MICROSOFT AZURE
INTERCONNECTING MICROSOFT AZURE AND ORACLE CLOUD
Microsoft and Oracle have partnered up to deliver a highly-optimised, best-of-both-clouds experience. In a press release in June Microsoft announced a ‘cloud interoperability partnership enabling customers to migrate and run mission-critical enterprise workloads’ across Microsoft Azure and Oracle Cloud.
Some of the new capabilities you can look forward to are:
- Connect Azure and Oracle Cloud seamlessly, allowing customers to extend their on-premises datacentres to both clouds.
- Unified identity and access management, via a unified single sign-on experience and automated user provisioning, to manage resources across Azure and Oracle Cloud.
- Supported deployment of custom applications and packaged Oracle applications on Azure with Oracle databases deployed in Oracle Cloud.
- A collaborative support model to help IT organisations deploy these new capabilities while enabling them to leverage existing customer support relationships and processes.
AZURE BACKUP FOR SQL SERVER 2008 IN PREVIEW
SQL Server 2008 might be reaching end of life this month but for those customers who are choosing to migrate their workloads to Azure there’s another surprise from Microsoft. Azure Backup is an enterprise-scale, zero-infrastructure solution that protects SQL Server on Virtual Machines (VM) in Azure without the need to deploy and manage any backup infrastructure. This offering is already generally available for more recent SQL Server versions, but last month Microsoft announced Azure Backup support for SQL Server 2008 and 2008 R2 end of support is now in public preview.
Benefits of Azure Backup. Source: Microsoft
INTELLIGENT PERFORMANCE FOR AZURE DATABASE FOR MYSQL NOW IN PREVIEW
Azure Database for MySQL now provides preview support for Intelligent Performance, which includes three distinct features: query store, query performance insights, and performance recommendations. These features work together to provide you with the ability to better understand your workloads, identify bottlenecks, and visually inspect your workloads. Use this functionality to view a list of recommendations that will help improve the performance of your workloads.
ANNOUNCING THE PREVIEW OF AZURE BASTION
‘We need an easy and integrated way to deploy, run, and scale jump-servers or bastion hosts within our Azure infrastructure’
Microsoft certainly listened to our requests leading up to the preview of Azure Bastion! For many of us, securely connecting from the outside to workloads and VMs on private networks can be challenging. Exposing VMs to the public Internet to enable connectivity through Remote Desktop Protocol (RDP) and Secure Shell (SSH), increases the perimeter, rendering your critical networks and attached VMs more open and harder to manage.
Azure Bastion is a new managed PaaS service that provides seamless RDP and SSH connectivity to your VMs over the Secure Sockets Layer (SSL). This is completed without any exposure of the public IPs on your VMs. Azure Bastion provisions directly in your Azure Virtual Network, providing bastion host or jump server as-a-service and integrated connectivity to all VMs in your virtual networking using RDP/SSH directly from and through your browser and the Azure portal experience. This can be executed with just two clicks and without the need to worry about managing network security policies.
Limit public exposure of VM IPs with Azure Bastion. Source: Microsoft
NEW ZONE-REDUNDANT VPN AND EXPRESSROUTE GATEWAYS NOW IN PUBLIC PREVIEW
You can now deploy VPN and ExpressRoute gateways in Azure Availability Zones. This physically and logically separates them into different Availability Zones protecting your on-premises network connectivity to Azure from zone-level failures. Additionally, Microsoft have made fundamental performance improvements including reducing the deployment time to create a virtual network gateway.
By adding support for Azure Availability Zones Microsoft is bringing increased resiliency, scalability, and higher availability to virtual network gateways.
STORAGE AUTO-GROW FOR AZURE DATABASE FOR MYSQL NOW GENERALLY AVAILABLE
In June, Microsoft announced that Azure Database for MySQL users can opt-in to storage auto-grow, which is now generally available. With auto-grow enabled, Azure Database for MySQL will automatically increase the size of the provisioned storage of users’ database servers. As a result, there’s no longer a need to worry about rightsizing when beginning to use these services or about running out of storage.
AUDITING FOR AZURE DEVOPS NOW IN PUBLIC PREVIEW
Auditing for Azure DevOps gives you the ability to monitor activities and changes throughout your organisation. When an auditable event occurs, a log entry is recorded. These events may occur in any portion of Azure DevOps and include information such as who caused the event to be logged and their IP, what happened, and other useful details that can help you answer the who, what, when, and where questions.
Auditing for Azure DevOps. Source: Microsoft
FASTTRACK FOR AZURE NOW AVAILABLE
Bringing proven practices, design principles and tools from engineering and real customer experiences, FastTrack for Azure guides customers from design, configuration, and development to production. As of right now FastTrack is only available to customers who are:
- Located in the US, Canada, New Zealand, UK, France, Latin America or Western Europe
- Have an identified FTA-supported Azure project with expected consumption per project of > incremental USD 5,000/month or equivalent in local currency once fully ramped (within 12 months) and intent to deploy in the near term
- Have an active paid Azure subscription.
Benefits of FastTrack for Azure. Source: Microsoft
NEW MANAGED INSTANCE CONTRIBUTOR ROLE ENHANCES SECURITY OF AZURE SQL DATABASE MANAGED INSTANCE
Introducing the new Azure RBAC role Managed Instance Contributor designed with a minimum set of managed instance and networking permissions required to provision and operate managed instance. This enhances security and enterprise compliance, as only individuals authorised to manage Azure SQL Database managed instance assets can be granted RBAC permissions through the new role.
IN OTHER NEWS:
Announcing the general availability of Azure premium files
Microsoft warns Azure customers of Exim worm
Azure SQL Database managed instance now supports larger regional resource limitations
Microsoft encourages hacking its cloud services with Safe Harbor
Enhanced management capabilities to release unused subnets and create databases available for Azure SQL Database managed instance
AMAZON WEB SERVICES
AWS ANNOUNCES GENERAL AVAILABILITY OF AWS SECURITY HUB
AWS Security Hub gives customers a central place to manage security and compliance across an AWS environment. The service aggregates, organises, and prioritises security alerts from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large list of AWS Partner Network solutions.
Customers can also run automated, continuous compliance checks based on industry standards and best practices, helping to identify specific accounts and resources that require attention. AWS Security Hub brings all of this information together in one place, providing a comprehensive view of a customer’s overall security and compliance status visually summarised on integrated dashboards with actionable graphs and tables.
How AWS Security Hub works. Source: AWS
AWS ANNOUNCES GENERAL AVAILABILITY OF AWS CONTROL TOWER
AWS Control Tower is designed to make it easy for customers to set up and continuously govern secure, compliant multi-account AWS environments. AWS Control Tower gives customers an automated landing zone (a pre-configured environment built according to AWS best-practices) as well as a pre-packaged set of guardrails (clearly defined rules for security, operations, and compliance) that provide ongoing governance. Customers can use AWS Control Tower to deploy their new multi-account environment with just a few clicks in the AWS Management Console.
VIEW AND MANAGE AWS SERVICE QUOTAS FROM ONE CENTRAL LOCATION WITH AWS SERVICE QUOTAS
As of last month, you can now know before you max out your AWS services with AWS Service Quotas. The new feature enables you to view and manage your quotas (or limits) from a central location via the AWS console, API or the CLI. Service Quotas is a central way to find and manage service quotas, an easier way to request and track quota increases, and a simplified way to request quota increases for new accounts created in AWS Organisations.
The benefits of AWS Service Quotas include:
- Central management of service quotas
- Improved visibility of service quotas
- Easier quota increase requests
- Paving the way for proactive quota management
- Simplify quota requests for new accounts in AWS Organisations
RDX EASES ORACLE DATABASE MIGRATION TO POSTGRESQL ON AWS
In June, RDX launched a set of tools designed to make it easier to convert applications running on an Oracle database to Amazon Aurora, an instance of an open source PostgreSQL database running on AWS. Announced at AWS Summit the clckwrk Refactoring Service for Oracle promises to reduce the amount of manual effort associated with refactoring applications for the Amazon Aurora platform by automating as much as 60% of the database schema conversion process.
INTRODUCING VPC TRAFFIC MIRRORING
In June AWS launched VPC Traffic Mirroring. What is this new feature? According to the announcement VPC Traffic Mirroring can be used with your existing Virtual Private Clouds (VPCs) to capture and inspect network traffic at scale.
This allows you to:
- Detect network and security anomalies
- Gain operational insights
- Implement compliance and security controls
- Troubleshoot issues
You can think of VPC Traffic Mirroring as a “virtual fibre tap” that gives you direct access to the network packets flowing through your VPC. You can choose to capture all traffic, or you can use filters to capture the packets that are of particular interest to you, with an option to limit the number of bytes captured per packet. You can use VPC Traffic Mirroring in a multi-account AWS environment, capturing traffic from VPCs spread across many AWS accounts and then routing it to a central VPC for inspection.
IN OTHER NEWS:
AWS adds new partner programs for cloud migrations and government projects
AWS launches machine learning driven text and data extractor Amazon Textract
Pulumi Crosswalk for AWS Accelerates Delivery of Well-Architected Infrastructure as Code
Get CloudStack{d} straight to your inbox
If you enjoyed the latest edition of CloudStack{d} pop your details into the form below and we’ll send you future editions
[123-contact-form i1243466]
Izzi Fuller
Product Marketing Manager
Izzi has worked in marketing for the last five years and currently heads up the N4Stack marketing team. She spends her days buried in SEO, content writing, web editing, campaign strategy, analytics, and anything else that’s thrown her way.
In her spare time you’ll find Izzi with her two dogs, Gatsby and Dexter, lost in a book, or in a different country soaking up the sun and the sights. Find out more about Izzi here.