This week's roundup of all the cloud news.
All the news from AWS, Azure and GCP for the week ending October 23rd 2020.
Amazon RDS for MySQL Supports Minor Version 8.0.21
Introducing the AWS Load Balancer Controller
The ALB Ingress Controller is now the AWS Load Balancer Controller , and includes support for both Application Load Balancers and Network Load Balancers. The new controller enables you to simplify operations and save costs by sharing an Application Load Balancer across multiple applications in your Kubernetes cluster, as well as using a Network Load Balancer to target pods running on AWS Fargate.
Amazon EKS is now FedRAMP-Moderate compliant
Amazon Elastic Container Service for Kubernetes (EKS) clusters running in standard AWS regions are now compliant with the Federal Risk and Authorization Management Program (FedRAMP) Moderate baseline.
AWS Copilot CLI launches v0.5 to let users deploy scheduled jobs and more
This week, the AWS Copilot CLI for Amazon Elastic Container Service (Amazon ECS) launched version 0.5.0. Starting with this release, you can deploy applications or jobs that need to run only on a particular schedule. AWS Copilot has built in timeouts and retries to provide more flexibility for how your scheduled jobs run. AWS Copilot will also deploy all the required infrastructure and settings, while you just provide the application and the schedule to be run. This allows you to focus on development instead of manually setting up rules and infrastructure to ensure your scheduled jobs run when needed.
AWS App Mesh supports cross account sharing of ACM Private Certificate Authority
In August 2020, Amazon Certificate Manager (ACM) launched a feature to share Certificate Authorities (CA) between AWS accounts using AWS Resource Access Manager (RAM). With this week’s launch, AWS App Mesh customers will be able to use a certificate authority shared with their AWS account while configuring TLS between services in their mesh.
AWS App Mesh increases default limits on several resources
AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and enables options to tune for high-availability of your applications. App Mesh has now increased the default limits for a set of resources - virtual nodes, and virtual gateways. These limit increases make it easier for you to manage larger applications with App Mesh.
Amazon Redshift now supports the scheduling of SQL queries by integrating with Amazon EventBridge
Amazon Redshift now allows you to schedule your SQL queries for executions in recurring schedules and enables you to build event-driven applications by integrating with Amazon EventBridge. You can now schedule time sensitive or long running queries, loading or unloading your data, or refreshing your materialized views on a regular schedule.
Amazon Relational Database Service (RDS) Snapshot Export to S3 available in additional regions
You can now export Amazon Relational Database Service (Amazon RDS) or Amazon Aurora snapshots to Amazon S3 as Apache Parquet format in additional regions. Parquet is an efficient open columnar storage format for analytics and is up to 2x faster to export and consumes up to 6x less storage in Amazon S3, compared to other text formats. You can analyze the exported data with other AWS services such as Amazon Athena, Amazon EMR, and Amazon SageMaker.
Amazon AppStream 2.0 adds a smaller instance size to the General Purpose instance family
This week, Amazon AppStream 2.0 adds a new instance size to the General Purpose instance family. This new instance size, stream.standard.small, offers 1 vCPU and 2 GiB of memory. It is ideally suited for streaming lightweight, non-graphics applications such as browsers for secure web browsing and bastion host administration tools, and applications that are not resource intensive. To use the new instance size, create a new AppStream 2.0 fleet or modify your existing fleet by using the AppStream 2.0 console, AWS SDK, or AWS CLI.
Amazon MQ now supports ActiveMQ version 5.15.13
You can now launch Apache ActiveMQ 5.15.13 brokers on Amazon MQ. This patch update to ActiveMQ contains several fixes and new features compared to the previously supported version, ActiveMQ 5.15.12.
AWS CloudFormation now supports increased limits on five service quotas
AWS CloudFormation now supports increased limits on five service quotas - template size, resources, parameters, mappings, and outputs. The maximum size of a template that can be passed in an S3 Object is now 1MB (previously 450KB). The new per template limits for the maximum number of resources is 500 (previously 200), parameters is 200 (previously 60), mappings is 200 (previously 100), and outputs is 200 (previously 60).
AWS Step Functions now supports Amazon Athena service integration
AWS Step Functions is now integrated with Amazon Athena, an interactive query service, allowing you to build workflows that queries data on your S3 data lake. AWS Step Functions support built-in error handling, parameter passing, recommended security settings , and state management, reducing the amount of code you have to write and maintain.
Amazon SageMaker is now available in the Africa (Cape Town) and Europe (Milan) AWS regions
Amazon SageMaker is now available in the Africa (Cape Town) and Europe (Milan) AWS regions. Amazon SageMaker is a fully managed service that provides every developer and data scientist with the ability to build, train, and deploy machine learning (ML) models quickly. SageMaker removes the heavy lifting from each step of the machine learning process to make it easier to develop high quality models.
Amazon Kendra now supports custom data sources
Amazon Kendra is a highly accurate and easy to use intelligent search service powered by machine learning. Starting today, AWS customers can leverage Kendra’s intelligent search capabilities across a broader range of content repositories by using Kendra’s custom data source feature.
Amazon CloudFront announces support for public key management through IAM user permissions for signed URLs and signed cookies
Amazon CloudFront announces that you can now manage public keys used for signed URLs and signed cookies through Amazon Identity and Access Management (IAM) based user permission, without requiring the AWS root account. With the IAM user permissions based public key management, you get more flexibility and API access to manage your public keys.
CloudWatch Application Insights adds EBS volume and API Gateway metrics
Amazon CloudWatch Application Insights, adds additional storage volume metrics to provide further insights to your storage performance and health along with the new ability to monitor your API Gateway functions. CloudWatch Application Insights is a capability that helps enterprise customers easily setup application monitoring and enhanced observability for AWS resources. The new Elastic Block Store (EBS) metrics provide further details on storage volumes. The integration with the API Gateway service provides insights to the various API commands run through the gateway.
Amazon QLDB Go Driver is now generally available
Amazon QLDB Go Driver is now generally available, providing Go developers a simply way to access QLDB. The Go Driver offers an abstraction layer on top of the AWS SDK to handle QLDB sessions, streamline PartiQL statements, and handle ION data.
Now customize your Session Manager shell environment with configurable shell profiles
Session Manager, a capability of AWS Systems Manager, now enables you to customize the shell environment by specifying the commands to run at the start of a session. Using this feature, you can tailor the shell experience to the needs of your users or your organization, by adding customizations such as changing the default shell interpreter, displaying the hostname, or configuring command shortcuts.
Use existing Cognito User Pools & Identity Pools for your Amplify project
With this week’s Amplify CLI release, you gain the ability to import existing Amazon Cognito resources into your Amplify project. Just run the “amplify import auth” command and Amplify CLI will automatically configure all your Amplify-provisioned resources (GraphQL APIs, S3 buckets and more) to be authenticated with your designated existing Cognito User Pool or Identity Pool.
Amazon MSK adds support for Apache Kafka version 2.6.0
Amazon Managed Streaming for Apache Kafka (Amazon MSK) now supports Apache Kafka version 2.6.0 for new and existing clusters. Apache Kafka 2.6.0 includes several bug fixes and new features that improve performance. Some key features include native APIs to manage client quotas (KIP-546 ) and explicit rebalance triggering to enable advanced consumer usecases (KIP-568 ). For a complete list of improvements and bug fixes, see the Apache Kafka release notes for 2.6.0 .
AWS App Mesh is now available in Europe (Milan) Region
AWS App Mesh is a service mesh that provides application-level networking to make it easy for your services to communicate with each other across multiple types of compute infrastructure. AWS App Mesh standardizes how your services communicate, giving you end-to-end visibility and ensuring high-availability for your applications.
AWS Global Accelerator launches port overrides
AWS Global Accelerator announces the ability to override the destination ports used to route traffic to an application endpoint. This allows you to map a list of external destination ports — that your users send traffic to — to a list of internal destination ports that you want an application endpoint to receive traffic on. By default, an accelerator routes user traffic to endpoints in AWS Regions using the protocol and port ranges that you specify when you create a listener. For example, if you define a listener that accepts TCP traffic on ports 80 and 443, the accelerator routes traffic to those ports on an endpoint.
Pause and Resume Workloads on I3, M5ad, and R5ad Instances with Amazon EC2 Hibernation
You can now hibernate newly-launched EBS-backed Amazon EC2 I3, M5ad, and R5ad instances. Hibernation provides you with the convenience of pausing your workloads and resuming them later from the saved state. Hibernation is just like closing and opening your laptop lid — your application will start right from where it left off. By using hibernation, you can maintain a fleet of pre-warmed instances that can get to a productive state faster without modifying your existing applications.
AWS Backup is now available in Cape Town and Milan
AWS Backup is now available in 2 additional Regions: Cape Town (CPT) and Milan (MXP).
Amazon Kinesis Data Analytics is now available in the US West (California) AWS region
Amazon Kinesis Data Analytics is now available in the US West (California) AWS region.
Amazon Connect launches agent connection time metrics
You can now add connection time metrics to your reporting in Amazon Connect. This enables you to understand the time from when Connect sends a contact to an agent to when they accept and are connected to the phone call or chat.
AWS Systems Manager now allows filtering automation executions by applications or environments
You can now filter automation executions by resource groups in Systems Manager Automation. This allows you to group and view the automation executions specific to your applications or environments.
Amazon Redshift now supports modifying column compression encodings to optimize storage utilization and query performance
Amazon Redshift now allows users to modify the compression encoding of existing columns with a single statement. This new capability makes it easier to maintain the optimal compression encodings in Amazon Redshift to achieve high performance and reduce the storage utilization.
AWS Batch now supports Configurable Job Retries
AWS Batch now allows users to configure retry strategies based on defined exit codes. Customers can now determine whether their AWS Batch jobs retry based on specified events such as infrastructure failure or application failure. This allows customers to tightly control the actions taken on job failure - resulting in lower costs and faster throughput by retrying only when necessary.
AWS Lambda now supports AWS PrivateLink
AWS Lambda now supports AWS PrivateLink. With this feature you can manage and invoke Lambda functions from your Virtual Private Cloud (VPC) without exposing your traffic to the public internet. PrivateLink provides private connectivity between your VPCs and AWS services, like Lambda, on the private AWS network.
Port forwarding sessions created using Session Manager now support multiple simultaneous connections
Port forwarding sessions created using Session Manager, a capability of AWS Systems Manager, now support multiple simultaneous connections over the session. This improvement reduces the rendering latency and improves load times for applications that load data using multiple concurrent connections, when delivering such applications over a port forwarding session.
Kinesis Client Library now enables multi-stream processing
You can now process multiple Amazon Kinesis data streams with a single Kinesis Client Library (KCL) based consumer application. Previously, each KCL based application processes a single Kinesis data stream. With this new capability, you can update the list of streams at runtime for multi-stream processing in a scalable KCL application without redeploying the application. This reduces operational overhead of maintaining multiple KCL applications.
AWS DataSync simplifies initial setup for online data transfers
AWS DataSync now offers a simplified agent setup using the agent’s local console. This enables you to set up your agent faster, and test network connectivity between your on-premises storage and AWS within minutes.
You now can manage access to Amazon Keyspaces by using temporary security credentials for the Python, Go, and Node.js Cassandra drivers
You now can manage access to Amazon Keyspaces (for Apache Cassandra), a scalable, highly available, and fully managed Cassandra-compatible database service, by using temporary security credentials for the Python, Go, and Node.js Cassandra drivers.
Porting Assistant for .NET is now open source
Porting Assistant for .NET is now open source. Users can now extend the data set with new recommendations for assessment and use the extended data set to scan their project for incompatibilities. Users can also review and offer suggestions on exiting data sets. Users can actively participate in the development process and bring their experience and expert knowledge to the tool. They can review open issues in GitHub, comment on any of the issues that they are familiar with, make suggestions, ask questions, or open new issues if they like to start a new conversation. Source code for compatibility analysis component, assessment APIs and the data set used for the assessment are released under Apache 2.0 license
Amazon QuickSight adds support for on-sheet filter controls
Amazon QuickSight now supports filter controls that you can place beside visuals on dashboards, allowing readers to quickly slice and dice data in the context of its visual representation. You can create these filter controls from existing or new filters with a single click, and configure them to support different operations, such as filtering specific dates, relative dates, or date ranges, setting upper and lower thresholds for numeric values, adding drop-downs with single-select or multi-select options, and more. On-sheet filter controls can be used in dashboards within Amazon QuickSight, or in dashboards embedded within apps.
Amazon EMR now provides up to 35% lower cost and up to 15% improved performance for Spark workloads on Graviton2-based instances
Amazon EMR now supports Amazon EC2 M6g instances to deliver the best price performance for cloud workloads. Amazon EC2 M6g instances are powered by AWS Graviton2 processors that are custom designed by AWS utilizing 64-bit Arm Neoverse cores. Amazon EMR provides up to 35% lower cost and up to 15% improved performance for Spark workloads on Graviton2-based instances versus previous generation instances. In addition, the combination of EMR runtime for Apache Spark and EC2 M6g instances offer up to 76% lower total cost and 3.6 times improved performance compared to running open source Apache Spark on previous generation instances.
AWS Systems Manager Patch Manager now provides a catalog of all patches for Amazon Linux
AWS Systems Manager Patch Manager now makes it easier for you to create patch compliance reports by providing a catalog of all patches released for Amazon Linux and Amazon Linux 2. You can now view a list of all released patches for Amazon Linux and Amazon Linux 2 even if those patches are not applicable to your fleet based on your patch rules. Further, you can view additional details such as severity, release date, and vulnerability identifier (CVE-ID) for patches in the catalog.
Introducing the Microsoft Azure Modular Datacenter
The Microsoft Azure Modular Datacenter (MDC) is designed to support datacenter scale scenarios for humanitarian aid, disaster response, and other needs for high-intensity, secure cloud computing in challenging environments.Read More »
Zone Redundancy for Azure Cache for Redis now in preview
Between waves of pandemics, hurricanes, and wildfires, you don’t need cloud infrastructure adding to your list of worries this year. Fortunately, there has never been a better time to ensure your Azure deployments stay resilient. Availability Zones in particular are one of the best ways to mitigate risks from outages and disasters.Read More »
GCP Improve security & governance in PostgreSQL with Cloud SQL
Ensuring databases are securely managed is a crucial part of every organization’s critical operations. When those organizations rely on a managed service like Cloud SQL, a key benefit is consistency of management, including security policies that extend beyond a single service. Cloud SQL has continued to enhance its security capabilities. Google have introduced VPC Service Controls so you can securely connect to your database instance, and have added Customer Managed Encryption Keys as an option for meeting regulatory compliance. Now, Google are proud to announce Cloud Identity and Access Management (Cloud IAM) integration and the enablement of PostgreSQL Audit Extension (pgAudit), both available in preview for Cloud SQL for PostgreSQL.
GCP Announce new Compute Engine autoscaler controls
New scale-in controls in Compute Engine let you limit the VM deletion rate by preventing the autoscaler from reducing a MIG's size by more VM instances than your workload can tolerate to lose.
When you configure autoscaler scale-in controls, you control the speed at which you scale in. The autoscaler never scales in faster than your configured rate
GCP Cloud Run now sends SIGTERM signal to your container instance
Coursera is offering on month of no-cost access to 6 GCP certification courses until November 19th.
- Google Cloud Networking Professional Certificate
- Google Cloud Security Professional Certificate
- Google Cloud SRE and DevOps Engineer
- GCP Associate Cloud Engineer
- GCP Cloud Architect
- GCP Professional Data Engineer
Google Cloud Virtual Events
To support the unique needs of GCP customers in Europe, Middle East, and Africa, on 29 September GCP are kicking off a brand-new Next OnAir event exclusively for EMEA.
Google Cloud Next OnAir EMEA offers a full roster of curated content, including more than 30 new sessions specially tailored to the region. Join Google experts and local customers to learn how organizations are already transforming in the cloud, and connect and collaborate with industry experts to solve your toughest challenges.
Each week Google will be highlighting a different focus:
27 Oct: Application modernization and business application platform—Explore how to develop and modernise applications with open source and other software, and how APIs give you better visibility and control.
Register today, for free, on the Next OnAir EMEA website. You’ll get full access to all 30+ sessions being presented throughout the five-week event alongside the more than 250 sessions created for the global Google Cloud Next ’20: OnAir program.
Azure Virtual Events
Microsoft have a full schedule of Virtual Events
A full list including session times and details are here : https://azure.microsoft.com/en-us/community/events/
AWS events are pretty fluid at the moment, with most in-person events being cancelled or postponed. There are a number that have been taken online and full details can be found here: https://aws.amazon.com/events/
Thanks for reading again this week, we hope you found something useful.
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what the GCP, Azure and AWS automated diagram generator can do for your workflow, security and compliance needs - please get in touch.
You can reach us on chat, email firstname.lastname@example.org to book a callback or demo.