InfoQ – August 2022

From free trial instances on Google Cloud Spanner to AWS Event Ruler now open source, from s3 support on Azure Data Explorer to Google Cloud Certificate Manager: a recap of my articles for InfoQ in September.

Amazon Switched Compression from Gzip to Zstd for Own Service Data

A tweet from Adrian Cockcroft, former VP at Amazon, recently highlighted the benefits of switching from gzip to Zstandard compression at Amazon and triggered discussions in the community about the compression algorithm. Other large corporations, including Twitter and Honeycomb, shared interesting gains using zstd.

Google Cloud Spanner Introduces Free Trial Instances and Fine-Grained Access Control

Google Cloud recently announced different improvements to their managed databases. The cloud provider introduced free trial instances and fine-grained access control for Spanner to let developers try the managed service and configure access to data at the table and column level.

Amazon SNS Introduces Message Data Protection to Discover Sensitive Data in Motion

Amazon SNS recently announced the public preview of message data protection. Identifying PII data and other sensitive information in flight, the new SNS feature leverages pattern matching, machine learning models, and data protection policies to simplify data protection and compliance in applications that exchange high volumes of data.

AWS IAM Identity Center Introduces APIs to Manage Users and Groups at Scale

AWS recently introduced IAM Identity Center APIs to create users and groups at scale. Administrators can use these new APIs to manage identities programmatically and gain visibility into users in the Identity Center directory.

AWS Open Sources Event Ruler

AWS recently announced that Event Ruler, the component managing the routing rules of Amazon EventBridge, is now open source. The project is a new option for developers in need to match lots of patterns, policies, or expressions against any amount of events in near real-time.

Google Cloud Certificate Manager Generally Available

Google Cloud recently announced the general availability of Certificate Manager, a service to acquire, manage, and deploy TLS certificates for use with Google Cloud workloads.

AWS Adds VMware Cloud on AWS Integration with Amazon FSx for NetApp ONTAP

AWS and VMware recently announced VMware Cloud on AWS integration with Amazon FSx for NetApp ONTAP. Designed for data-intensive VMware workloads, the new option is a supplemental datastore for VMware Cloud on AWS, reducing storage costs and simplifying migration to the cloud for enterprises.

Azure Data Explorer Supports Native Ingestion from Amazon S3

Microsoft recently announced the ability to natively ingest data from Amazon S3 into Azure Data Explorer (ADX). The new feature simplifies multi-cloud data analytics deployments, bringing data from Amazon S3 to Azure, without relying on custom ETL pipelines.

Cloud Providers Target Middle East: AWS Adds Region in the United Arab Emirates, Microsoft in Qatar

Amazon recently announced a new region in the United Arab Emirates, its second one in the Middle East. Microsoft just opened its first global datacenter region in Qatar where Google plans to open a new region too.

Amazon Introduces Encrypted Communication Service AWS Wickr

A year after the acquisition of the company Wickr, Amazon recently announced the preview of the collaboration suite AWS Wickr. Built on a proprietary encryption protocol, the new managed service provides enterprises and government agencies with security and administrative controls to meet security and compliance requirements.

More news? A recap of my articles for InfoQ in August.

InfoQ – August 2022

From private 5G networks on AWS to the largest DDoS attack on Google Cloud, from Microsoft Dev Box to the risk of recursive serverless functions: a recap of my articles for InfoQ in August.

Amazon CloudFront Supports HTTP/3

AWS recently announced that CloudFront distributions support HTTP version 3 (HTTP/3) requests over QUIC. HTTP/3 is optional and provides faster response times and enhanced security over previous HTTP versions.

Microsoft Dev Box Now in Public Preview

Azure recently announced the public preview of Microsoft Dev Box, a workstation in the cloud targeted to developers. Integrated with Windows 365, the new service supports any developer IDE, SDK, or tool that runs on Windows and simplifies onboarding of new developers.

Google Cloud Blocks Largest Layer 7 DDoS Attack

Google claims to have recently fended off the largest ever HTTPS-based distributed denial of service attack, which peaked at 46 million requests per second. According to the cloud provider, the DDoS attack was quickly detected and stopped at the edge of Google’s network, and the customer was not impacted.

AWS Private 5G Mobile Network Generally Available But without 5G Support

Amazon recently announced the general availability of AWS Private 5G, a managed service to set up and deploy private mobile networks. The current lack of 5G support, the minimum price of a radio unit and the availability only in the United States raised some concerns in the community.

AWS Adds Coding Assistant CodeWhisperer to Lambda Console

AWS recently announced the preview of Amazon CodeWhisperer in the AWS Lambda console. Available as a native code suggestion feature in the code editor, the new functionality of the coding assistant can make code recommendations during Lambda function definition.

Amazon GuardDuty Introduces Malware Detection

At the recent re:Inforce security conference, AWS announced the availability of malware detection for Amazon GuardDuty. The new functionality of the managed threat detection service initiates a scan of the EBS volumes when it detects suspicious behavior indicative of malware on EC2 or containers.

Google Cloud Introduces Batch, a Service for Scheduling Batch Jobs

Google Cloud recently announced the preview of Batch, a managed service to run batch jobs at scale. The new service supports the latest T2A Arm-based instances and Spot VMs for large batch jobs utilizing task parallelization.

Are Recursive Serverless Functions the Biggest Billing Risk on the Cloud?

Forrest Brazeal, head of content at Google Cloud, recently argued that serverless functions are the cloud’s biggest billing risk for developers as there’s no simple way to protect against recursive calls and they can scale out almost indefinitely on all the cloud providers.

More news? A recap of my articles for InfoQ in July.

InfoQ – July 2022

From AMD R6a insances to Rocky Linux on Google Cloud, from Amazon Redshift Serverless to API backend options for Azure Static Web Apps: a recap of my articles for InfoQ in July.

AWS Announces AMD Based R6a Instances for Memory-Intensive Workloads

AWS recently announced the general availability of the R6a instances, EC2 designed for memory-intensive workloads like SQL and NoSQL databases.. The new instances are built on the AWS Nitro System and are powered by AMD Milan processors.

Google Cloud Introduces Optimized Rocky Linux Images for Customers Moving off CentOS

Google recently announced the general availability of Rocky Linux optimized for Google Cloud. The new images are customized variants of Rocky Linux, the open-source enterprise distribution compatible with Red Hat Enterprise.

Amazon Redshift Serverless Generally Available to Automatically Scale Data Warehouse

Amazon recently announced the general availability of Redshift Serverless, an elastic option to scale data warehouse capacity. The new service allows data analysts, developers and data scientists to run and scale analytics without provisioning and managing data warehouse clusters.

Amazon Announces General Availability of EC2 M1 Mac Instances to Build and Test on macOS

AWS recently announced the general availability of the EC2 M1 Mac instances based on the Apple ARM-based processor and designed for CI/CD of Apple-based applications. The M1 Mac option is faster and cheaper than the existing x86-based Mac version but still requires a minimum 24 hours commitment.

Azure Static Web Apps Introduces API Backend Options

Azure recently announced the preview of new API backend options in Azure Static Web Apps. Developers can now create an end-to-end authenticated application calling APIs hosted on Azure App Service, Azure Container Apps, or Azure API Management.

Amazon Aurora Supports PostgreSQL 14

Amazon recently announced that Aurora PostgreSQL supports PostgreSQL major version 14. The new release adds performance improvements and new capabilities, including support for SCRAM password encryption.

PostgreSQL Interface for Cloud Spanner Now Generally Available

Google Cloud recently announced the general availability of the PostgreSQL interface for Cloud Spanner. The new interface increases the portability of workloads to and from Spanner and provides a globally distributed option to developers already familiar with PostgreSQL.

TLS 1.2 Becoming the Minimum TLS Protocol Level on AWS

AWS recently announced that TLS 1.2 is going to become the minimum protocol level for API endpoints. The cloud provider will remove backward compatibility and support for versions 1.0 and 1.1 on all APIs and regions by June 2023.

More news? A recap of my articles for InfoQ in June.

InfoQ – June 2022

From the PowerShell Custom Runtime for Amazon Lambda to MongoDB Atlas Serverless, from SynLapse, a critical Synapse Analytics vulnerability in Azure, to AWS IoT ExpressLink: a recap of my articles for InfoQ in June.

AWS Releases IoT ExpressLink: Cloud-Connectivity Software for Hardware Modules

Amazon recently announced the general availability of AWS IoT ExpressLink. The cloud-connectivity software supports wireless hardware modules to build IoT products that connect with cloud services.

SynLapse: Orca Security Publishes Details for Critical Azure Synapse Vulnerability

In a recent article, Orca Security describes the technical details of SynLapse, a critical Synapse Analytics vulnerability in Azure that allowed attackers to bypass tenant separation. The issue is now addressed but the timing and the disclosure process raised concerns in the community.

Cockroach Labs 2022 Cloud Report: AMD Outperforms Intel

Cockroach Labs recently released their annual cloud report which evaluates the performance of AWS, Microsoft Azure and Google Cloud for common OLTP workloads. Differently from the past, this year’s report does not indicate a best overall provider, but concludes that AMD instances outperform Intel ones. ARM instances were not covered in the tests.

MongoDB Atlas Serverless Instances and Data API Now Generally Available

At the recent MongoDB World 2022 conference, MongoDB announced that serverless instances for Atlas and Data API are now generally available. The new managed serverless option introduces a tiered pricing, with automatic discounts on daily usage.

AWS Introduces IP-Based Routing on Route 53

AWS recently announced support for IP-based routing on Amazon Route 53. The new option of the DNS service allows customers to route resources of a domain based on the client subnet to optimize network transit costs and performance.

AWS DataSync Supports Moving Data between AWS, Google Cloud and Azure

Amazon recently announced that AWS DataSync now supports Google Cloud Storage and Azure Files storage as storage locations. The two new options of the data service helps moving data both into and out of AWS, but data transfer fees still might still be a limitation.

AWS Introduces PowerShell Custom Runtime for Lambda

AWS recently announced a new PowerShell custom runtime for AWS Lambda to run Lambda functions written in PowerShell. With the new runtime developers can write native PowerShell code in Lambda without having to compile it, simplifying deployment and testing.

More news? A recap of my articles for InfoQ in May.

InfoQ – May 2022

From Google Cloud Media CDN to EC2 I4i Instances, from AlloyDB to SageMaker Serverless Inference: a recap of my articles for InfoQ in May.

AWS Releases First Graviton3 Instances

AWS has recently announced the general availability of the C7g instances, the first EC2 instances running Graviton3 processors. Designed for compute-intensive workloads, they provide always-on memory encryption, dedicated caches for every vCPU, and support for pointer authentication.

Amazon Rekognition Introduces Streaming Video Events

AWS recently announced the general availability of Streaming Video Events, a new feature of Amazon Rekognition to provide real-time alerts on live video streams.

Amazon EC2 Supports NitroTPM and UEFI Secure Boot

AWS recently announced the general availability of the UEFI Secure Boot and of NitroTPM, a virtual TPM module for EC2 instances based on the AWS Nitro System. The new features are designed for boot-process validation, key protection and digital rights management.

Google Cloud Introduces PostgreSQL-Compatible AlloyDB for Enterprise Database Workloads

Google Cloud recently announced AlloyDB for PostgreSQL, a managed PostgreSQL-compatible service targeting enterprise deployments. AlloyDB is a full-featured cloud database supporting atomicity, consistency, isolation and durability (ACID)-compliant transactions.

AWS Introduces Storage-Optimized I4i Instances for IO-Heavy Workloads

AWS recently introduced the EC2 I4i instance type for data-intensive storage and IO-heavy workloads requiring fast access to medium-sized datasets. The new instances can benefit high-performance real-time relational databases, distributed file systems, data warehouses and key-value stores.

Google Cloud Introduces Media CDN for Content Delivery

Google Cloud recently announced the general availability of Media CDN, a content delivery network targeted to media and entertainment companies. The streaming platform supports advertising insertion and AI/ML analytics.

Amazon SageMaker Serverless Inference Now Generally Available

Amazon recently announced that SageMaker Serverless Inference is generally available. Designed for workloads with intermittent or infrequent traffic patterns, the new option provisions and scales compute capacity according to the volume of inference requests the model receives.

Amazon MSK Serverless Now Generally Available

AWS recently announced that Amazon MSK Serverless is now generally available. The serverless option to manage an Apache Kafka cluster removes the need to monitor capacity and automatically balances partitions within a cluster.

More news? A recap of my articles for InfoQ in April.

InfoQ – April 2022

From Fauna transactional database to infrastructure as SQL on AWS, from RDS and Aurora PostgreSQL vulnerabilities to AWS Firewall Manager: a recap of my articles for InfoQ in April.

Infrastructure as SQL on AWS: IaSQL is Now Open Source and SaaS

IaSQL, the company behind a service that models AWS infrastructure using SQL, has recently announced that IaSQL is available as open source and software as a service.

Amazon EC2 Introduces Automatic Recovery of Instances by Default

Amazon recently announced that EC2 instances will now automatically recover in case they become unreachable due to underlying hardware issues. Automatic recovery migrates the instance to a different hardware while retaining instance ID, private IP addresses, Elastic IP address, and metadata.

RDS and Aurora PostgreSQL Vulnerability Leads to AWS Deprecating Many Minor Versions

A researcher at the security company Lightspin recently explained how she obtained credentials to an internal AWS service using a PostgreSQL extension and exploiting a local file read vulnerability on RDS. AWS confirmed the issue and deprecated dozens of minor versions of Amazon Aurora and RDS for PostgreSQL.

AWS Firewall Manager Supports Palo Alto Networks Cloud Next Generation Firewalls

AWS recently announced that Firewall Manager supports Palo Alto Networks Cloud Next Generation Firewalls (NGFW). Palo Alto Networks partnered with the cloud provider to offer a managed firewall service designed to simplify securing AWS deployments.

AWS Introduces Lambda Function URLs to Simplify Serverless Deployments

AWS recently announced the general availability of Lambda Function URLs, a feature that lets developers directly configure a HTTPS endpoint and CORS headers for a Lambda function without provisioning other services.

Fauna Transactional Database Introduces Event Streaming

Fauna, the company behind the Fauna transactional database, recently announced the general availability of event streaming, a push-based stream that sends changes at both the document and collection levels to subscribed clients.

More news? A recap of my articles for InfoQ in March.

InfoQ – March 2022

From changes to AWS Lambda, to second generation Cloud Functions on Google Cloud, from new health services on Azure to growing concerns among developers about Google Cloud price increases: a recap of my articles for InfoQ in March.

AWS Lambda Supports up to 10 GB Ephemeral Storage for Data-Intensive Applications

AWS recently announced that Lambda functions now support up to 10 GB of ephemeral storage that is preserved for the lifetime of the execution environment. The feature will help customers that run data workloads such as media processing, machine learning inference or financial analysis.

Microsoft Introduces Azure Health Data Services: Protected Health Information on the Cloud

Microsoft recently announced Azure Health Data Services, a Platform-as-a-Service that allows organizations to upload, store, manage and analyze healthcare data in the open standards FHIR and DICOM.

Growing Concerns among Developers about Google Cloud Price Increases

Google Cloud recently announced changes to their pricing models, with storage and data transfer costs mostly affected. Many experts in the cloud community have been raising concerns about architectural implications and the end of a long term “prices never go up” cloud tenet.

Google Cloud Introduces Community Security Analytics

Google Cloud recently released Community Security Analytics (CSA), a set of open-sourced queries and rules for security analytics designed to help detect common cloud-based threats.

Cloud Spanner Introduces Committed Use Discounts

Google Cloud recently announced the launch of Committed Use Discounts (CUDs) for Cloud Spanner. The option triggers a 20% to 40% discount on the on-demand price of the managed relational database in exchange for a commitment of one or three years.

AWS Backup for Amazon S3 Generally Available

Amazon recently announced the general availability of AWS Backup for Amazon S3, a managed option to centralize data protection for applications storing data on S3. The new feature automates the backup and restore of application data on S3 and combines it with the backup of other services, including instances and databases.

Amazon S3 Supports New Checksum Algorithms for Integrity Checking

Amazon S3 recently introduced support of four checksum algorithms for data integrity checking on upload and download requests. Amazon claims that the enhancements to the AWS SDK and S3 API accelerates integrity checking of the S3 requests by up to 90%.

AWS Lambda Supports .NET 6

AWS Lambda recently added support for .NET 6, as both a managed runtime and a container base image. The new runtime introduces new .NET language features and performance optimizations, improves logging and simplifies function definition using top-level statements.

AWS WAF Introduces Fraud Control – Account Takeover Prevention

Amazon recently introduced Fraud Control – Account Takeover Prevention, a new feature of AWS Web Application Firewall to protect login pages at network edge.

Google Announces Second Generation Cloud Functions

Google recently announced the public preview of the second generation of Cloud Functions, the functions as a service platform on Google Cloud. The new version introduces more controls over functions runtime, provides better performances and scalability and supports triggers from more than 90 event sources.

More news? A recap of my articles for InfoQ in February.