This week's roundup of all the cloud news.
Here's a cloud round up of all things GCP, Azure and AWS for the week ending Friday 24th September 2021
To stay in the loop, make sure you subscribe on the right - There's a new newsletter series starting later this year that will keep you up to date with all our new releases, enhancements and capabilities and will also showcase lesser known but powerful features that you may not be aware of.
Of course we'd love to keep in touch at the usual places. Come and say hello on:
AWS Updates and Releases
Amazon Macie adds support for selecting managed data identifiers
Amazon Macie now allows you to select which managed data identifiers to use when you create a sensitive data discovery job. This allows you to customize what data types you deem sensitive and would like Macie to alert on per specific data governance and privacy needs in your organization. When you create a job, choose from the growing list of managed data identifiers such as personally identifiable information (PII), financial information, or credential materials that you would like to target for each sensitive data discovery job you configure and run with Macie.
Amazon Connect Customer Profiles adds product purchase history to personalize customer interactions
Amazon Connect Customer Profiles now supports out-of-the-box integration with product purchase history from Salesforce . When a customer calls or messages a contact center for service, Amazon Connect Customer Profiles equips contact center agents with the customer information they need to deliver personalized customer service and resolve issues quickly. Customer Profiles helps make it simple to bring together customer information (e.g., name, address, phone number, contact history, purchase history, open issues) from multiple applications into a unified customer profile, delivering the profile directly to the agent as soon as they begin interacting with the customer. If an agent wants to understand previous interactions to service a customer, they can visit Contact Trace Record (CTR) details page by clicking “CTR Details” to review information such as call categorization, call sentiments and transcripts. Customer Profiles can be used out of the box by agents or embedded in your existing agent application .
AQUA is now available for Amazon Redshift RA3.xlplus nodes
AQUA (Advanced Query Accelerator) for Amazon Redshift is now generally available for Amazon Redshift RA3.xlplus nodes.
AWS WAF now offers in-line regular expressions
AWS WAF extends its regular expression (regex) support, allowing regex patterns to be expressed in-line within a rule statement. Previously, you had to create a regex pattern set, which provides a collection of regex patterns in a rule statement, even if you wanted to use just a single regex pattern in your WAF rule logic. With in-line regex, you can now include a single regex pattern directly inside a WAF rule statement, simplifying how WAF rules are expressed within your web ACL.
Announcing General Availability of Tracing Support in AWS Distro for OpenTelemetry
Customers can now manage AWS Service Catalog AppRegistry applications in AWS Systems Manager
AWS Service Catalog AppRegistry and AWS Systems Manager Application Manager now provide an end-to-end AWS application management experience. With this release, customers can use AppRegistry to create applications within their infrastructure as code, CI/CD pipelines, and post-provisioning processes, and use Application Manager to view application operational data and perform operational actions.
Amazon Simple Email Service is now available in the Asia Pacific (Osaka) Region
Amazon Simple Email Service (Amazon SES) is now available in the Asia Pacific (Osaka) AWS Region. Amazon SES is a scalable, cost-effective, and flexible cloud-based email service that allows digital marketers and application developers to send marketing, notification, and transactional emails from within any application. To learn more about Amazon SES, visit this page.
Amazon ElastiCache now supports M6g and R6g Graviton2-based instances in additional regions
Amazon ElastiCache for Redis and Memcached now supports Graviton2 M6g and R6g instance families in additional regions: South America (Sao Paulo), Asia Pacific (Hong Kong, Seoul), Europe (London, Stockholm), North America (Montreal), US East (GovCloud US East), US West (GovCloud US West), and mainland China (Ningxia, Beijing). Customers choose Amazon ElastiCache for workloads that require blazing-fast performance with sub-millisecond latency and high throughput. Now, with Graviton2 M6g and R6g instances, customers can enjoy up to a 45% price/performance improvement over previous generation instances. Graviton2 instances are now the default choice for Amazon ElastiCache customers.
AWS IoT Device Defender announces Audit One-Click
This week AWS launched Audit One-Click for AWS IoT Device Defender. Audit One-Click makes it easy for AWS IoT Core customers to improve their security baseline by making it possible to start auditing their account and IoT devices against security best practices with a single click.
Amazon ECR adds the ability to replicate individual repositories to other regions and accounts
This week, Amazon Elastic Container Registry (ECR) launched the ability to replicate specific repositories to accounts or regions, and see when images were replicated through the ECR API. This gives you granular control to replicate images within repositories you want, instead of replicating all images in a registry, and the ability to automate actions through the new DescribeImageReplicationStatus API whenever images are replicated.
Amazon EMR Studio now supports multi-language Jupyter-based notebooks for Spark workloads
EMR Studio is an integrated development environment (IDE) that makes it easy for data scientists and data engineers to develop, visualize, and debug big data and analytics applications written in R, Python, Scala, and PySpark. Today, we are excited to announce that from EMR 6.4.0 and later, you can use Python, Scala, SparkSQL, and R within the same Jupyter notebook in EMR Studio, providing flexibility to use different programming languages for Spark workloads.
Amazon Lex is now available in the Asia Pacific (Seoul) and Africa (Cape Town) regions
Starting today, Amazon Lex is available in the Asia Pacific (Seoul) and Africa (Cape Town) regions. Amazon Lex is a service for building conversational interfaces into any application using voice and text. Amazon Lex combines advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text. This enables you to build applications with engaging users experiences and lifelike interactions. With Amazon Lex, you can easily create sophisticated, natural language, conversational bots (“chatbots”), virtual agents and IVR systems.
Amazon Lex announces utterances statistics for bots built using Lex V2 console and API
Amazon Lex is a service for building conversational interfaces into any application using voice and text. Starting today, Amazon Lex makes utterances statistics available through the Amazon Lex V2 console and API. You can now use utterances statistics to tune bots built on Lex V2 console and APIs to further improve conversational experience for your users. With this launch, you can view and analyze utterance information processed by the bot. This information can be used to improve performance of your bot by adding new utterances to existing intents and helping you discover new intents that can be serviced by the bot. Utterances statistics also enable you to compare performance across multiple versions of a bot.
Amazon EC2 Fleet instant mode now supports targeted Amazon EC2 On-Demand Capacity Reservations
Starting this week, you can use EC2 Fleet with targeted On-Demand Capacity Reservations. On-Demand Capacity Reservations enable you to reserve compute capacity for your Amazon EC2 instances in a specific Availability Zone for any duration. For targeted Capacity Reservations, instances must specifically target the Capacity Reservation to run in the reserved capacity. Until now, there was no option to use targeted Capacity Reservations when launching an EC2 Fleet.
AWS Ground Station announces Licensing Accelerator
AWS is announcing Licensing Accelerator, a new AWS Ground Station feature which provides commercial businesses, space start-ups, and universities access to resources to help them more efficiently secure spectrum licenses required for their operations and missions. Licensing accelerator is free-of-charge to AWS Ground Station customers. AWS Ground Station is a fully managed service that lets customers control satellite communications, process satellite data, and scale their satellite operations. With Licensing Accelerator, AWS Ground Station customers can launch and scale their spacecraft operations faster by leveraging the latest, centrally located information about satellite licensing regulations such as space station licensing, remote sensing licenses, and International Telecommunications Union (ITU) coordination.
AWS Single Sign-On is now available in the AWS GovCloud (US-West) Region
AWS Single Sign-On is now available in the AWS GovCloud (US-West) Region. For a full list of the regions where AWS SSO is available, see the AWS Regional Services List.
Amazon DynamoDB now provides you more granular control of audit logging by enabling you to filter Streams data-plane API activity in AWS CloudTrail
You now can use AWS CloudTrail to filter and retrieve Amazon DynamoDB Streams data-plane API activity, giving you more granular control over which DynamoDB API calls you want to selectively log and pay for in CloudTrail and to help address compliance and auditing requirements.
Amazon SageMaker Autopilot now generates additional metrics for classification problems
Amazon SageMaker Autopilot automatically builds, trains, and tunes the best machine learning models based on your data, while allowing you to maintain full control and visibility. Starting today, SageMaker Autopilot generates additional metrics, along with the objective metric, for all model candidates. For binary classification problems, Autopilot now generates F1 score (harmonic mean of the precision and recall), accuracy, and AUC (area under the curve) for all model candidates. For multi-class classification, Autopilot now generates both F1 macro and accuracy for all model candidates. As previously supported, you can select any of these metrics as the objective metric to be optimized by your Autopilot experiment. By viewing additional metrics along with the objective metric, you can now quickly assess and compare multiple candidates to build a model that best meets your needs.
SageMaker Studio enables interactive Spark based data processing from Studio Notebooks
Amazon SageMaker announces a new set of capabilities that will enable interactive Spark based data processing from SageMaker Studio Notebooks. Amazon SageMaker Studio is the first fully integrated development environment (IDE) for machine learning (ML). SageMaker Studio provides a single, web-based visual interface where you can perform all ML development steps required to prepare data, as well as build, train, and deploy models. With a single click, data scientists and developers can quickly spin up Studio Notebooks to interactively explore datasets and build ML models.
Optimize your Amazon Forecast model with the accuracy metric of your choice
AWS have announced that in Amazon Forecast, you can now select the accuracy metric of your choice to direct AutoML to optimize training a predictor for the selected accuracy metric. Additionally, AWS have added three more accuracy metrics to evaluate your predictor – average weighted quantile loss (Average wQL), mean absolute percentage error (MAPE), and mean absolute scaled error (MASE).
Amazon Comprehend announces model management and evaluation enhancements
Amazon Comprehend has launched a suite of features for Comprehend Custom to enable continuous model improvements by giving developers the ability to create new model versions, to continuously test on specific test sets, and to migrate new models to existing endpoints. Using AutoML, custom entity recognition allows you to customize Amazon Comprehend to identify entities that are specific to your domain; custom classification enables you to easily build custom text classification models using your business-specific labels. Custom models can subsequently be used to perform inference on text documents, both in real-time and batch processing modes. Creating a custom model is simple - no machine learning experience required. Below is a detailed description of these features:
AWS Site-to-Site VPN releases updated Download Configuration utility
This week, AWS Site-to-Site VPN released an updated Download Configuration utility. With this update, Site-to-Site VPN customers can generate configuration templates for compatible Customer Gateway (CGW) devices, making it easier to create VPN connections to AWS. This update adds support for Internet Key Exchange version 2 (IKEv2) parameters for many popular CGW devices.
AWS Amplify CLI and Admin UI is now generally available in US West (N. California), Europe (Paris), Europe (Stockholm), South America (São Paulo), and Middle East (Bahrain)
AWS Amplify offers a fully managed static web hosting service that accelerates your application release cycle by providing a simple CI/CD workflow for building and deploying full-stack static web applications. Simply connect your application's code repository in the console, and changes to your frontend and backend are deployed in a single workflow on every code commit.
AWS announces General Availability of the Amazon GameLift Plug-in and AWS CloudFormation Templates for Unity
This week, AWS announced the general availability (GA) of the Amazon GameLift Plug-in for Unity, making it easier to access GameLift resources and integrate GameLift into your Unity game. Trusted by some of the most successful game companies in the world like Ubisoft and Gungho, GameLift deploys, operates, and scales dedicated servers for multiplayer games. With this update, game developers can use the GameLift Plug-in for Unity to access GameLift APIs and deploy AWS CloudFormation templates for common gaming scenarios.
Now authenticate Amazon EMR Studio users using IAM-based authentication or IAM Federation, in addition to AWS Single Sign-On
Amazon EMR Studio is an integrated development environment (IDE) that makes it easy for data scientists and data engineers to develop, visualize, and debug data engineering and data science applications written in R, Python, Scala, and PySpark. Today, we are introducing additional authentication options with EMR Studio. Before this release, to login to EMR Studio, you needed to integrate your identity provider (IdP) with AWS Single Sign-on (AWS SSO). With this release, you can now choose to use AWS Identity and Access Management (IAM) authentication or use IAM federation with your corporate credentials to login to EMR Studio, in addition to using AWS SSO.
Amazon Detective supports S3 and DNS finding types, adds finding details
Amazon Detective expands security investigation support for Amazon Simple Storage Service (S3) and DNS-related findings on Amazon GuardDuty, providing full coverage of all detections from GuardDuty. Along with this, Detective now makes it even easier for a security analyst to investigate entities and behaviors using a revamped user experience.
Amazon Connect Chat now supports passing a customer display name and contact attributes through the chat user interface
Amazon Connect Chat now supports passing a customer display name and contact attributes through the chat user interface so you can personalize the chat customer experience. Contact attributes include relevant metadata associated with the contact such as customer ID, loyalty status, or even context about the webpage the customer was on when they started the chat. Contact attributes are available in Amazon Connect flows, making it easy to create unique and compelling customer experiences, such as prioritizing a platinum level customer or performing an agent screen pop with the relevant customer information displayed. In addition, you can also share the customer name using the chat user interface, ensuring that the name is visible to both the agent and customer throughout the interaction, enabling your agents to personalize the conversation.
AWS Elastic Beanstalk supports Dynamic Instance Type Selection
AWS Elastic Beanstalk now supports dynamic instance type selection for Elastic Beanstalk’s environments. This means Elastic Beanstalk will automatically fetch all EC2 instance types based on region and availability zone for you to run a variety of applications. With dynamic instance type, you can choose the best suited instance type to optimize your application’s performance. For example, if you have machine learning applications, you can optimize performance by selecting an accelerated computing instance type such as p3, or p4d. On the Elastic Beanstalk console, you can navigate to the ‘Capacity’ tab in ‘Configure more options’ to select the instance type.
Amazon Redshift Cross-Account Data Sharing is now generally available in AWS GovCloud (US) Regions
Amazon Redshift data sharing allows you to share live and transactionally consistent data across different Redshift clusters without the complexity and delays associated with data copies and data movement. Ability to share data across clusters that are in the same AWS account is already available in AWS GovCloud(US) Regions. Now sharing data across Redshift clusters in different AWS accounts is also generally available in AWS GovCloud(US) Regions. Cross-account data sharing is supported on all Amazon Redshift RA3 node types. There is no additional cost to use cross-account sharing on your Amazon Redshift clusters.
Google Cloud Releases and Updates
AI Platform Training
Training with pre-built PyTorch containers is generally available (GA).
Pre-built PyTorch containers for PyTorch 1.9 are available for training. You can use these containers to train with CPUs, GPUs, or TPUs.
Anthos clusters on VMware
Anthos clusters on VMware 1.7.4-gke.2 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.7.4-gke.2 runs on Kubernetes v1.19.12-gke.2101.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.8, 1.7, and 1.6.
Anthos clusters on VMware 1.8.3-gke.0 is now available. To upgrade, see Upgrading Anthos clusters on VMware. Anthos clusters on VMware 1.8.3-gke.0 runs on Kubernetes v1.20.9-gke.701.
The supported versions offering the latest patches and updates for security vulnerabilities, exposures, and issues impacting Anthos clusters on VMware are 1.8, 1.7, and 1.6.
Anthos on bare metal
Anthos clusters on bare metal 1.8.4 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.8.4 runs on Kubernetes 1.20.
Anthos clusters on bare metal release 1.7.4 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.7.4 runs on Kubernetes 1.19.
Anthos Service Mesh
1.9.8-asm.6 and 1.10.4-asm.14 are now available.
These patch releases fix a potential memory leak in the control plane.
App Engine standard environment Go / Java / PHP / Python
Previously, Legacy API calls made from the App Engine standard environment after the request had finished would immediately return with an error. API calls after the request has finished are now allowed. These API calls are billed according to the standard rates.
When saving query results from the Cloud Console to a CSV file, the available download size is now 10 MB. Previously the limit was 16,000 rows. Also, you can now download tables with nested and repeated data to CSV files.
Cloud CDN now supports custom named cookies and headers in the cache key, to enable A/B (multivariate) testing, canarying, and similar scenarios. Allowlisting of query parameters is now also enabled for backend buckets, to allow for cache busting. These features are available in Preview.
For details, see the caching documentation.
Google Cloud Deploy is available in Preview.
Google Cloud Deploy is a service that automates delivery of your applications to a series of target environments in a defined sequence. Learn more
Cloud Load Balancing
Internal TCP/UDP Load Balancing now allows you to configure a connection tracking policy for the load balancer's backend service. A connection tracking policy introduces the following new properties to let you customize your load balancer's connection tracking behavior:
- Tracking mode
- Connection persistence on unhealthy backends
- Idle timeout
To learn about how connection tracking works, see Traffic distribution.
This feature is available in Preview.
Object listing is no longer impacted when performing large-scale object deletion.
- Previously, object listing performance could be degraded for up to several days when deleting millions of objects at once in a bucket.
Object Versioning can now be managed in the Cloud Console.
You can enable and disable Object Versioning using the Cloud Console.
You can list, restore, copy, move, and delete versioned objects from within the Cloud Console
Generally Available: Use patch alerting to monitor the patch jobs running in your environment. For more information, see Monitoring patch jobs.
Preview: You can now access installer properties for your Windows applications by using OS inventory management. For more information, see OS inventory management.
For information on setting up and using OS inventory management, see Viewing operating system details.
Config Connector 1.62.0 is now available.
Healthy columns for the
kubectl get tabular outputs of
Dataflow now uses Zonal DNS for worker resources. This enables Dataflow to offer higher reliability guarantees around Internal DNS registration.
Identity and Access Management
The IAM documentation now refers to the identities that can be granted access to a resource as principals. Previously, these identities were known as members.
This change does not affect the REST API, the client libraries, or the flags for the
gcloud command-line tool.
The reference documentation for predefined roles now uses a new format that is easier to browse.
Migrate for Compute Engine
Compute Engine now supports the deployment of migrated workloads to sole-tenant nodes. A sole-tenant node is a Compute Engine server that is dedicated to hosting only your project's VMs.
See Migrating individual VMs for more information on sole tenancy.
Network Intelligence Center
Connectivity to Cloud VPN and Cloud Interconnect is now generally available in Network Topology. Google Cloud users can use Network Topology to audit their networking configuration and troubleshoot issues related to the hybrid connectivity to and from their on-premises networks.
Vertex Vizier is generally available (GA).
Beginning in the middle of October 2021, VMware Engine will upgrade the VMware stack from version 7.0 Update 1 to 7.0 Update 2 and the NSX-T stack from version 3.0 to 3.1.2. Users affected by this upgrade will receive an email with planned maintenance dates and times.
For details about the upgrade and steps to prepare, see Service announcements.
Microsoft Azure Releases And Updates
General availability: Azure Sphere OS version 21.09
This quality release includes an upgrade to the Linux Kernel and bug fixes in the Azure Sphere OS.
Azure Functions runtime 4.0 is now in public preview
Azure Functions 4.0 includes support for .NET 6.
Public preview: Distributed tracing for Java apps on Azure Functions Linux
Distributed tracing for Java apps on Azure Functions can now be enabled through Azure portal. This integration provides additional insights into end-to-end transactions that were not previously supported, completes the application map, which aggregates many transactions to show a topological view your system, and lets you detect and diagnose performance bottlenecks.
Announcing general availability of Azure AD-joined VMs support
You can now deploy Azure AD-joined VMs in your host pools for Azure Virtual Desktop.
Azure SQL Database: General availability updates for late September 2021
General availability enhancements and updates released for Azure SQL in late September 2021.
Azure Database for PostgreSQL – Hyperscale (Citus) now includes PgBouncer version 1.16
Create a Hyperscale (Citus) server group and use PgBouncer 1.16 as a part of this server group by connecting to port 6432 for connection to the coordinator.
Azure Database for MySQL: Azure Pipelines support in public preview
Deploy a SQL file or inline script to push changes to one or more databases with Azure Pipelines for Azure Database for MySQL - Flexible Server using Azure CLI tasks.
Azure Resource Health for Azure Database for PostgreSQL – Flexible Server in public preview
With Azure Resource Health, diagnose and get support for service problems that affect Flexible Server for Azure Database for PostgreSQL, a managed service running the open source Postgres database.
Azure Database for PostgreSQL – Flexible Server: Azure Pipelines in public preview
Deploy a SQL file or inline script to push changes to one or more databases with Azure Pipelines for Azure Database for PostgreSQL - Flexible Server using Azure CLI tasks.
Azure Database for PostgreSQL – Flexible Server: Terraform support in public preview
Generate automated configuration files used with Terraform to automate provisioning and configuration on your Flexible Server for Azure Database for PostgreSQL, a managed service running the open source Postgres database.
Public preview: At-scale management of Azure Monitor alerts in Backup center
You can now manage your Azure Monitor alerts via Backup center.
General availability: Oracle consistent snapshots using Azure VM Backup
Azure Backup provides packaged pre-post scripts for Oracle VMs that can be used to instantly backup, create instant clones, reduce backup storage cost, and performance impact.
Public preview: Management Group Scope for Azure Reservations
You can now purchase and change existing reservations to scope them to a management group.
General availability: Azure Archive Storage now available in three new regions: Norway East, UAE North, and Germany West Central
Reduce spending by storing cold data to Azure Archive Storage, now in new regions.
Have you tried Hava automated diagrams for AWS, Azure and GCP. Get back your precious time and sanity and rid yourself of manual drag and drop diagram builders forever.
Hava automatically generates accurate fully interactive cloud infrastructure and security diagrams when connected to your AWS, Azure or GCP accounts. Once diagrams are created, they are kept up to date, hands free.
When changes are detected, new diagrams are auto-generated and the superseded documentation is moved to a version history. Older diagrams are also interactive, so can be opened and individual resources inspected interactively, just like the live diagrams.
Check it out for free here: