Performance Dashboard für AWS

AWS-Kunden können ab sofort das Performance Dashboard für AWS, eine neue Open-Source-Implementierung von AWS-Lösungen, zum Erstellen, Bereitstellen und Verwalten von anpassbaren Dashboards verwenden, um die Transparenz zwischen Behörden und ihren Bürgern in Bezug auf die Leistung von öffentlichen Diensten und Initiativen zu erhöhen.
Quelle: aws.amazon.com

New Version of Lens IDE for Kubernetes Improves Teamwork; Helps Accelerate Adoption Of Cloud-Native Technologies

Lens version 5 removes the pain of accessing Kubernetes clusters — delivers a unique way to access clusters, services, tools, pipelines, and automations, anywhere CAMPBELL, Calif., April 28, 2021– Mirantis, the open cloud company, today announced a new version of Lens – the Kubernetes IDE (Integrated Development Environment). Lens 5 unlocks teamwork and collaboration, eliminating … Continued
Quelle: Mirantis

Lens 5.0 Beta

Lens 5.0 beta delivers new tools for organizing resources and accelerating work, including Lens Spaces: a secure, cloud-based enhancement for simplifying access control to Kubernetes clusters, anywhere We’re steadily progressing toward the next major release of Lens. Today, Mirantis and Team Lens are introducing Lens 5 beta — adding significant new functionality to Lens, including … Continued
Quelle: Mirantis

Creating safer cloud journeys with new security features and guidance for Google Cloud and Workspace

One of the core benefits of using cloud technology to help modernize your security program is the ever-growing set of provider capabilities that you can use to protect your users, applications, and data. As part of our commitment to be our customers’ most Trusted Cloud, we’re constantly adding new security features to Google Cloud and Google Workspace, as well as helpful guidance on how to solve security challenges and improve your security posture with the help of our tools. We’ve got a bundle of new security features, whitepapers and demos to announce today, which can all help to create safer cloud journeys with Google:  Customize your application’s authentication flows using Identity PlatformIdentity Platform is our customer identity and access management solution that allows you to add IAM functionality to your applications. We are excited to announce the general availability of blocking functions, a feature that allows you to customize your application’s identity flows. Blocking functions work as a hook and trigger system, allowing you to set hooks for certain user authentication events using Node.js code in Google Cloud Functions and trigger functions in response to these events.Here are few examples of situations where blocking functions are particularly useful: Your application allows email/password based self-registration for users, but you want to block users with bad email domains from signing up to your app. When a user signs-up or signs-in to your application, you want to assign them a role such as `admin` or `premium_user` and use it to control privileged access to your appYou want to use additional information found in the OAuth token issued by the federation Identity Provider (ID, Access, and Refresh tokens) for additional access enforcement to your database, such as country code, geo-location or other such claims about the userUpdate or enrich the user profile with additional information you progressively profiled from the user, such as their phone number, location, language preference etc., and save them to the user record in the Identity Platform database.Blocking functions run synchronously and will block the underlying events from completing until the function responds—allowing you  to modify authentication events in real-time.Configuring blocking functions in Identity PlatformLearn more about Identity Platform and blocking functions by visiting the documentation page.Cloud DLP Sensitive Document AnalysisSometimes just knowing the format of a piece of data can tell us that the document it’s part of is sensitive; source code, account numbers, or financial documents for example. Cloud Data Loss Prevention (DLP) now offers a new set of AI/ML powered document classifiers that can help you identify sensitive document types; sensitive document infoTypes.Findings from sensitive document infoTypesUsed alone or in combination with personally identifiable information (PII) or enterprise credentials and secrets inspection, this new feature of Cloud DLP can help you discover, better understand, and protect your sensitive data. See the DLP product page and review our DLP UI demo to learn more and get started. Cloud EKM supports additional services (Cloud SQL, GKE and others)In early 2020 we launched Cloud External Key Manager (Cloud EKM), the industry’s leading Hold-Your-Own-Key (HYOK) product. Using Cloud EKM, the keys used to protect your data stored and processed in Google Cloud are completely hosted and managed outside of Google Cloud infrastructure. Cloud EKM initially launched with support for BigQuery and GCE/PD;  we’re excited to expand support for Cloud SQL, GKE, Dataflow Shuffle, and Secret Manager, with CMEK support currently in beta.  Cloud Spanner is now also supported by CMEK. You can now have even more control over how you protect your data-at-rest in those services.  See the Cloud EKM documentation for more information.VPC-SC directional policies As organizations plan cloud migrations, they often find that familiar security strategies, such as using firewalls to segment applications aren’t applicable when those apps are re-architected to take advantage of managed cloud services like databases or storage buckets. With VPC Service Controls (VPC-SC), administrators can define a security perimeter around Google-managed services to control communication to and between those services. Using VPC-SC, you can isolate your production GCP resources from unauthorized VPC networks or the internet, and isolate both production GCP resources and production VPC networks from unauthorized GCP resources. But what if you need to transfer data between isolated environments that you’ve set up? VPC-SC directional policies is a new secure data exchange feature that allows you to configure efficient, private, and secure data exchange between isolated environments. Policies can be applied on ingress or egress from a VPC Service Controls perimeter and can be configured for existing perimeters or included when a new perimeter is created. It further improves context-based access control for GCP resources where context can include network origin (IP address or VPC network), identity type (service account or user), identity, and device attributes.With VPC-SC directional policies, you can:Efficiently exchange data across organizations with fine-grained direction controls to minimize data exfiltration risks. Constrain identity types or identities that can be used given a source network, IP address or device for both ingress and egressEnsure that clients in less privileged segments do not have access to GCP resources in more privileged segments; while allowing access in the other direction. Check out the documentation to see how to take advantage of this new capability.New whitepapers on Certificate Authority (CAS) and External Key Manager (EKM)We continue to provide documentation to help customers and prospects understand how to use our cloud security services and how to simplify deployment for real-world use cases. Today we are releasing two new whitepapers about our Certificate Authority Service that serve those needs.“Scaling certificate management with Google Certificate Authority Service” (written by Andrew Lance of Sidechain, Anton Chuvakin and Anoosh Saboori of Google Cloud) focuses on CAS as a modern certificate authority service and showcases key use cases for CAS. “How to deploy a secure and reliable public key infrastructure with Google Cloud Certificate Authority Service” (written by Mark Cooper of PKI Solutions and Anoosh Saboori of Google Cloud ) covers security and architectural recommendations to organizations for the use of the Google CAS and describes critical concepts to securing and deploying a PKI based on CAS.Also, as we shared in our blog “The cloud trust paradox: To trust cloud computing more, you need the ability to trust it less” and then in “The cloud trust paradox: 3 scenarios where keeping encryption keys off the cloud may be necessary”, we’ve been working on letting customers use Google Cloud without trusting us with their encryption keys. To help further this initiative, we are releasing a new resource focused on Cloud External Key Manager (Cloud EKM), our technology for Hold Your Own Key (HYOK). The whitepaper is focused on the origin of the idea, the functionality, architecture and use cases for Cloud EKM. It is written by Andrew Lance of Sidechain, and Anton Chuvakin of Google Cloud.Enhancements to Vault for Google WorkspaceGoogle Vault is a powerful information governance and eDiscovery tool for Google Workspace. Vault got a new look late last year, with a redesigned interface that makes it easier and faster to navigate through the tool. Some enhancements that can help you be more productive in Vault include new sortable, filterable tables for custom retention rules, holds, and search results, and step-by-step flows with added tooltips when you set up retention rules and holds.Custom rules are now listed in a sortable, filterable tableNext, Vault now supports Google Voice data, which means you can use Vault to retain, hold, search, and export Google Voice data including text messages, call logs, voicemails, and voicemail transcripts. By expanding Vault’s coverage to Google Voice, customers can use Vault’s information governance, eDiscovery, and auditing capabilities to help meet their regulatory and legal obligations for that data.Creating a custom retention rule for Google Voice in the new Vault interfaceNew Google Cloud Security Showcase videosThe Google Cloud Security Showcase is a video resource that’s focused on solving security problems and helping you create a safer cloud deployment. With more than 50 step-by-step videos on specific security challenges or use cases, there’s something for every security professional. We’ve added 4 new use-case based videos this month:These announcements show how we continue to work to be your most Trusted Cloud. To learn more about Google Cloud’s security vision and understand how to implement cutting-edge security technology in your organization, tune into the latest installment of our Google Cloud Security Talks on May 12th.
Quelle: Google Cloud Platform

How to automate with AppSheet Automation

AppSheet Automation is now generally available, and in this article, we’ll explore how you can build your first automation bot, all without writing a single line of code. This brief tutorial, using the use case of onboarding new employees, will explain how you can automate the process with AppSheet Automation. This same framework could be applied to any use case that involves auto-generating an email when a new entry is added to your data source; be it engaging new subscribers to your side hustle blog, or to schedule an email for a recent work order request.  Before you begin, you will need an app in which to frame your automation. You can use one you’ve already built or you can get started with this sample app (Select “Copy and customize” option, choose a name for your app). Automating any process within your application, in this case onboarding new employees, involves three simple steps.1. Creating a bot 2. Configuring the event and process3. Testing your botWe’ve included a video below that explains exactly what these components are and how they work together.Step 1: Creating a botFollow the steps below to create a new bot:1. From the AppSheet UI, click on “Automation” from the left menu, navigate to the Bots tab and click on + New Bot. 2. Type ”employee send email” into the dialog, which will trigger suggested bots to appear, as shown in the image below.3. Select the highlighted suggestion above “When a new New Employees record is created, send an email” (Click on Create a custom bot if you don’t see any suggestions and follow along instructions on the video to manually create your bot).4. At this point a completely implemented bot is ready to get to work. Let’s tweak some settings so it sends the email to the right email address.Step 2: Configuring the event and processA bot has two main components: An event (when something happens) and a process (perform a sequence of tasks). Event:1. Click on the event and its definition should render in the settings pane to the right.2. If it looks like this (below) you are good to go to the next step.Process:1. Click on the “send an email” step in the process and its definition should render in the settings pane to the right.2. Click on the “Go to: Task” link at the bottom of the settings pane to navigate to the task definition.3. You can leverage the full expressive power of the platform to customize and format the email content including using templates. Refer to the table below for the rest of the task configuration:Your task should now look like this:4. Click Save to save all your changes.5. Let go ahead and deploy your app. Click on the blue “Not Deployed” icon on the top left of your screen and go through the deployment wizard to deploy your app. Your app should show the green “Deployed” state as follows:6. You are all done configuring your bot.Step 3: See your bot in actionNow that you are done building the bot, let’s take it for a spin. 1. Click the mobile device icon on the top left of the right hand pane to see the “New Employees” view (alternatively you can navigate from the left hand menu to UX → Primary Views → New Employees)2. Click on the big blue  “+” icon to create a new employees record. Add employee details (make sure to add your own email address) → Click Save → This new record should sync automatically (if not click on the red  icon on the top right to perform a sync.)3. You should get an welcome email to the email address you entered in the previous step. Note – In addition to adding employees via the app, you can also configure this bot to send an email  if data in the underlying sheet is updated directly. To do that you will need to ensure that Sheets is configured correctly for external eventing. This video will take you through that process. Congratulations! You have just created and enabled your very first bot, without writing a single line of code . From here, just ensure your application has been deployed, and your bots will do the rest while you reclaim your time. If you run into any issues building your automation bot, check out our help articles or ask a question on the AppSheet Community.Ready to use AppSheet Automation? Get started now.Related ArticleReclaim time and talent with AppSheet AutomationAppSheet Automation, a significant addition to AppSheet, our no-code development platform, leverages Google AI to empower even those with…Read Article
Quelle: Google Cloud Platform