Amazon Web Services (AWS)

Amazon SQS now supports Internet Protocol version 6 (IPv6) for API requests enabling you to communicate with Amazon SQS using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients using public endpoints. Amazon SQS is a fully managed message queuing service that enables decoupling and scaling of distributed systems, microservices, and serverless applications. The addition of IPv6 support provides customers with a vastly expanded address space, eliminating concerns about address exhaustion and simplifying network architecture for IPv6-native applications. With simultaneous support for both IPv4 and IPv6 clients on SQS public endpo…

AWS HealthOmics now supports workflow versioning, enabling customers to manage multiple versions of their bioinformatics workflows efficiently. AWS HealthOmics is a HIPAA-eligible service that helps healthcare and life sciences customers accelerate scientific breakthroughs with fully managed biological data stores and workflows. With this release, workflow developers can create and maintain multiple versions of their workflows while retaining consistent workflow IDs and base ARNs across versions. With workflow versioning, users can select specific workflow versions when starting a run, enabling better control and reproducibility of their analyses. This simplifies colla…

Topic was moved to forum Monitoring & Observability

Topic was moved to forum Security

Topic was moved to forum Monitoring & Observability

AWS customers can now access Amazon Lightsail from within the AWS Console Mobile App to monitor and manage Lightsail instances, containers, databases, network, storage, snapshots, domains and DNS while on the go. Visit the Services tab in the AWS Console Mobile App and select Lightsail to get started. The AWS Console Mobile App enables AWS customers monitor and manage a select set of resources and receive push notifications to stay informed and connected with their AWS resources while on-the-go. The sign-in process supports biometrics authentication, making access to AWS resources simple, secure, and quick. Lightsail offers easy-to-use virtual private server (VPS) inst…

Topic was moved to forum Artificial Intelligence (AI)

AWS announces AWS Security Incident Response with AWS PrivateLink integration, enabling customers to manage their service membership directly from their Amazon Virtual Private Cloud (VPC). Now, together with AWS PrivateLink, customers can access AWS Security Incident Response APIs while keeping their traffic off the public internet, adding an extra layer of security when managing and recovering from sensitive security events. This integration offers several benefits to AWS customers. First, it can improve the security perimeter of incident response processes by keeping all traffic within AWS-supported private networks. Second, it simplifies network architecture by remo…

Amazon Connect Cases now provides capabilities to help contact centers track and meet service level agreements (SLAs) on cases. Using the Amazon Connect UI, admins can set up SLA rules based on case attributes and configure target statuses and resolution times. Agents and managers can view the real-time SLA status directly in their case list view to prioritize urgent work, while admins can create rules to automatically escalate or route cases to another team when SLAs are not met. For example, a company can use this feature to monitor whether high-priority cases are reviewed within 4 hours and closed within 24 hours, making it easier to meet case handling service commitme…

Amazon Bedrock Evaluations allows you to evaluate foundation models and retrieval-augmented generation (RAG) systems, whether hosted on Amazon Bedrock or multicloud and on-prem deployments. Bedrock Evaluations offers human-based evals, programmatic evals such as BERTScore, F1 and other exact match metrics, as well as LLM-as-a-judge for both model and RAG evaluation. For both model and RAG evaluation with LLM-as-a-judge, customers can select from an extensive list of built-in metrics such as correctness, completeness, faithfulness (hallucination detection), as well as responsible AI metrics such as answer refusal, harmfulness, and stereotyping. But, there are times when th…

Amazon Connect Contact Lens dashboards now supports the ability for contact center administrators to enforce granular access control based on a specific agent hierarchy. Assigning hierarchies to a user allows you to define organizational groups that a user belongs to and you can enable granular access controls by allowing users to only view metrics for agents within their hierarchy or a specific assigned hierarchy. For example, you can configure hierarchy groups and levels for a team, and only agents assigned to a hierarchy group within that team will be able to see metrics for those agents. Amazon Connect Contact Lens dashboards are available in all commercial AWS reg…

Amazon EventBridge announces support for Amazon Key Management Service (KMS) Customer Managed Keys (CMK) in API destinations connections. This enhancement enables you to encrypt your HTTPS endpoint authentication credentials managed by API destinations with your own keys instead of an AWS owned key (which is used by default). With CMK support, you now have more granular security control over your authentication credentials used in API destinations, helping you meet your organization's security requirements and governance policies. Customer managed Keys (CMK) are KMS keys that you create and manage by yourself. You can also audit and track usage of your keys via CloudTr…

The AWS Well-Architected Generative AI Lens is now available, offering a guidance document to optimize generative AI workloads in the cloud. This new lens is a powerful addition to the Well-Architected Framework, designed to guide organizations through the complexities of implementing generative AI workloads. It provides structured, prescriptive guidance covering the entire generative AI lifecycle - from initial impact scoping to model selection, customization, integration, deployment, and continuous iteration. The lens offers several key benefits, including cloud-agnostic guidance applicable across various environments and AI tools, comprehensive coverage of all six W…

Amazon OpenSearch Service now supports SAML (Security Assertion Markup Language) via IAM federation for the next-generation OpenSearch UI. OpenSearch UI is a modernized operational analytics experience that enables users to gain insights cross data spanning managed domains and serverless collections from a single endpoint. OpenSearch UI already supports authentication via AWS Identity & Access Management (IAM) and IAM Identity Center (IDC). With this feature, you can now configure the SAML identity federation between your identity provider and IAM, so that your end-users can have a Single Sign-On (SSO) experience, to login from your Identity Providers and land directl…

AWS customers in Europe can now use Advance Pay, which allows them to pay for their AWS usage in advance and automate future invoice payments. With Advance Pay, customers can add funds to their account, which AWS will automatically use to pay invoices as they become due. This feature provides customers in Europe with more flexibility in managing their AWS expenses and simplifies the payment process for ongoing cloud services. Advance Pay offers several benefits to AWS customers in Europe. It allows for better financial planning and budgeting by enabling upfront payments for anticipated usage. This feature can be particularly useful for organizations that prefer to pay …

Amazon Elastic Container Services (Amazon ECS) is introducing a new account setting, defaultLogDriverMode, allowing you to define whether tasks in your account use "blocking" or "non-blocking" log driver mode by default, when you do not specify or omit it in your applications’ Task Definitions. A “non-blocking” log driver mode allows your applications to continue operating when log routing destinations become unavailable, therefore increasing availability if getting logs is not critical to your application, whereas “blocking” log driver mode signifies you do not want your applications to continue running if you cannot route logs to their intended destination, e.g. to r…

Amazon MemoryDB clusters now support the IPv6 protocol, allowing clients to connect to MemoryDB clusters using IPv6. You can now configure your cluster to accept only IPv6 connections or to accept both IPv4 and IPv6 connections. This allows you to work to meet IPv6 compliance requirements and more efficiently integrate with existing IPv6-based applications. The continued growth of the internet is rapidly depleting available Internet Protocol version 4 (IPv4) addresses. By supporting IPv6, MemoryDB helps customers simplify their network architecture by providing a significantly larger address space and eliminating the need to manage overlapping address spaces in their V…

You can now activate deletion protection for your Amazon Verified Permissions policy stores. When you configure a policy store with deletion protection, the policy store cannot be deleted by any user. This provides your applications resiliency as you can ensure that production policy stores are not accidentally deleted during deployments. Deletion protection is active by default for new policy stores created through the AWS Console. You can activate or deactivate deletion protection for an policy store in the AWS Console, the AWS Command Line Interface, and API. Deletion protection prevents you from requesting the deletion of a policy store unless you first explicitly dea…

AWS Lambda now supports IPv6-only and dual-stack PrivateLink interface VPC Endpoints, enabling you to access the Lambda API without traversing the public internet or being constrained by the limited number of IPv4 addresses in your VPC. AWS PrivateLink is a highly available, scalable service that allows you to privately connect your VPC to services and resources as if they were in your VPC. Previously, Lambda supported inbound private connectivity over PrivateLink using IPv4-only VPC endpoints. With today’s launch, we are expanding Lambda’s inbound private connectivity to include IPv6-only and dual-stack VPC endpoints, enabling you to invoke and manage Lambda functions…

AWS Application Migration Service is now authorized for Department of Defense Cloud Computing Security Requirements Guide Impact Levels 4 and 5 (DoD CC SRG IL4 and IL5) in the AWS GovCloud (US-East and US-West) Regions. This authorization builds on AWS Application Migration Service’s existing FedRAMP High categorization level in the AWS GovCloud (US-East and US-West) Regions as well as numerous compliance programs and standards, including HIPAA (Health Insurance Portability and Accountability Act), PCI DSS (Payment Card Industry – Data Security Standard), ISO (International Organization for Standardization), SOC 1, 2, and 3 (System and Organization Controls). To learn …

GitLab Duo with Amazon Q is generally available for Self-Managed Ultimate customers, embedding advanced agent capabilities for software development, Java modernization, enhanced quality assurance, and code review optimization directly in GitLab's enterprise DevSecOps platform. GitLab Duo with Amazon Q delivers a seamless development experience that accelerates the execution of complex, multistep tasks and collaborative workflows in the GitLab platform your developers already know. Using GitLab Duo with Amazon Q, developers and teams can collaborate with Amazon Q agents to accelerate feature development, maximize code quality and security, detect and resolve vulnerabilit…

Topic was moved to forum Data Engineering & Data Science

Amazon S3 Tables now support server-side encryption using AWS Key Management Service (SSE-KMS) with customer-managed keys. You can use your own KMS keys to encrypt the tables stored in table buckets to meet regulatory and governance requirements. By default, S3 Tables encrypt all objects with server-side encryption using S3-managed keys (SSE-S3). With support for customer-managed keys, you have the option to set a default customer-managed key for all new tables in the table bucket, set a dedicated key per table, or implement a combination of both approaches. With SSE-KMS support, S3 Tables use S3 Bucket Keys by default for cost optimization, and provide AWS CloudTrail …

Today, we are excited to announce throughput improvements to dynamic run storage for AWS HealthOmics. AWS HealthOmics is a HIPAA-eligible service that helps healthcare and life sciences customers accelerate scientific breakthroughs with fully managed biological data stores and workflows. Dynamic run storage automatically scales storage capacity based on workflow needs. With this release, dynamic run storage now also scales throughput using Elastic Throughput mode on Amazon Elastic File System. This feature is recommended for runs requiring faster start times, workflows with unpredictable storage requirements, and iterative development cycles, helping research teams red…

Topic was moved to forum Artificial Intelligence (AI)

Today, we are announcing the general availability of AWS Wavelength in partnership with Sonatel, an affiliate of Orange, in Dakar, Senegal. With this first Wavelength Zone in Sub-Saharan Africa, Independent Software Vendors (ISVs), enterprises, and developers can now use AWS infrastructure and services to support applications with data residency, low latency, and resiliency requirements. AWS Wavelength, in partnership with Sonatel, delivers on-demand AWS compute and storage services to customers in West Africa. AWS Wavelength enables customers to build and deploy applications that meet their data residency, low-latency, and resiliency requirements. AWS Wavelength offer…

Amazon CloudFront announces Anycast Static IPs support for apex domains, enabling customers to easily use their root domain (e.g., example.com) with CloudFront. This new feature simplifies DNS management by providing just 3 static IP addresses instead of the previous 21, making it easier to configure and manage apex domains with CloudFront distributions. Previously, customers had to create CNAME records to point their domains to CloudFront. However, due to DNS rules, root domains (apex domains) cannot point to CNAME records and must use A records or Route53's ALIAS records. With the new Anycast Static IPs support, customers can now easily configure A records for their …

Amazon CloudWatch agent now supports Security-Enhanced Linux (SELinux) environments through a pre-configured security policy that allow monitoring in systems where security enforcement is required. This feature benefits customers in regulated industries and government sectors who maintain strict security controls across their Linux infrastructure. These security policies, when applied before CloudWatch Agent installation, help customers maintain their security posture while collecting essential monitoring data. This launch enables organizations to deploy the CloudWatch agent in SELinux-enabled environments while maintaining their security posture. It addresses a critic…

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C8g instances are available in AWS Asia Pacific (Sydney), AWS Europe (London), AWS US West (N. California), and AWS South America (Sao Paulo) regions. These instances are powered by AWS Graviton4 processors and deliver up to 30% better performance compared to AWS Graviton3-based instances. Amazon EC2 C8g instances are built for compute-intensive workloads, such as high performance computing (HPC), batch processing, gaming, video encoding, scientific modeling, distributed analytics, CPU-based machine learning (ML) inference, and ad serving. These instances are built on the AWS Nitro System, which offloads CPU virtuali…

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) M8g instances are available in AWS Asia Pacific (Tokyo, Sydney) regions. These instances are powered by AWS Graviton4 processors and deliver up to 30% better performance compared to AWS Graviton3-based instances. Amazon EC2 M8g instances are built for general-purpose workloads, such as application servers, microservices, gaming servers, midsize data stores, and caching fleets. These instances are built on the AWS Nitro System, which offloads CPU virtualization, storage, and networking functions to dedicated hardware and software to enhance the performance and security of your workloads. AWS Graviton4-based Amazon …

AWS Batch now supports Amazon Elastic Container Service (ECS) Exec and AWS FireLens log router for AWS Batch on Amazon ECS and AWS Fargate. With ECS Exec you can track the progress of your application and troubleshoot issue by by running interactive commands against the containers in your AWS Batch job. AWS FireLens allows you to stream logs of your AWS Batch jobs to your chosen destinations including Amazon CloudWatch, Amazon S3, Amazon OpenSearch Service, Amazon Redshift, partner services such as Splunk and more. You can configure ECS Exec and AWS FireLens while registering a new AWS Batch job definition or making a revision to an existing job definition. For more in…

Topic was moved to forum Data Engineering & Data Science

Today we are delighted to introduce the Amazon Elastic Kubernetes (Amazon EKS) Auto Mode hands-on workshop. You can run this workshop in your own AWS account, or register to attend one of our AWS hosted events. EKS Auto Mode, a new capability to streamline Kubernetes operations on AWS, was made generally available at re:Invent 2024. Eliminating the operational overhead of managing the cluster infrastructure needed to run production-grade Kubernetes applications at scale means that EKS Auto Mode enables you to instead focus on building applications that drive innovation for your organization. The workshop we’re launching today aims to give you the hands-on knowledge and …

Hiring both outsourced DevOps and in-house teams for a startup's digital product has advantages and disadvantages. In-house professionals can create the necessary infrastructure from the ground up, giving you complete control over your product throughout the development process. In this instance, it is critical to calculate the cost of acquiring and retaining a team of top specialists. Another alternative for DevOps services for startups is to develop and train young people within the project. It will have a big economic impact, but it may take months or even years. When it comes to startups and small businesses, DevOps outsourcing companies may be the ideal option giv…

Amazon Web Services (AWS) announces the availability of Amazon EC2 I7ie instances in the AWS Europe (Ireland) region. Designed for large storage I/O intensive workloads, these new instances are powered by 5th generation Intel Xeon Scalable processors with an all-core turbo frequency of 3.2 GHz, offering up to 40% better compute performance and 20% better price performance over existing I3en instances. I7ie instances offer up to 120TB local NVMe storage density—the highest available in the cloud for storage optimized instances—and deliver up to twice as many vCPUs and memory compared to prior generation instances. Powered by 3rd generation AWS Nitro SSDs, these instance…

Topic was moved to forum Artificial Intelligence (AI)

AWS Lambda@Edge now supports AWS Lambda’s advanced logging controls to improve how function logs are captured, processed, and consumed at the edge. This enhancement provides you with more control over your logging data, making it easier to monitor application behavior and quickly resolve issues. The new advanced logging controls for Lambda@Edge give you three flexible ways to manage and analyze your logs. New JSON structured logs make it easier to search, filter, and analyze large volumes of log entries without using custom logging libraries. Log level granularity controls can switch log levels instantly, allowing you to filter for specific types of logs like errors or…

Today, Amazon Simple Email Service (SES) launched support for logging email sending events through AWS CloudTrail. Customers can maintain a record of email send actions performed using the SES APIs, including actions taken by a user, role, or an AWS service in SES. Previously, customers could use SES event destinations to route sending event notifications to custom data stores they created and managed themselves. This required custom solutions for data storage and data indexing, including development costs and operational oversight costs. Now, customers can configure event logging to AWS CloudTrail without any custom solution development. Customers can search for event…

The rapid change of pace in computing landscapes because of cloud, artificial intelligence, and technology innovation has challenged organizations to keep up while making sure that their initiatives and projects remain compliant with enterprise guidelines and policies. An effective architecture review board (ARB) can help an organization maintain compliance with enterprise guardrails while accelerating implementation of initiatives in their project pipeline. In this post, we identify the components of an efficient architecture review process, define what an ARB is, and describe how to build and operate an effective enterprise ARB... View the full article

Topic was moved to forum Artificial Intelligence (AI)

We are excited to announce that AWS Mainframe Modernization service is now available with greater control of managed runtime environments that run modernized mainframe applications. For both refactored and replatformed applications, you can now export data sets to an Amazon S3 bucket. Optionally, you can choose to encrypt the exported data set. This export feature makes it easier to move data set across environments, or to archive data sets. For applications refactored with AWS Blu Age, you can now restart a batch job at a specific step. This enables advanced batch operational and recovery procedures. For applications replatformed with Rocket Software, you can no…

On Apr 15, 2025 Amazon announced quarterly security and critical updates for Amazon Corretto Long-Term Supported (LTS) and Feature Release (FR) versions of OpenJDK. Corretto 24.0.1, 21.0.7, 17.0.15, 11.0.27, 8u452 are now available for download. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of OpenJDK. Click on the Corretto home page to download Corretto 8, Corretto 11, Corretto 17, Corretto 21, or Corretto 24. You can also get the updates on your Linux system by configuring a Corretto Apt or Yum repo. Feedback is welcomed! View the full article

AWS announces the end of sale for AWS Elemental Link HD devices effective April 15, 2024. AWS Elemental Link UHD devices will continue to be available for purchase. To support HD content contribution workflows, Link UHD has now added HD ingest pricing, providing a seamless path for new deployments. Existing Link HD devices will continue to be supported, with Link UHD now serving as the recommended solution for both HD and UHD contribution workflows. To enable HD pricing on Link UHD devices, you can configure the device's input resolution on the Link device configuration page when the device is not actively streaming. The configuration option provides the flexibility to…

Today, AWS announces that AWS Control Tower supports an additional 223 managed Config rules in Control Catalog for various use cases such as security, cost, durability, and operations. With this launch, you can now search, discover, enable and manage these additional rules directly from AWS Control Tower and govern more use cases for your multi-account environment. To get started, in AWS Control Tower go to the Control Catalog and search for controls with the implementation filter AWS Config, you will then see all the AWS Config rules present in the Catalog. If you find rules that are relevant for you, you can then directly enable them from the AWS Control Tower consol…

Starting today, we are making it easier for customers to understand their inter-availability zone (AZ) VPC Peering usage within the same AWS Region by introducing a new usage type in their bill. These changes won’t affect customers’ charges and will help them easily understand their VPC Peering costs, enabling them to choose the right architecture based on cost, performance, and ease of management. VPC Peering is an Amazon VPC feature that allows customers to establish networking connection between two VPCs, helping them route traffic between two VPCs using private IPv4 or IPv6 addresses. Previously, VPC Peering usage was reported under the intra-regional Data Transfer…

Amazon Redshift Concurrency Scaling is now available in Israel (Tel Aviv) and Canada West (Calgary) regions. Amazon Redshift Concurrency Scaling elastically scales query processing power to provide consistently fast performance for hundreds of concurrent queries. Concurrency Scaling resources are added to your Redshift cluster transparently in seconds, as concurrency increases, to process queries without wait time. Amazon Redshift customers with an active Redshift cluster earn up to one hour of free Concurrency Scaling credits, which is sufficient for the concurrency needs of most customers. Concurrency scaling allows you to specify usage control providing customers wi…

Gateway Load Balancer (GWLB) now supports Load Balancer Capacity Unit (LCU) Reservation that allows you to proactively set a minimum bandwidth capacity for your load balancer, complementing its existing ability to auto-scale based on your traffic pattern. Gateway Load Balancer helps you deploy, scale, and manage third-party virtual appliances. With this feature, you can reserve a guaranteed capacity for anticipated traffic surge. The LCU reservation is ideal for scenarios such as onboarding and migrating new workload to your GWLB gated services without the need to wait for organic scaling, or maintaining a minimum bandwidth capacity for your firewall applications to me…

Starting today, Amazon S3 Express One Zone has reduced pricing for storage by 31%, PUT requests by 55%, and GET requests by 85%. In addition, S3 Express One Zone has reduced its per-gigabyte data upload and retrieval charges by 60% and now applies these charges to all bytes rather than just portions of requests exceeding 512 kilobytes. Amazon S3 Express One Zone is a high-performance, single-Availability Zone storage class purpose-built to deliver consistent single-digit millisecond data access for your most frequently accessed data and latency-sensitive applications, such as machine learning training, analytics for live streaming events, and market analysis for financ…

AWS Compute Optimizer now supports 57 additional Amazon Elastic Compute Cloud (Amazon EC2) instance types. The newly supported instance types include the latest generation accelerated computing instances (P5e, P5en, G6e), storage optimized instances (I7ie, I8g), and compute optimized instances (M8g), as well as high memory instances (U7i) and new instance sizes for C7i-flex and M7i-flex. With these newly supported instance types, AWS Compute Optimizer delivers recommendations to help you identify cost and performance optimization opportunities across a wider range of EC2 instance types, helping you improve performance and cost savings for your workloads. This new featu…

IAM Identity Center has released a new SDK plugin that simplifies AWS resource authorization for applications that authenticate with external identity providers (IdPs) such as Microsoft EntraID, Okta, and others. The plugin which supports trusted identity propagation (TIP), streamlines how external IdP tokens are exchanged for IAM Identity Center tokens. These tokens enable precise access control to AWS resources (e.g., Amazon S3 buckets) leveraging user and group memberships as defined in the external IdP. The new SDK plugin automates the token exchange process eliminating the need for complex, custom-built workflows. Once configured, it seamlessly handles the IAM Ide…