On The Cloud Pod this week, Peter finally gets to share his top announcements of 2021. Plus, Google increases security with Siemplify, Azure updates Defender, and AWS comes into the new year with a lot of changes.

A big thanks to this week’s sponsors:

• Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning, and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud, and Azure.

This week’s highlights

• 🚨 AWS confirms that applications can now be deployed on Amazon EKS using the IPv6 address space.
• 🚨 Google looks to boost its security operations by acquiring SOAR provider Siemplify.
• 🚨 Azure spent December updating Defender: was it worth it?

Top Quotes  

💡 “All the cloud providers are embracing containerization and the technologies that allow containerized workloads to work well on their platform. But the side effect is that they also run equally well on everybody else’s platform.” 

💡 “[As Vice President of Google Cloud Phil Venables wrote in a blog post,] ‘The race by deep-pocketed cloud providers to create and implement leading secure technologies is the tip of the spear of innovation.’ Which is interesting, because I think this is an area where Google’s really crushed it, and I think Amazon has failed. Not failed, but not invested as much as they should have.”

General News: Google Acquires Siemplify

• 💰 Google acquired Siemplify, a security orchestration, automation and response (SOAR) provider. The hope appears to be that it will help security teams using GCP better manage their threat responses.

AWS: Plenty of Non-Outage News

• 🤨 IPv6 applications are now deployable through Amazon’s Elastic Kubernetes Service (EKS). This prevents IP exhaustion, minimizes latency, and simplifies routing configurations. On the downside, IPv6 can’t be added retroactively, and this EKS add-on only supports Linux — a dealbreaker for the team.
• 👩‍💻 The AWS compute optimizer has been enhanced to allow users to specify both x86 and ARM as their preferred architecture for their EC2 instance type recommendations. This is a big blow to other tools that perform the same operations. 
• 🎵 AWS announced the general availability of the EC2 Hpc6a Instance. It’s built for HPC workloads to leverage AMD EPYC 3rd-generation processors. This release expands AWS’ portfolio of HPC compute options. Plus, according to Justin, the instance name reminds him of the song “abcdefu” by GAYLE.
• 💡 According to a recent job posting, AWS plans to completely re-imagine how its network is managed. It allegedly has two secret projects that could mitigate the risk of cloud outages — like the one that impacted the company in December of 2021.

GCP: Phil Venables on the Keyboard

• ✍️ Phil Venables, the venerable Google VP and Chief Information Security Officer, wrote a blog post about megatrends he’s identified in the cloud security world. It’s worth a read if you’re wondering how someone at the top is thinking about the future.

Azure: The Best Offensive is a Good Defender

• 🛡️ Microsoft was busy in December with a series of Azure updates. Most importantly, it combined the K8 and container registries in the Azure Defender cloud offerings. The relevant components are automatically configured for K8-native scale onboarding. It also now supports multi-cloud, host-level threat detections.

Oracle: Throwing Shapes

• 🎂 Oracle Cloud Infrastructure (OCI) announced that starting at the end of February 2022, its Intel X7 shapes (Standard, HPC2, and GPU) will officially be considered an older generation. You’ll still be able to use them, but they will be a low priority for OCI, which means the quality of your experience may suffer.

Peter’s Favorite Announcements of 2021

👔 As he was absent from the final show of 2021, Peter gets to plug his favorite announcements from last year:

• The AWS Injection Simulator — “One of the strongest aspects of the cloud.” 
• Container-Native Cloud Global DNS for Kubernetes — Helps tightly integrate cloud services to make the user’s job so much easier. 
• Introduction of Amazon ECS Anywhere — Stepped up competition among all cloud providers.

TCP Lightning Round

⚡ Ryan scores the first point of the year, making the freshly zeroed-out scores Ryan (1), Jonathan (0), Justin (0), Peter (0). 

Other Headlines Mentioned:

• Customers using Google Kubernetes Engine (GKE) clusters can now use Amazon’s EKS service
• Amazon introduces a SQL explorer in EMR Studio
• AWS Firewall Manager now supports AWS Shield Advanced automatic application layer DDoS mitigation
• Instance Tags now available on the Amazon EC2 Instance Metadata Service
• Fine-grained access control is now supported on existing Amazon OpenSearch Service domains
• Amazon OpenSearch Service now supports anomaly detection for historical data
• Amazon ECS launches new simplified console experience for creating clusters and task definitions
• Azure Ultra Disk Storage is now generally available in the western U.S.
• AWS Toolkit for JetBrain’s IDEs adds support for ECS-Exec to troubleshoot containers
• Amazon SNS now supports Attribute-based access controls (ABAC)  
• Amazon Redshift Spectrum now offers custom data validation rules
• Azure Load Balancer SKU upgrade through PowerShell script