Tech Updates for Busy People, December 2023
Table of Contents
Hello World!
Artificial intelligence is a liability
Afraid of being replaced by AI? Not so fast.
Quantum Computing’s Hard, Cold Reality Check
Looks like the quantum computer revolution is not coming in the near future. Read here.
Now, let’s get to the updates!
AWS
AWS Resilience Hub expands support for customer compliance with ISO and SOC
AWS Resilience Hub has added certification for International Organization for Standardization (ISO) and System and Organization Controls (SOC). Amazon Web Services (AWS) maintains certifications through extensive audits of its controls to ensure that information security risks that affect the confidentiality, integrity, and availability of company and customer information are appropriately managed. More info here.
AWS Secrets Manager announces 99.99% Service Level Agreement
More info here.
Amazon QuickSight enhances SPICE ingestion performance by up to 4x with parallel ingestion
The new enhanced ingestion performance is now available in Amazon QuickSight Standard and Enterprise Editions in all QuickSight regions - US East (N. Virginia and Ohio), US West (Oregon), Canada, Sao Paulo, Europe (Frankfurt, Stockholm, Paris, Ireland and London), Asia Pacific (Mumbai, Seoul, Singapore, Sydney and Tokyo), and the AWS GovCloud (US-West) Region
Amazon EC2 Instance Connect now supports RHEL, CentOS, and macOS
With EC2 Instance Connect, you can control SSH access to your instances using AWS Identity and Access Management (IAM) policies as well as audit connection requests with AWS CloudTrail events. More info here.
AWS Lambda functions now scale up to 12X faster
AWS Lambda functions now scale up at a 12x faster rate. With this improvement each function can scale up to a rate of 1,000 concurrent executions every 10 seconds, up to your account concurrency limit. More info here.
AWS Migration Hub Orchestrator now supports replatforming applications to Amazon ECS
AWS Migration Hub Orchestrator adds support for replatforming .NET and Java applications to Amazon Elastic Container Service (ECS) on AWS Fargate to make it easy for you to containerize applications with a guided experience. More info here.
AWS Lambda simplifies connectivity to Amazon RDS and RDS Proxy via Lambda console
AWS Lambda now allows customers to connect Lambda functions to both Amazon Relational Database Services (Amazon RDS) and Amazon RDS Proxy directly from the Lambda console. Customers can now use a guided workflow to connect their Lambda function to a new or existing RDS database instance or RDS proxy. As part of the setup, AWS Lambda will now also automatically set up related network settings to enable a secure and scalable connection. More info here.
Amazon CloudWatch now supports Cross-Account Metrics Insights
Amazon CloudWatch now supports Metrics Insights in Cross-Account observability. With Amazon CloudWatch cross-account observability, you can use Metrics Insights to monitor and troubleshoot applications that span multiple accounts within a Region. More info here and here
Amazon CloudWatch Metric Streams adds support for OpenTelemetry 1.0.0
Amazon CloudWatch announces support for the OpenTelemetry Protocol (OTLP) 1.0.0 specification as a new output format in CloudWatch Metric Streams. With Metric Streams, you can create a continuous, near real-time stream of metrics to a destination of your choice.
Amazon CloudWatch Logs announces streaming API support for Live Tail
Streaming API support for Amazon CloudWatch Logs Live Tail is now available, making it possible to programmatically view, search and filter relevant log events in real-time. You can now view your logs interactively in real-time as they’re ingested within your own custom applications or dashboards inside or outside of AWS
AWS Lambda adds support for Python 3.12
AWS Lambda now supports creating serverless applications using Python 3.12. Developers can use Python 3.12 as both a managed runtime and a container base image, and AWS will automatically apply updates as they become available. You can use Python 3.12 with Lambda@Edge, allowing you to customize low-latency content delivered through Amazon CloudFront.
Amazon DevOps Guru achieves FedRAMP Moderate compliance
Amazon DevOps Guru has achieved Federal Risk and Authorization Management Program (FedRAMP) Moderate authorization, approved by the FedRAMP Joint Authorization Board (JAB), for the AWS US East / West Region which includes US East (Ohio), US East (N. Virginia), US West (N. California), and US West (Oregon) Regions.
Amazon MQ now supports RabbitMQ version 3.10.25
Amazon MQ now provides support for RabbitMQ version 3.10.25, which includes several fixes and performance improvements to the previous versions of RabbitMQ supported by Amazon MQ.
AWS Billing Conductor now provides margin analysis reports for AWS services
AWS Billing Conductor (ABC) customers can analyze the margins (realized savings) for each AWS service their accounts are using. ABC calculates margin by evaluating the difference between the proforma “charged amount” calculated by the service, and the invoiced costs for accounts in billing groups. Margin values can be positive or negative.
AWS Security Hub launches 15 new security controls
Increasing the number of controls offered to 307. Security Hub now supports additional AWS services such as Amazon FSx and AWS Private Certificate Authority (AWS Private CA). Security Hub also released new controls against previously supported services like Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Kubernetes Service (Amazon EKS), and Amazon Simple Storage Service (Amazon S3). For the full list of recently released controls and the AWS Regions in which they are available, visit the Security Hub user guide.
Amazon CloudWatch Container Insights launches cross-account observability for Amazon EKS
Amazon CloudWatch Container Insights launches cross-account observability across Amazon Elastic Kubernetes Service (EKS) to help you monitor and troubleshoot applications that span across multiple AWS accounts within an AWS Region.
AWS Audit Manager now supports PCI 4.0 for automated evidence collection
AWS Audit Manager announces support for the Payment Card Industry Data Security Standard v4.0 (PCI DSS v4.0) for automated evidence collection. More info here
AWS Network Firewall egress TLS inspection is now available in all regions
Egress Transport Layer Security (TLS) inspection for AWS Network Firewall is now available in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions.
Amazon Route 53 Resolver Endpoints now supports DNS-over-HTTPS (DoH)
You can now enable DNS-over-HTTPS (DoH) on Amazon Route 53 Resolver endpoints to encrypt DNS queries that pass through the endpoints and improve privacy by minimizing the visibility of the information exchanged through the queries.
Azure
Migration of Azure Virtual Network injected Azure Data Explorer cluster to Private Endpoints
This feature that allows you to migrate your VNet injected ADX cluster to Private Endpoints with minimal downtime and disruption. The migration process is simple and can be done using the Azure portal, the ARM template, or any code which uses the ADX SDK. More info here.
Generally available: PostgreSQL 16 support in Azure Database for PostgreSQL
PostgreSQL 16 on Azure Database for PostgreSQL – Flexible Server. With this release, you’ll experience enhanced logical replication capabilities, allowing for more efficient and reliable data synchronization across your systems. Improve the performance and efficiency of your query execution, thanks to advanced optimizations in FULL and RIGHT joins, and refined plans for complex queries. More info here.
Public Preview: Accelerated logs in Azure Database for MySQL - Flexible Server
The accelerated logs feature in Azure Database for My SQL – Flexible Server allows you to boost the performance of your servers in the Business-Critical service tier. Enable this feature to store server transactional logs on faster storage thereby enhancing throughput without incurring any extra cost. More info here.
General Availability: Connection audit logs for Enterprise tier caches for Azure Cache for Redis
Now available, Enterprise and Enterprise Flash tier caches for Azure Cache for Redis are able to log all connection, disconnection, and authentication events occurring on your cache. More info here
Generally Available: Azure Functions support on Apple Silicon Macs
Azure Functions support for local development on Apple Silicon Macs is now generally available for Node.js, .NET, PowerShell, Python 3.8+, and Java 11 & 17.
Generally Available: AKS support for API breaking change detection
Azure Kubernetes Service (AKS) now supports fail fast on minor version change of Kubernetes cluster upgrades. This feature alerts you with an error message if it detects usage of deprecated Kubernetes standard APIs in the intended goal version provided you are using the latest API version. Detecting the change at this stage saves you from having to spend time on post upgrade workload troubleshooting. More info here.
Public preview: Node autoprovision support in AKS
Azure Kubernetes Service (AKS) now supports Node autoprovision (NAP) in public preview. This feature will provision the right VMs for your workloads based on the resources needed to efficiently allocate infrastructure.
Azure Event Grid releases public preview support for events from services like Microsoft Entra ID, Microsoft Outlook, and Microsoft Teams.
Using Azure Event Grid, you can now automate workflows in response to changes to a wide range of Microsoft resources. For example, if you are interested in providing additional access levels to an employee who changed roles, your application can receive Microsoft Entra ID’s user events notifying you about the changes in the employee’s position.
General Availability - Snapshots feature of Azure App Configuration
Announcing the General Availability of Snapshots in App Configuration. With Snapshots, App Configuration provides
- Production Stability Assurance: Safeguard your production configuration against unintended changes.
- Efficient Rollbacks, minimal Downtime: Navigate through Configuration changes seamlessly by keeping last known good configuration quickly accessible.
- Comprehensive Audit Trail: Delve into an in-depth history of Configuration changes and gain insights into your application’s evolution.
More info here.
Store and manage medical imaging data with Azure Data Lake Storage (Preview)
Azure Data Lake Storage integration for the DICOM® service in Azure Health Data Services os now in preview. The DICOM service provides cloud-scale storage for medical imaging data using the DICOMweb standard. More info here.
Generally Available: Red Hat Enterprise Linux 8.9 now supported on Azure Virtual Machines
Red Hat Enterprise Linux (RHEL) 8.9 is the latest minor release of Red Hat Enterprise Linux 8, which provides stability and security for production environments along with bug fixes and enhancements for improved performance and reliability
Generally Available: Azure Red Hat OpenShift v4.13
Azure Red Hat OpenShift version 4.13 is now available at install time.
Public Preview: Free SQL Managed Instance
More info here.
Generally Available: Azure Chaos Studio supports new faults for Service Bus
Azure Chaos Studio now supports new fault actions for Service Bus resource.
Change Queue State, Change Topic State, and Change Subscription State: These new service-direct faults allow customers to fully or partially disable entities within a targeted Service Bus namespace. This can help test messaging infrastructure for maintenance or failure scenarios for an application that depends on Service Bus. More info here.
GCP
Cloud Pub/Sub trigger supports cross-project topics
You can now configure your Cloud Pub/Sub trigger for a Pub/Sub topic that isn’t in the same Google Cloud project as your integration. The Pub/Sub topic can be in any Google Cloud project. More info here.
Policy Controller integration released to General Availability
The integration of Policy Controller for Kubernetes clusters with Security Command Center is released to General Availability. Violation alerts from Policy Controller appear in Security Command Center as misconfiguration findings. More info here.
Google Cloud Armor DDoS attack visibility
DDoS attack visibility is now Generally Available. For more information, see Access DDoS attack visibility telemetry.
Cloud Storage
The restrict unencrypted HTTP requests organization policy constraint is now generally available (GA). This constraint blocks all unencrypted HTTP access to Cloud Storage resources.
Cross Cloud Materialized Views
Cross-cloud MVs allow customers to very easily create a summary materialized view on GCP from base data assets available on another cloud. More info here.