Amazon Web Services (AWS)

Today, AWS announced three updates to enhance your experience with the Customer Carbon Footprint Tool (CCFT). These updates include easier access to carbon emissions data, visibility into emissions by AWS Region, and an updated, independently-verified methodology (v2.0). You can now export your monthly data through AWS's Billing and Cost Management Data Exports service. This feature delivers carbon emissions estimates for all member accounts linked to their management account when using AWS Organizations. Additionally, you can now see your carbon emissions broken down by AWS Region (e.g., US East (Ohio)), so you can identify the Regions where your usage contributes the…

Today, AWS announced upgrades to the Amazon Q Business integrations for M365 Word and Outlook to enhance their utility when performing document and email centered tasks. The upgrades include company knowledge access, image file attachment support, and an expanded prompt context window. With company knowledge support, users can now ask questions about their company’s indexed data directly through the Word and Outlook integrations allowing them to instantly find relevant information when drafting their documents and emails without needing to switch context. With image attachment support and an expanded context window, users can incorporate richer context through large…

AWS CodeBuild now supports selecting an EC2 instance by name when using reserved capacity fleets. This enhancement also allows you to configure the amount of storage attached to each instance. AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces ready-to-deploy software packages. You can select a compute type that is most suitable for your workload. Customize your build environment to match specific resource needs - whether that's more CPU, memory, storage, faster network speed, or GPU support. This allows you to optimize cost and feedback cycle, resulting in improved developer productivity. The feature …

Today, we are introducing a new account management API that enables customers to update the account name via authorized IAM principals and more efficiently manage account names. This new API is added to the AWS account management APIs that enable AWS Organizations customers to centrally and programmatically manage primary email addresses, primary contact information, alternate contact information, and AWS Regions for their accounts. Using the new API, customers will no longer need root access to manage their account names, and they will be able to use authorized IAM principals within the account. Additionally, customers using AWS Organizations in all-features mode can now…

AWS Thinkbox Deadline 10.4.1 is now generally available with support for managing Deadline Cloud Usage-Based Licensing (UBL) together with your existing floating licenses. This release also brings support for Cinema4D 2025, After Effects 2025, Nuke 16, 3ds Max 2026, and Maya 2026. This release enhances how you can manage license limits when using a combination of floating licenses and Deadline Cloud Usage-Based Licensing (UBL) for third party software. By configuring limits for Deadline Cloud License Endpoints, you can now better control license usage across your render farm, helping teams scale more effectively while maintaining their existing license infrastructure. …

Starting today, storage optimized Amazon Elastic Compute Cloud (EC2) I4g instances powered by AWS Graviton2 processors and 2nd generation AWS Nitro SSDs are now available in the AWS Asia Pacific (Sydney) Region. I4g instances are optimized for workloads performing a high mix of random read/write operations and requiring very low I/O latency and high compute performance, such as transactional databases (MySQL, and PostgreSQL), real-time databases including in-memory databases, NoSQL databases, time-series databases (Clickhouse, Apache Druid, MongoDB) and real-time analytics such as Apache Spark. Get started with I4g instances by visiting the AWS Management Console, A…

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) M8g instances are available in AWS US West (N. California). These instances are powered by AWS Graviton4 processors and deliver up to 30% better performance compared to AWS Graviton3-based instances. Amazon EC2 M8g instances are built for general-purpose workloads, such as application servers, microservices, gaming servers, midsize data stores, and caching fleets. These instances are built on the AWS Nitro System, which offloads CPU virtualization, storage, and networking functions to dedicated hardware and software to enhance the performance and security of your workloads. AWS Graviton4-based Amazon EC2 instances…

Today, AWS Backup announces support for search and item-level recovery for Amazon EBS Snapshots and Amazon S3 backups in 4 additional Regions. This capability allows you to search the metadata of your backups for specific files or objects across your backups and recover up to 5 items at a time, allowing for faster recovery times. AWS Backup support for search and item-level recovery for Amazon EBS Snapshots and Amazon S3 backups is added in the following Regions: Asia Pacific (Thailand), Mexico (Central), and AWS GovCloud (US-East, US-West). To learn more about AWS Backup support for search and item-level recovery, visit the AWS Backup product page, technical docume…

Amazon Redshift now offers Serverless Reservations for Amazon Redshift Serverless, a new discounted pricing option that helps you save up to 24% and gain greater cost predictability for your analytics workloads. With Serverless Reservations, you can commit to a specific number of Redshift Processing Units (RPUs) for a one-year term, and choose between two payment options: a no-upfront option that provides a 20% discount off on-demand rates, or an all-upfront option that provides a 24% discount. Amazon Redshift Serverless allows you to run and scale analytics without having to provision and manage clusters with a pay-as-you-go pricing model. Now with Serverless Reservat…

AWS Deadline Cloud now provides a macOS installer for integrated submitters for Autodesk Maya, Blender, Keyshot, Maxon Cinema 4D, and SideFx Houdini. AWS Deadline Cloud is a fully managed service that simplifies render management for teams creating computer-generated graphics and visual effects, for films, television and broadcasting, web content, and design. The new installer makes it easy to get all your artists, across Linux, Windows, and macOS, submitting to your Deadline Cloud farm from within their favorite digital content creation tools. The Deadline Cloud installer also allows you to script silent installations to simplify workstation setup and maintenance. …

Amazon Elastic Block Store (Amazon EBS) now supports additional resource-level permissions for copying EBS snapshots. When moving your data across Regions, accounts, and Availability Zones, you can copy any snapshot accessible to you to another Region or account, including snapshots created by you or shared with you. With this launch, you have more granular controls to set resource-level permissions for the snapshot copy and selection of the source snapshot. This allows you to control the IAM identities that can copy EBS snapshot from source snapshots, and the conditions that they can use these source snapshots for the snapshot copy operation. To meet your specific per…

This post was jointly authored by Alex Kestner (Sr. Product Manager, Amazon EKS), Ratnopam Chakrabarti (Sr. SA, Containers & OSS), Shivam Dubey (Specialist SA, Containers), and Suket Sharma (Sr. SDE, Amazon EKS). Introduction Amazon Elastic Kubernetes Service (Amazon EKS) now offers node monitoring and auto repair capabilities. This new feature enables automatic detection and remediation of node-level issues in EKS clusters, helping customers to improve the availability and reliability of their Kubernetes applications. Node failures can lead to application downtime and necessitate manual intervention from operations teams. EKS node monitoring and auto repair all…

Topic was moved to forum Artificial Intelligence (AI)

Today, we're announcing a new visual user interface for creating and editing Amazon OpenSearch Ingestion pipelines on the AWS console. This enhancement introduces a guided visual workflow, automatic permission creation, and enhanced real-time validations to streamline the pipeline development process. The new workflow simplifies pipeline development, reducing setup time and minimizing errors, making it easier to ingest, transform, and route data to Amazon OpenSearch Service. The guided visual workflow enables customers to quickly build and modify Amazon OpenSearch Ingestion pipelines without manually writing pipeline configurations. The new UI auto-discovers sources an…

Amazon Cognito announces support for OAuth 2.0 refresh token rotation for user pool clients. Refresh tokens are long-lived tokens that allow applications to obtain new access tokens without requiring users to sign in again. With refresh token rotation, you can now configure your user pool clients to automatically replace existing refresh tokens with new ones at regular intervals, which in turn can strengthen your application's security posture. Instead of previously relying on tokens that remain valid for long periods of time, refresh token rotation reduces the window a compromised refresh token could be used. In addition, refresh token rotates automatically in the backgr…

AWS Transfer Family introduces a Terraform module for deploying managed file transfer (MFT) server endpoints backed by Amazon S3. This enables you to leverage Infrastructure as Code (IaC) to automate and streamline centralized provisioning of MFT servers and users at scale. AWS Transfer Family provides fully-managed file transfers over SFTP, AS2, FTPS, FTP, and web browser-based interfaces directly into and out of AWS storage services. Using the Terraform module, you can programmatically provision your Transfer Family server endpoints, associated dependencies and customizations in a single deployment. This eliminates time-consuming manual configurations and ensures you…

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R7gd instances with up to 3.8 TB of local NVMe-based SSD block-level storage are available in Europe (London) and Asia Pacific (Hyderabad, Osaka) Regions. R7gd are powered by AWS Graviton3 processors with DDR5 memory are built on the AWS Nitro System. They are ideal for memory-intensive workloads such as open-source databases, in-memory caches, and real-time big data analytics and are a great fit for applications that need access to high-speed, low latency local storage, including those that need temporary storage of data for scratch space, temporary files, and caches. They have up to 45% improved real-time NVMe…

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C7gd instances with up to 3.8 TB of local NVMe-based SSD block-level storage are available in the AWS GovCloud (US-West), Canada (Central), and Europe (London) Regions. These Graviton3-based instances with DDR5 memory are built on the AWS Nitro System and are a great fit for applications that need access to high-speed, low latency local storage, including those that need temporary storage of data for scratch space, temporary files, and caches. They have up to 45% improved real-time NVMe storage performance than comparable Graviton2-based instances. Graviton3-based instances also use up to 60% less energy for the…

For learners seeking an engaging and interactive way to reinforce their cloud knowledge, AWS Skill Builder has introduced a new tool that transforms learning into a fun, competitive experience: AWS Skill Builder Trivia. This online trivia application is designed to create and deliver real-time multi-participant competitions, offering an interactive format for knowledge checks, icebreakers, and team challenges that strengthen understanding of key cloud concepts. AWS Skill Builder Trivia serves as a perfect complement to AWS Skill Builder’s extensive course catalog, providing a quick and engaging format for knowledge reinforcement. A customer from NuBank remarked, “AWS Sk…

Welcome to April’s post announcing new training course launches and certification launches—helping equip you and your teams with the skills to work with AWS services and solutions. Missed our March course update? Check it out here. This month, we launched 14 new digital training products on AWS Skill Builder including 9 new AWS Builder Labs, 4 new Digital Classroom courses, and a new game-based learning offering, AWS Skill Builder Trivia, an immersive learning tool that enables you to create dynamic, multiplayer trivia quizzes for live training sessions and events. New AWS Skill Builder subscription features AWS Skill Builder subscriptions are available globally an…

This blog discusses the importance of practical experience and how hands-on labs help you earn your AWS Solutions Architect Professional SAP-C02 Certificate. It includes the advantages and vital information required to boost your confidence exponentially. Read through to learn more. Why SAP-C02?—Earning the AWS Certified Solutions Architect Professional Certification Advantage The AWS Certified Solutions Architect Professional (SAP-C02) validates advanced AWS solution design. The SAP-C02 exam tests designing scalable, secure AWS solutions. Skills include multi-account architectures, performance/cost optimization, high availability, security controls, and migrations usin…

Amazon Relational Database Service (RDS) Proxy is now available in the Asia Pacific (Malaysia), Asia Pacific (Thailand), and Mexico (Central) Regions. RDS Proxy is a fully managed and a highly available database proxy for RDS and Amazon Aurora databases. RDS Proxy helps improve application scalability, resiliency, and security. Many applications, including those built on modern architectures capable of horizontal scaling based on ebb and flow of active users, can open a large number of database connections or open and close connections frequently. This can stress the database’s memory and compute, leading to slower performance and limited application scalability. Amazo…

Amazon Kinesis Data Streams now offers significantly higher default shard limits for data streams in Provisioned capacity mode, increasing from 500 to 20,000 shards per AWS account in the US East (N. Virginia), US West (Oregon), and Europe (Ireland) regions. You can also see an account’s utilization of the shards limit in any region via the AWS Service Quotas console, so you can grow streaming workloads easily and quickly to bring real-time insights to more use cases. Amazon Kinesis Data Streams is a serverless data streaming service that allows customers to build de-coupled applications that publish and consume real-time data streams at any scale. A data stream is com…

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C6id instances are available in Europe (Paris) Region. These instances are powered by 3rd generation Intel Xeon Scalable Ice Lake processors with an all-core turbo frequency of 3.5 GHz and up to 7.6 TB of local NVMe-based SSD block-level storage. C6id instances are built on AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances for better overall performance and security. Customers can take advantage of access to high-speed, low-latency local storage to scale performance of applica…

AWS announces the general availability of Amazon Elastic Compute Cloud (Amazon EC2) C8gd instances, Amazon EC2 M8gd instances, and Amazon EC2 R8gd instances with up to 11.4 TB of local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton4 processors, delivering up to 30% better performance over Graviton3-based instances. They have up to 40% higher performance for I/O intensive database workloads, and up to 20% faster query results for I/O intensive real-time data analytics than comparable AWS Graviton3-based instances. These instances are built on the AWS Nitro System and are great fit for applications that need access to high-speed, low latency…

Today, AWS announces the update of Amazon Q Developer’s software development agent. This new agent achieves state-of-the-art performance on industry benchmark SWTBench Verified (49%) and sits among the top ranking models on SWEBench Verified (66%). The agent has access to tools for planning and reasoning that use the capacity of advanced models to their fullest. By running in a dedicated environment with built-in access to all the functionalities of a modern IDE, the agent is now able to generate multiple candidate solutions for a given problem, select the most promising one, and return higher quality code to the developer. With this new agent, developers can further a…

Amazon Managed Streaming for Apache Kafka (Amazon MSK) now supports Apache Kafka version 3.9, which allows users to retain tiered data when disabling Tiered Storage at the topic level. Consumer applications can continue to read historical data from the remote log start offset (Rx) while maintaining continuous log offsets across both local and remote storage. Along with this feature, Apache Kafka version 3.9 includes various bug fixes and improvements. For more details, please refer to the Apache Kafka release notes for version 3.9. Amazon MSK is a fully managed service for Apache Kafka and Kafka Connect that makes it easier for you to build and run applications that …

Amazon SQS now supports Internet Protocol version 6 (IPv6) for API requests enabling you to communicate with Amazon SQS using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients using public endpoints. Amazon SQS is a fully managed message queuing service that enables decoupling and scaling of distributed systems, microservices, and serverless applications. The addition of IPv6 support provides customers with a vastly expanded address space, eliminating concerns about address exhaustion and simplifying network architecture for IPv6-native applications. With simultaneous support for both IPv4 and IPv6 clients on SQS public endpo…

AWS HealthOmics now supports workflow versioning, enabling customers to manage multiple versions of their bioinformatics workflows efficiently. AWS HealthOmics is a HIPAA-eligible service that helps healthcare and life sciences customers accelerate scientific breakthroughs with fully managed biological data stores and workflows. With this release, workflow developers can create and maintain multiple versions of their workflows while retaining consistent workflow IDs and base ARNs across versions. With workflow versioning, users can select specific workflow versions when starting a run, enabling better control and reproducibility of their analyses. This simplifies colla…

Topic was moved to forum Monitoring & Observability

Topic was moved to forum Security

Topic was moved to forum Monitoring & Observability

AWS customers can now access Amazon Lightsail from within the AWS Console Mobile App to monitor and manage Lightsail instances, containers, databases, network, storage, snapshots, domains and DNS while on the go. Visit the Services tab in the AWS Console Mobile App and select Lightsail to get started. The AWS Console Mobile App enables AWS customers monitor and manage a select set of resources and receive push notifications to stay informed and connected with their AWS resources while on-the-go. The sign-in process supports biometrics authentication, making access to AWS resources simple, secure, and quick. Lightsail offers easy-to-use virtual private server (VPS) inst…

Topic was moved to forum Artificial Intelligence (AI)

AWS announces AWS Security Incident Response with AWS PrivateLink integration, enabling customers to manage their service membership directly from their Amazon Virtual Private Cloud (VPC). Now, together with AWS PrivateLink, customers can access AWS Security Incident Response APIs while keeping their traffic off the public internet, adding an extra layer of security when managing and recovering from sensitive security events. This integration offers several benefits to AWS customers. First, it can improve the security perimeter of incident response processes by keeping all traffic within AWS-supported private networks. Second, it simplifies network architecture by remo…

Amazon Connect Cases now provides capabilities to help contact centers track and meet service level agreements (SLAs) on cases. Using the Amazon Connect UI, admins can set up SLA rules based on case attributes and configure target statuses and resolution times. Agents and managers can view the real-time SLA status directly in their case list view to prioritize urgent work, while admins can create rules to automatically escalate or route cases to another team when SLAs are not met. For example, a company can use this feature to monitor whether high-priority cases are reviewed within 4 hours and closed within 24 hours, making it easier to meet case handling service commitme…

Amazon Bedrock Evaluations allows you to evaluate foundation models and retrieval-augmented generation (RAG) systems, whether hosted on Amazon Bedrock or multicloud and on-prem deployments. Bedrock Evaluations offers human-based evals, programmatic evals such as BERTScore, F1 and other exact match metrics, as well as LLM-as-a-judge for both model and RAG evaluation. For both model and RAG evaluation with LLM-as-a-judge, customers can select from an extensive list of built-in metrics such as correctness, completeness, faithfulness (hallucination detection), as well as responsible AI metrics such as answer refusal, harmfulness, and stereotyping. But, there are times when th…

Amazon Connect Contact Lens dashboards now supports the ability for contact center administrators to enforce granular access control based on a specific agent hierarchy. Assigning hierarchies to a user allows you to define organizational groups that a user belongs to and you can enable granular access controls by allowing users to only view metrics for agents within their hierarchy or a specific assigned hierarchy. For example, you can configure hierarchy groups and levels for a team, and only agents assigned to a hierarchy group within that team will be able to see metrics for those agents. Amazon Connect Contact Lens dashboards are available in all commercial AWS reg…

Amazon EventBridge announces support for Amazon Key Management Service (KMS) Customer Managed Keys (CMK) in API destinations connections. This enhancement enables you to encrypt your HTTPS endpoint authentication credentials managed by API destinations with your own keys instead of an AWS owned key (which is used by default). With CMK support, you now have more granular security control over your authentication credentials used in API destinations, helping you meet your organization's security requirements and governance policies. Customer managed Keys (CMK) are KMS keys that you create and manage by yourself. You can also audit and track usage of your keys via CloudTr…

The AWS Well-Architected Generative AI Lens is now available, offering a guidance document to optimize generative AI workloads in the cloud. This new lens is a powerful addition to the Well-Architected Framework, designed to guide organizations through the complexities of implementing generative AI workloads. It provides structured, prescriptive guidance covering the entire generative AI lifecycle - from initial impact scoping to model selection, customization, integration, deployment, and continuous iteration. The lens offers several key benefits, including cloud-agnostic guidance applicable across various environments and AI tools, comprehensive coverage of all six W…

Amazon OpenSearch Service now supports SAML (Security Assertion Markup Language) via IAM federation for the next-generation OpenSearch UI. OpenSearch UI is a modernized operational analytics experience that enables users to gain insights cross data spanning managed domains and serverless collections from a single endpoint. OpenSearch UI already supports authentication via AWS Identity & Access Management (IAM) and IAM Identity Center (IDC). With this feature, you can now configure the SAML identity federation between your identity provider and IAM, so that your end-users can have a Single Sign-On (SSO) experience, to login from your Identity Providers and land directl…

AWS customers in Europe can now use Advance Pay, which allows them to pay for their AWS usage in advance and automate future invoice payments. With Advance Pay, customers can add funds to their account, which AWS will automatically use to pay invoices as they become due. This feature provides customers in Europe with more flexibility in managing their AWS expenses and simplifies the payment process for ongoing cloud services. Advance Pay offers several benefits to AWS customers in Europe. It allows for better financial planning and budgeting by enabling upfront payments for anticipated usage. This feature can be particularly useful for organizations that prefer to pay …

Amazon Elastic Container Services (Amazon ECS) is introducing a new account setting, defaultLogDriverMode, allowing you to define whether tasks in your account use "blocking" or "non-blocking" log driver mode by default, when you do not specify or omit it in your applications’ Task Definitions. A “non-blocking” log driver mode allows your applications to continue operating when log routing destinations become unavailable, therefore increasing availability if getting logs is not critical to your application, whereas “blocking” log driver mode signifies you do not want your applications to continue running if you cannot route logs to their intended destination, e.g. to r…

Amazon MemoryDB clusters now support the IPv6 protocol, allowing clients to connect to MemoryDB clusters using IPv6. You can now configure your cluster to accept only IPv6 connections or to accept both IPv4 and IPv6 connections. This allows you to work to meet IPv6 compliance requirements and more efficiently integrate with existing IPv6-based applications. The continued growth of the internet is rapidly depleting available Internet Protocol version 4 (IPv4) addresses. By supporting IPv6, MemoryDB helps customers simplify their network architecture by providing a significantly larger address space and eliminating the need to manage overlapping address spaces in their V…

You can now activate deletion protection for your Amazon Verified Permissions policy stores. When you configure a policy store with deletion protection, the policy store cannot be deleted by any user. This provides your applications resiliency as you can ensure that production policy stores are not accidentally deleted during deployments. Deletion protection is active by default for new policy stores created through the AWS Console. You can activate or deactivate deletion protection for an policy store in the AWS Console, the AWS Command Line Interface, and API. Deletion protection prevents you from requesting the deletion of a policy store unless you first explicitly dea…

AWS Lambda now supports IPv6-only and dual-stack PrivateLink interface VPC Endpoints, enabling you to access the Lambda API without traversing the public internet or being constrained by the limited number of IPv4 addresses in your VPC. AWS PrivateLink is a highly available, scalable service that allows you to privately connect your VPC to services and resources as if they were in your VPC. Previously, Lambda supported inbound private connectivity over PrivateLink using IPv4-only VPC endpoints. With today’s launch, we are expanding Lambda’s inbound private connectivity to include IPv6-only and dual-stack VPC endpoints, enabling you to invoke and manage Lambda functions…

AWS Application Migration Service is now authorized for Department of Defense Cloud Computing Security Requirements Guide Impact Levels 4 and 5 (DoD CC SRG IL4 and IL5) in the AWS GovCloud (US-East and US-West) Regions. This authorization builds on AWS Application Migration Service’s existing FedRAMP High categorization level in the AWS GovCloud (US-East and US-West) Regions as well as numerous compliance programs and standards, including HIPAA (Health Insurance Portability and Accountability Act), PCI DSS (Payment Card Industry – Data Security Standard), ISO (International Organization for Standardization), SOC 1, 2, and 3 (System and Organization Controls). To learn …

GitLab Duo with Amazon Q is generally available for Self-Managed Ultimate customers, embedding advanced agent capabilities for software development, Java modernization, enhanced quality assurance, and code review optimization directly in GitLab's enterprise DevSecOps platform. GitLab Duo with Amazon Q delivers a seamless development experience that accelerates the execution of complex, multistep tasks and collaborative workflows in the GitLab platform your developers already know. Using GitLab Duo with Amazon Q, developers and teams can collaborate with Amazon Q agents to accelerate feature development, maximize code quality and security, detect and resolve vulnerabilit…

Topic was moved to forum Data Engineering & Data Science

Amazon S3 Tables now support server-side encryption using AWS Key Management Service (SSE-KMS) with customer-managed keys. You can use your own KMS keys to encrypt the tables stored in table buckets to meet regulatory and governance requirements. By default, S3 Tables encrypt all objects with server-side encryption using S3-managed keys (SSE-S3). With support for customer-managed keys, you have the option to set a default customer-managed key for all new tables in the table bucket, set a dedicated key per table, or implement a combination of both approaches. With SSE-KMS support, S3 Tables use S3 Bucket Keys by default for cost optimization, and provide AWS CloudTrail …