and find cosmetic defects. The gateway could then notify operators if defects are identified.

AWS App Runner supports AWS CDK to build and deploy applications

AWS App Runner now supports using the AWS Cloud Development Kit (AWS CDK) to build and deploy applications. AWS CDK enables you to compose your infrastructure across AWS from a single source using familiar programming languages such as Python and Node.js. With the AWS CDK integration, you can create App Runner services by defining your source code location as Amazon Elastic Container Registry (Amazon ECR) Public, Amazon ECR private, or GitHub. You can also create the required Identity and Access Management (IAM) roles using the AWS CDK for other services your application uses, such as Amazon DynamoDB and AWS Lambda.

AWS Amplify announces the ability to override Amplify-generated resources using CDK

AWS Amplify announces the ability for developers to override Amplify-generated IAM, Cognito, and S3 configuration to best meet app requirements. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud. With the new override capability, developers can easily configure their backend with Amplify-provided defaults but still customize fine-grained resource settings.

AWS Step Functions Synchronous Express Workflows now supports AWS PrivateLink

AWS Step Functions’ Synchronous Express Workflows now supports AWS PrivateLink allowing you to start a Synchronous Express Workflow from your Virtual Private Cloud (VPC) without traversing the public internet.

AWS IoT Device Management is now supported on AWS CloudFormation

We are excited to announce that AWS IoT Device Management resources are now supported on AWS CloudFormation. With a few clicks, you can now use a CloudFormation template to pre-configure and deploy IoT fleet management infrastructure like Job Templates , Fleet Metrics , and IoT Logging settings  in a standardized and repeatable way across multiple regions and accounts.

AWS releases open source JDBC driver to connect to Amazon Neptune

AWS released an open source Java (JDBC) driver to connect to Amazon Neptune. This makes it easy for customers to connect to Neptune with tools and libraries that support JDBC, such as popular Business Intelligence (BI) tools.

Safer interrupt management demo for FreeRTOS kernel

FreeRTOS now contains an example code that demonstrates a method of minimizing the time an application spends in privileged mode in FreeRTOS ports on microcontrollers (MCU) with Memory Protection Unit (MPU) support. FreeRTOS ports with MPU support  enable MCU applications to be more robust and secure by running application tasks in unprivileged mode, where they have access only to their own stacks and pre-configured memory regions. The only application code that runs in privileged mode on these MPU enabled MCUs are Interrupt Service Routines (ISRs). The example code demonstrates an approach to keep ISRs short and defer most of the application work to unprivileged FreeRTOS tasks, which helps improve security of the application by minimizing the time it spends in privileged mode.

Google Cloud Releases and Updates
Source: cloud.google.com


AI Platform Prediction

Runtime version 2.7 is now available. You can use runtime version 2.7 to serve online predictions with TensorFlow 2.7.0, scikit-learn 1.0, or XGBoost 1.4.2. Runtime version 2.7 does not support batch prediction.

See the full list of updated dependencies in runtime version 2.7.

Anthos on bare metal

Anthos clusters on bare metal 1.7.6 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.7.6 runs on Kubernetes 1.19.

Anthos clusters on bare metal 1.9.2 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.9.2 runs on Kubernetes 1.21.

Anthos clusters on VMware

Anthos clusters on VMware 1.9.2-gke.4 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.9.2-gke.4 runs on Kubernetes v1.21.5-gke.1200.

The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.9, 1.8, and 1.7.

Artifact Registry

Artifact Registry repositories with gcr.io domain support are now available in Preview. These gcr.io repositories provide some features that are backwards-compatible with Container Registry.


BigQuery is now available in the Santiago (southamerica-west1) region.

Cloud Asset Inventory

The following resource types are now publicly available through the Export APIs (ExportAssets and BatchGetAssetsHistory) and the Feed API:

    • Vertex AI
      • aiplatform.googleapis.com/PipelineJob

The following resource types are now publicly available through the Analyze Policy APIs (AnalyzeIamPolicy and AnalyzeIamPolicyLongrunning):

    • BigQuery
      • bigquery.googleapis.com/Model
    • Google Kubernetes Engine
      • apps.k8s.io/Deployment
      • apps.k8s.io/ReplicaSet
      • batch.k8s.io/Job

Cloud Load Balancing

Cloud Load Balancing introduces a new version of the external HTTP(S) load balancer. The new global external HTTP(S) load balancer with advanced traffic management capabilities contains many of the features of our existing classic HTTP(S) load balancer, but with an ever-growing list of traffic management capabilities such as weighted traffic splitting, request mirroring, outlier detection, fault injection, and so on.

For details on the new load balancer, see:

This load balancer is available in Public Preview.

Cloud Monitoring

Cloud Monitoring now supports dashboard-wide grouping and filtering. For more information, see Dashboard-wide filters.

Preview: Google Cloud Managed Service for Prometheus, Google Cloud's fully managed, Prometheus-compatible monitoring solution, is now available in Preview. You can use the managed service anywhere that you use standard Prometheus today. The collector retains all expected Prometheus functionality, such as local storage and rule evaluation.

Managed Service for Prometheus also offers managed data collection in Kubernetes environments, reducing the complexity of deploying, scaling, sharding, configuring, and maintaining the collectors. For more information, see Google Cloud Managed Service for Prometheus.

Cloud Run

The following new region is now available: southamerica-west1.

Cloud VPN

Cloud VPN is now available in region southamerica-west1 (Santiago, Chile).

Pricing is available on the Cloud VPN pricing page.

Compute Engine

Generally available: You can now configure N2, N2D, and C2 VMs with up to 100 Gbps of network bandwidth.

This feature is ideal for network-intensive, distributed workloads such as high-performance computing (HPC), machine learning (ML), and deep learning (DL).

Learn more about high-bandwidth network configurations, and the regions and zones where these VMs are available.

Generally available: Santiago, Chile, South America southamerica-west1-a,b,c region has launched with E2, N2, and C2 VMs in all three zones. See VM instance pricing for details.

Generally available: You can now monitor health state change logs for VM instances in a managed instance group when you use application-based health checking.

Generally available: N2D machine types running on third generation AMD EPYC Milan processors. These machine types are only available in specific regions and zones. See VM instance pricing for details.

Generally available: T2D Tau machine types are available in select regions and zones. Tau T2D VMs offer excellent price-performance for a wide range of scale-out workloads. See VM instance pricing for details.


Dataproc is now available in the southamerica-west1 region (Santiago, Chile).


Dialogflow CX Phone Gateway now supports call transfer.

Dialogflow CX webhooks now support custom CA certificates.

Dialogflow CX now supports agent backup.


The southamerica-west1 region in Santiago, Chile is now available.

Traffic Director

Traffic Director service security for GKE is now in General Availability. This provides the following:

    • Authentication and encryption using transport layer security (TLS) and mutual TLS (mTLS) for both Traffic Director with Envoy and proxyless gRPC applications. Server TLS policies and client TLS policies control whether services need to prove their identities to each other and use encrypted communication channels.

    • Authorization, based on characteristics of the client and the request. Authorization policies control whether a service is permitted to access another service, and which actions are allowed. Authorization is currently available only for Traffic Director with Envoy.

For more information, see the service security documentation and setup guides.


For auto mode VPC networks, added a new subnet for the Santiago southamerica-west1 region. For more information, see Auto mode IP ranges.

Microsoft Azure Releases And Updates
Source: azure.microsoft.com

Public preview: Azure Virtual Machines DCv3-series now available in Europe West and North

Confidential computing DCsv3 and DCdsv3-series virtual machines (VMs) are now available in Europe West and Europe North.

General availability: New Sweden Central region added to Azure HDInsight

HDInsight is now available in more European regions, Sweden Central.

Azure VMware Solution now generally available in the France Central Azure Region

Azure VMware Solution has now expanded availability to France Central, this update is in addition to the existing availability multiple Azure regions in US, Europe, Australia, Japan, UK, Canada, Brazil and Southeast Asia (Singapore).

Public preview: Azure SQL bindings for Azure Functions

You can connect Azure SQL to Azure Functions more easily with input and output bindings, now available in public preview.

JetStream Disaster Recovery for Azure VMware Solution now generally available

JetStream Disaster Recovery is now generally available on Azure VMware Solution, enabling DR protection for VMware based business applications. JetStream Disaster Recovery for Azure VMware Solution is also cost-effective, leveraging Azure Blob Storage to minimize resources at the DR site.

General availability: Azure Machine Learning updates - November 2021

The new feature in general availability for Azure Machine Learning includes deploying with pre-built Inferencing docker images.

Public preview: Azure Machine Learning updates - November 2021

New features now available in public preview for Azure Machine Learning include test AutoML models and calculate test metrics, support for storage account IP firewall, and new pipeline capabilities using CLI v2.

Virtual machines selector now generally available

The newly released virtual machines selector lets you quickly find the Azure VMs and disk storage options that meet your requirements. Localized in 26 different languages, the tool guides your selection based on workload categories, operating systems, and Azure regions of your choice. The virtual machine selector is integrated with the pricing calculator.

Public preview: Monitor Spring Boot apps in Azure Spring Cloud with AppDynamics

With the integration of AppDynamics in Azure Spring Cloud, developers can keep using a popular and familiar application performance monitoring (APM) tool to monitor Spring Boot applications.

Public preview: Azure Spring Cloud start and stop, bring your own persistent storage, and Service Connector

Azure Spring Cloud now lets you start and stop your applications to reduce costs, bring your own persistent storage for logs and dumps, and connect your apps with Azure services more easily using Service Connector.

SFTP support for Azure Blob Storage - now in public preview

Azure Blob Storage is the only storage platform that supports SFTP over object storage natively in a serverless fashion, enabling you leverage object storage economics and features with legacy workloads that use SFTP.

General availability: Copy data to/from Azure Data Explorer using Azure Data Factory or Synapse Analytics

Mapping Data Flows provides scale-out data transformation in the cloud in Azure Data Factory and Azure Synapse Analytics. With these additional connectors, you can build ETL patterns at Spark scale in a code-free design environment without ever touching the Spark compute. Azure Integration Runtimes allow you to define the Spark environment and provide a serverless Spark compute for your data transformation pipelines.

General availability: Azure API Management updates- October 2021

Azure API Management is now available with new updates such as support for managed identity authentication for communication with Application Insights, ability to import Container App as an API and more.

East Asia Availability Zones now generally available

Azure Availability Zones are now generally available in the East Asia region. These three new zones provide you with options for additional resiliency and tolerance to infrastructure impact.

Public preview: Run Command – Execute PowerShell or shell scripts on Virtual Machines and Scale Sets

The updated Run Commands are now management orientated, allows to run multiple scripts, track their progress and define Run Command resources in ARM templates to automate VM deployments.

General availability: Microsoft Azure available from new cloud region in Sweden

Azure is now available from our newest sustainable datacenter region Sweden Central.

General availability: NFSv4.1 support on Azure Files

With NFS (Network File Share) on Azure Files, you can now deploy fully managed, POSIX compliant, distributed NFS file shares in your production environments for a wide variety of workloads. 

Azure VMware Solution is now generally available in Japan West Azure Region

Azure VMware Solution has expanded availability to Japan West. With this release Japan West is now the second region within the Japan sovereign area to become available (joining Japan East).

Public preview: VM Applications – Manage and deploy applications to Virtual Machines and Scale Sets

With VM Applications, you can create and securely store application packages in an Azure Compute Gallery. Package management is greatly simplified with logical grouping and versioning capabilities and packages can be shared with other users in your organization, across subscriptions, and tenants.


Have you tried Hava automated diagrams for AWS, Azure and GCP.  Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free. 

When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: