Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 8th October 2021
To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting later this year that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
Source: aws.amazon.com
AWS are excited to announce a new recipe in Amazon Personalize that, when given an item, will recommend similar items based on both user-item interaction data and item metadata. The combination of your users’ historical interactions and the information you have about your items increases the relevance of recommendations and ensures similar items capture your users’ attention. To assess the similarity of items we measure how frequently the items are found together in users’ histories. As a benchmark, we found that the new recipe is 10.2% more accurate in identifying similar items than recipes that use interactions data alone. This means your users will be more likely to find the items most related to what they are viewing.
Starting today, Amazon EC2 Mac instances are available in Europe (Stockholm), Europe (London), Europe (Frankfurt), Asia Pacific (Seoul), Asia Pacific (Tokyo), Asia Pacific (Mumbai), and Asia Pacific (Sydney) Regions. Built on Apple Mac mini computers, EC2 Mac instances enable customers to run on-demand macOS workloads in the AWS cloud for the first time, extending the flexibility, scalability, and cost benefits of AWS to all Apple developers. With EC2 Mac instances, developers building apps for iPhone, iPad, Mac, Apple Watch, Apple TV, and Safari can now provision and access macOS environments within minutes. EC2 Mac enables developers to dynamically scale capacity as needed, and benefit from AWS’s pay-as-you-go pricing to develop, build, test, sign, and publish their apps.
Starting this week, you can configure your Amazon Lex bots to provide periodic updates to users while their requests are processed. Customer support conversations often require execution of business logic that can take some time to complete. For example, updating an itinerary on an airline reservation system may take a couple of minutes during peak hours. Typically, support agents put the call on hold and provide periodic updates (e.g., “We are still processing your request; thank you for your patience”) until the request is fulfilled. Now, you can easily configure your bot to automatically provide such periodic updates in a conversation. With progress updates capability, bot builders can quickly enhance the ability of virtual contact center agents and smart assistants.
Amazon QuickSight now supports pixel-perfect dashboards with the new free-form layout mode. Free-form layouts provide authors with precise, pixel-level control over the size and placement of visual elements on QuickSight dashboards, including support for overlapping content. In addition, authors can also set additional attributes for QuickSight visuals in free-form layout, including background color, transparency, border color, selection color as well as visibility of the loading animation, visual context menu and on-visual menu. Free-form layout also supports conditional rendering of visual elements, which allows authors to show or hide content based on QuickSight parameter values, enabling context sensitive display of text, visuals and images. The combination of these options allows QuickSight authors to showcase their creativity by creating complex, interactive dashboards that allow end-users to understand key insights from their data.
AWS IoT SiteWise is now available in the Mumbai, Seoul, and Tokyo AWS Regions, extending the footprint to 11 AWS Regions.
AWS have updated the Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) management console to improve your overall experience with configuring and managing your OpenSearch and Elasticsearch clusters on the service. The new console helps you create and update domains, as well helps you get information about your domains, more easily.
The Amazon Chime SDK lets developers add real-time audio, video, screen share, and messaging capabilities to their web or mobile applications. With media capture pipelines, developers can capture the contents of their Amazon Chime SDK meeting and save them to an Amazon Simple Storage Service (Amazon S3) bucket of their choice. Starting today developers can configure APIs to customize the media capture experience for their applications, by easily switching the way they capture audio, video and content streams.
Amazon SageMaker now supports Fast File Mode for accessing data in training jobs. This enables high performance data access by streaming directly from Amazon S3 with no code changes from the existing File Mode. For example, training a K-Means clustering model on a 100GB dataset took 28 minutes with File Mode but only 5 minutes with Fast File Mode (82% decrease).
AWS Lambda functions that are triggered from Amazon MSK topics can now access MSK clusters secured by IAM Access Control. This is in addition to SASL/SCRAM, which is already supported on Lambda. To get started, customers who select MSK as the event source for their Lambda function can configure their function's execution role to allow Lambda to connect to their clusters and read from their topics. This feature requires no additional charge to use, and is available in all AWS Regions where Amazon MSK is supported as an event source for AWS Lambda.
We are excited to announce that Amazon Kendra is adding support for 34 languages for keyword-based search over documents and FAQs. Amazon Kendra is an intelligent search service powered by machine learning. Customers with content in one or more of the supported languages can now use Amazon Kendra to index and search their content with native language support.
AWS Elastic Beanstalk now supports decoupling a database running in an Elastic Beanstalk environment. Previously, a database instance created by Elastic Beanstalk was tied to the lifecycle of the environment. With this launch, the lifecycle of your database instance will not be tied to your application’s environment lifecycle, and you can decouple a database managed by Elastic Beanstalk from a Beanstalk environment. The environment’s health is not affected by the decoupling operation and you can keep the database operational as an external database, available for multiple environments to connect to it. You also have the option to terminate an Elastic Beanstalk environment while leaving the database operational.
We are announcing the support of using Apache Spark SQL to update Apache Hive metadata tables when using Amazon EMR integration with Apache Ranger .
AWS Network Firewall now offers new configuration options for rule ordering and default drop, making it easier to write and process rules to monitor your virtual private cloud (VPC) traffic.
Amazon SageMaker Data Wrangler reduces the time it takes to aggregate and prepare data for machine learning (ML) from weeks to minutes. With SageMaker Data Wrangler, you can simplify the process of data preparation and feature engineering, and complete each step of the data preparation workflow, including data selection, cleansing, exploration, and visualization from a single visual interface.
AWS Application Migration Service (AWS MGN) is now available in four additional AWS Regions: Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Seoul), and Europe (London).
AWS Backup Audit Manager now allows you to generate reports to track the compliance of your defined data protection policies in AWS Backup. You can create a report plan in AWS Backup Audit Manager to deliver compliance reports in your designated Amazon S3 bucket. You can use these reports to identify violations of your data protection policies, perform remediation, and demonstrate compliance of your data protection policies to meet regulatory requirements.
You can now access D-Wave’s Advantage 4.1 quantum annealing system on Amazon Braket, the AWS quantum computing service. According to D-Wave, the new Advantage quantum processing unit (QPU) has more than 5,000 active qubits with 15-way connectivity to enable researchers and developers to explore larger and more complex optimization problems.
Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now supports cross-cluster replication, enabling you to automate copying and synchronizing of indices from one domain to another at low latency in same or different AWS accounts or Regions. With cross-cluster replication, you can achieve high availability for your mission critical applications with sequential data consistency.
Amazon Relational Database Service (Amazon RDS) Performance Insights is now available in the Middle East (Bahrain), Africa (Cape Town), Europe (Milan), Asia Pacific (Osaka) regions. Amazon RDS Performance Insights is a database performance tuning and monitoring feature of RDS and Aurora that helps you quickly assess the load on your database and determine when and where to take action.
This week, Amazon Location Service is adding distance-based filtering of device position updates.
Using Amazon EC2 Capacity Reservation Fleet, you can easily migrate your reserved Amazon EC2 capacity to new generation instance types. Capacity Reservations allow you to reserve capacity for your immediate use in a specific instance type and Availability Zone and can be cancelled by you at any time. With Capacity Reservation Fleet, you can reserve capacity across a prioritized list of instance types. When your reservations for lower priority instance types are unused, it will automatically convert them to capacity reservations for higher priority instance types.
AWS Transfer Family now supports Amazon S3 Access Points, a feature of Amazon S3 that allows you to easily manage granular access to shared data sets. Now, you can use S3 Access Point aliases anywhere an S3 bucket name is used today for shared datasets that are utilized by hundreds of SFTP, FTP, and FTPS users and groups.
AWS Glue DataBrew, a visual data preparation tool that makes it easy for data analysts and data scientists to clean and normalize data for analytics and machine learning, is now available in the AWS Africa (Cape Town) Region. See where DataBrew is available by using the AWS Region Table.
We are announcing the general availability of VMware Cloud on AWS Outposts, a jointly-engineered solution that delivers VMware Cloud on AWS as a fully managed experience to virtually any datacenter, co-location space, or on-premises facility with AWS Outposts. It runs VMware’s enterprise-class Software-Defined Data Center (SDDC) software on dedicated AWS Nitro System-based EC2 bare metal Outposts instances. VMware Cloud on AWS Outposts is built for VMware workloads that require low-latency access to on-premises systems, local data processing, or data residency.
AWS Backup Audit Manager now supports AWS CloudFormation, allowing you to audit and report on the compliance of your data protection policies using AWS CloudFormation templates. You can now deploy AWS Backup Audit Manager's pre-built, customizable controls using AWS CloudFormation templates and evaluate whether all your backups are in compliance with your policies. You can also generate audit reports that help you monitor your operational posture and demonstrate compliance of your backups with regulatory requirements.
AWS Firewall Manager now enables you to configure logging for your AWS Network Firewalls provisioned using a Firewall Manager policy. When you set up a Firewall Manager policy for Network Firewall, you can now enable logging for all the accounts that are in scope of the policy and have the logs centralized under your Firewall Manager administrator account. This makes it easy to enable logging for AWS Network Firewall across multiple accounts and VPCs through a single Firewall Manager policy.
AWS License Manager announces Delegated Administrator support for Managed entitlements. This feature allows license administrators to manage and distribute licenses across their AWS accounts from a delegated account outside of the management account. Using delegated administrator, you can grant licenses from AWS Marketplace and Independent Software Vendors across your organization and benefit from the administrative capabilities previously afforded to the management account only.
AWS IoT Events is now available in the Asia Pacific (Mumbai) Region, extending the footprint to 13 AWS regions.
Amazon CodeGuru is a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code.
The AWS Solutions team recently updated Amazon Workspaces Cost Optimizer, a solution that analyzes all of your Amazon WorkSpaces usage data and automatically converts the WorkSpace to the most cost-effective billing option (hourly or monthly), depending on your individual usage. This solution also helps you monitor your WorkSpace usage and optimize costs.
Amazon EC2 now supports Hibernation for Ubuntu 20.04 LTS operating system. Hibernation allows you to pause your EC2 Instances and resume them at a later time, rather than fully terminating and restarting them. Resuming your instance lets your applications continue from where they left off so that you don’t have to restart your OS and application from scratch. Hibernation is useful for cases where rebuilding application state is time-consuming (e.g., developer desktops) or an application’s start-up steps can be prepared in advance of a scale-out.
Starting this week, Amazon Textract now extends support for AWS PrivateLink to both AWS GovCloud (US) Regions. Customers can now access Amazon Textract from their Amazon Virtual Private Cloud (Amazon VPC) in AWS GovCloud (US) without using public IPs and without requiring the traffic to traverse across the Internet.
Amazon Relational Database Service (Amazon RDS) for PostgreSQL now supports PostGIS major version 3.1. This new version of PostGIS is available on PostgreSQL versions 13.4, 12.8, 11.13, 10.18, and higher.
Amazon CodeGuru is a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code.
AI Platform Training
Runtime version 2.6 is available. You can use runtime version 2.6 to train with TensorFlow 2.6, scikit-learn 0.24.2, or XGBoost 1.4.2. Runtime version 2.6 supports training with CPUs, GPUs, or TPUs.
See the full list of updated dependencies in runtime version 2.6.
Anthos Service Mesh
1.11.2-asm.17 is now available.
Anthos Service Mesh 1.11 includes the features of Istio 1.11 subject to the list of Anthos Service Mesh supported features.
Managed Anthos Service Mesh isn't rolling out to the rapid release channel at this time. You can periodically check this page for the announcement of the rollout of Managed Anthos Service Mesh to the rapid channel. See Select a Managed Anthos Service Mesh release channel for more information.
asmcliis generally available for new installations and upgrades of Anthos Service Mesh. You can use asmcli to:
Install the Anthos Service Mesh in-cluster control plane
The in-cluster control plane is supported on the on the following platforms using asmcli:
Note: Upgrades from Anthos Service Mesh 1.7 on EKS to Anthos Service Mesh 1.11 aren't supported. You will need to set up a new EKS cluster to install Anthos Service Mesh 1.11.
asmcli requires clusters to be registered with a fleet. asmcli can automatically register a cluster as long as it meets the requirements specified in fleet requirements. asmcli does not support automatic fleet registration for GKE 1.22 clusters, which must be registered manually before installation.
Using install_asm and istioctl install is deprecated and support for these tools for installations and upgrades of Anthos Service Mesh will be removed when Anthos Service Mesh 1.12 is released. Please update your scripts and tools to use asmcli. For more information see Transitioning to asmcli.
The Anthos Service Mesh integration with Certificate Authority Service (CA Service) is generally available. You can use CA Service as the certificate authority for signing mutual TLS certificates. See Configure Anthos Service Mesh to use CA Service for details.
Anthos Service Mesh uses a proxy that is based on OSS Envoy. The Anthos Service Mesh 1.11 proxy is based on Envoy v1.19.1.
Artifact Registry
You can now specify a release or snapshot version policy for Maven repositories when you create them. You cannot change the version policy of an existing repository. Repositories created before availability of this feature accept both snapshot and release packages.
Big Query
BigQuery Migration Service is now in Preview. It includes the following features:
Cloud Bigtable
Cloud Bigtable provides a CPU utilization by app profile, method, and table metric that gives you more granular observability into the cluster's CPU usage. This metric is generally available (GA).
Cloud Logging
You can now collect Apache httpd logs from the Ops Agent, starting with version 2.4.0. For more information, see Collecting logs from third-party applications: Apache httpd.
The Ops Agent now supports collecting logs from the systemd-journald service, starting with Ops Agent version 2.4.0. For information on configuring the systemd_journald receiver, see Configuring the Ops Agent: Logging receivers.
Cloud Monitoring
GKE version 1.20.8-gke.2100 or later offers a Preview of a fully managed metric collection pipeline to scrape Prometheus-style metrics exposed by any GKE workload and send those metrics to Cloud Monitoring for dashboards, alerts, and SLOs. Compared to the Prometheus Stackdriver sidecar, this new pipeline is easy to set up, allows filtering to control cost, supports larger clusters, is fully managed, supports Autopilot and horizontal Pod autoscaling, and offers better pricing. Get started with GKE workload metrics.
Cloud Spanner
You can now specify the statistics package for the query optimizer to use, to ensure predictability in your query plans.
Cloud SQL for MySQL
Cloud SQL now supports the ability for you to specify IP CIDR ranges from your VPC network for your Cloud SQL instances allowing you to manage your IP address space better. For more information, see Allocated IP address ranges. To start using this feature now, see Configuring private IP for a new instance.
Cloud Storage
Turbo replication is a premium feature designed to provide inter-region replication for newly written objects within 15 minutes.
This feature is now available in Preview.
Cloud VPN
Classic VPN partial deprecation update
Starting on March 31, 2022, you will no longer be able to create new Classic VPN tunnels that use dynamic routing (BGP) unless you are creating a specifically supported configuration.
On or after March 31, 2022, you can still create the following Classic VPN configurations:
This notice replaces any previous notice about the deprecation of static routing configurations in Classic VPN.
Although Google will not proactively disable existing connections on the deprecation date, deprecated Classic VPN configurations will only receive maintenance updates going forward.
For more information, see Classic VPN partial deprecation for a video tutorial and documentation to help you migrate to the more reliable High Availability Cloud VPN solution.
GKE
GKE version 1.20.8-gke.2100 or later offers a Preview of a fully managed metric collection pipeline to scrape Prometheus-style metrics exposed by any GKE workload and send those metrics to Cloud Monitoring for dashboards, alerts, and SLOs. Compared to the Prometheus Stackdriver sidecar, this new pipeline is easy to set up, allows filtering to control cost, supports larger clusters, is fully managed, supports Autopilot and horizontal Pod autoscaling, and offers better pricing. Get started with GKE workload metrics.
Fit assessment tool now in GA
The migration fit assessment tool has moved from the Public Preview to General Availability.
vSphere/vCenter inventory discovery can now be scoped to a vSphere inventory path using the new --path flag, instead of collecting info about all VMs managed by the vCenter being assessed.
A quick assessment command has been added to generate a report using a single command. The command uses the result file(s) generated by manually running the Linux and/or Windows collection script on assessed VMs.
Security Command Center
Security Health Analytics, a built-in service of Security Command Center, released new detectors in general availability.
The following detectors, available only in Security Command Center's Premium tier, detect vulnerabilities in your Google Kubernetes Engine clusters and expand the number of detectors that support the CIS Google Kubernetes Engine (GKE) Benchmark v1.0.0:
ALPHA_CLUSTER_ENABLED: Alpha cluster features are enabled for a GKE cluster.BINARY_AUTHORIZATION_DISABLED: Binary Authorization is disabled on a GKE cluster.CLUSTER_SECRETS_ENCRYPTION_DISABLED: Application-layer secrets encryption is disabled on a GKE cluster.CLUSTER_SHIELDED_NODES_DISABLED: Shielded GKE nodes are not enabled for a cluster.INTEGRITY_MONITORING_DISABLED: Integrity monitoring is disabled for a GKE cluster.INTRANODE_VISIBILITY_DISABLED: Intranode visibility is disabled for a GKE cluster.NODEPOOL_SECURE_BOOT_DISABLED: Secure Boot is disabled for a GKE cluster.RELEASE_CHANNEL_DISABLED: A GKE cluster is not subscribed to a release channel.For more information, see Container vulnerability findings. To learn how to remediate vulnerabilities, see Remediating Security Health Analytics findings
Vertex AI
Vertex Feature Store is generally available (GA).
VPC
The number of Private Service Connect endpoints that are connected to a service attachment is now correctly adjusted when an endpoint is deleted.
If you are using Private Service Connect endpoints to access services in another VPC network, and you create more endpoints than are allowed by the limit set by the service producer, any endpoints created after the limit is reached have a status of Pending, as expected. Now, if you remove endpoints to get below the limit, the status of those endpoints correctly changes to Accepted.
Microsoft Azure Releases And Updates
Source: azure.microsoft.com
Standard network features for Azure NetApp Files volumes is now in public preview in select regions. This includes support for increased IP limits, Network Security Groups, User-defined routes, and additional connectivity patterns like connectivity over Active/Active VPN gateway and ExpressRoute FastPath
TARGET RETIREMENT DATE: NOVEMBER 01, 2021
Transition to Azure Resource Manager by 1 November 2021.
Participate in the retail evaluation now to ensure full compatibility. The OS evaluation period for 21.10 provides 14 days for backward compatibility testing.
Python developers can now take advantage of the version enhancements in Python 3.9 using Azure Functions.
Deploy Windows 11 desktops and applications on Azure Virtual Desktop and utilize new capabilities while optimizing for cost.
Azure Availability Zones are now generally available in the South Africa North region. These three new zones provide customers with options for additional resiliency and tolerance to infrastructure impact.
Azure Availability Zones are now generally available in the Korea Central region. These three new zones provide you with options for additional resiliency and tolerance to infrastructure impact.
Azure Form Recognizer now offers a pre-built version of the service in preview for document extraction as well as the following capabilities in preview: signature detection, hotel receipts processing, and deeper extraction of content from US driver's licenses. In addition, the service is now easier to use with Form Recognizer Studio and new REST APIs.
Public preview enhancements and updates released for Azure Security Center in September 2021.
Azure NetApp Files, one of the fastest growing bare-metal Azure services is now available to Azure customers directly from the Azure portal, CLI, API or with SDK – without having to go through waitlist approval process.
Azure NetApp Files backup expands the data protection capabilities of Azure NetApp Files by providing fully managed backup solution for long-term recovery, archive, and compliance.
Azure VMware Solution NFS datastores on Azure NetApp Files is currently in private preview and is coming soon. The solution provides more choice to optimize and scale storage for Azure VMware Solution environments.
VMware HCX is the primary migration solution for organizations moving VMware workloads natively to a cloud service like Azure VMware Solution. The HCX Enterprise Edition, now generally available with Azure VMware Solution, is a premium HCX service that includes Replication Assisted vMotion and Mobility Optimized.
Azure VMware Solution has now expanded availability to Brazil South and East US 2, this update is in addition to the existing availability across multiple Azure regions in US, Europe, Australia, Japan, UK, Canada, and Southeast Asia.
Azure Stream Analytics is a fully managed, real-time analytics service designed to help you analyze and process fast moving streams of data that can be used to get insights, build reports, or trigger alerts and actions. The service is now available in 2 new China regions.
With September updates, we added support for wild cards and conditional expressions in YAML pipeline files. In addition, we included multiple improvements to Delivery Plans.
Develop customized geolocation-based content and services with Azure Maps Geolocation.
Microsoft speech service just released the de-CH locale that recognizes Swiss dialects as well as standard German as part of our speech to text offering. This enables the creation of smart speech solutions tailored to Switzerland’s market needs.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: