Monthly Cloudy Updates, May 2025
Table of Contents
Hello World!
Hello everyone! Let’s start this year with some interesting news and articles I found interesting.
-
Write the most clever code you possibly can, go ahead and read the article, instead of only focusing on the title.
-
Valkey is one year old! And it now outperforms Redis in some benchmarks. Valkey Turns One: How the Community Fork Left Redis in the Dust.
-
Migrating Uber’s Compute Platform to Kubernetes: A Technical Journey.
-
Lessons from building and maintaining distributed systems at scale.
And now, let’s get to the updates!
AWS
Amazon Bedrock Model Distillation is now generally available
Model Distillation is the process of transferring knowledge from a more capable model (teacher) to a less capable one (student) with the goal to make the faster and cost-efficient student model as performant as the teacher for a specific use-case. With general availability, AWS now adds support for the following new models: Amazon Nova Premier (teacher) and Nova Pro (student), Claude 3.5 Sonnet v2 (teacher), Llama 3.3 70B (teacher) and Llama 3.2 1B/3B (student).
Amazon Aurora now supports PostgreSQL major version 17
This release contains product improvements and bug fixes from the PostgreSQL community along with Aurora- specific feature improvements such as enhanced memory management, faster storage metadata initialization during failovers, and optimized write-heavy workloads on new Graviton 4 high-end instances.
Amazon VPC IPAM now allows cost distribution to AWS Organization member-accounts
This allows you to easily allocate costs to your internal teams for their IPAM usage.
Amazon VPC adds CloudTrail logging for VPC resources created by default
Amazon VPC has enhanced CloudTrail logging to include VPC resources created by default during a VPC creation. This enhancement offers improved visibility of VPC resources and aids in auditing and governance.
AWS Transform for VMware is now generally available
VMware environments have long been foundational to enterprise IT, but rising costs and vendor uncertainty are prompting organizations to rethink their strategies. Despite the urgency, VMware workload migration has historically been slow and error-prone. AWS Transform changes that. With agentic AI, AWS Transform automates the full modernization lifecycle—from discovery and dependency mapping to network translation and Amazon Elastic Compute Cloud (Amazon EC2) optimization
AWS Cost Anomaly Detection enables advanced alerting through AWS User Notifications
This integration lets customers configure sophisticated alert rules based on service, account, or other cost dimensions to identify and respond to unexpected spending changes faster. More info here.
Amazon Managed Service for Prometheus launches query insights and control capabilities
Amazon Managed Service for Prometheus, a fully managed Prometheus-compatible monitoring service, now provides the capability to identify expensive PromQL queries, and limit their execution. This enables customers to monitor and control the types of queries being issued against their Amazon Managed Service for Prometheus workspaces.
AWS Secrets Manager announces support for cost allocation tags for secrets
AWS Secrets Manager now enables customers to allocate and track cost for their secret usage. Customers can categorize their secret costs by department, team, or application using AWS cost allocation tags. You can leverage this feature by tagging your secrets and enabling them in Cost Allocation Tags.
Cost Optimization Hub now supports Savings Plans and reservations preferences
Cost Optimization Hub, a feature within the Billing and Cost Management Console, now allows you to configure preferred Savings Plans and reservation term and payment options preferences, so you can see your resulting recommendations and savings potential based on your preferred commitments.
AWS Network Firewall Adds Support for Multiple VPC Endpoints
AWS Network Firewall now supports configuring multiple VPC endpoints for a single firewall. This new capability gives you more options to scale your Network Firewall deployment across multiple Amazon Virtual Private Clouds (VPCs), using a centralized security policy.
Amazon Managed Service for Prometheus now supports 95 day time range queries
This is an increase from the previous 32-day limit. More info here.
AWS Cost Explorer now offers new Cost Comparison feature
This helps customers understand cost changes between two months. Cost Comparison automatically detects significant cost changes between two months and surfaces the key factors driving these changes.
Azure
Enhanced Cost Management Exports are Generally Available
Key enhancements include expanded dataset support (price sheets, reservation recommendations, reservation details, and reservation transactions), flexible export formats (CSV with Gzip compression, Parquet with Snappy compression), and support for the FinOps Open Cost and Usage Specification (FOCUS) format version 1.0. More info here.
Azure Storage Actions are now Generally Available
Azure Storage Actions enables you to quickly compose and deploy tasks that can scan, analyze and process billions of objects across multiple storage accounts without requiring any programming skills.
Continuous Patching in Azure Container Registry is in Public Preview
The continuous patching feature automates the detection and remediation of operating system(OS) level vulnerabilities in container images. By scheduling regular scans with Trivy and applying security fixes using Copa, you can maintain secure, up-to-date images in your registry—without requiring access to source code or build pipelines.
Azure NetApp Fils support for Active Directory connection per NetApp account is now Generally Available
The feature allows each NetApp account to connect to its own Active Directory Forest and Domain, providing the ability to manage more than one Active Directory connections within a single region under a subscription. More info here.
Azure App Configuration now Offers a Developer Pricing Plan
More info here.
App Service Webjobs on Linux is now Generally Available
More info here.
Azure NetApp Files Cross-Zone-Region Replication (CZRR) is in Public Preview
Cross-zone-region replication builds on the existing capabilities of cross-region replication and cross-zone replication. It enables you to replicate volumes across regions and across availability zones within the same region, combining disaster recovery and business continuance capabilities for volumes. More info here.
Azure NetApp Files Cross-Zone and Cross-Region Replication Across Subscriptions is now Generally Available
More info here.
Premium Ingress in Azure Container Apps
By configuring your ingress proxy to run on workload profiles, you can scale out more ingress instances to handle more load. Running the ingress proxy on a workload profile will incur associated costs. More info here.
Durable Functions v3 in Azure Functions is now Generally Available
Major improvements in this new major version include improved cost efficiency for usage of Azure Storage v2 accounts and an upgrade to the latest Azure Storage SDKs, as well as the .NET Framework used by the extension. More info here.
Network Optimized Azure Virtual Machines are in Public Preview
The new Network Optimized sizes make use of enhancements provided by Azure Boost to deliver increased network bandwidth per vCPU, a greater number of vNICs, and significantly improved connection setup performance. The Network Optimized SKUs are an extension of our v6 Intel Dn/Dln/En VMs SKUs.
Planned Maintenance in Azure Container Apps is now Generally Available
This feature allows you to control when non-critical updates are applied to your Container Apps environment to minimize downtime and impact to applications. Non-critical updates include minor security patches, bug fixes, and new releases. Critical and urgent updates, however, are applied as needed to ensure security and reliability compliance, even outside of planned maintenance windows. More info here.
Private Endpoint Support in Azure Container Apps for Workload Profiles Environments is now Generally Available
This enables customers to connect to their Container Apps environment using a private IP address in their Azure Virtual Network, eliminating exposure to the public internet and securing access to their applications. More info here.
Dedicated GPU in Azure Container Apps is now Generally Available
More info here.
Managed Prometheus Visualization and Enhanced Monitoring Experience in Azure Monitor for AKS is now Generally Available
With this feature, customers can:
- Optimize costs by migrating from Log Analytics based metrics to managed Prometheus
- Improve performance with faster metric query response times
- Integrate with the new Prometheus based recommended alerts
- Gain visibility into control plane metrics for deeper troubleshooting
- Monitor at scale with the improved multi-cluster view
More info here.
Custom Certificate Authority Support in AKS is now Generally Available
More info here.
Every AKS Version is Now Long Term Support (LTS) Compatible
AKS will now ensure that every community version released (GA) is compatible with long term support (LTS), starting with version 1.28 LTS from April 2025. Versions 1.27, 1.28, 1.29, and 1.30 are now LTS, with 1.31 and 1.32 expected soon. More info here.
Smart VM defaults in AKS is now Generally Available
Previously, the default AKS VM SKU was typically Standard_DS2_V2, but now you can expect dynamic outcomes in default provisioning based on SKU availability. More info here.
Azure Traffic Manager SLA Raised to 100%
Private Subnets are Generally Available
Currently, when virtual machines are created in a virtual network without any explicit outbound connectivity, they are assigned a default outbound public IP address. These implicit IPs are subject to change, not associated with a subscription, difficult to troubleshoot, and do not follow Azure’s model of “secure by default” which ensures customers have strong security without additional steps needed. The private subnet feature prevents this insecure implicit connectivity for any newly created subnets by setting the “default outbound access” parameter to false. You can then pick your preferred method for explicit outbound connectivity, such as a NAT Gateway or Public IP address. More info here.
Azure Front Door Premium Now Supports Container Apps and Functions as Private Link Enabled Origins
Azure Front Door Support For Origin Authentication via Managed Identity is in Public Preview
More info here.
Application Awareness in Azure Migrate is in Public Preview
The capability includes identification of ideal migration strategy among Rehost and Replatform from Gartner’s 6Rs to allow customers to gain insights into the total cost of ownership, identify suitable IaaS and PaaS targets, and receive tailored migration guidance. More info here.
Server-Sent Events (SSE) with Application Gateway is in Public Preview
Azure Application Gateway supports use of Server-sent events in preview, enabling real-time data streaming from server to client. Server-sent events utilize server push technology on a persistent HTTP connection for seamless updates to the clients. More info here.
DNAT on Azure Firewall Private IP Address is now Generally Available
DNAT on Azure Firewall Private IP address helps connect overlapped IP networks, which is a common scenario for enterprises when onboarding new partners to their network or merging with new acquisitions. This capability is also relevant for hybrid scenarios, connecting on-premises datacenters to Azure, where DNAT bridges the gap, enabling communication between private resources over non-routable IP addresses. More info here.