Welcome to episode 265 of the Cloud Pod Podcast – where the forecast is always cloudy! It’s a full house this week – Matthew, Jonathan, Ryan and Justin are all here to bring you the latest in cloud news – including FOCUS features in AWS Billing, Magic Quadrants, and AWS Metis. Plus, we have an Andoid vs. Apple showdown in the Aftershow, so be sure to stay tuned for that!

• Tech reports show Gartner leads in the BS quadrant
• Oracle adds cloud and legal expenses to their FinOps hub
• AWS Metis: Great chatbot, or Greek tragedy waiting to happen?
• The cloud pod rocks Cargo Pants
• A sonnet is written for FOCUSing on spend

01:40 Finops X

• Recently Justin attended FinOps in beautiful and sunny San Diego – and if you weren’t there, you really should plan on attending next year. This year’s topics included:
  • Focus 1.0
  • State of Vendors
• Conference size – they will most likely outgrow this particular conference center, seeing as how they’re either selling out or pretty close to it.
• Coolest thing about the conference – on stage all the biggies – TOGETHER.
  • It’s great to see them all together talking about how they’re making Finops better, and introducing new things for Finops and not just saving them for their own conferences.
• Next Year – Is Oracle going to be on stage next year?

08:22 Justin – “The shift left of FinOps was a big topic. You know, how do we get visibility? How do we show people what things are going to cost? How do we make sure that, you know, people are aware of what they’re doing? And so I think, you know, it’s just a recognition that is important and just as important as security is your cost. And in some ways security is part of your cost story. Because if you bankrupt your company, that’s a pretty bad security situation.”

10:17 Introducing Managed OpenSearch: Gain Control of Your Cloud with Powerful Log Analysis

• Listen. We don’t really *care* about OpenSearch – but the reality is it’s taking over the world. Nobody is doing ElasticSearch anymore.
• Digital Ocean is launching Managed OpenSearch offering, a comprehensive solution designed for in depth log analysis, simplifying troubleshooting, and optimizing application performance.
• With Digital ocean you can Pinpoint and analyze log data with ease, customize log retention, enhance security and can scale with your business and receive forwarded logs from multiple sources including Digital Ocean droplets, managed databases, etc.
• Interested in pricing? You can find that here. Or, if you’d like to take a product tour, you can do that here.

12:11 Ryan – “It’s the important ones where everything revolves around it and so no on

Welcome to episode 265 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin and Matthew are with you this week, and even though it’s a light news week, you’re definitely going to want to stick around. We’re looking forward to FinOps, talking about updates to Consul, WIF coming to Vault 1.17, and giving an intro to Databricks LakeFlow. Because we needed another lake product. Be sure to stick around for this week’s Cloud Journey series too.

• The CloudPod lets the DataLake flow
• Amazon attempts an international incident in Taiwan
• What’s your Vector Mysql?

01:40 Consul 1.19 improves Kubernetes workflows, snapshot support, and Nomad integration

• Consul 1.19 is now generally available, improving the user experience, providing flexibility and enhancing integration points.
• Consul 1.19 introduces a new registration custom resource definition (CRD) that simplifies the process of registering external services into the mesh.
• Consul service mesh already supports routing to services outside of the mesh through terminating gateways. However, there are advantages to using the new Registration CRD.
• Consul snapshots can now be stored in multiple destinations, previously, you could only snapshot to a local path or to a remote object store destination but not both.
• Now you can take a snapshot of NFS Mounts, San attached Storage, or Object storage.
• Consul API gateways can now be deployed on Nomad, combined with transparent proxy and enterprise features like admin partitions

01:37 Matthew- “What I was surprised about, which I did not know, was that console API gateway can now be deployed on Nomad. Was it not able to be deployed before? Just feels weird… you know, consoles should be able to be deployed on nomad compared to that. You know, it’s all the same company, but sometimes team A doesn’t always talk to team B.”

03:21 Vault 1.17 brings WIF, EST support for PKI, and more

• Vault 1.17 is now generally available with new secure workflows, better performance and improved secrets management scalability.
• Key new features:
  • Workload Identify Federation (WIF) allows you to eliminate concerns around providing security credentials to vault plugins.
  • Using the new support for WIF< a trust relationship can be established between an external system and vault’s identity token provider to access the external system.
  • This enables secretless configuration for plugins that integrate with external systems such as AWS, Azure and GCP.

Welcome to episode 264 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin, Jonathan, Ryan (and eventually) Matthew are all on hand this week – and *announcement noise* this week it’s the return of the Cloud Journey Series! There’s also a lot of news from Re:inforce, a ground-breaking partnership between Oracle and Google Cloud, and updates to GKE. The guys also look ahead to Finops ‘24.

• First, AI came for Writers/Artists, then it came for Developers, and now it comes for Security… What’s Next?
• Amazon Reinforces my Lack of Interest in Attending – JPB rl
• Object Storage Malware protection, everyone, please copy it!
• Amazon is the last man out in Oracle next-gen partnerships
• Dear Google, A partnership with Oracle is not Groundbreaking when Azure already did it
• AWS Announces some “We finally got around to it feature updates”
• Protect your S3 buckets from themselves with Amazon Guard Duty
• The CloudPod and AI play Guess Who? with IAM Access Analyzer.

01:04 Simplify risk and compliance assessments with the new common control library in AWS Audit Manager

• AWS Audit Manager is introducing a common control library that provides common controls with predefined and pre-mapped AWS data sources.
• This makes it easy for the GRC teams to use the common control library to save time when mapping enterprise controls into Audit Manager for evidence collection, reducing their dependence on IT teams.
• You can view the compliance requirements for multiple frameworks such as PCI or HIPAA, associated with the same common control in one place, making it easier to understand your audit readiness across multiple frameworks simultaneously.
• Interested in pricing? You can find that info here.

01:37 Ryan – “It’s the dream! Automated evidence generation. And now with the context of known frameworks. Yeah; because that’s always the challenge, you know, are the last step of the translation – this is the control. Hey, we need all these controls to do this level of compliance.”

04:36 Centrally manage member account root email addresses across your AWS Organization

• 2017 Justin is really digging all these quality-of-life features coming out, and we like to think that AWS has just finally gotten to our pile of feature requests from back then.
• This week, it’s now easier for AWS Organizations customers to centrally manage the root email address of member accounts across their organization using the CLI, SDK and Organizations Console.
• They had previously made it possible to update primary and alternative contact information and enable AWS regions for their accounts. However you would still need to log in as the r

Welcome to episode 263 of the Cloud Pod Podcast – where the forecast is always cloudy! This week we’re diving into the world of Snowflake, including announcements from their latest conference and details about their recent breach. Seriously – MFA is important! Plus we look at updates to Terraform, Claude 3, and OCI pushing the IOPS limits and much more. Join us!

• Snowflake Announces State-of-the-Art way for hackers to Talk to your Data
• Ticketmaster gets a snow job – MFA matters!
• The CloudPod wouldn’t use Oracle even for a million IOPS
• Azure finally wakes up to hibernation support JJB
• No one ever called a Bastion Host Premium until Today – JPB MK
• I look forward to connecting Kinesis to Pub Sub to Event Hub in the most rube
• goldberg eventing architecture ever
• Hashicorp shows you the way
• 10 ways to say I want you Matt (I’m not bias with the name)
• Can we just hibernate ourselves on AI announcements
• Sus is how i feel about the new Susscanner from AWS
• OCI has enough power to run Oracle databases with 1 MIllion IOPS
• OCI wants 1 Million IOPS (dr evil voice)
• Monday, Tuesday, Hashidays…

Terraform AWS Cloud Control API provider is now generally available

• The AWS Cloud Control Provider (AWSCC), built around the AWS Cloud Control API and designed to bring new services to Terraform faster, is now generally available.
  • The 1.0 release represents a step in their effort to provide launch-day support of AWS services.
• This service was put into tech preview in 2021.
• Glad it’s finally here; although we thought this effort was abandoned, honestly.
• Interesting that you can mix HCL Terraform and AWSCC, but specify the different resource types in the configurations.

00:53 New Vault and Boundary offerings advance Security Lifecycle Management at HashiDays 2024

• Hashicorp held their “Hashidays” event in London this last week, and announced improvements to their Security Lifecycle Management (SLM) products: Vault and Boundary
• Vault will be getting Workload Identify Federation, coming soon to Vault Enterprise which enables secretless configuration for vault plugins that integrate with external systems supporting WIF, such as AWS, Azure and Google Cloud.
  • By enabling secretless configuration, organizations reduce security concerns that can come with using long-lived and highly privileged security credentials.
  • With WIF, Vault no longer needs access to highly sensitive root credentials for cloud providers, giving operators a solution to the “secret zero” problem.
• Secrets Sync – which we talked about on a previous show

Welcome to episode 262 of the Cloud Pod podcast – where the forecast is always cloudy! Justin, and Ryan are your hosts this week, and there’s a ton of news to get through! We look at updates to .NET and Kubernetes, the future of email, new instances that promise to cause economic woes, and – hold onto your butts – a new deep sea cable! Let’s get started!

• What is a vagrant when you move it into your cloud
• I only Aspire not to use/support .NET
• AI Is the Gateway drug to Cloudflare
• Let me tell you about the future with MAIL ROUTING
• AWS invents impressive ways to burn money with the U7i instances
• Google Only wishes they could delete our podcast with an expiring subscription
• AKS Automatic — impressive new attack weapon or an impressive way to make Ops Cry?

00:53 Vagrant Cloud is moving to HCP

• What sort of feels like a “if you care about it, get it moved into HCP before the IBM acquisition is done” Vagrant Cloud is being migrated to the Hashicorp Cloud Platform (HCP) under the new name of HCP Vagrant Registry.
• All existing users of Vagrant Cloud are now able to migrate their Vagrant Boxes to HCP.
• Vagrant isn’t changing; HCP provides a fully managed platform to make using Vagrant easier.
  • An improved box search experience
  • A refreshed Vagrant Cloud UI
  • No Fee for private boxes
• Users who migrate can register for free with the same email address as their existing Vagrant cloud account.
• Want to review the migration guide? You can find it here.

01:53 Justin – “I really think Vagrant would be a key pillar of the IBM future strategy for HashiCorp? Nope, I sure did not. I mean, I figured they’d probably just keep it open source and people would keep developing on it, but I didn’t really expect much. So, you know, to at least get this and an improved search experience is kind of nice because the old Vagrant cloud website, it was definitely a little stale. So I can have improved search and a new UI is always nice.”

02:43 Snowflake Announces Agreement to Acquire TruEra AI Observability Platform to Bring LLM and ML Observability to the AI Data Cloud

• Snowflake is announcing the acquisition of TrueEra AI Observability.
• This complementation investment will allow them to provide even deeper functionality that will help organi

Welcome to episode 261 of the Cloud Pod podcast – where the forecast is always cloudy! Justin, Matthew, and Ryan are your hosts this week, and there’s a ton of news to cover, including a slew of Azure and Oracle stories! This week the guys cover some new cost management strategies from FinOps, some Kubernetes updates, MS Build, and even fancy schmancy CoPilot PCs!

• Azure woke up and announced things
• AWS stops taking your IPv4 Money
• Well now everything has copilot

00:57 AWS plans to invest €7.8B into the AWS European Sovereign Cloud, set to launch by the end of 2025

• Amazon is sharing more details about the AWS European Sovereign Cloud roadmap so that customers and partners can start planning.
• The first AWS European Sovereign Cloud is planning to launch its first AWS Region in the state of Brandenburg, Germany by the end of 2025.
• Available to all AWS customers, this effort is backed by a 7.8B Euro investment in infrastructure, jobs and skills development.
• Customers will get the full power of the AWS architecture, expansive service portfolio and API’s that customers use today.
• Customers can start building applications in any existing Region and simply move them to AWS European Sovereign Cloud when the first region launches in 2025.
• And how exactly will they do that, you might be wondering? If you mean there will be an easy button that’s awesome… do it everywhere else.
• if you mean update Terraform and redeployed Screw you, Amazon.

03:23 Ryan – “Yeah. It just seems so anti what they’re trying to set up with the sovereign region to begin with, right? Like, I guess copying data is fine in, but not out. Like it’s sort of, it’s like GovCloud, right? It’s completely separate. So strange.”

05:06 Application Load Balancer launches IPv6-only support for Internet clients

• ALB’s now allow you to provision load balancers without IPV4 for clients that can connect using just IPv6. Woot.

05:25 Ryan – “So the trick is for internal, the reason why we’re starting to see this more and more is that because you can address these huge spaces in IPv6, they’re not doing the equivalent of RFC 1918 address space. So that’s why these things become super important because they’ll configure an internal sort of networking path that’s only IPv6, but then you can’t use like a managed load balancer or something like that because there’s no IP space.”

08:37

Welcome to episode 260 of the Cloud Pod podcast – where the forecast is always cloudy! This week your hosts Justin, Matthew, and Jonathan and Ryan are talking about changes in leadership over at Amazon, GPT-4.o and its image generating capabilities, and the new voice of Skynet, Amazon Polly! It’s an action packed episode – and make sure to stay tuned for this week’s after show.

• Who eats pumpkin pie in May
• Bytes and Goodbyes: AWS CEO Logs Off
• AWS lets you know that you are burning money sooner than before
• High-Ho, High-Ho, It’s GPT-4-Ohhh
• The CloudPod pans for nuggets in the AI Gold rush

00:40 Terraform Enterprise adds Podman support and workflow enhancements

• The latest version of Terraform Enterprise now supports Podman with RHEL 8 and above.
• Originally, it only supported Docker Engine and Cloud Managed K8 services.
• With the upcoming EOL of RHEL 7 in June 2024, customers faced a lack of an end-to-end supported option for running a terraform enterprise on RHEL.
• Now, with support from Podman, this is rectified.

01:18 Ryan – “This is for the small amount of customers running the enterprise either on -prem or in their cloud environment. It’s a pretty good option. Makes sense.”

01:42 Justin – “You know, the thing I was most interested in at this actually is that Red Hat Linux 7 is now end of life, which this is my first time in my entire 20 some odd career that I’ve never had to support Red Hat Linux in production because we use Ubuntu for some weird reason, which I actually appreciate because I always like Ubuntu best for my home projects, but I didn’t actually know Red Hat 7 was going away.”

03:58 Hello GPT-4o

• Open AI has launched their GPT-4o (o for Omni) model which can reason across audio, vision and text in real time.
• The new model can accept input combinations of text, audio and image and generates any combination as output. It can respond to audio inputs in as little as 232 milliseconds, with an average of 320 milliseconds, similar to human response time in conversation.
• It matches GPT-4 Turbo performance on text in English and OCDE, with significant improvements on text in non-english languages, while also being much faster and 50% cheaper in the API.
• GPT-4o is especially better at vision and audio.
• Previously you could interact with ChatGPT using voice mode, but the latency was 2.8 seconds for

Welcome to episode 259 of the Cloud Pod podcast – where the forecast is always cloudy! This week your hosts Justin, Matthew, and Jonathan and Ryan (yes, all 4!) are covering A LOT of information – you’re going to want to sit down for this one. This week’s agenda includes unnecessary Magic Quadrants, SecOps, Dataflux updates, CNAME chain struggles, and an intro into Phi-3 – plus so much more!

• GKE Config Sync or the Auto Outage for K8 Feature
• If only all my disasters could be managed
• The Cloud Pod builds a Rag Doll
• Understanding Dataflux has given me reflux
• Oracle continuing the trend of adding AI to everything even databases
• A new way to burn your money on the cloud which isn’t even your fault
• Google Gets a Magic Quadrant Participation Trophy
• We’re All Winners to Magic Quadrant
• Don’t be a giant DNAME

00:33 Dropbox dropped the ball on security, hemorrhaging customer and third-party info

• Dropbox has revealed a major attack on its systems that saw customers’ personal information accessed by unknown and unauthorized entities.
• The attack, detailed in a regulatory filing, impacted Dropbox Sign, a service that supports e-signatures similar to Docusign.
• The threat actor had accessed data related to all users of Dropbox Sign, such as emails and usernames, in addition to general account settings.
• For a subset of users, the threat actor accessed phone numbers, hashed passwords and certain authentication information such as API keys, OAuth tokens and multi-factor authentication.
• To make things *extra* worse – if you never had an account but received a signed document your email and name has also been exposed. Good times.
• Want to read the official announcement? You can find it here.

03:06 Jonathan- “It’s unfortunate that it was compromised. It was their acquisition, wasn’t it – ‘HelloSign’ that actually had the defect, not their main product at least.”

05:44 VMware Cloud on AWS – here today, here tomorrow

• Last week at recording time Matt mentioned the VMWare Cloud on AWS rumors on twitter that Broadcom was terminating.
• Hock Tan, President and CEO of Broadcom wrote a blog post letting you know that VMWare Cloud on AWS is Here today, and here tomorrow.
• He says the reports have been false, and contends that the offering would be going away forcing unnecessary concern for their loyal customers who have used the service for years. He quotes Winston Churchill (which is an interesting choice) and then goes on to report the service is alive, available and continues to support costumer’s strategic business initiatives.