All news with #aws tag

AWS Strengthens Cybersecurity and Resilience in the EU

🔒 AWS reiterates its commitment to raising cybersecurity standards across the European Union, positioning security as a core responsibility across its global operations. The post explains how AWS supports customers in meeting the NIS 2 Directive (EU 2022/2555) and related Implementing Regulation (EU 2024/2690) through services, audited controls, and guidance. It highlights certifications, regional accreditations, and tools—such as AWS Security Hub, AWS Config, and AWS CloudTrail—that help entities meet governance, incident reporting, and resilience obligations. The blog also describes AWS collaboration with national authorities and programs that provide templates, training, and operational engagement to improve readiness and compliance.

Amazon ECS on Fargate Adds Custom Container Stop Signals

🛑 Amazon Elastic Container Service (ECS) on AWS Fargate now honors container-defined stop signals for Linux tasks by reading the OCI image STOPSIGNAL instruction and sending that signal when a task is stopped. Previously Fargate always sent SIGTERM followed by SIGKILL after the configured timeout, but containers that rely on SIGQUIT, SIGINT, or other signals can now receive their intended shutdown signal. If no STOPSIGNAL is present, ECS continues to default to SIGTERM. Support for container-defined stop signals is available in all AWS Regions and the ECS Developer Guide provides implementation details.

Amazon EC2 C8gb Instances: EBS-Optimized, Graviton4

🚀 AWS has announced general availability of the new Amazon EC2 C8gb instances, EBS-optimized and powered by AWS Graviton4 processors. These sizes deliver up to 30% better compute performance than Graviton3 and offer up to 150 Gbps of EBS bandwidth and up to 200 Gbps networking. Available in US East (N. Virginia) and US West (Oregon), metal sizes are limited to N. Virginia. They support EFA on larger sizes to improve cluster latency for tightly coupled workloads. Customers can use these instances to scale high-performance file systems and throughput-focused workloads while optimizing cost.

Amazon EC2 X8g Instances Now in Asia Pacific (Sydney)

🚀 Amazon EC2 X8g instances are now available in the Asia Pacific (Sydney) region, powered by AWS Graviton4 processors and offering up to 60% better performance compared to Graviton2-based X2gd instances. X8g sizes provide up to 3 TiB memory and increased memory per vCPU, plus up to 50 Gbps networking and 40 Gbps EBS bandwidth. They target memory‑intensive workloads such as EDA, in‑memory and relational databases, real‑time analytics, and large containerized applications.

Amazon ElastiCache Serverless Adds Same-Slot WATCH Support

🔒 Amazon ElastiCache Serverless now supports the WATCH command for same-slot transactions, allowing applications to make transactions conditional on watched keys remaining unchanged. If applications attempt to watch keys that are not in the same hash slot they receive a CROSSSLOT error; developers can use hash tags to force co-location. Transactions will be aborted when ElastiCache Serverless cannot guarantee the state of watched keys. WATCH support is available now in all regions where ElastiCache Serverless is offered at no additional cost; use your preferred client library to begin creating transactions.

Amazon CloudWatch SDK Adds JSON and CBOR Protocols

🚀 Amazon CloudWatch's SDK now supports both JSON and Concise Binary Object Representation (CBOR) protocols as the default communication formats. The change aims to reduce end-to-end processing latency and shrink payload sizes, lowering client CPU and memory usage. Available in all AWS Regions and for all GA SDK language variants; customers should update to the latest SDK and consult AWS developer documentation to enable the benefits.

Webinar: Exploiting Cloud Misconfigurations in AWS, AI & K8s

🔒 The Cortex Cloud team at Palo Alto Networks is hosting a technical webinar that dissects three recent cloud investigations and demonstrates practical defenses. Speakers will reveal the mechanics of AWS identity misconfigurations, techniques attackers use to hide malicious artifacts by mimicking AI model naming, and how overprivileged Kubernetes entities are abused. The session emphasizes Code-to-Cloud detection, runtime intelligence, and audit-log analysis to close visibility gaps; register to attend the live deep dive.

Amazon Braket Adds Native Qiskit 2.0 Support Across Regions

⚛ Amazon Braket now supports Qiskit 2.0, enabling quantum developers to use the latest Qiskit release with Braket hardware and simulators. The release provides native implementations of Qiskit's Sampler and Estimator primitives that leverage Braket program sets for optimized batching, reducing execution time and costs versus generic wrappers. Service-side handling of parameter sweeps and observable measurements removes manual implementation burdens, while bidirectional circuit conversion permits client-side transpilation with Qiskit's compilation framework. Qiskit 2.0 support is available in all AWS Regions where Amazon Braket is offered.

AWS Support Center Console Now Supports Screen Sharing

🖥️ AWS has added built-in screen sharing to the AWS Support Center Console, enabling customers to request a virtual meeting from an active chat or call and join via a meeting bridge link. During the session, users can share their screen while retaining seamless access to case details. The feature keeps troubleshooting workflows consolidated within the console and aims to streamline diagnostics and communication between customers and support engineers.

Customizing AWS WAF Anti-DDoS AMR Responses for L7

🛡️This post explains how to customize AWS WAF Anti-DDoS AMR responses to Layer 7 DDoS events using labels and additional rules. It summarizes the AMR’s baseline‑and‑anomaly approach, default mitigations (a mix of Block and JavaScript Challenge), and the importance of excluding non‑challengeable paths. Three practical examples show geo‑based blocking, tightened rate limits, and adaptive capacity‑aware defenses, with JSON/IaC configuration guidance.

Tools and Strategies to Secure Model Context Protocol

🔒 Model Context Protocol (MCP) is increasingly used to connect AI agents with enterprise data sources, but real-world incidents at SaaS vendors have exposed practical weaknesses. The article describes what MCP security solutions should provide — discovery, runtime protection, strong authentication and comprehensive logging — and surveys offerings from hyperscalers, platform providers and startups. It stresses least-privilege and Zero Trust as core defenses.

Exposed GitHub PATs Enable Access to Cloud Secrets

🔒 Recent research from the Wiz Customer Incident Response Team shows attackers are using exposed GitHub Personal Access Tokens (PATs) to retrieve GitHub Action Secrets and pivot into cloud environments. A read-level PAT can leverage GitHub’s API code search to locate secret references like "${{ secrets.SECRET_NAME }}" — and because those search API calls are not logged, discovery is stealthy. Once obtained, cloud provider credentials let attackers spin up resources, exfiltrate data, install malware, or persist while often evading detection. Organizations should treat PATs as privileged credentials: enforce expiration and rotation, remove cloud secrets from workflows, apply least privilege, and improve monitoring and developer training.

Amazon EC2 C8gn Instances Expand to Ohio and UAE Regions

🚀 Amazon EC2 C8gn instances, powered by AWS Graviton4 processors, are now available in US East (Ohio) and Middle East (UAE). They deliver up to 30% better compute performance versus Graviton3-based C7gn instances, include 6th-generation Nitro Cards, and provide up to 600 Gbps of network bandwidth. C8gn supports sizes up to 48xlarge (up to 384 GiB memory), up to 60 Gbps EBS bandwidth, and Elastic Fabric Adapter (EFA) on select large sizes to improve cluster latency and throughput.

Amazon EC2 X8g Instances Now Available in Stockholm

🚀 These instances, powered by AWS Graviton4 processors, are now available in the Europe (Stockholm) region and provide up to 3 TiB of memory with increased memory per vCPU compared to prior Graviton4 instances. X8g targets memory-intensive workloads such as EDA, in-memory and relational databases, real-time analytics, and memory-heavy containerized applications. They offer larger sizes (up to 48xlarge), enhanced networking (up to 50 Gbps), EBS bandwidth up to 40 Gbps, and EFA/ENA Express support on larger sizes.

AWS Partner Central Adds AI Deal Sizing for Opportunities

🔍 AWS Partner Central now includes AI-powered deal sizing within APN Customer Engagements (ACE) Opportunities, giving partners estimated monthly recurring revenue (MMR) and recommended AWS services when creating or updating opportunities. Partners can import AWS Pricing Calculator URLs to auto-populate service selections and spend estimates, with enhanced insights such as pricing optimization, cost-savings analysis, MAP eligibility, and modernization pathways. The feature is available worldwide via the console and the AWS Partner Central API for Selling.

Amazon GameLift Servers Adds AI Assistance in Console

🤖 Amazon GameLift Servers now offers AI-powered assistance within the AWS Console, leveraging Amazon Q Developer to deliver tailored guidance for game developers. The integrated assistant helps with game server integration, fleet configuration, and performance optimization by surfacing in-console recommendations and troubleshooting steps. It is intended to streamline decision making, reduce troubleshooting time, and improve resource utilization for cost savings and better player experiences. The feature is available in all supported regions except AWS China.

AWS: Tagging for RDS and Aurora Automated Backups Released

🔖 Amazon Web Services now supports resource tagging for automated backups and cluster automated backups in Amazon RDS and Aurora. You can tag automated backups independently from the parent DB instance or DB cluster using the AWS Management Console, API, or SDK. Use these tags with IAM policies to implement attribute-based access control and to organize, manage, and track backup costs. This capability is available in all AWS Regions, including AWS GovCloud (US).

IAM Policy Autopilot: Open-source IAM Policy Generator

🔧 IAM Policy Autopilot is an open-source static analysis tool that generates baseline AWS IAM identity-based policies by analyzing application code locally. Available as a CLI and an MCP server, it integrates with MCP-compatible AI coding assistants to produce syntactically correct, dependency-aware policies and to troubleshoot Access Denied errors. The tool favors functionality during initial deployments and recommends reviewing and tightening generated policies to meet least-privilege principles as applications mature.

AWS unveils AI-driven security enhancements at re:Invent

🔒 AWS announced a suite of AI- and automation-driven security features at re:Invent 2025 designed to shift cloud protection from reactive response to proactive prevention. AWS Security Agent and agentic incident response add continuous code review and automated investigations, while ML enhancements in GuardDuty and near real-time analytics in Security Hub improve multi-stage threat detection. Agent-centric IAM tools, including policy autopilot and private sign-in routes, streamline permissions and enforce granular, zero-trust access for agents and workloads.

Amazon Quick Suite adds Quick Research to Flows for Reports

📢 Amazon Quick Suite now integrates Quick Research as a step within Quick Flows, enabling automated generation of verified, source-traced research reports as part of multi-step workflows. Teams can schedule or trigger research flows to create reusable, shareable outputs that automatically kick off downstream actions—updating CRM records, creating tickets, or assigning tasks—reducing manual work and scaling proven analysis methods. Pre-configured flows accept creator instructions and optional user inputs to deliver consistent analysis across enterprise data sources.