Sep 30 - Oct 06 Updates

Last Week Cloud Platform Updates

October 07, 2024

Sep 30 - Oct 06 | AWS, Azure & GCP Updates

AWS Application Composer is now called AWS Infrastructure Composer. The new name emphasizes our capabilities in building infrastructure architectures. Initially launched at re:Invent ’22, the tool helped customers accelerate serverless architecture design through its drag-and-drop interface. Now supporting any CloudFormation resource, the new name emphasizes its expanded role in helping customers build comprehensive infrastructure using CloudFormation.

Auto Scaling for AWS Glue interactive sessions is now generally available. With Glue versions 3.0 or higher, resources are dynamically scaled based on workload demand, eliminating the need to manually provision and optimize worker numbers. Auto Scaling ensures you only pay for the resources you use, as idle workers are automatically turned off and additional workers are added when needed for parallel processing. This feature simplifies resource management and helps optimize costs for your data integration and ETL workloads.

Amazon Managed Service for Prometheus now supports IPv6 for both new and existing workspaces, allowing customers to run their Prometheus workspaces on networks supporting both IPv4 and IPv6. This simplifies the network stack for customers transitioning to IPv6. Amazon Managed Service for Prometheus is a fully managed, Prometheus-compatible monitoring service, ideal for large-scale metric monitoring and alerting in environments like Amazon Elastic Kubernetes Service.

Amazon Managed Streaming for Apache Kafka (Amazon MSK) APIs now support AWS PrivateLink, allowing you to invoke MSK APIs from within your VPC without using the public internet. This ensures secure communication for actions like fetching bootstrap connection strings or describing cluster details, making it ideal for applications with strict security requirements. All communication between Apache Kafka clients and MSK provisioned clusters remains private.

Amazon Simple Email Service (SES) now supports HTTPS for tracking both open and click events when using custom domains. This feature enhances security, helping meet compliance requirements and improving email deliverability by using secure links. You can configure HTTPS as mandatory or optional based on the links' protocol in your emails. Previously, HTTPS was only available for click tracking. Now, you can secure tracking for both open and click events while maintaining a branded experience, improving deliverability and protecting your sender reputation.

We are introducing the public preview of the Azure Virtual Network Monitoring IP address management feature, an enhancement to the network management suite. This feature is designed to streamline and optimize your IP address management, providing you with greater control and efficiency. With Azure Virtual Network Monitoring IP address management, you can easily manage your IP addresses, usage, and ensure seamless network operations.

We are excited to announce the promotional offer for the latest Linux VMs in Azure. You can save 15 % in addition to the existing one-year Azure Reserved Virtual Machine (VM) Instances discount for latest Linux VMs for a limited period. This means you could save up to 56% compared to running an Azure VM on a pay-as-you-go basis. This offer is available between October 1, 2024, and March 31, 2025.

To take advantage of this promotional offer, purchase a one-year Azure Reserved Virtual Machine Instance for a qualified VM SKU and region.

Risk and safety evaluations for indirect prompt injection attacks are now available in public preview, accessible through Azure AI Studio UI and SDK experiences. Indirect prompt injection attacks (also known as cross-domain prompt injection attacks or XPIA) are an emerging attack vector where a threat actor poisons a model’s grounding data source, such as a public website, email, or internal document, to pass hidden, malicious instructions to a model and circumvent safety guardrails.

With the Azure AI Evaluation SDK, users can now simulate indirect prompt injection attacks on their generative AI model or application and measure how often their AI fails to detect and deflect the attacks (the defect rate) along subcategories of manipulated content, intrusion, and information gathering.

Risk and safety evaluations for protected material (text) are now available in public preview, accessible through Azure AI Studio UI and SDK experiences. Because foundation models are typically trained using a massive corpus of data, users are understandably concerned that models may output responses containing protected material, putting end users at risk of unintended infringement.

With the Azure AI evaluation SDK, users can now simulate conversations with their generative AI model or application to try and illicit responses containing protected text (e.g. song lyrics, articles, recipes, select web content) and measure how often their AI outputs protected text in response (the defect rate). To do so, the evaluation checks the outputs against an index of third-party text content maintained on GitHub. Users can drill into evaluation details to better-understand how their application typically responds to these user prompts and the associated risks.

With this information, users may decide to activate protected material detection in Azure AI Content Safety, adjust their system message, or apply other mitigations before rerunning the evaluation and deploying to production.

A synthetic data generator and simulator for non-adversarial tasks is now available in public preview, accessible through the Azure AI evaluation SDK. One of the biggest evaluation challenges we hear from customers is that they do not have comprehensive, high-quality test datasets to run holistic evaluations. In March, we introduced an adversarial simulator, specifically designed to role-play with a user’s model or application to generate a high-quality test data for risk and safety evaluations. However, because it was designed to help accelerate adversarial red-teaming processes, it lacked the ability to simulate more general interactions with the actual target users of the application.

Now, we are excited to announce an end-to-end synthetic data generation capability to help developers understand how their application responds to everyday user prompts. AI developers can use an index-based query generator and fully-customizable simulator to create robust test datasets around non-adversarial tasks and personas specific to their application. This can help organizations fill a critical gap in their existing evaluation toolkit, facilitating higher-quality evaluations and faster iteration on an application.

Cloud SQL for MySQL, PostgreSQL, and SQL Server now supports configuring server certificate authority (CA) mode during instance creation, offering both per-instance and shared CA options (Preview). Additionally, PostgreSQL introduces the pg_ivm extension (v1.9) for incremental materialized views and pgRouting for enhanced geospatial processing. Minor version upgrades and extension updates for PostgreSQL are also rolling out.

  • Artifact Registry now supports OCI specifications v1.1 in Docker format repositories, allowing you to upload containerized metadata as an attachment to another container image.

  • Artifact Analysis is rolling out regionalized data storage and endpoints, ensuring metadata is stored in the same region as the scanned image to help meet data residency requirements.

BigQuery now allows you to create external datasets that link directly to existing Spanner databases, enabling seamless data integration between BigQuery and Spanner. This feature is currently in preview.

You can now use Terraform commands to create or update log scopes in Cloud Logging, making it easier to manage log configurations through infrastructure-as-code. For more information, refer to the Cloud Logging documentation.

Pub/Sub has added support for OpenTelemetry tracing, allowing you to track and identify the latency of various client library operations. This enhancement provides better visibility into Pub/Sub performance and helps optimize system operations.