All news in category "Vendor and Hyperscaler Watch"

AWS Network Load Balancer Adds Weighted Target Groups

🚀 AWS Network Load Balancer now supports weighted target groups, letting you distribute traffic across multiple target groups with configurable weights from 0 to 999. This enables progressive deployment strategies such as Blue-Green and Canary deployments, application migration, and A/B testing while supporting instance, IP address, and ALB targets. The capability is available across AWS commercial and GovCloud regions at no additional charge; standard NLB Capacity Unit (LCU) pricing applies.

AWS Directory Service Adds PrivateLink VPC Connectivity

🔒 AWS Directory Service now supports AWS PrivateLink, enabling you to route all Directory Service API and Directory Service Data API traffic through private VPC endpoints. This removes the need for internet gateways or NAT devices and reduces latency by creating requester-managed ENIs in enabled subnets. The feature covers directory management and user operations and is available in all Regions where AWS Directory Service is supported.

Amazon MSK Console and Public APIs for Kafka Topics

🔍 Amazon Managed Streaming for Apache Kafka (Amazon MSK) now exposes topic listings and detailed topic views directly in the MSK console and via three new public APIs. You can browse and search topics within a cluster, quickly review replication settings and partition counts, and drill into per-topic configuration and partition-level metrics without installing Kafka admin clients. The new ListTopics, DescribeTopic, and DescribeTopicPartitions APIs are available through the AWS CLI and SDKs; these features require MSK Provisioned clusters running Kafka 3.6+ and appropriate IAM permissions.

AWS IAM Temporary Delegation for Partner Product Integration

🔐 AWS Identity and Access Management (IAM) introduces temporary delegation, enabling time-limited, delegated access to Amazon and AWS Partner products for tasks like initial deployments, ad-hoc maintenance, and feature upgrades. The capability eliminates the need for persistent IAM roles, improves auditability, and reduces setup and operational burden. It is available in all AWS commercial Regions and is being adopted by partners such as Archera, Aviatrix, Databricks, HashiCorp, Qumulo, Rapid7 and others.

Amazon OpenSearch Service Adds Cluster Insights Dashboard

🔍 Amazon OpenSearch Service now includes Cluster Insights, a unified monitoring dashboard that consolidates logs and metrics to give operators comprehensive operational visibility across nodes, indices, and shards. The feature automates correlation of critical data, highlights performance metrics and top‑N query analysis, and surfaces targeted remediation steps to speed troubleshooting. Built into the OpenSearch UI, Cluster Insights retains monitoring resilience during cluster unavailability and provides account‑level summaries for managing multiple deployments. It is available at no additional cost for OpenSearch 2.17 or later in regions where the OpenSearch UI is offered.

AWS Cost Explorer: 18-Month Forecasts and Explainable AI

📈 AWS Cost Explorer now extends forecasting to 18 months and uses upgraded machine learning that can analyze up to 36 months of historical data (previously 6 months) to surface seasonal patterns and long-term growth trends. Two of these improvements are generally available, while AI-powered, explainable forecasts are offered in public preview in the console. The 18-month horizon is also exposed via the GetCostForecast API, enabling finance and engineering teams to improve annual budgeting, surface optimization opportunities, and present forecasts with greater stakeholder confidence.

AWS IAM Adds aws:SourceVpcArn for Region Controls Support

🔒 AWS Identity and Access Management (IAM) introduces the global condition key aws:SourceVpcArn, which returns the ARN of the VPC where a VPC endpoint is attached. Administrators can apply this key in IAM policies to enforce region-based controls for resources accessed via AWS PrivateLink, restricting access to VPC endpoints in specified regions. The new condition key helps meet data residency and compliance requirements and is available in all commercial AWS Regions.

Amazon API Gateway Adds Enhanced TLS Security Policies

🔐 Amazon API Gateway now supports enhanced TLS security policies for REST APIs and custom domain names, giving customers more granular control over encryption, cipher selection, and endpoint access. Policy options include TLS 1.3-only, Perfect Forward Secrecy, FIPS-compliant cipher suites, and Post Quantum Cryptography choices. The update, available in many AWS commercial Regions, aims to simplify compliance with stricter regulations and strengthen cryptographic posture.

AWS CloudTrail Data Event Aggregation for Monitoring

🔍 AWS announced aggregated CloudTrail data events to help teams monitor high-volume API activity without processing every individual event. Aggregations consolidate data events into 5-minute summaries that surface trends such as access frequency, error rates, and top actions while preserving access to detailed events when required. You can enable aggregation via the console or CLI and choose from pre-built templates for API activity, resource access, and user activity. Aggregations are billed based on the number of data events analyzed and are available in all commercial Regions.

Amazon SageMaker Catalog Enforces Glossary Metadata

📌 Amazon SageMaker Catalog now enforces glossary-term metadata during asset publishing. Administrators can require data producers to tag assets with approved business vocabulary from organizational glossaries, and enforcement rules will block publication if required terms are missing. This standardizes metadata, aligns technical schemas with business language, and improves discoverability and governance. Available in all regions where Amazon SageMaker Catalog operates; policies can be managed via the console, CLI, or SDKs.

AWS launches EC2 M7i instances in Europe (Zurich) region

🚀 Amazon Web Services has launched Amazon EC2 M7i instances in the Europe (Zurich) region, powered by custom 4th Gen Intel Xeon Scalable processors (Sapphire Rapids) available only on AWS. M7i delivers up to 15% better performance over comparable x86-based Intel processors and up to 15% improved price-performance versus M6i. Instances scale to 48xlarge and include two bare-metal sizes with built-in Intel accelerators that offload data operations and optimize CPU-bound workloads.

AWS enables console sign-in credentials for CLI and SDK

🔐 AWS now permits developers to use their existing AWS Management Console sign-in credentials for programmatic access via the AWS CLI, AWS Tools for PowerShell, and AWS SDKs after a brief browser-based authentication flow. The aws login command in AWS CLI v2.32.0 and later obtains automatically rotated, short-lived credentials to reduce reliance on long-term access keys. This capability is available in all commercial AWS regions and aims to streamline local development setup while improving security posture.

AWS Elemental MediaConnect Router Now Generally Available

📺 AWS has announced the general availability of Elemental MediaConnect Router, a managed capability that dynamically routes live video between sources and destinations across the AWS network. The service reduces transport latency and improves packet delivery reliability compared with standard transport methods, and supports routing across regions as well as between private and public endpoints. It is accessible via the MediaConnect console, API, or AWS CDK, works alongside existing MediaConnect flows, and integrates with the broader AWS Elemental media services to simplify live-video operations and reduce unused capacity and reconfiguration overhead.

AWS S3 bucket-level setting to standardize encryption

🔒 Amazon S3 now provides a bucket-level default encryption configuration to enforce SSE-S3 or SSE-KMS for all write requests, allowing organizations to standardize server-side encryption types across buckets. The PutBucketEncryption API update lets you disable SSE-C on specific buckets or in CloudFormation templates. This capability is available in all AWS Regions and configurable via Console, SDK, API, or CLI. It helps simplify compliance and reduce misconfiguration risk.

Amazon Bedrock Adds Support for OpenAI GPT OSS Models

🚀 Amazon Bedrock now supports importing custom weights for gpt-oss-120b and gpt-oss-20b, allowing customers to bring tuned OpenAI GPT OSS models into a fully managed, serverless environment. This capability eliminates the need to manage infrastructure or model serving while enabling deployment of text-to-text models for reasoning, agentic, and developer tasks. gpt-oss-120b is optimized for production and high-reasoning use cases; gpt-oss-20b targets lower-latency or specialized scenarios. The feature is generally available in US‑East (N. Virginia).

AWS Network Firewall Log Analysis Using OpenSearch

📊 The post describes a new Amazon CloudWatch and Amazon OpenSearch Service dashboard that simplifies analysis of AWS Network Firewall logs by removing previous multi-step setup and streamlining integration. It explains prerequisites, creating an OpenSearch integration and dashboard, selecting log groups, sync intervals, and IAM roles. The overview covers widgets, filters, CSV export, common use cases, and cost considerations to improve visibility and troubleshooting.

Thunderbird Gains Native Microsoft Exchange Support

📧 Thunderbird 145 introduces built-in support for Microsoft Exchange email via the Exchange Web Services (EWS) protocol, eliminating the need for third-party add-ons in Exchange-hosted environments. The client auto-detects account settings and uses Microsoft’s OAuth2 for authorization to simplify migration from Outlook. Initial capabilities include full folder listings, message synchronization, message operations (view, send, reply, forward, move, copy, delete), attachment handling, subject/body search and quick filtering for Microsoft 365 domains with standard OAuth2 and for on-premise Exchange using basic password authentication. The Thunderbird team says additional features such as calendar syncing, address book support, Microsoft Graph integration and expanded authentication options (NTLM, tenant-specific OAuth2) are planned but not yet available.

Windows 11 Introduces Cloud Rebuild and PITR Recovery

☁️ Microsoft unveiled two Windows 11 recovery capabilities — Point-in-Time Restore (PITR) and Cloud Rebuild — designed to reduce downtime and simplify device recovery. PITR builds on System Restore by capturing full system snapshots, enabling admins and users to roll a device back to a known-good state, including local files and applications. Cloud Rebuild allows remote reinstallation through Intune, leveraging Autopilot, OneDrive, and Windows Backup for Organizations to restore settings and data.

AWS launches EC2 P6-B300 with NVIDIA Blackwell Ultra

🚀 Amazon Web Services has announced general availability of Amazon EC2 P6-B300 instances powered by NVIDIA Blackwell Ultra B300 GPUs. The p6-b300.48xlarge delivers eight GPUs, 2.1 TB of high-bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps ENA throughput, and 4 TB of system memory. It targets training and deploying trillion-parameter foundation models and LLMs, offering higher memory, compute, and networking versus P6-B200.

OpenSearch Serverless: CloudTrail data-plane audit logging

🔒 Amazon has added detailed audit logging for OpenSearch Serverless data-plane requests through AWS CloudTrail. Customers can now record and retain user actions on collections — including authorization attempts, index changes, and search queries — to support compliance and incident investigations. Logs can be filtered with read-only or write-only options or captured using advanced event selectors for granular control. Data events are delivered to Amazon S3 and can be forwarded to Amazon CloudWatch Events for real-time monitoring and response.