- cloudengineer.ing
- Posts
- Sep 9 - Sep 15 Updates
Sep 9 - Sep 15 Updates
Last Week Cloud Platform Updates
Sep 9 - Sep 15 | AWS, Azure & GCP Updates
Amazon EventBridge Pipes now supports AWS Key Management Service (KMS) customer managed keys, allowing you to encrypt filter patterns, enrichment parameters, and target parameters using your own keys. This enhancement provides greater security and governance control, aligning with organizational requirements.
EventBridge Pipes offers a simple way to integrate event producers and consumers across a range of sources and targets. With customer managed keys, you gain fine-grained control over Pipe configuration data and can audit key usage via AWS CloudTrail, supporting regulatory and compliance needs.
AWS Elastic Beanstalk now supports dual-stack public service endpoints and VPC endpoints, including those integrated with AWS PrivateLink. This update allows you to configure Elastic Beanstalk VPC endpoints to accept dual-stack incoming traffic (IPv6 and IPv4) and send requests using either IPv4 or dual-stack endpoints through the AWS CLI or SDK. For more details, refer to the Elastic Beanstalk service endpoints in the AWS General Reference.
AWS Resource Access Manager (AWS RAM) now supports AWS PrivateLink, enabling you to create and manage resource shares securely within your Amazon VPC without using the public internet. AWS RAM simplifies sharing resources across your organization, specific organizational units (OUs), or individual AWS accounts, reducing operational overhead in multi-account environments.
Amazon Cognito now offers email as an additional multi-factor authentication (MFA) option, allowing you to deliver one-time passwords (OTP) via email, alongside existing methods like SMS and time-based OTPs (TOTP). Email MFA can be enabled during sign-in or as a challenge for adaptive authentication, enhancing security and flexibility for user verification.
Amazon Cognito simplifies integrating authentication, authorization, and user management into web and mobile apps, supporting millions of users and providing sign-in options through social identity providers (Apple, Facebook, Google, Amazon) and enterprise providers via SAML 2.0 and OpenID Connect.
You can now leverage managed Java components for seamless app-to-app communication. Enhance your monitor and diagnostic experience with managed Spring Boot Admin, dynamic logger, and embedded Java metrics in Azure Monitor.
We are excited to announce the private preview of Azure Site Recovery support for Azure Trusted Launch VMs. Azure Trusted Launch VMs provide foundational compute security to Azure Generation 2 VMs by enabling Secure Boot and vTPM capabilities. This private preview is available for Azure Trusted launch VMs running Linux OS. Azure Site Recovery support for Trusted launch VM running Windows OS is already generally available.
To enroll in the private preview, please share your interest by filling up the enrollment form.
Destination Network Address Translation (DNAT) on Azure Firewall Private IP address helps connect overlapped IP networks, which is a common scenario for enterprises when onboarding new partners to their network or merging with new acquisitions.
This capability is also relevant for hybrid scenarios, connecting on-premises datacenters to Azure, where DNAT bridges the gap, enabling communication between private resources over non-routable IP addresses.
This means that developers using Web PubSub can now connect clients using either WebSocket protocol or MQTT (over WebSocket) while enjoying built-in scalability.
MQTT is specifically designed for environments with low bandwidth, high latency, or unreliable networks. It’s particularly well-suited for IoT (Internet of Things) devices and other scenarios where resources are limited.
Now you can use multiple communications protocols to meet functional and performance requirements – connecting various clients at scale in a fully-managed service.
You can now develop apps using PowerShell 7.4 locally and deploy them to all Azure Functions plans.
To learn more about the release, see What’s New in PowerShell 7.4. To learn more about what has changed from PowerShell 7.2 to 7.4, also see What's New in PowerShell 7.3.
Note that PowerShell 7.4 includes breaking changes. To upgrade your Function Applications today, see the PowerShell 7.4 migration guide.
Hyperscale elastic pools enable software as a service (SaaS) developers to optimize the price performance ratio for a group of databases, while delivering predictable performance and elasticity for each database.
Hyperscale elastic pools build on top of the cloud native architecture of Hyperscale and provide the cost effectiveness of elastic pools. During the highly successful public preview, many customers benefited from features enabled by the cloud-native architecture including: auto-scaling storage, predictable scaling of the compute, quicker database copies, newer hardware options, and more.
Google Cloud Workflows has increased the maximum number of concurrent workflow executions from 7,500 to 10,000. This enhancement enables greater scalability and improved performance for automated workflows.
Private Service Connect now allows you to access the regional service endpoints of supported Google APIs. This feature is now generally available (GA), providing a secure and private connection to Google services without traversing the public internet.
SQL Server: Set transaction log retention from 1 to 35 days and grant access to Cloud SQL Studio using the new IAM role, Cloud SQL Studio User.
MySQL and PostgreSQL: Support for near-zero downtime maintenance and upgrades to the Enterprise Plus edition. Access Cloud SQL Studio with the Cloud SQL Studio User role.
These enhancements reduce downtime and simplify access management for Cloud SQL.
Secret Manager now integrates with Cloud KMS Autokey, allowing you to use automatically generated keys that adhere to industry standards for data security, such as HSM protection, key rotation, and separation of duties. Autokey-generated keys function the same as other Cloud HSM keys with identical settings.
Version 1.31.0-gke.1506000 is now available as the default for new clusters in the Rapid channel.
You can now use the Google Cloud console to:
Create buckets with hierarchical namespace enabled.
Create and manage folders within these buckets.
Rename and move folders.