Featured Issues

Local Debugging for Fabric User Data Functions, BigQuery Workload Management UpgradesYour Exclusive Invite for the World’s first 2-day AI Challenge (usually $895, but $0 today)51% of companies have started using AITech giants have cut over 53,000 jobs in 2025 itselfAnd 40% of professionals fear that AI will take away their job.But here’s the real picture - companies aren't simply eliminating roles, they're hiring people who are AI-skilled, understand AI, can use AI & even build with AI. Join the online 2-Day LIVE AI Mastermind by Outskill - a hands-on bootcamp designed to make you an AI-powered professional in just 16 hours. Usually $895, but for the next 48 hours you can get in for completely FREE!In just 16 hours & 5 sessions, you will:Learn the basics of LLMs and how they workMaster prompt engineering for precise AI outputsBuild custom GPT bots and AI agents that save you 20+ hours weeklyCreate high-quality images and videos for content, marketing, and brandingAutomate tasks and turn your AI skills into a profitable career or business📅Kick off Call & Session 1- Friday (10am EST- 1pm EST)🧠Sessions 2-5:🕜Saturday 11 AM to 7 PM EST; Sunday 11AM EST to 7PM ESTAll by global experts from companies like Amazon, Microsoft, SamurAI and more. And it’s ALL. FOR. FREE. You will also unlock $3,000+ in AI bonuses: Slack community access, Your Personalised AI tool kit, and Extensive Prompt Library with 3000+ ready-to-use prompts - all free when you attend!Join in now, we have limited free seats!SponsoredSubscribe|Submit a tip|Advertise with usWelcome to BIPro #102 – Smarter, Sharper, AI-First BIFrom zero-ETL breakthroughs to smarter debugging in Fabric, this issue is packed with forward-looking updates that make your BI practice leaner and more intelligent. Whether you're exploring transactional BigQuery features, debugging user data functions locally, or scaling agentic AI, these updates give you the tools to stay ahead in an increasingly AI-driven analytics landscape.Key Highlights:Free Chapter: Learning Tableau 2025Explore Tableau’s latest AI-powered features with a hands-on chapter from the bestselling series by Joshua Milligan.BigQuery Workload Management UpgradesBoost efficiency with smarter slot allocation, autoscaling improvements, and predictable performance.Zero-ETL from DynamoDB to SageMaker LakehouseEnable real-time analytics without pipelines using no-code CDC-based integration.Local Debugging for Fabric User Data FunctionsTest and troubleshoot Python-based SQL code safely in VS Code—no production risks.Best Practices for Purview DLP in FabricSecure sensitive data in OneLake with Microsoft’s enhanced DLP policies.Azure Data Factory vs Synapse vs Fabric PipelinesGet clarity on core differences in tools, billing, and connection management.SponsoredCloudVRM slashes vendor review and audit time by connecting directly to cloud environments, no spreadsheets, no forms, just real-time compliance, 24/7. Watch the demo.💡 Whether you’re scaling AI in your stack or still fighting dashboard fatigue, this week’s BIPro is packed with insights to move your strategy forward.Helping you close the gap between data and action.Cheers,Merlyn ShelleyGrowth Lead, PacktGet Chapter 1 of Learning Tableau 2025 – Free!Explore Tableau’s newest AI-powered capabilities with a free PDF of Chapter 1 from the latest edition of the bestselling series, Learning Tableau 2025.Written by Tableau Visionary Joshua Milligan, this hands-on guide helps you build smarter dashboards, master data prep, and apply AI-driven insights.Sign up to download your free chapter!Grab Your Free Chapter Now!📊 Data Viz Trends Shaping the Future of Insights🔷 Understanding updates to BigQuery workload management: Boost BigQuery Efficiency. Google’s June 2025 update enhances BigQuery workload management with fairer slot allocation, reservation predictability, autoscaler granularity, runtime reservation targeting, and detailed cost labeling. These updates improve performance, cost control, and scalability, empowering BI teams to manage compute resources more intelligently for consistent, optimized data analytics at scale.🔷 BigQuery features for transactional data management: BigQuery Evolves Beyond Analytics. Google’s latest update brings transactional power to BigQuery. Highlights include fine-grained DML for efficient data edits, CHANGES TVF for row-level change tracking, and real-time DML on streaming data. These features streamline dynamic data management, cutting costs, reducing latency, and simplifying architectures for responsive, analytics-integrated applications.🔷 Refresh SQL analytics endpoint Metadata REST API (Preview): Refresh SQL Endpoint Metadata On-Demand: Microsoft Fabric now enables API-based table metadata refresh for SQL analytics endpoints. Gain synchronous/asynchronous control, real-time sync status, error diagnostics, and timeout customization. This streamlines data validation, enhances workflow precision, and ensures up-to-date metadata for accurate, responsive analytics across your Fabric workspace.📈 Dive into Databases: SQL Essentials🔷 How to Perform a Disaster Recovery Switchover with Patroni for PostgreSQL? Ensure PostgreSQL Resilience with Patroni DR Switchover: Learn how to perform a disaster recovery switchover using Patroni for PostgreSQL. This guide covers DC-DR cluster setup, real-time failover management, and safe primary-to-standby transitions. Streamline HA/DR operations, minimize downtime, and safeguard data continuity across distributed environments using Patroni and AnyDBver.🔷 AI Agents: The Protocol Revolution Driving Next-Gen Enterprise Intelligence. Agentic AI Standards Take Shape: New protocols, MCP, ACP, and A2A, are accelerating enterprise adoption of agentic AI. These standards simplify agent collaboration, cross-platform integration, and real-time context building. With growing vendor support, including Couchbase and Google, developers can now build scalable, intelligent, multi-agent systems more easily, ushering in AI’s next enterprise phase.🔷 Techniques to query Azure SQL’s new JSON Datatype: Azure SQL Embraces Native JSON: Azure SQL’s new JSON datatype and functions (including JSON_ARRAYAGG, JSON_OBJECTAGG) simplify structured JSON handling. Benefits include native constraints for data validation, powerful aggregation, and dynamic pivoting. These enhancements streamline semi-structured data analytics, boost SQL Server 2025 readiness, and align with ANSI SQL:2016 standards.🔄 Real-World Transformation: How Gen BI Made Data Work🔷 Simplify real-time analytics with zero-ETL from Amazon DynamoDB to Amazon SageMaker Lakehouse: Zero-ETL for Real-Time Insights: AWS introduces zero-ETL integration from DynamoDB to SageMaker Lakehouse. This no-code setup enables real-time analytics and ML on NoSQL data, without ETL pipelines. With CDC-based syncing, Apache Iceberg support, and SageMaker Unified Studio access, enterprises can drive faster, scalable decision-making from operational data.🔷 Pub/Sub single message transforms: Streamline Real-Time Data with Pub/Sub SMTs: Google Cloud introduces Pub/Sub Single Message Transforms (SMTs), starting with JavaScript UDFs. Perform lightweight in-stream transformations, like redaction, format conversion, and filtering, directly in Pub/Sub. This reduces latency, simplifies architecture, and enhances flexibility for BI teams needing real-time insights without extra processing infrastructure.🔷 How to debug user data functions locally in VS Code? Accelerate Fabric Function Development with Local Debugging: Microsoft Fabric now supports local debugging for user data functions in VS Code. Developers can write, test, and troubleshoot Python-based SQL operations safely without impacting live environments. Breakpoints, logs, and Fabric extensions enhance function validation, boosting efficiency in building robust, data-driven BI workflows.🔷 Secure Your Data from Day One: Best Practices for Success with Purview Data Loss Prevention (DLP) Policies in Microsoft Fabric. Secure Fabric Data with Purview DLP Best Practices: Microsoft Fabric now offers enhanced Data Loss Prevention (DLP) via Purview. From classifying sensitive data to refining policy scopes and empowering teams, these strategies help protect OneLake data, ensure compliance, and foster responsible data use, establishing a secure foundation for scalable analytics.⚡ Quick Wins: BI Hacks for Instant Impact🔷 SQL Automate - A DBA's Time-Saving Toolkit: Optimize SQL Server Deployments with SQL Automate: SQL Automate is a PowerShell-based toolkit that simplifies and speeds up SQL Server installation and post-configuration tasks. From database setup to TempDB tuning and firewall rules, DBAs can save time, reduce manual errors, and focus on strategic work with this efficient, modular automation tool.🔷 How to Sort Combo Box Values in a Power Apps Canvas App? Enhance Power Apps UX with Sorted Combo Boxes: Sorting Combo Box and Drop Down values in Power Apps boosts usability. This guide shows how to alphabetically or numerically sort SharePoint list-driven fields using formulas like Sort and SortByColumns, ensuring cleaner, more intuitive interfaces in forms and data-driven canvas apps.🔷 Top 5 Things You Should Know About Azure Data Factory: Master Azure Data Factory Fundamentals: With three ADF versions, Azure, Synapse, and Fabric, understanding their differences is essential. This guide covers key distinctions, connection management quirks, and pricing basics. Whether you're onboarding teammates or migrating workloads, these insights help you navigate ETL/ELT orchestration and cost-efficient pipeline development across Microsoft's evolving data platforms.See you next time!*{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0}#converted-body .list_block ol,#converted-body .list_block ul,.body [class~=x_list_block] ol,.body [class~=x_list_block] ul,u+.body .list_block ol,u+.body .list_block ul{padding-left:20px} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}}

How to Block Up to 95% of Attacks Using AWS WAFCloudPro #95A better way to handle vendor security reviews?If you've ever dealt with vendor onboarding or third-party cloud audits, you know how painful it can be: long email chains, stale spreadsheets, and questionnaires that don’t reflect what’s actually happening in the cloud.We recently came across CloudVRM, and it’s a refreshingly modern take on the problem.Instead of asking vendors to fill out forms or send evidence, CloudVRM connects directly to their AWS, Azure, or GCP environments. It pulls real-time telemetry every 24 hours, flags misconfigs, and maps everything to compliance frameworks like SOC 2, ISO 27001, and DORA.It’s already being used by banks and infra-heavy orgs to speed up vendor approvals by 85% and reduce audit overhead by 90%.Worth checking out if you're building or maintaining systems in regulated environments, or just tired of spreadsheet security.Watch the demoThis week’s CloudPro kicks off with something genuinely useful: a tool that replaces vendor security questionnaires with real-time cloud evidence.📌CloudVRM connects directly to AWS, Azure, or GCP and auto-checks compliance, no spreadsheets, no guesswork📌AWS CloudTrail silently skipping logs if IAM policies get too large (and attackers know it)📌PumaBot is now brute-forcing IoT cameras and stealing SSH credsWe’ve also got sharp engineering writeups: from how Uber rotates 20K secrets a month, to how Netflix handles 140 million hours of viewing data daily, to one team’s story of slicing a $10K Glue bill down to $400 with Airflow.Hope you find something in here that saves you time, money, or migraines.Cheers,Shreyans SinghEditor-in-Chief🔐 Cloud SecurityAWS CloudTrail logging can be bypassed using oversized IAM policiesResearchers at Permiso Security found that AWS CloudTrail fails to log IAM policies between 102,401 and 131,072 characters if they're inflated using whitespace. This gap allows attackers to hide malicious changes from audit logs. The issue stems from undocumented size limits and inconsistent handling of policy data. AWS has acknowledged the problem and plans a fix in Q3 2025.PumaBot targets Linux-based IoT surveillance devices via SSH brute forceA new botnet called PumaBot is targeting IoT surveillance systems by brute-forcing SSH access using IP lists from its command-and-control server. Written in Go, the malware disguises itself as system files, adds persistence through systemd, and installs custom PAM modules to steal credentials. Related binaries in the campaign also auto-update, spread across Linux systems, and exfiltrate login data.How to Block Up to 95% of Attacks Using AWS WAFThis guide explains how to configure AWS Web Application Firewall (WAF) to block threats like SQL injection, XSS, bots, and DDoS attacks with minimal effort. By leveraging pre-built managed rules and setting up a Web ACL, users can protect apps behind ALB, CloudFront, or API Gateway without custom code.CloudPEASS: Toolkit to find and exploit cloud permissions across AWS, Azure, and GCPCloudPEASS helps red teamers and defenders map out permissions in compromised cloud accounts without modifying resources. It supports AWS, Azure, and GCP, detecting privilege escalation paths using API access, brute-force permission testing, and AI-assisted analysis. It also checks Microsoft 365 services in Azure and enables Gmail/Drive token access in GCP.Uber built a multi-cloud secrets platform to prevent leaks and automate security at scaleTo manage over 150,000 secrets across services and vendors, Uber developed a centralized secrets management platform. It blocks leaks in code with Git hooks, scans systems in real time, and consolidates 25 vaults into 6. The platform enables auto-rotation, access tracking, and third-party secret exchange via SSX. It now rotates ~20,000 secrets monthly and is evolving toward secretless auth and workload identity federation.BOOK NOW AT 25% OFF⚙️ Infrastructure & DevOpsAWS Cost Explorer now offers a new Cost Comparison featureAWS launched a new Cost Comparison feature in Cost Explorer that highlights key changes in cloud spend between two months. It automatically identifies top cost drivers, like usage shifts, discounts, or refunds, without needing manual spreadsheets. A new “Top Trends” widget shows the biggest changes at a glance, and deeper insights are now available through the Compare view.Go-based Git Add Interactive tool adds advanced staging and patch filteringThis Go port of git add -i/-p enhances Git’s interactive staging with features like global regex filters, auto-hunk splitting, and multi-mode patch operations (stage, reset, checkout). It supports keyboard shortcuts, color-coded UI, and fine-grained hunk control across all files.GitLab-based monorepo streamlines Terraform module versioning and securityThis setup uses a GitLab CI pipeline to manage Terraform modules in a monorepo, with automated versioning, linting, and security scans via tools like TFLint, tfsec, and Checkov. Git tags handle module versions without extra auth tokens. The workflow enforces changelogs, labels, and approvals, and publishes docs and tags post-merge.A fully automated fix for Terraform’s backend bootstrapping problem on AzureThis guide solves the common issue where Terraform needs a backend to store state, but can’t create it without an existing backend. It automates the creation of an Azure Blob backend using Terraform itself, then seamlessly switches to that backend by generating partial config files and migrating state. The setup includes secure access via managed identity and GitHub OIDC, enabling CI/CD workflows without manual secrets or scripts.Using Terraform to automate disaster recovery infrastructure and failoversThis post explains DR strategies like Pilot Light and Active/Passive, and shows how Terraform enables flexible, cost-efficient deployments using conditionals and modular IaC. A working AWS example demonstrates DNS failover and dynamic EC2 provisioning using a toggle variable. This lets teams switch between production and DR environments with minimal effort, reducing downtime and idle resource costs.📦 Kubernetes & Cloud NativeGateway API v1.3.0 Adds Smart Mirroring and New Experimental ControlsGateway API v1.3.0 is now GA with percentage-based request mirroring, letting teams test blue-green deployments without full traffic duplication. The release also debuts experimental support for CORS filters, retry budgets, and listener merging via new X-prefixed APIs. These features help fine-tune request handling, scale listener configs across namespaces, and manage retry spikes, without upgrading Kubernetes itself.Introducing Gateway API Inference ExtensionThe new Gateway API Inference Extension introduces model-aware routing for GenAI and LLM services running on Kubernetes. It adds InferenceModel and InferencePool resources to better match requests with the right GPU-backed model server based on real-time load. Early benchmarks show reduced latency under heavy traffic compared to standard Services, helping ops teams optimize resource usage and avoid contention.Deep Dive into VPA 1.3.0: Smarter Resource Tuning for Kubernetes PodsThis post explores how the Vertical Pod Autoscaler (VPA) v1.3.0 uses historical and real-time metrics to recommend CPU and memory resource requests. It focuses on the Recommender component, which aggregates usage into decaying histograms to auto-tune workloads and reduce resource waste.Default Helm Charts Leave Kubernetes Clusters at RiskMicrosoft researchers warn that many open-source Helm charts deploy with insecure defaults, exposing services like Apache Pinot, Meshery, and Selenium Grid to the internet without proper authentication. These misconfigurations often include LoadBalancers or NodePorts with no access controls, making them easy targets for attackers. Teams should avoid "plug-and-play" setups and review YAML/Helm configs before deploying to production.Batch Scheduling in Kubernetes: YuniKorn vs Volcano vs KueueKubernetes lacks native support for batch workloads like ML training and ETL jobs, prompting the rise of tools like Apache YuniKorn, Volcano, and Kueue. YuniKorn replaces the default scheduler with strong multi-tenancy support; Volcano focuses on high-performance use cases with gang scheduling; and Kueue integrates natively to manage job queues without altering core scheduling.🔍 Observability & SREWhat's new in Grafana v12.0Grafana v12.0 introduces Git-based dashboard versioning, dynamic layouts, and experimental APIs for managing observability as code. Drilldowns for metrics, logs, and traces are now GA, enabling queryless deep dives across signals. SCIM support simplifies team provisioning, and a new “Recovering” alert state reduces flapping.Sentry Launches Logs in Open Beta to Boost Debugging ContextSentry now supports direct log ingestion in open beta, letting developers view application logs alongside errors and traces in a single interface. This integration adds vital context, like retry attempts or upstream responses, to help identify root causes faster without switching tools.How to use Prometheus to efficiently detect anomalies at scaleGrafana Labs has built and open-sourced an anomaly detection system using only PromQL: no external tools or services required. It computes dynamic bands using rolling averages, standard deviation, and seasonal patterns, with tunable sensitivity and smoothing to reduce false positives. The framework scales across tenants and works with any Prometheus-compatible backend, making it easy to plug into SLO-based alerts for better incident context.Beyond API uptime: Modern metrics that matterTraditional uptime checks fall short in today’s fast-paced environments where even minor API delays can cause major user churn. Catchpoint’s Internet Performance Monitoring (IPM) combines global synthetic tests, percentile-based metrics, and user-centric objectives to detect slowdowns before they escalate. With features like API-as-code, chaos engineering, and CI/CD integration, IPM helps teams catch latency issues early and simulate real-world failures.Microservices Monitoring: Metrics, Challenges, and Tools That MatterMonitoring microservices requires more than just uptime: it demands insight into latency, throughput, error rates, resource use, and inter-service communication. Tools like Middleware, Prometheus-Grafana, and Dynatrace help track these metrics at scale, support alerting, and simplify root cause analysis. Best practices include centralized logging, distributed tracing, automation, and continuous optimization to maintain performance in complex distributed systems.Forward to a Friend📢 If your company is interested in reaching an audience of developers and, technical professionals, and decision makers, you may want toadvertise with us.If you have any comments or feedback, just reply back to this email.Thanks for reading and have a great day!*{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}}