Aug 11-17 Updates

Last Week Cloud Platform Updates

August 18, 2024

Aug 11 - 17 | AWS, Azure & GCP Updates

Amazon Elastic Container Services (ECS) now enhances container resiliency with a new feature that allows individual container restarts without requiring a full task relaunch. This improvement enables faster recovery from unexpected failures, such as network disruptions or container crashes, significantly boosting task stability by avoiding unnecessary task relaunches. Ideal for mission-critical applications, this feature allows for quicker recovery from transient issues.

AWS CodeBuild now supports GitHub Apps as an authentication method, providing fine-grained permissions and short-lived tokens for accessing repositories. You can set GitHub App connections as the default authentication method for all projects or specify them per project. This integration allows for tighter security controls through IAM roles and resource policies.

AWS CodeBuild has added support for configuring multiple access tokens for GitHub, GitHub Enterprise, and Bitbucket repositories via AWS Secrets Manager. This feature enables the use of scoped-down permissions for different projects, improves security auditing through CloudTrail, and allows for refined access control using IAM roles and resource policies.

AWS has announced general availability for Cost Allocation Tags on AWS Transit Gateway. This feature allows administrators to categorize and allocate costs for Transit Gateway resources, including data processing and transfer charges, by team, department, or application. Previously, only Attachment Hours costs could be tagged.

AWS Batch now allows users to cancel jobs while they are still in the queue, preventing them from being executed. This feature is particularly useful for managing job priorities, especially when using fair-share scheduling, by enabling the cancellation of outdated jobs to make room for higher-priority tasks.

The Azure Kubernetes Service (AKS) Visual Studio Code extension has been updated to support the ability to attach an ACR to your cluster, generate Kubernetes deployment files, generate dockerfiles and generate GitHub Actions. To use these new features, make sure your extension is up to date.

Application Gateway now offers general availability for storing logs in a dedicated log analytics table. With dedicated log analytics table, customers can choose using resource specific table instead of existing Azure Diagnostic table. This new mode helps you with better log querying capabilities along with a reduction in ingestion latencies and query times.

Private registry support for the extensibility model in Azure Deployment Environments allows platform engineers and development teams to use private Azure Container Registry (ACR) to host and reference container images that define their deployment patterns.

These templates provide a streamlined and efficient way to set up development environments with all necessary tools and dependencies pre-configured. Available for .NET Aspire, .NET 8, Node.js, and Python, you can now seamlessly integrate Azure SQL Database into your development workflow, ensuring a consistent and productive experience.

You can now more easily navigate and access your data in Azure Cosmos DB Data Explorer. A new and improved resource tree—the directory structure that shows your databases, containers, and other resources—has been redesigned to make it more user-friendly and convenient.

GKE now uses regional instance templates in versions 1.29.7-gke.1238000-1.30 and later, improving regional resource management. New Kubernetes versions have been released, with version 1.30.3-gke.1225000 as the default in the Rapid channel. A potential issue with GKE managed Internal passthrough Network Load Balancers may cause downtime; mitigate by updating to externalTrafficPolicy=Local or scaling up pods. GKE version 1.30 and later includes a fix in the PDCSI driver to prevent premature detachment of GCE persistent disks and introduces custom compute classes for enhanced resource management.

Documentation is now available on how to export job information, enabling retention and external analysis even after a job is deleted. The "Cancel jobs" feature is in Preview. Batch CentOS and Batch HPC CentOS have reached end of development due to the end of support for Compute Engine CentOS 7 images. Migrate any jobs using these OSes by August 27, 2024. Documentation has been updated to clarify that Batch OS support ends when the base Compute Engine OS is deprecated.

Error Reporting now supports analyzing log entries routed to a log bucket in a non-global region, provided the log sink is in the same project. Cloud Logging introduces log scopes, allowing you to define project-level resources for targeted log searches across multiple projects and log views. Log scopes can be created, edited, and set as default for use in Logs Explorer.

You can now attach tags to IAM service accounts to conditionally grant or deny access. This feature is currently in Preview, offering more granular control over service account permissions.

VPC Flow Logs now includes several metadata annotations in General Availability, such as src_gateway, dest_gateway, src_google_service, dest_google_service, load_balancing, network_service, and psc. These annotations provide more detailed insights into network traffic.