Monthly Cloudy Updates, October 2024
Table of Contents
Hello World!
First, let me share with you some interesting news and articles I found this last month.
-
Daily updated IP address data and stats of all main public cloud providers like AWS, Azure, Google Cloud, Cloudflare, DigitalOcean, Fastly, Oracle Cloud, and more.
-
Hard to believe but AWS claims customers are packing bags and heading back on-prem.
-
Advanced Container Networking Services: Enhancing security and observability in AKS.
-
In case you want to know a bit more how Azure SQL Serverless database works, here is a post I wrote a few days ago.
And now, let’s get to the updates!
AWS
Amazon S3 adds Service Quotas support for S3 general purpose buckets
You can now manage your Amazon S3 general purpose bucket quotas in Service Quotas. You can view the total number of buckets in an AWS account, compare that number to your bucket quota, and request a service quota increase. More info here.
Amazon MSK APIs now supports AWS PrivateLink
This allows you to invoke Amazon MSK APIs from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. More info here.
Amazon Data Firehose delivers data streams into Apache Iceberg format tables in Amazon S3
With this new feature, Firehose integrates with Apache Iceberg, so customers can deliver data streams directly into Apache Iceberg tables in their Amazon S3 data lake. More info here.
Amazon Virtual Private Cloud (VPC) now supports BYOIP and BYOASN in all AWS Local Zones
If your applications use trusted IP addresses and Autonomous System Numbers (ASNs) that your customers or partners have allowed in their networks, you can run these applications in AWS Local Zones without requiring your partners or customers to change their allow-lists. More info here.
Amazon EC2 now supports Optimize CPUs post instance launch
You can now modify the number of vCPUs and/or disable the hyperthreading of a stopped EC2 instance to save on vCPU-based licensing costs. More info here.
Mountpoint for Amazon S3 CSI driver introduces new access controls for individual Kubernetes pods
More info here.
AWS Lambda now detects and stops recursive loops between Lambda and Amazon S3
This preventative guardrail that automatically detects and stops recursive invocations between Lambda and other supported services, preventing unintended usage and billing from runaway workloads. More info here.
Console to Code to generate code is now Generally Available
Console to Code makes it simple, fast, and cost-effective to move from prototyping in the AWS Management Console to building code for production deployments. More info here.
Cross-zone enabled Network Load Balancer now supports zonal shift and zonal autoshift
Zonal shift allows you to quickly shift traffic away from an impaired Availability Zone (AZ) and recover from events such as bad application deployment and gray failures. More info here.
Amazon Redshift now supports refresh interval in a zero-ETL integration
When you specify a non-zero refresh interval to your integration, the ongoing replication process will only start after the specified interval has elapsed. More info here.
AWS Network Firewall now supports configurable TCP idle timeout
More info here.
Amazon Virtual Private Cloud launches new security group sharing features
When using shared VPC, you can now also share security groups with participant accounts in that shared VPC using Shared Security Groups. More info here.
Amazon Redshift now supports incremental refresh on Materialized Views (MVs) for data lake tables
This capability helps customers improve query performance for their data lake queries in a cost effective and efficient manner. By enabling incremental refresh for MVs, customers can maintain up-to-date data in a more efficient and affordable way. More info here.
AWS announces UDP support for AWS PrivateLink and dual-stack Network Load Balancers
Until now, AWS PrivateLink only supported TCP, while NLB supported UDP only over IPv4. This launch enables customers who use AWS PrivateLink and clients that use IPv6 to access UDP-based applications such as media-streaming, gaming, VoIP and other applications. More info here.
Azure
Azure Virtual Network IP address management is in Public Preview
The new IP Address Management feature simplifies this process by providing a centralized solution for IP address planning and allocation. More info here.
Public Preview: Evaluations for indirect prompt injection attacks in Azure AI Studio
Risk and safety evaluations for indirect prompt injection attacks are now available in public preview, accessible through Azure AI Studio UI and SDK experiences. More info here.
Generally Available: Custom IPv4 Prefixes (BYOIP) can be used in a Global/Regional configuration
You can now bring a “global” IPv4 range (as small as /24) to Azure that will be advertised from Microsoft WAN and then divide this range into multiple “regional” ranges (as small as /26) associated with a specific region. More info here.
Generally Available: Private endpoint support without NVA source network address translation
You may now configure a tag on your NVA VMs that will notify the Microsoft platform that you wish to opt into this feature. More info here.
Public Preview: VM watch for Azure VMs
It runs health checks within the VM at configurable intervals and sends the results via a uniform data model to Azure. More info here.
Generally Available: ED25519 SSH key support for Linux VMs
Azure now allows the creation of ED25519 SSH keys directly within the Azure Portal for a simplified key management process. Additionally, Azure CLI and PowerShell also support ED25519 keys in Azure. More info here.
Generally Available: In-place scaling for Enterprise caches
Enterprise and Enterprise Flash tier caches now have the ability to scale up or out without requiring downtime. More info here.
Set fail criteria on server metrics in Azure Load Testing
You can now set fail criteria on server metrics, thereby defining performance and quality expectations for your application under load. More info here.
Public Preview: Immutable WORM Storage for Backups in Azure Recovery Services Vaults
Now, when immutability is locked, Azure Backup will also use WORM-enabled immutable storage to meet any compliance requirements. More info here.
Google Cloud
Privileged Access Manager (PAM) is now Generally Available.
You can use Privileged Access Manager (PAM) to control just-in-time temporary privilege elevation for select principals. More info here.
Term Extension Now Available for Compute Engine Committed Use Discounts
You can now extend the term length of your Compute Engine resource-based Committed Use Discounts (“CUDs”) beyond the preset 1-year and 3-year options. More info here.
Artifact Registry Scanning
Support for scanning: Rocky Linux, Alma, SUSE (SLES), Red Hat (UBI), Chainguard, Wolfi & Google Distroless. These operating systems are now supported in both Artifact Registry scanning, as well as On Demand Scanning. More info here.
Google Cloud Marketplace private offer enhancements
This enables additional payment flexibility for enterprises, including when transacting generative AI models. More info here.