Spring '22 Release
Google Billing Accounts
Cloudaware extends Google Cloud Billing API support. Customers can review relationships between GCP Projects and associated Google Billing Accounts in Cloudaware CMDB.
Google BigQuery Integration For Advanced Cost Analysis
Сloudaware Cost Management integrates with Google BigQuery to enhance cost analysis. Customers use Google BigQuery queries to compress, aggregate, filter and optimize billing data to make monthly and daily datasets more efficient before uploading them to the Cloudaware analytics portal. Check the setup guide
Export Application Inventory Using Google BigQuery
Customers can use Google BigQuery to export application inventory from Cloudaware into a single table or create a consolidated table of all AWS resources, e.g. AWS Accounts with child resources. Check the sample use case
Cloudaware Virtual Applications
Cloudaware Virtual Applications introduce the new nice, neat and easy-to-use UI. Navigate between clouds, resource types, and tiers and search for specific CIs in the application interface.
Moreover, Cloudaware extends the range of objects attachable to Cloudaware Virtual Applications:
AWS API Gateway Rest API
AWS AppStream Fleet
AWS CodeBuild Project
AWS ECR Repository
AWS Glue Crawler
AWS EC2 Launch Configuration
AWS CloudFormation Stack
AWS SageMaker Notebook Instance
AWS Service Quotas
AWS Shield Advanced
Azure Log Analytics
New AWS Glue Catalog related policies added:
Block public access to AWS Glue Catalog
AWS Glue Catalog should have MFA "on delete" enabled
AWS Direct Connect
New objects are added:
AWS Direct Connect Lag
AWS Direct Connect Gateway
AWS Direct Connect Gateway Association
AWS Direct Connect Gateway Attachment
The objects AWS Direct Connect Connection and AWS Direct Connect Virtual Interface are updated to get a set of important fields and tags.
On August 10, 2021, AWS introduced a change in the way that asynchronous invocations of AWS Lambda functions work when the function has reserved concurrency set to zero. Lambda functions meeting these criteria will have events sent to a dead letter queue (DLQ) instead of being retried. Cloudaware harvests reserved concurrency configuration settings for AWS Lambda functions to allow reporting to detect functions requiring attention.
The object AWS SNS Topic is updated to support tags. Customers may attach SNS Topics to application based on a specific tag.
The object Azure Cosmos DB Resource is added. The object includes the following object types:
Mongo DB Collection
Core SQL Container
The API capability to programmatically create/update/remove a Rancher integration is added.
Winter '22 Release
Java Discovery Fact For Apache Log4j
Log4Shell is a high severity vulnerability (CVE-2021-44228, CVSSv3 10.0) that impacts multiple versions of the Apache Log4j 2 utility. The vulnerability allows for unauthenticated remote code execution. Currently, the scanning tools are able to detect a limited scope of Log4j vulnerabilities only relevant to Apache HTTP server. Cloudaware has released a custom fact that enables Java discovery to identify vulnerable log4j jar* files. Please note that Breeze is to be installed to enable this type of scans.
OS Services CIS Scans
CIS Kubernetes Benchmark is added to Cloudaware Compliance Engine library. The benchmark allows to evaluate the hardening level of container orchestration deployments.
Cloudaware Virtual Applications
The following objects are available for attachment to Cloudaware Virtual Applications:
AWS EFS File System
AWS EKS Cluster
AWS EKS Cluster Pod
AWS EMR Cluster
AWS Kinesis Firehose Destination
AWS Kinesis Stream
AWS KMS Key
AWS MQ Broker
AWS RDS Cluster
AWS Secrets Manager Secret
AWS SQS Queue
Azure SQL Instance
Azure SQL Instance Database
Cloudaware released API to remove AWS Account. This API allows to mark an AWS Account for removal and automatically approve the removal request. Note that only Admin users are able to leverage this feature.
Azure Data Factory
Azure Analysis Services
Azure Monitor Metrics
The object AWS MSK Configuration Revision is added, with a lookup to objects AWS MSK Cluster, AWS MSK Configuration and AWS MSK Node. This object stores the details related to AWS MSK configuration revision and helps to capture the actual cluster configuration.
The following AWS Directory related fields are added to AWS RDS instance and AWS RDS Cluster layouts: Name, FQDN, IAM Role ARN, ID, Status.
AWS Сost Explorer Coverage and Utilization
Cloudaware supports new record types for ElastiCache, Elasticsearch, Redshift allowing to track RI сoverage and utilization.