[SEPTEMBER 19 - SEPTEMBER 25 Edition] Also: AWS IAM role trust policy change. Local clusters for Amazon EKS on Outposts, Vertex AI previews Streaming Ingestion for Matching Engine, Benchmarking Dataflow jobs with PKB
AWS IAM removing role’s implicit self-trust
Aimed at improving consistency and visibility into role behavior and privileges, role trust policy must now explicitly grant permission to all principals including the role itself.
Local clusters for Amazon EKS on Outposts generally available
They let you run an entire Amazon EKS cluster locally on Outposts to mitigate the risk of downtime arising from temporary network disconnects to the cloud; available in select regions.
Vertex AI previewing Streaming Ingestion for Matching Engine and Feature Store
Allows users to continuously deliver updated search results and latest feature values with low latency, enabling real-time AI-powered experiences; see how it works with two architecture blueprints for ad recommendation and ecommerce.
Benchmarking pipelines by performance, size, and costs in Dataflow with PKB
Measure throughput per vCPU core in elements per second with open source tool PerfKit Benchmarker that now supports Dataflow jobs; use it to deduce their sufficiency for input workloads and calculate TCO with Google Cloud pricing Calculator.
NPrimeCloud: 90 days. 10,000 subscribers, and growing
Survey reveals why cert-manager is critical for securing hybrid cloud Kubernetes environments
Jetstack survey on cert-manager user community says 47% production clusters not running latest cert manager, 81% point to potential misconfiguration of ingress points. Read more results here.
Immutable storage for Azure Data Lake Storage generally available
Lets users store data in a write once, read many (WORM) state and set a retention period within which the files cannot be deleted.
New AWS Enterprise Support add-on for proactive monitoring and incident management
AWS Incident Detection and Support add-on enables speedy, on-call recovery of affected workloads which are continuously monitored by AWS Engineers; Solution Providers and Distributors can enroll starting Oct 1 to receive a discount off public pricing.
DNS resource record set permissions for Amazon Route 53
Lets users specify granular IAM policies to control who can create, edit, or delete individual resource record sets within a hosted zone; feature is generally available in all commercial regions.