Dec 09 - Dec 15 Updates

Last Week Cloud Platform Updates

December 16, 2024

Dec 09 - Dec 15 | AWS, Azure & GCP Updates

Amazon Bedrock Guardrails, which help enforce safeguards for generative AI applications, are now more cost-effective with price reductions of up to 85%. Content filter costs are reduced by 80% to $0.15 per 1,000 text units, and denied topics filters are reduced by 85% to $0.15 per 1,000 text units. These changes make it easier to build responsible AI applications with advanced safety, privacy, and compliance features at a lower cost.

Amazon MQ now supports AWS PrivateLink, allowing secure, private connectivity between your VPC and the Amazon MQ API without using the public internet. This feature ensures that communication remains entirely within the AWS network, enhancing security and reducing exposure to public IP addresses. You can set up PrivateLink endpoints for Amazon MQ via the AWS Management Console or AWS CLI.

Amazon Connect now supports push notifications for mobile chat on iOS and Android, enhancing customer experiences by providing instant alerts for new messages from agents or chatbots. This feature, integrated with Amazon Connect Chat SDKs or webview solutions, ensures customers stay informed even when not actively engaged in a chat, facilitating faster issue resolution.

Amazon Simple Email Service (SES) now offers Global Endpoints, enabling resilient email sending across two AWS Regions. This feature balances email workloads between a primary and secondary Region under normal conditions and automatically redirects traffic during regional impairments to maintain uninterrupted sending. Global Endpoints streamline configuration by synchronizing verified identities and settings between Regions, eliminating the need for manual adjustments. This integration works seamlessly with existing SES features like Dedicated IPs and Virtual Deliverability Manager.

The first cloud region in New Zealand is now available with Azure Availability Zones and provides organizations across the globe with access to scalable, highly available, and resilient Microsoft Cloud services while confirming its commitment to promoting digital transformation and sustainable innovation in the country.

The New Zealand region connects New Zealand to the largest and trusted global cloud infrastructure, delivering the highest standards of security, privacy and regulatory-compliant data storage in the country. 

Azure Kubernetes Service (AKS) logs now include detailed metadata, such as PodLabels, PodAnnotations, PodUid, Image, ImageID, ImageRepo, and ImageTag. These additions provide richer context and improved visibility into workloads, aiding in troubleshooting and monitoring. The integration with Grafana further enhances this by enabling users to visualize and analyze logs more effectively, utilizing Grafana's powerful dashboard capabilities. 

GitHub Copilot for Azure now supports Azure Kubernetes Service (AKS) plugins. The extension, which enables AKS plugins for GitHub Copilot for Azure (@azure), allows users to perform various tasks related to AKS directly from the GitHub Copilot Chat view. These tasks include creating an AKS cluster, deploying a manifest to an AKS cluster, and generating Kubectl commands.  

The AKS automated deployments feature has received UI updates designed to make it easier for customers to get started with Azure Kubernetes Service. With these new improvements, you can now select specific locations for saving autogenerated Dockerfiles and Kubernetes manifest files. With automated deployments, you can easily get your apps up and running on Azure Kubernetes Service. 

When you enable the application routing add-on with NGINX, it creates an ingress controller configured with a public facing Azure Load Balancer. Starting with Kubernetes 1.30, you can control this behavior when enabling the add-on by choosing if it gets a public or an internal IP. 

Azure Backup now supports vaulted backups for AKS, enabling cross-region disaster recovery, long-term retention and immutable security.  This simplifies compliance and strengthens resilience for cloud-native applications. 

Customers can protect clusters during a regional disaster recovery, store backup data for up to 10 years to meet compliance requirements, and secure backup data at an offsite location to safeguard against ransomware threats. 

With the release of Kubernetes v1.30, the Azure Disk CSI driver has adopted the force detach capability. This feature allows the driver to force detach zone-redundant storage (ZRS) data disks from VM nodes in a failed zone and attach them to another VM, reducing the Recovery Time Objective (RTO).

Stateful workloads in AKS clusters can now quickly recover from zone failures by detaching ZRS data disks from affected VM nodes and reattaching them to new VMs. 

The AKS Communication Manager, now in public preview, simplifies notifications for all your AKS maintenance tasks by leveraging Azure Resource Notification and Azure Resource Graph frameworks. 

It provides timely alerts on event triggers and outcomes, allowing you to closely monitor your upgrades. In case of maintenance failures, it notifies you with the reasons for the failure, reducing operational hassles related to observability and follow-ups.

There are two types of container image pulls: serialized and parallel. 

 By default, AKS versions earlier than 1.31 use serialized image pulls. Starting with AKS version 1.31 preview, AKS defaults to parallel image pulls. Generally, serialized image pulls are less performant than parallel pulls, especially when dealing with large or numerous container images. This update helps to enhance overall system efficiency.

Today you can control an AKS cluster's egress traffic using Azure Firewall. While this configuration is intended to isolate the cluster to protect sensitive business or customer data, it adds an additional layer of management complexity and cost.  

AKS now provides the option to use network isolated clusters to simplify the process of restricting network access and reduce the risk of unintentional exposure of the cluster's public endpoints to prevent security breaches.  

Starting January 7th, 2025, Azure Automation will be revising its Service and Subscription limits to ensure fair distribution of cloud resources across all customers. The current Service and Subscription limits for Azure Automation can be found here.  

Private Service Connect now offers service connectivity automation, enabling seamless connectivity to supported Google service instances across projects, folders, or organizations. Additionally, Private Service Connect port mapping is generally available, allowing consumer VMs to privately access specific service ports on producer VMs through a single endpoint, simplifying secure communication configurations.

Cloud Monitoring introduces the ability to override metric existence validation when creating PromQL-based alerting policies, offering more flexibility in alert configurations. Additionally, text widgets on dashboards now support linking to specific sections and rendering variables, enhancing navigation and interactivity.

Bigtable is now integrated with Database Center, an AI-assisted dashboard providing a unified view of your database fleet. This Preview release allows you to monitor Bigtable health, including availability and data protection issues, through a centralized interface.

BigQuery now supports cross-region dataset replication, enabling seamless data replication from a source region to one or more additional regions. This feature is generally available (GA).

Additionally, BigQuery Managed Disaster Recovery is now GA, offering managed failover and redundant compute capacity to ensure business-critical workloads remain resilient during regional outages. Available exclusively with the BigQuery Enterprise Plus edition.