All news with #aws ec2 tag

Amazon EC2 R7g Graviton3 Instances Launch in Cape Town

🚀 Amazon EC2 R7g instances powered by Graviton3 processors are now available in AWS Africa (Cape Town). These instances deliver up to 25% better compute performance versus Graviton2 and can use up to 60% less energy for comparable performance, helping reduce cloud carbon footprint. They come in nine sizes, including bare metal, and offer up to 30 Gbps networking and 20 Gbps EBS bandwidth, running on the AWS Nitro System for secure, high‑performance isolation.

AWS Expands EC2 I7i Storage Instances to Europe, APAC

🔔 Amazon Web Services has made EC2 I7i storage-optimized instances available in AWS Europe (Frankfurt, London) and Asia Pacific (Malaysia, Sydney, Tokyo). Powered by 5th generation Intel Xeon Scalable processors and 3rd generation AWS Nitro SSDs, I7i delivers up to 23% better compute and >10% improved price performance versus I4i, plus up to 45TB NVMe and significant latency and IOPS gains. Eleven sizes (including two bare metal) offer up to 100 Gbps network and 60 Gbps EBS bandwidth, and a torn write prevention feature supporting 16 KB blocks helps remove database bottlenecks.

AWS launches memory-optimized EC2 R8i and R8i-flex

🔔 AWS announced general availability of new memory-optimized Amazon EC2 R8i and R8i‑flex instances powered by custom Intel Xeon 6 processors. AWS says these instances deliver up to 15% better price-performance and 2.5x the memory bandwidth of prior Intel-based generations, with up to 20–60% faster results on targeted workloads. R8i provides 13 sizes including a new 96xlarge and SAP certification, while R8i‑flex offers common, cost-efficient sizes from large to 16xlarge. Instances are initially available in N. Virginia, Ohio, Oregon, and Spain and can be purchased via On‑Demand, Spot, or Savings Plans.

AWS Marketplace Launches Streamlined AMI Fulfillment

🚀 AWS Marketplace has introduced a streamlined fulfillment experience for Amazon Machine Image (AMI) and AMI with CloudFormation products across both the website and console. The update combines configuration and purchase steps on a single page, clearly presenting fulfillment options, related AWS services, and seller-provided guidance. It also brings a new in-console launch experience for container products, providing a consistent multi-region, multi-language workflow.

AWS Batch introduces default-x86_64 and default-arm64 pools

🔔 AWS Batch now offers two new default instance type categories: default-x86_64 and default-arm64. These options automatically select the most cost-effective EC2 instance types across generations based on your job queue requirements and will be expanded as new instance types become available in a region. You can enable them via the instanceType parameter for managed compute environments; the existing optimal option remains supported. Only Compute Environments in an ENABLED and VALID state will receive automatic updates.

Amazon EC2 R8g Instances Now in AWS Asia Pacific (Jakarta)

🚀 Amazon EC2 R8g instances powered by AWS Graviton4 are now available in the AWS Asia Pacific (Jakarta) region. R8g delivers up to 30% better performance versus Graviton3, offers larger sizes—up to 48xlarge and 1.5 TB memory across 12 sizes including two bare-metal options—and targets memory‑intensive workloads. Built on the AWS Nitro System, these instances provide up to 50 Gbps networking and up to 40 Gbps to EBS for databases, in‑memory caches, and real‑time analytics.

Malware Analysis on AWS: Building Secure Isolated Sandboxes

🔒 This AWS blog explains how security teams can run malware analysis in the cloud while complying with AWS policies and minimizing risk. It recommends an architecture that uses an isolated VPC with no internet egress, ephemeral EC2 detonation hosts accessed via AWS Systems Manager Session Manager, and secure S3 storage via VPC gateway endpoints with encryption. The post emphasizes strong IAM and SCP guardrails, immutable hosts, automated teardown, centralized logging, and monitoring with CloudTrail and GuardDuty to maintain visibility and lifecycle control.

AWS Nitro protections shield EC2 from L1TF Reloaded

🔒 AWS confirms that guest data on instances running on the Nitro System and Nitro Hypervisor is not at risk from the research known as L1TF Reloaded, and no additional customer action is required. The researchers demonstrate that the technique chains half-Spectre gadgets with L1 Terminal Fault (L1TF) to transiently leak data on some hypervisors, but Nitro’s security-first architecture prevented data extraction. Nitro’s design relies on eXclusive Page Frame Ownership (XFPO) secret hiding, a minimal hypervisor footprint, and layered mitigations; AWS also notes coordinated disclosure and that it sponsored part of the research.

Automate Disabling AD Users from GuardDuty Findings

🔐 This AWS Security Blog post explains how to use Amazon GuardDuty to detect suspicious activity and automatically disable accounts in AWS Managed Microsoft AD. It walks through deploying a managed directory and a directory-administration EC2 instance, configuring AWS Systems Manager Run Command documents, and orchestrating those actions with AWS Step Functions triggered by Amazon EventBridge. The guide includes required permissions, testing steps using GuardDuty’s test domains, and notes on extending the automation to reset passwords or send notifications.

AWS Security Incident Response: Accelerating IR Lifecycle

🛡️ AWS Security Incident Response is a Tier 1, AWS-native service launched in December 2024 to accelerate detection, triage, and containment of security incidents. It integrates with Amazon GuardDuty, AWS Security Hub, and AWS Systems Manager, supports partner integrations, and enables escalation to AWS CIRT. The service centralizes findings, automates monitoring and intelligent triage to reduce false positives, and offers prebuilt containment playbooks and APIs to compress MTTR and coordinate cross-account response.

CLOUD Act Explained: Provider Obligations and Protections

🔒 AWS clarifies five key points about the CLOUD Act, stressing it does not grant automatic or unfettered access to customer content and that U.S. law requires judicial process for compelled disclosures. AWS reports no disclosure of enterprise or government customer content stored outside the U.S. since 2020. The company notes the Act applies to any provider with a U.S. presence and aligns with international law, while technical controls like AWS Nitro and AWS KMS limit operator access.