Quite a bit of activity from the big 3 cloud vendors this week, all the details are below.
Here at Hava a number of roadmapped enhancements are well into beta testing now and due for general release soon, including an embeddable diagram viewer, comprehensive compliance reporting module and a true 3d view. Keep an eye on our blog or hit up chat support if you're interested in a sneak peek at the new features.
Here's all the latest from the big three.
AWS Fargate increases default resource count service quotas
AWS Fargate, the serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS), increases the default service quotas (also commonly known as limits) for On-Demand and Spot resource counts. You can now launch up to 500 concurrent ECS tasks and EKS pods running on Fargate On-Demand and 500 concurrent ECS tasks running on Fargate Spot, up from 100 and 250 respectively. These are default quotas for an account in a given AWS Region, but you can always raise these values by requesting a service quota increase.
The new quotas apply in all Regions where AWS Fargate is available. The higher quotas are reflected in your account automatically and you do not have to take any action. If your account has an approved quota that is higher than the new default quota, you will continue to have that higher applied quota.
Amazon Workspaces releases End User Computing Dashboard workshop
Amazon WorkSpaces released a self-guided workshop that helps customers use AWS services to build and deploy the End User Computing dashboard. You can provide the dashboard to your help desk staff so that they can send the registration code email to a user, or stop, start, restart, and restore a user’s WorkSpace without having to access the WorkSpaces console. To get started, see Create End User Computing Dashboard in the Hands-On Tutorials for Amazon Web Services (AWS).
Usability Improvements for AWS Management Console now available
This week AWS launched usability improvements for the AWS Management Console’s navigation header and footer. The improvements include a refreshed and responsive navigation header and footer, an easier way to add or remove services to your favorites list in the navigation header, and an increase in the number of services you see in the “Recently visited” section, from 5 to 15. Depending on your browser support, you can also access the navigation menu items using a keyboard.
Previously, AWS customers could only favorite a small number of services in the navigation header or had to remember the icons for those services when they wanted to favorite a few more. Customers also faced challenges while using drag and drop while managing their favorites. The usability improvements in the navigation header addressees these issues.
AWS CloudFormation now supports StackSets in the CloudFormation Registry
AWS CloudFormation has expanded the CloudFormation Registry to include the StackSets resource type. StackSets is a CloudFormation feature that allows you to centrally manage deployment of cloud resources to multiple AWS accounts and regions in a single operation. You can now model, provision, and manage your stack sets resources alongside other AWS resources through CloudFormation in a predictable and reliable way.
With StackSets included as a resource type in the CloudFormation Registry, you can use CloudFormation features such as resource import to bring your existing stack sets into CloudFormation’s management and then leverage CloudFormation functionalities such as intrinsic functions and resource attributes to manage your stack sets resources. Using StackSets, you can extend the functionality of CloudFormation by centrally creating, updating, or deleting CloudFormation supported resources across multiple AWS accounts and regions. For example, you can deploy your centralized AWS Identity and Access Management (IAM) roles and provision Amazon Elastic Compute Cloud (EC2) instances across AWS accounts and regions in a single operation. The source code for the StackSets resource type is now publicly available on GitHub, enabling the community to provide feedback and contribute enhancements.
AWS AppFlow now supports AWS CloudFormation
Amazon AppFlow now supports AWS CloudFormation for creating and configuring Amazon AppFlow resources such as Connector profile and Amazon AppFlow Flow along with the rest of your AWS infrastructure—in a secure, efficient, and repeatable way. Amazon AppFlow is a fully managed integration service that enables AWS customers to securely transfer data between AWS services and software-as-a-service (SaaS) applications. The Amazon AppFlow APIs and SDK give developers programmatic access to Amazon AppFlow functionality, enabling developers to set up flows between source and destinations supported by Amazon AppFlow, create connector profiles and execute flows programmatically.
Amazon Elasticsearch Service now offers T3 Instances
Amazon Elasticsearch Service now offers the latest T3 (general-purpose) instances which offer superior performance and larger storage capacity compared to the previous generations. The T3 instances also support our recently launched features like encryption at rest and in-flight, role based access control, HTTP compression, custom dictionary, SQL, alerting, anomaly detection, and cross-cluster search.
T3 instances offer a balance of compute, memory, and network resources. T3 instances are powered by the AWS Nitro System which includes a lightweight hardware-accelerated hypervisor, delivering practically all of the compute and memory resources of the host hardware to the instances. T3 instances also feature the latest high frequency Intel Xeon Scalable processors which, combined with the AWS Nitro System, result in better price to performance improvement over T2 instances. T3 instances also support enhanced networking with up to 5 Gbps in network bandwidth using the Elastic Network Adapter (ENA).
You can now provision up to 5.7x more EBS storage per instance (e.g. T3.medium supports up to 200 GB of EBS storage per instance), which lets you index more data with fewer instances and gain additional cost savings. Further savings are available via reserved instance (RI) pricing for the T3.medium.
Amazon Aurora Increases Max Storage to 128TB
You can now create Amazon Aurora database clusters with up to 128TB of storage. The new storage limit is available for both the MySQL- and PostgreSQL-compatible editions of Amazon Aurora. Previously, Aurora database instances supported 64TB of storage.
With an increased storage limit of 128TB, you’re less likely to reach the limit when you scale up your application on a single Amazon Aurora database cluster. This means you won’t need to delete data or to split the database across multiple instances. Learn more by visiting the Amazon Aurora Storage and Reliability documentation.
128TB support is available with Aurora MySQL engine version 1.23, compatible with MySQL 5.6, with engine version 2.09, compatible with MySQL 5.7, and with Aurora PostgreSQL 9.6.17, 10.12 and 11.7.
AWS Glue Studio launched
AWS Glue Studio is a new visual interface for AWS Glue that makes it easy for extract-transform-and-load (ETL) developers to author, run, and monitor AWS Glue ETL jobs. You can now use a simple visual interface to compose jobs that move and transform data and run them on AWS Glue. You can then use AWS Glue Studio’s job run dashboard to monitor ETL execution and ensure that your jobs are operating as intended.
AWS Glue Studio makes ETL accessible to the many users who are new to Apache Spark programming and to users who are accustomed to ETL tools with boxes-and-arrows interfaces. Without writing code, users of all experience levels can now take advantage of big data processing on AWS Glue’s serverless Apache Spark-based ETL platform. They can also use the AWS Glue Studio job monitoring dashboard to get a global view of their ETL execution and resource usage.
AWS Security Hub adds 14 new controls to AWS Foundational Security Best Practices standard
AWS Security Hub has released 14 new automated security controls for the AWS Foundational Security Best Practices standard related to AWS EC2 (EC2.7 and EC2.8), Amazon EMR (EMR.1), AWS KMS (KMS.1 and KMS.2), Amazon RDS (RDS.4, RDS.5, RDS.6, RDS.7, and RDS.8), Amazon S3 (S3.6), and AWS Secrets Manager (SecretsManager.1 and SecretsManager.2). Security Hub now supports 90 security controls to automatically check your security posture in AWS.
CloudRun for Anthos brings eventing to your Kubernetes microservices
Building microservices on Google Kubernetes Engine (GKE) provides you with maximum flexibility to build your applications, while still benefiting from the scale and toolset that Google Cloud has to offer. But with great flexibility comes great responsibility. Orchestrating microservices can be difficult, requiring non-trivial implementation, customization, and maintenance of messaging systems.
Cloud Run for Anthos now includes an events feature that allows you to easily build event-driven systems on Google Cloud. Now in beta, Cloud Run for Anthos’ event feature assumes responsibility for the implementation and management of eventing infrastructure, so you don’t have to.
gVisor: Protecting GKE and serverless users in the real world
Security is a top priority for Google Cloud, and they protect customers through how they design their infrastructure, services, and how they work. Googlers created some of the fundamental components of containers, like cgroups, and GCP were an early adopter of containers for internal systems. They realized they needed a way to increase the security of this technology. This led to the development of gVisor, a container security sandbox that GCP have since open sourced and integrated into multiple Google Cloud products. When a recent Linux kernel vulnerability was disclosed, users of these products were not affected because they were protected by gVisor.
Azure release a host of infrastructure capabilities
This week Microsoft highlighted some of the new features they’re making to enhance remote work and business continuity:
Protect multi-cloud workloads with new Azure security innovations
This week Azure announced a broad set of innovations to help you protect multicloud and Azure workloads including:
Whether you’re protecting Azure or protecting your entire enterprise with Azure security tools, these improvements are built to help simplify and empower you to focus on what’s important.
Google Cloud Virtual Events
To support the unique needs of GCP customers in Europe, Middle East, and Africa, on 29 September GCP are kicking off a brand-new Next OnAir event exclusively for EMEA.
Google Cloud Next OnAir EMEA offers a full roster of curated content, including more than 30 new sessions specially tailored to the region. Join Google experts and local customers to learn how organizations are already transforming in the cloud, and connect and collaborate with industry experts to solve your toughest challenges.
Each week Google will be highlighting a different focus:
29 Sept: Industry insights—Hear about how businesses are successfully transforming with Google Cloud across industries and between customers and ecosystem partners.
6 Oct: Productivity and collaboration—Discover solutions designed for humans that are changing how teams work.
13 Oct: Infrastructure and security—Explore discussions on workload migration, management, and modernisation, and learn how to protect your business from online threats.
20 Oct: Data analytics, data management, databases, and Cloud AI—Learn about how to migrate and do more with your data on a serverless, fully-managed platform and with artificial intelligence.
27 Oct: Application modernization and business application platform—Explore how to develop and modernise applications with open source and other software, and how APIs give you better visibility and control.
Register today, for free, on the Next OnAir EMEA website. You’ll get full access to all 30+ sessions being presented throughout the five-week event alongside the more than 250 sessions created for the global Google Cloud Next ’20: OnAir program.
Azure Virtual Events
Microsoft have a full schedule of Virtual Events
A full list including session times and details are here : https://azure.microsoft.com/en-us/community/events/
AWS events are pretty fluid at the moment, with most in-person events being cancelled or postponed. There are a number that have been taken online and full details can be found here: https://aws.amazon.com/events/
Thanks for reading again this week, we hope you found something useful.
hava.io allows users to visualise their AWS, GCP and Azure cloud environments in interactive diagram form including unique infrastructure, security and container views. hava.io continuously polls your cloud configuration and logs changes in a version history for later inspection which helps with issue resolution and provides history of all configs for audit and compliance purposes.
If you haven't taken a hava.io free trial to see what the GCP, Azure and AWS automated diagram generator can do for your workflow, security and compliance needs - please get in touch.
You can reach us on chat, email email@example.com to book a callback or demo.