Flux7 Blog

In this week’s DevOps news, VMware takes center stage with a host of announcements from its VMworld 2020. Beginning with security, VMware announces a new SASE Platform with VMware SD-WAN; Cloud Access Service Broker, Secure Web Gateway, and remote browser isolation from its collaboration with Menlo Security; a VMware NSX Stateful Layer 7 Firewall SaaS offering and; Zero Trust Network Access. 

Other announcements include production VMware footprint in every major public cloud with new AWS capabilities such as:

• On-demand Disaster Recovery as a Service backed by Amazon S3 storage.
• VMware Tanzu support to extend on-premises Tanzu deployments to VMC and across clouds.
• VMware Transit Connect.
• Enhanced automation with expanded vRealize Operations, Cloud Automation, Orchestrator, Log Insight and Network Insight support.

DevOps News

• GitHub releases code scanning. Described as a developer-first, GitHub-native approach to easily finding security vulnerabilities before they reach production, GitHub scanning integrates with GitHub Actions and/or existing CI/CD environment
• Datadog integrates with Microsoft Azure for a seamless configuration experience. The integration makes it easier for operators to map legacy and cloud-based systems for logging and monitoring during every phase of cloud transitions.
• Cisco announces its intent to purchase Kubernetes security startup Portshift.
• Kubernetes observability startup, Pixie, raises $9.15 million in Series A funding while revealing that its service is now available as a public beta.
• A new ESG Research Survey sponsored by JumpCloud called “Trends in IAM: Cloud-driven Identities” unveils demand for new IAM policies and technologies as a result in shifting workforce demands. In fact, the survey finds that 80% of respondents think new tools are needed to manage the access of cloud applications, existing applications, infrastructure, and DevOps tools. The biggest challenges among respondents? The need to maintain security consistency across on premises and public cloud, the growth of remote user access to applications; and the risk introduced because of data sharing with third parties via cloud apps.

AWS News 

• AWS CodePipeline adds GitHub Enterprise Server support. Operators can now use their GitHub Enterprise Server source repository to build, test, and deploy code changes with AWS CodePipeline.
• Amazon launches three new S3 features, including:
  • Object Ownership that ensures newly created objects within a bucket have the same owner as the bucket.
  • Bucket Owner Condition that confirms bucket ownership when a new object is created, or when operators perform other S3 operations.
  • Copy API via Access Points that allows access to S3’s Copy API through an Access Point.
• In related news, AWS announces Amazon Textract support for S3 buckets. The new option allows operators to direct Textract outputs to their own Amazon S3 buckets, specifying the bucket name, and prefix to be added to the output file.
• And AWS Outposts customers can now use S3 APIs to store and retrieve data. According to a blog announcement, this means that “many tools, apps, scripts, or utilities that already use S3 APIs, either directly or through SDKs, can now be configured to store that data locally on your Outposts.”
• CloudFormation Guard (cfn-guard) is now generally available. The new service is an open-source command line interface that checks CloudFormation templates for policy compliance.
• AWS makes Amazon Timestream generally available. Timestream is a serverless time series database that allows operators to collect, store, and process trillions of time series events – like those from industrial machines and IoT devices — per day.
• AWS Centralized WAF and VPC Security Group Management solution launches. The reference implementation uses AWS Firewall Manager to automatically deploy a set of Managed Rules for AWS WAF. It also audit checks for VPC security groups across AWS accounts from a single place.

Flux7 News

• We are excited to announce the availability of the Ansible AWS Session Manager Plugin, compatible with the 2.10 release of Ansible. Read about the cloud-native connection plugin for Ansible using Session Manager built in partnership with Cleo and AWS.
• In addition, we share two different scenarios where operators may consider the new plugin, in our article: Ansible AWS Session Manager Plugin Use Cases.

Written by Flux7 Labs

Flux7, an NTT DATA Company, is the only Sherpa on the DevOps journey that assesses, designs, and teaches while implementing a holistic solution for its enterprise customers, thus giving its clients the skills needed to manage and expand on the technology moving forward. Not a reseller or an MSP, Flux7 recommendations are 100% focused on customer requirements and creating the most efficient infrastructure possible that automates operations, streamlines and enhances development, and supports specific business goals.