InfoQ – June 2022

From the PowerShell Custom Runtime for Amazon Lambda to MongoDB Atlas Serverless, from SynLapse, a critical Synapse Analytics vulnerability in Azure, to AWS IoT ExpressLink: a recap of my articles for InfoQ in June.

AWS Releases IoT ExpressLink: Cloud-Connectivity Software for Hardware Modules

Amazon recently announced the general availability of AWS IoT ExpressLink. The cloud-connectivity software supports wireless hardware modules to build IoT products that connect with cloud services.

SynLapse: Orca Security Publishes Details for Critical Azure Synapse Vulnerability

In a recent article, Orca Security describes the technical details of SynLapse, a critical Synapse Analytics vulnerability in Azure that allowed attackers to bypass tenant separation. The issue is now addressed but the timing and the disclosure process raised concerns in the community.

Cockroach Labs 2022 Cloud Report: AMD Outperforms Intel

Cockroach Labs recently released their annual cloud report which evaluates the performance of AWS, Microsoft Azure and Google Cloud for common OLTP workloads. Differently from the past, this year’s report does not indicate a best overall provider, but concludes that AMD instances outperform Intel ones. ARM instances were not covered in the tests.

MongoDB Atlas Serverless Instances and Data API Now Generally Available

At the recent MongoDB World 2022 conference, MongoDB announced that serverless instances for Atlas and Data API are now generally available. The new managed serverless option introduces a tiered pricing, with automatic discounts on daily usage.

AWS Introduces IP-Based Routing on Route 53

AWS recently announced support for IP-based routing on Amazon Route 53. The new option of the DNS service allows customers to route resources of a domain based on the client subnet to optimize network transit costs and performance.

AWS DataSync Supports Moving Data between AWS, Google Cloud and Azure

Amazon recently announced that AWS DataSync now supports Google Cloud Storage and Azure Files storage as storage locations. The two new options of the data service helps moving data both into and out of AWS, but data transfer fees still might still be a limitation.

AWS Introduces PowerShell Custom Runtime for Lambda

AWS recently announced a new PowerShell custom runtime for AWS Lambda to run Lambda functions written in PowerShell. With the new runtime developers can write native PowerShell code in Lambda without having to compile it, simplifying deployment and testing.

More news? A recap of my articles for InfoQ in May.

InfoQ – May 2022

From Google Cloud Media CDN to EC2 I4i Instances, from AlloyDB to SageMaker Serverless Inference: a recap of my articles for InfoQ in May.

AWS Releases First Graviton3 Instances

AWS has recently announced the general availability of the C7g instances, the first EC2 instances running Graviton3 processors. Designed for compute-intensive workloads, they provide always-on memory encryption, dedicated caches for every vCPU, and support for pointer authentication.

Amazon Rekognition Introduces Streaming Video Events

AWS recently announced the general availability of Streaming Video Events, a new feature of Amazon Rekognition to provide real-time alerts on live video streams.

Amazon EC2 Supports NitroTPM and UEFI Secure Boot

AWS recently announced the general availability of the UEFI Secure Boot and of NitroTPM, a virtual TPM module for EC2 instances based on the AWS Nitro System. The new features are designed for boot-process validation, key protection and digital rights management.

Google Cloud Introduces PostgreSQL-Compatible AlloyDB for Enterprise Database Workloads

Google Cloud recently announced AlloyDB for PostgreSQL, a managed PostgreSQL-compatible service targeting enterprise deployments. AlloyDB is a full-featured cloud database supporting atomicity, consistency, isolation and durability (ACID)-compliant transactions.

AWS Introduces Storage-Optimized I4i Instances for IO-Heavy Workloads

AWS recently introduced the EC2 I4i instance type for data-intensive storage and IO-heavy workloads requiring fast access to medium-sized datasets. The new instances can benefit high-performance real-time relational databases, distributed file systems, data warehouses and key-value stores.

Google Cloud Introduces Media CDN for Content Delivery

Google Cloud recently announced the general availability of Media CDN, a content delivery network targeted to media and entertainment companies. The streaming platform supports advertising insertion and AI/ML analytics.

Amazon SageMaker Serverless Inference Now Generally Available

Amazon recently announced that SageMaker Serverless Inference is generally available. Designed for workloads with intermittent or infrequent traffic patterns, the new option provisions and scales compute capacity according to the volume of inference requests the model receives.

Amazon MSK Serverless Now Generally Available

AWS recently announced that Amazon MSK Serverless is now generally available. The serverless option to manage an Apache Kafka cluster removes the need to monitor capacity and automatically balances partitions within a cluster.

More news? A recap of my articles for InfoQ in April.

InfoQ – April 2022

From Fauna transactional database to infrastructure as SQL on AWS, from RDS and Aurora PostgreSQL vulnerabilities to AWS Firewall Manager: a recap of my articles for InfoQ in April.

Infrastructure as SQL on AWS: IaSQL is Now Open Source and SaaS

IaSQL, the company behind a service that models AWS infrastructure using SQL, has recently announced that IaSQL is available as open source and software as a service.

Amazon EC2 Introduces Automatic Recovery of Instances by Default

Amazon recently announced that EC2 instances will now automatically recover in case they become unreachable due to underlying hardware issues. Automatic recovery migrates the instance to a different hardware while retaining instance ID, private IP addresses, Elastic IP address, and metadata.

RDS and Aurora PostgreSQL Vulnerability Leads to AWS Deprecating Many Minor Versions

A researcher at the security company Lightspin recently explained how she obtained credentials to an internal AWS service using a PostgreSQL extension and exploiting a local file read vulnerability on RDS. AWS confirmed the issue and deprecated dozens of minor versions of Amazon Aurora and RDS for PostgreSQL.

AWS Firewall Manager Supports Palo Alto Networks Cloud Next Generation Firewalls

AWS recently announced that Firewall Manager supports Palo Alto Networks Cloud Next Generation Firewalls (NGFW). Palo Alto Networks partnered with the cloud provider to offer a managed firewall service designed to simplify securing AWS deployments.

AWS Introduces Lambda Function URLs to Simplify Serverless Deployments

AWS recently announced the general availability of Lambda Function URLs, a feature that lets developers directly configure a HTTPS endpoint and CORS headers for a Lambda function without provisioning other services.

Fauna Transactional Database Introduces Event Streaming

Fauna, the company behind the Fauna transactional database, recently announced the general availability of event streaming, a push-based stream that sends changes at both the document and collection levels to subscribed clients.

More news? A recap of my articles for InfoQ in March.

InfoQ – March 2022

From changes to AWS Lambda, to second generation Cloud Functions on Google Cloud, from new health services on Azure to growing concerns among developers about Google Cloud price increases: a recap of my articles for InfoQ in March.

AWS Lambda Supports up to 10 GB Ephemeral Storage for Data-Intensive Applications

AWS recently announced that Lambda functions now support up to 10 GB of ephemeral storage that is preserved for the lifetime of the execution environment. The feature will help customers that run data workloads such as media processing, machine learning inference or financial analysis.

Microsoft Introduces Azure Health Data Services: Protected Health Information on the Cloud

Microsoft recently announced Azure Health Data Services, a Platform-as-a-Service that allows organizations to upload, store, manage and analyze healthcare data in the open standards FHIR and DICOM.

Growing Concerns among Developers about Google Cloud Price Increases

Google Cloud recently announced changes to their pricing models, with storage and data transfer costs mostly affected. Many experts in the cloud community have been raising concerns about architectural implications and the end of a long term “prices never go up” cloud tenet.

Google Cloud Introduces Community Security Analytics

Google Cloud recently released Community Security Analytics (CSA), a set of open-sourced queries and rules for security analytics designed to help detect common cloud-based threats.

Cloud Spanner Introduces Committed Use Discounts

Google Cloud recently announced the launch of Committed Use Discounts (CUDs) for Cloud Spanner. The option triggers a 20% to 40% discount on the on-demand price of the managed relational database in exchange for a commitment of one or three years.

AWS Backup for Amazon S3 Generally Available

Amazon recently announced the general availability of AWS Backup for Amazon S3, a managed option to centralize data protection for applications storing data on S3. The new feature automates the backup and restore of application data on S3 and combines it with the backup of other services, including instances and databases.

Amazon S3 Supports New Checksum Algorithms for Integrity Checking

Amazon S3 recently introduced support of four checksum algorithms for data integrity checking on upload and download requests. Amazon claims that the enhancements to the AWS SDK and S3 API accelerates integrity checking of the S3 requests by up to 90%.

AWS Lambda Supports .NET 6

AWS Lambda recently added support for .NET 6, as both a managed runtime and a container base image. The new runtime introduces new .NET language features and performance optimizations, improves logging and simplifies function definition using top-level statements.

AWS WAF Introduces Fraud Control – Account Takeover Prevention

Amazon recently introduced Fraud Control – Account Takeover Prevention, a new feature of AWS Web Application Firewall to protect login pages at network edge.

Google Announces Second Generation Cloud Functions

Google recently announced the public preview of the second generation of Cloud Functions, the functions as a service platform on Google Cloud. The new version introduces more controls over functions runtime, provides better performances and scalability and supports triggers from more than 90 event sources.

More news? A recap of my articles for InfoQ in February.

InfoQ – February 2022

From CloudFront to Google Certificate Manager, from Elastic File System Replication to AWS IoT RoboRunner: a recap of my articles for InfoQ in February.

AWS Introduces Managed Prefix List for CloudFront

AWS recently announced the availability of the AWS managed prefix list for CloudFront. Customers can now limit inbound HTTP/HTTPS traffic to a VPC and an application from only IP addresses that belong to CloudFront’s origin-facing servers.

Amazon Introduces S3 Batch Replication to Replicate Existing Objects

Amazon recently introduced Batch Replication for S3, an option to replicate existing objects and synchronize buckets. The new feature is designed for use cases such as disaster recovery setup, reduce latency or transfer ownership of existing data.

Google Cloud Introduces Certificate Manager

Google Cloud recently introduced the public preview of Certificate Manager, a service that integrates with External HTTPS Load Balancing to manage multiple certificates and domains.

Amazon Launches AWS IoT RoboRunner for Robot Fleet Management Applications

Amazon recently announced the preview of AWS IoT RoboRunner, a new service to help companies build and deploy robotics management applications. Developed from technology already in use at Amazon warehouses, IoT RoboRunner provides infrastructure to connect fleets of robots and automation software.

Amazon Announces Elastic File System Replication for Multi-Region Deployments

Amazon recently announced Elastic File System Replication to keep an up-to-date copy of a network file system in a second AWS region or within the same region.

More news? A recap of my articles for InfoQ in January

InfoQ – January 2022

From Lambda Powertools to OpenSearch, from Google Spanner to RDS clusters: a recap of my articles for InfoQ in January.

Amazon OpenSearch Adds Anomaly Detection for Historical Data

Amazon OpenSearch recently introduced the support of anomaly detection for historical data. The machine learning based feature helps identifying trends, patterns, and seasonality in OpenSearch data.

Amazon Announces AWS Lambda Powertools TypeScript.

Amazon recently announced the beta release of AWS Lambda Powertools TypeScript. The set of utilities for Node.js Lambda functions helps developers follow best practices for tracing, structured logging and custom metrics.

Google Cloud Spanner Dialect for SQLAlchemy is Generally Available

Google Cloud recently announced the general availability of the Spanner dialect enabling SQLAlchemy applications to run on the distributed SQL database management and storage service.

Incorrect IAM Policy Raised Questions about AWS Access to S3 Data

An unexpected change in the policy used by AWS Support raised concerns about access to customers’ S3 data. The cloud provider reverted the change, stating that the permissions were not and could not be used and published a security bulletin. Security experts suggest steps to detect and prevent similar issues in the future.

Amazon RDS Introduces Readable Standby Instances in Multi-AZ Deployments

AWS has recently announced readable standby instances in Amazon RDS multi-AZ deployments. The new database cluster option provides high availability and durability for workloads requiring more read capacity and consistent transaction latency.

More news? A recap of my articles for InfoQ in December.

Developing and Deploying Secure Code with AWS Lambda

I am looking forward to moderate tonight the InfoQ webinar Developing and Deploying Secure Code with AWS Lambda with Tal Melamed and Mark Kriaf.

Attend this webinar to learn how to find and fix overly permissive AWS Lambda functions with ease, uncover vulnerabilities in your custom code and open source packages, gain a holistic view of your AWS Lambda application, including all functions and related components, and more.