All news in category "Vendor and Hyperscaler Watch"

Amazon Aurora PostgreSQL Adds Dynamic Data Masking

🔒 Amazon Aurora PostgreSQL-Compatible Edition now supports dynamic data masking using the new pg_columnmask extension, enabling column-level protection at query time. The extension complements PostgreSQL row-level security and column grants by letting administrators define SQL-based masking policies that alter how data appears to users without changing stored values. Policies can use built-in or user-defined functions to hide, partially mask, or transform data, and multiple policies can be applied with weighted precedence. pg_columnmask protects results across WHERE, JOIN, ORDER BY, and GROUP BY clauses and is available for Aurora PostgreSQL 16.10+ and 17.6+ in all regions.

Amazon SageMaker HyperPod Adds Spot Instance Support

⚡ Amazon SageMaker HyperPod now supports Spot Instances, enabling customers to reduce GPU compute costs by up to 90% compared with on-demand instances. The integration is available on HyperPod EKS clusters and works with Karpenter for intelligent autoscaling, automatic Spot capacity discovery, and interruption handling. You can enable Spot when creating instance groups via the CreateCluster API or the AWS Console, and the feature supports all HyperPod instance types across available regions.

TalayLink Subsea Cable Connects Australia and Thailand

🌐 Today Google is announcing TalayLink, a new subsea cable that will extend the previously announced interlink cable from the Australia Connect initiative to establish a diverse path between Australia and Thailand via the Indian Ocean. The project includes planned connectivity hubs in Mandurah (Western Australia) and South Thailand, the latter in partnership with AIS, plus local landing support from IGC. These investments are designed to integrate Google Cloud’s upcoming Thailand region and data center into its global network, improving resilience, routing diversity, and onward connectivity across the Indian Ocean.

Google adds Pixel-to-iPhone file sharing via Quick Share

📱 Google has made Quick Share interoperable with Apple's AirDrop, enabling two-way file transfers between Pixel devices and iPhones starting with the Pixel 10 family. The implementation uses AirDrop's "Everyone for 10 minutes" direct, device-to-device mode with no server intermediaries. Google says it applied threat modeling, internal security and privacy reviews, Rust parsing to reduce memory risks, and independent NetSPI testing. Users must manually confirm recipients before sharing.

Enterprise Password and Secrets Management — Passwork 7

🔐 Passwork 7 consolidates enterprise password and secrets management into a single, self-hosted platform supporting both human and machine credentials. The release improves credential organization with new vault types, expands RBAC and group-based permissions, and enhances audit trails and notifications. It also provides a REST API, Python connector, CLI, and Docker image for automation, plus zero-knowledge encryption and SSO/LDAP integration to help meet compliance needs.

Amazon EMR Serverless Adds Apache Spark 4.0.1 (Preview)

🚀 Amazon EMR Serverless now supports Apache Spark 4.0.1 (preview), enabling teams to build data pipelines using standard ANSI SQL and native VARIANT types for semi-structured data. The release adds Apache Iceberg v3 table format to provide transactional guarantees and audit-ready change tracking. Improved streaming controls make it easier to manage stateful, real-time applications and monitor streaming jobs.

Amazon Athena for Apache Spark Integrated with SageMaker

🚀 Amazon SageMaker now supports Amazon Athena for Apache Spark, combining a new notebook experience with a fast serverless Spark runtime in a single workspace. Data engineers, analysts, and data scientists can query data, run Python, develop jobs, train models, and visualize results with no infrastructure to manage and second-level billing. The service runs Spark 3.5.6, is optimized for Apache Iceberg and Delta Lake, and adds debugging, real-time Spark UI monitoring, and secure Spark Connect communication. Table-level access controls are enforced through AWS Lake Formation.

AWS Payments Cryptography Adds Hybrid Post-Quantum TLS

🔐 AWS Payments Cryptography now supports hybrid post-quantum TLS to protect API calls and long-lived data-in-transit using ML-KEM-based PQC. This helps enterprises mitigate “harvest now, decrypt later” risks by combining classical and post-quantum key establishment. Customers enable PQ-TLS by upgrading to a compatible AWS SDK or browser and can verify sessions via tlsDetails in CloudTrail. The capability is generally available across Regions at no added cost.

AWS Device Farm: Managed Appium Endpoint for Live Testing

📱 AWS Device Farm now provides a fully managed Appium endpoint that developers can connect to with just a few lines of code to run interactive tests on multiple real devices from their IDE or local machine. The capability integrates with third-party tools such as Appium Inspector (hosted and local) for element inspection and debugging. Live video and log streaming deliver faster feedback in local workflows while existing server-side execution remains available for scaled, secure enterprise runs.

Practical Steps to Minimize Key Exposure in AWS Environments

🔐 This AWS Security blog by Jennifer Paz outlines a layered, practical approach to reduce exposure from long‑term AWS credentials. It recommends discovery and risk assessment with CodeGuru Security, IAM Access Analyzer, credential reports, and Trusted Advisor, followed by enforcement using SCPs and RCPs to create a network data perimeter. The post also covers runtime protections (security groups, NACLs, Network Firewall, AWS WAF), automated rotation using Secrets Manager or rotation patterns, and threat detection via GuardDuty, all intended to bridge the gap until migration to temporary credentials is feasible.

EC2 Image Builder Adds Automatic Versioning Support

🔁 EC2 Image Builder now supports automatic versioning for recipes and automatic build version increments for components, removing the need to manually manage version numbers. You can place an 'x' placeholder to auto-increment any position in a recipe version and use wildcard patterns to resolve to the highest compatible version in pipelines. The feature is available across all AWS regions, including China and GovCloud, and is accessible via Console, CLI, API, CloudFormation, and CDK.

Bedrock Guardrails: Natural-Language Test Generation

🧪 Amazon Web Services has added natural-language test Q&A generation to Automated Reasoning checks in Amazon Bedrock Guardrails. The capability generates up to N test Q&As from input documents to accelerate creating and validating formal verification policies. Automated Reasoning checks apply formal methods to detect correct model outputs and report up to 99% accuracy in identifying correct responses and reducing hallucinations. The feature is available in multiple US and EU Regions and accessible via the Bedrock console and Python SDK.

AWS Security Incident Response: AI Investigative Agent

🔎 The new AI-powered investigative agent in AWS Security Incident Response automates evidence collection, correlation, and timeline building to speed incident investigations from hours to minutes. It interactively asks clarifying questions, queries CloudTrail, IAM, EC2, and cost data, and summarizes critical findings and timelines. The capability is available now across commercial AWS Regions and is included with the service’s metered pricing.

AWS IoT Core adds SET clause and get_or_default() support

🔧 The AWS IoT Core rules-SQL now supports a SET clause to define and reuse variables across SQL statements, simplifying complex queries and ensuring consistent content when values are referenced multiple times. A new get_or_default() function returns fallback values when encountering data encoding or external dependency failures so rules continue executing. These capabilities reduce SQL complexity and improve reliability across regions.

AWS WAF Adds Web Bot Auth to Verify AI and Bot Traffic

🔐 AWS WAF now supports Web Bot Auth, providing cryptographic verification for automated agents and crawlers that access web applications. The capability uses signed HTTP messages and a public key directory defined by active IETF drafts to authenticate bot identities. AWS WAF will automatically allow verified WBA bots by default, refining previous behavior where the AI category blocked unverified bots. This change helps operators distinguish trusted automated traffic from potentially harmful automation.

Amazon EMR 7.12 Adds Apache Iceberg v3 Table Format

🆕 Amazon EMR 7.12 now supports the Apache Iceberg v3 table format (Iceberg 1.10) and includes Apache Spark 3.5.6. This update reduces storage and pipeline costs by marking deleted rows instead of rewriting files, while adding automatic row-level history for stronger governance and change-data capture. It also introduces table-level encryption and integrates with AWS Lake Formation. Apache Trino 476 is included, and EMR 7.12 is available in all Regions that support EMR.

Amazon Connect adds monitoring for queued callbacks

🔔 Amazon Connect now enables monitoring of contacts queued for callback, allowing supervisors and integrations to search queued callbacks and view details such as customer phone numbers and queued duration in the Connect UI and via APIs. Teams can proactively route contacts nearing promised callback windows to available agents and clear customers who have already been served to avoid duplicative work. This capability is available in all regions where Amazon Connect is offered.

Amazon Connect adds follow-up email replies for agents

📧 Amazon Connect Email now lets agents send follow-up replies to existing email contacts, enabling them to add information or continue assistance without opening a new thread. The feature preserves full conversation history so agents retain context and deliver consistent support. It is available in multiple AWS regions including US East (N. Virginia), US West (Oregon), Europe (Frankfurt, London), Canada (Central), several Asia Pacific locations, and Africa (Cape Town). Refer to documentation and pricing to get started.

Aurora DSQL Adds Python, Node.js, and JDBC Connectors

🔐 Aurora DSQL now provides Python, Node.js, and JDBC Connectors that transparently handle IAM token generation for standard PostgreSQL drivers. The connectors integrate with psycopg/psycopg2, node-postgres, Postgres.js, and the PostgreSQL JDBC driver and support common pooling libraries such as HikariCP and built-in pooling in Node.js and Python. By automatically generating IAM tokens via the AWS SDK for each connection, they remove the need for custom token code or manual token provisioning, reducing reliance on static database passwords while preserving existing driver features and workflows.

AWS Adds Second-Generation Outposts Racks in Tokyo

📣 Second-generation AWS Outposts racks are now supported in the AWS Asia Pacific (Tokyo) Region. Organizations in and outside Japan can order Outposts racks connected to this region to optimize latency and meet data residency requirements while running low-latency workloads on-premises. Outposts extends AWS infrastructure, services, APIs, and tools into customer data centers or colocation spaces and connects back to a home Region for centralized management.