2023
Autumn '23 Release
NEW SERVICES
Shield Platform Encryption
Cloudaware leverages the Salesforce Shield Platform to encrypt sensitive data in CMDB. Customers can add another layer of data confidentiality by enabling field- and record-level encryption using customer-managed keys in order to adhere to internal security requirements.
UPDATED SERVICES
Azure Security
Customers leverage Microsoft Defender for Cloud, formerly Azure Security Center, to detect and report malicious activities across different services. Cloudaware employs a new API version to update the integration with new attributes for objects Azure VM Scale Set, Azure Container Registries Registry, and Azure Security Alert. Cloudaware extends CMDB visibility into security metrics from Microsoft Defender for Cloud, enabling customers to meet business requirements.
AWS ECR
Customers now view and manage tags for the object AWS ECR Repository in Cloudaware Tag Analyzer.
AWS CloudFormation
When reviewing CloudFormation stacks, customers could not locate information about a stack drift. If the stack had a drift detected in the AWS console, no fields indicated drift details in the Cloudaware UI. The following fields were added for AWS CloudFormation Stacks:
Drift Information: Status
Drift Information: Last Check Timestamp
Azure Reservations
New fields are added for the following objects:
Azure Container Registries Registry
Sec Center: Network Access, Severity
Sec Center: Severity
Sec Center: Use Private Link, Severity
Azure VM Scale Set
Sec Center: Configured Securely,Severity
Sec Center: Endpoint Protection,Severity
Sec Center: Severity
Sec Center: System Updates, Severity
Changes to fields of the object Azure Security Alert:
Alert Name → Alert Type Name
Associated Resource ID → Affected Resource ID
Associated Resource → Affected Resource
Confidence Score → Deprecated: Confidence Score
Security Center Investigation → Deprecated: SecurityCenter Investigation
System Source → Deprecated: System Source
UPDATED INTEGRATIONS
New Relic
Cloudaware updated the integration with New Relic to support metrics from Azure. New objects are added: New Relic Azure Application Gateway and New Relic App Service.
Summer '23 Release
NEW SERVICES
AWS OpenSearch Service
AWS swerved into OpenSearch Service after it's been announced that Elastic would not release new versions of Elasticsearch and Kibana after versions 7.10.2 and 7.10.2, correspondingly.
Cloudaware supports the following AWS OpenSearch objects: AWS OpenSearch Domain, AWS OpenSearch Domain Package Link, AWS OpenSearch Domain SG Link, AWS OpenSearch Domain Subnet Link, AWS OpenSearch Package, AWS OpenSearch Reserved Instance, along with tags for AWS OpenSearch Domain.
AWS RAM
Cloudaware supports AWS Resource Access Manager (RAM), covering the following objects: AWS RAM Permission, AWS RAM Permission Association, AWS RAM Permission Version, AWS RAM Permission Principal, AWS RAM Permission Resource, AWS RAM Permission Share, AWS RAM Permission Invitation
AWS IAM ID Center
Cloudaware supports the following objects of AWS IAM ID Center (formerly AWS SSO): AWS IAM ID Center Account Provisioned Link, AWS IAM ID Center Account Assignment, AWS IAM ID Center Group, AWS IAM ID Center Instance, AWS IAM ID Center Managed Policy Link, AWS IAM ID Center Permission Set, AWS IAM ID Center User, AWS IAM ID Center Customer Managed Policy Link.
UPDATED SERVICES
Azure Reservations Permissions
Cloudaware leverages the latest version of Microsoft Azure API to provide visibility into Azure reserved resources. Customers can assign the Reservation Reader role to the Cloudaware application directly in the Azure console - using PowerShell for batch assignment of permissions is no longer required. As a result, FinOps can measure and analyze coverage and utilization of all Azure reservations across the entire tenant.
Cloudaware also provides advanced BI analytics dashboards for FinOps to identify opportunities for Azure Reservations usage optimization and strategically plan future commitments.
AWS Accounts Limits
Cloudaware extends the range of AWS account limits by adding 'Auto Scaling: Groups, Used %', 'ELB: Application Load Balancers, Used %', 'RDS: Custom Endpoints per Cluster, Max', and many more.
Limits referring to AWS EC2 service are added, such as, for example, 'EC2: Reserved Instances, Used', 'EC2: Elastic IPs Standard, Used %', etc. All AWS account limits are displayed in Cloudaware CMDB and reportable.
Azure Compute
Cloudaware extends the range of supported Azure Compute services by adding Azure Proximity Placement Groups and Azure Compute Image Gallery. Customers get more visibility into relationships between Azure Subscriptions, Resource Groups and Azure Proximity Placement Groups.
Determine if a VM is created from an image in a shared Compute Image Gallery. Build reports covering connections between Azure Subscriptions, Resource Groups, Azure Compute Image Gallery and Azure Compute Image Gallery Images.
Azure Network
Cloudaware supports the following objects: Azure Private Endpoint, Azure Firewall, Azure DNS Private Zone, Azure DDoS Protection Plan.
Azure Storage
Cloudaware supports the following objects: Azure Storage File and Azure Storage Queue. The object Azure Storage Account is updated.
UPDATED INTEGRATIONS
Network Scans
Customers can leverage vulnerability scanning when enabling Cloudaware Network Discovery integration. Cloudaware will assess and present the security posture of the discovered network devices. Scan results are available in Cloudaware CMDB, reportable and dashboardable.
Spring '23 Release
NEW FEATURES
Azure MCA Billing
Microsoft introduced a new licensing agreement requiring customers to migrate from Enterprise Agreement to Microsoft Customer Agreement. Cloudaware supports the MCA billing type to enable customers to continue using Azure Cost Management in full. Learn more
Check the Cloudaware’s Microsoft Azure Billing Guide for updates.
NEW SERVICES
AWS Connect
Azure Databricks
Azure Synapse Analytics
UPDATED SERVICES
Compliance Engine
Cloudaware supports CIS AWS Benchmarks v1.5.0:
CloudWatch
Cloudaware supports tags for AWS CloudWatch Logs Log Groups. Customers can now check the tagging compliance of this object.
Fields covering Read/Write IOPS metrics are added to the objects AWS RDS Cluster.
NEW INTEGRATIONS
Winter '23 Release
NEW FEATURES
Custom Fisсal Periods
Cloudaware consumes billing data files from cloud vendors as is. Some reports, such as AWS Cost and Usage Reports (CUR), provide more detailed cost and usage aggregations by hour or day. However, these metrics are still based on a calendar. For every line item, metrics such as 'Usage Start Date' and 'Usage End Date' don't give ground for calculating a resource cost for a specific unit of time.
Cloudaware offers a new approach to cost management under custom fiscal periods. First, a customer describes their fiscal period structure. Next, using advanced logic in Google BigQuery, Cloudaware maps the calendar and custom fiscal dates to generate a unified dataset containing both the 'Report Year-Month' metric and a metric indicating customer-defined fiscal periods. Then, Cloudaware uses this dataset to visualize cloud costs based on customer-defined fiscal periods in the Cloudaware BI Analytics portal:
UPDATED FEATURES
AWS Amortized Costs
Cloudaware supports amortized cost calculations. Customers using AWS Reservations such as Amazon EC2 Reserved Instances can better understand how AWS spending is distributed across billing periods. Leverage Cloudaware advanced analytics:
.png?inst-v=fd7a2a69-9744-413d-9aca-ce8d63f69607)
Learn more about cost datasets types in AWS: https://aws.amazon.com/blogs/aws-cloud-financial-management/understanding-your-aws-cost-datasets-a-cheat-sheet/
UPDATED INTEGRATIONS
TunHub for VMware vCenter
Customers leverage Cloudaware TunHub to set up a secure connection between private infrastructure and Cloudaware. The TunHub integration requires the installation of the Cloudaware Breeze agent.
Cloudaware extends Breeze functionality to support vulnerability scanning of VMware vCenter virtual machines. VMware vCenter doesn't have the metadata to retrieve the unique ID required for mapping VMs that need to be scanned and the IDs of Breeze agents installed on those machines. By employing the field 'identityBiosUuid', Cloudaware matches vCenter VMs and Breeze agent IDs to simplify Breeze deployment in vCenter and scanning of vCenter VMs at scale.