/
2023

2023

Owned by Daria Lebedeva
Last updated: Dec 21, 2023
6 min read

Autumn '23 Release

 

NEW SERVICES

Shield Platform Encryption

Cloudaware leverages the Salesforce Shield Platform to encrypt sensitive data in CMDB. Customers can add another layer of data confidentiality by enabling field- and record-level encryption using customer-managed keys in order to adhere to internal security requirements.

 

UPDATED SERVICES

Azure Security

Customers leverage Microsoft Defender for Cloud, formerly Azure Security Center, to detect and report malicious activities across different services. Cloudaware employs a new API version to update the integration with new attributes for objects Azure VM Scale Set, Azure Container Registries Registry, and Azure Security Alert. Cloudaware extends CMDB visibility into security metrics from Microsoft Defender for Cloud, enabling customers to meet business requirements.

 

AWS ECR

Customers now view and manage tags for the object AWS ECR Repository in Cloudaware Tag Analyzer.

 

AWS CloudFormation

When reviewing CloudFormation stacks, customers could not locate information about a stack drift. If the stack had a drift detected in the AWS console, no fields indicated drift details in the Cloudaware UI. The following fields were added for AWS CloudFormation Stacks:

  • Drift Information: Status

  • Drift Information: Last Check Timestamp

 

Azure Reservations

New fields are added for the following objects:

 

Azure Container Registries Registry

  • Sec Center: Network Access, Severity

  • Sec Center: Severity

  • Sec Center: Use Private Link, Severity

Azure VM Scale Set

  • Sec Center: Configured Securely,Severity

  • Sec Center: Endpoint Protection,Severity

  • Sec Center: Severity

  • Sec Center: System Updates, Severity

Changes to fields of the object Azure Security Alert:

  • Alert Name → Alert Type Name

  • Associated Resource ID → Affected Resource ID

  • Associated Resource → Affected Resource

  • Confidence Score → Deprecated: Confidence Score

  • Security Center Investigation → Deprecated: SecurityCenter Investigation

  • System Source → Deprecated: System Source

 

UPDATED INTEGRATIONS

New Relic

Cloudaware updated the integration with New Relic to support metrics from Azure. New objects are added: New Relic Azure Application Gateway and New Relic App Service.

 

Summer '23 Release

 

NEW SERVICES

 

AWS OpenSearch Service

AWS swerved into OpenSearch Service after it's been announced that Elastic would not release new versions of Elasticsearch and Kibana after versions 7.10.2 and 7.10.2, correspondingly.

Cloudaware supports the following AWS OpenSearch objects: AWS OpenSearch Domain, AWS OpenSearch Domain Package Link, AWS OpenSearch Domain SG Link, AWS OpenSearch Domain Subnet Link, AWS OpenSearch Package, AWS OpenSearch Reserved Instance, along with tags for AWS OpenSearch Domain.

 

AWS RAM

Cloudaware supports AWS Resource Access Manager (RAM), covering the following objects: AWS RAM Permission, AWS RAM Permission Association, AWS RAM Permission Version, AWS RAM Permission Principal, AWS RAM Permission Resource, AWS RAM Permission Share, AWS RAM Permission Invitation

 

AWS IAM ID Center

Cloudaware supports the following objects of AWS IAM ID Center (formerly AWS SSO): AWS IAM ID Center Account Provisioned Link, AWS IAM ID Center Account Assignment, AWS IAM ID Center Group, AWS IAM ID Center Instance, AWS IAM ID Center Managed Policy Link, AWS IAM ID Center Permission Set, AWS IAM ID Center User, AWS IAM ID Center Customer Managed Policy Link.

 

UPDATED SERVICES

Azure Reservations Permissions

Cloudaware leverages the latest version of Microsoft Azure API to provide visibility into Azure reserved resources. Customers can assign the Reservation Reader role to the Cloudaware application directly in the Azure console - using PowerShell for batch assignment of permissions is no longer required. As a result, FinOps can measure and analyze coverage and utilization of all Azure reservations across the entire tenant.

Cloudaware also provides advanced BI analytics dashboards for FinOps to identify opportunities for Azure Reservations usage optimization and strategically plan future commitments.

 

AWS Accounts Limits

Cloudaware extends the range of AWS account limits by adding 'Auto Scaling: Groups, Used %', 'ELB: Application Load Balancers, Used %', 'RDS: Custom Endpoints per Cluster, Max', and many more.

Limits referring to AWS EC2 service are added, such as, for example, 'EC2: Reserved Instances, Used', 'EC2: Elastic IPs Standard, Used %', etc. All AWS account limits are displayed in Cloudaware CMDB and reportable.

 

Azure Compute

Cloudaware extends the range of supported Azure Compute services by adding Azure Proximity Placement Groups and Azure Compute Image Gallery. Customers get more visibility into relationships between Azure Subscriptions, Resource Groups and Azure Proximity Placement Groups.

Determine if a VM is created from an image in a shared Compute Image Gallery. Build reports covering connections between Azure Subscriptions, Resource Groups, Azure Compute Image Gallery and Azure Compute Image Gallery Images.

 

Azure Network

Cloudaware supports the following objects: Azure Private Endpoint, Azure Firewall, Azure DNS Private Zone, Azure DDoS Protection Plan.

 

Azure Storage

Cloudaware supports the following objects: Azure Storage File and Azure Storage Queue. The object Azure Storage Account is updated.

 

UPDATED INTEGRATIONS

Network Scans

Customers can leverage vulnerability scanning when enabling Cloudaware Network Discovery integration. Cloudaware will assess and present the security posture of the discovered network devices. Scan results are available in Cloudaware CMDB, reportable and dashboardable.

 

Spring '23 Release

 

NEW FEATURES

Azure MCA Billing

Microsoft introduced a new licensing agreement requiring customers to migrate from Enterprise Agreement to Microsoft Customer Agreement. Cloudaware supports the MCA billing type to enable customers to continue using Azure Cost Management in full. Learn more

Check the Cloudaware’s Microsoft Azure Billing Guide for updates.

 

NEW SERVICES

AWS Connect
Azure Databricks
Azure Synapse Analytics

 

UPDATED SERVICES

Compliance Engine

Cloudaware supports CIS AWS Benchmarks v1.5.0:

CloudWatch

Cloudaware supports tags for AWS CloudWatch Logs Log Groups. Customers can now check the tagging compliance of this object.

Fields covering Read/Write IOPS metrics are added to the objects AWS RDS Cluster.

 

NEW INTEGRATIONS

CrowdStrike

Network Discovery

Winter '23 Release

 

NEW FEATURES

 

Custom Fisсal Periods

Cloudaware consumes billing data files from cloud vendors as is. Some reports, such as AWS Cost and Usage Reports (CUR), provide more detailed cost and usage aggregations by hour or day. However, these metrics are still based on a calendar. For every line item, metrics such as 'Usage Start Date' and 'Usage End Date' don't give ground for calculating a resource cost for a specific unit of time.

Cloudaware offers a new approach to cost management under custom fiscal periods. First, a customer describes their fiscal period structure. Next, using advanced logic in Google BigQuery, Cloudaware maps the calendar and custom fiscal dates to generate a unified dataset containing both the 'Report Year-Month' metric and a metric indicating customer-defined fiscal periods. Then, Cloudaware uses this dataset to visualize cloud costs based on customer-defined fiscal periods in the Cloudaware BI Analytics portal:

 

UPDATED FEATURES

 

AWS Amortized Costs

Cloudaware supports amortized cost calculations. Customers using AWS Reservations such as Amazon EC2 Reserved Instances can better understand how AWS spending is distributed across billing periods. Leverage Cloudaware advanced analytics:

Learn more about cost datasets types in AWS: https://aws.amazon.com/blogs/aws-cloud-financial-management/understanding-your-aws-cost-datasets-a-cheat-sheet/

UPDATED INTEGRATIONS


TunHub for VMware vCenter

Customers leverage Cloudaware TunHub to set up a secure connection between private infrastructure and Cloudaware. The TunHub integration requires the installation of the Cloudaware Breeze agent.
Cloudaware extends Breeze functionality to support vulnerability scanning of VMware vCenter virtual machines. VMware vCenter doesn't have the metadata to retrieve the unique ID required for mapping VMs that need to be scanned and the IDs of Breeze agents installed on those machines. By employing the field 'identityBiosUuid', Cloudaware matches vCenter VMs and Breeze agent IDs to simplify Breeze deployment in vCenter and scanning of vCenter VMs at scale.