All news with #aws cloudtrail tag

📣 AWS announces general availability of AWS Service Quotas integration with AWS Step Functions, allowing customers to view account-level quota values in the Service Quotas console and monitor utilization with Amazon CloudWatch metrics. Users can request quota increases directly from the console, and eligible changes are applied automatically to reduce manual intervention. The feature is available in all commercial and AWS GovCloud (US) Regions where Step Functions is provided and can be accessed via the console or CLI.

🛰️ Amazon Route 53 Resolver Query Logging is now available in Asia Pacific (New Zealand). You can log DNS queries originating in VPCs to capture queried domain names, the AWS resources that issued the queries (including source IP and instance ID), and the responses received. Logs can be delivered to Amazon S3, CloudWatch Logs, or Amazon Data Firehose, and query logging configurations may be shared across accounts via AWS RAM. There is no additional Route 53 charge for enabling query logging, though storage and ingestion on the chosen destination may incur costs.

🔐 IAM Identity Center now supports customer-managed AWS KMS keys to encrypt workforce identity data, including user and group attributes. While AWS-owned keys remain the default, a customer-managed key (CMK) lets organizations control key lifecycle, policies, and usage permissions for stronger security and compliance. CMKs can be set when enabling a new organization instance or added to existing ones, and their usage is auditable via AWS CloudTrail. Support is available for access to accounts and select AWS applications across all IAM Identity Center regions; standard KMS charges apply.

🔒 AWS Labs published a Model Context Protocol (MCP) server for CloudTrail that enables AI assistants to perform security and compliance analysis via natural‑language queries. The server provides direct access to CloudTrail events and CloudTrail Lake, allowing searches of 90‑day management event histories and Trino SQL queries on Lake data spanning up to 10 years. By exposing these capabilities through a conversational interface, the MCP server removes the need for bespoke API integrations and streamlines investigation and compliance workflows. The component is available in regions that support CloudTrail LookupEvents or CloudTrail Lake and is available with code and documentation in the AWS Labs repository.

🕒 Amazon Web Services now enables customers to query CloudWatch metrics up to two weeks in the past using the Metrics Insights query source. Metrics Insights delivers fast, SQL-based metric queries and this enhancement expands the prior ~3-hour visualization window to 14 days for dashboards, alarms, and investigations. The capability is available now in commercial AWS regions and is automatically enabled at no additional charge, though standard pricing still applies for alarms, dashboards, and API usage.

🔔 Amazon CloudWatch now supports creating a single alarm that evaluates and acts on multiple individual metrics dynamically. By authoring a Metrics Insights (SQL) query with GROUP BY and ORDER BY clauses, the alarm automatically includes matching metrics as resources are created or removed, eliminating manual per-resource alarm management. You can configure these alarms via the CloudWatch console, AWS CLI, CloudFormation, or CDK; the capability is available in all commercial AWS regions, AWS GovCloud (US) Regions, and China Regions, and Metrics Insights query alarm pricing applies.

📣 Amazon has made CloudWatch RUM generally available in AWS GovCloud (US-East) and AWS GovCloud (US-West). The service collects client-side performance and error telemetry in real time and provides curated dashboards showing page load steps, core web vitals, JavaScript and HTTP errors across geolocations, browsers, and devices. It integrates with CloudWatch Application Signals to correlate front-end telemetry with backend metrics, and usage is billed per collected RUM event.