All news with #aws s3 tag

Amazon S3 Generates CloudTrail Events for Table Maintenance

🔔Amazon S3 now emits AWS CloudTrail events for S3 Tables maintenance operations so you can track compaction and snapshot expiration. Maintenance activities are recorded as management events in CloudTrail, enabling auditing and monitoring of automatic optimization tasks. To monitor these events, create a trail and filter for eventType='AwsServiceEvents' and eventName='TablesMaintenanceEvent'. Events are available in all Regions where S3 Tables are offered.

Amazon Redshift Auto-Copy Expands to Four AWS Regions

📥 Amazon Redshift Auto-Copy is now available in Asia Pacific (Malaysia), Asia Pacific (Thailand), Mexico (Central), and Asia Pacific (Taipei). The feature lets you configure an integration to continuously detect and load new files from a specified Amazon S3 prefix into Redshift tables without requiring custom COPY pipelines or external tooling. Auto-Copy records previously loaded files to prevent duplicate ingestion and exposes job status and metrics via Redshift system tables for monitoring and troubleshooting.

Amazon Timestream Now Adds Managed InfluxDB 3 Support

🚀 Amazon Timestream now offers managed support for InfluxDB 3, enabling developers and DevOps teams to run InfluxDB 3 databases as a managed service. InfluxDB 3 introduces a new architecture built on Apache Arrow for in-memory processing, Apache DataFusion for query execution, and columnar Parquet storage with persistence to Amazon S3 to improve query performance and scale for high-cardinality workloads. The service is available in two editions—Core (open source, near real-time) and Enterprise (multi-node, HA, compaction for long-term storage)—with Enterprise supporting initial multi-node clusters up to three nodes. Available in all Regions where Timestream for InfluxDB is offered; see the console, documentation, and pricing to get started.

AWS Transfer Family SFTP Connectors Gain VPC Support

🔒 AWS Transfer Family SFTP connectors can now route connections through your Amazon VPC, enabling secure file transfers between Amazon S3 and remote SFTP servers whether privately or publicly hosted. Connectors can present VPC CIDR IP addresses for compatibility with IP allowlists and leverage NAT Gateway bandwidth for higher-throughput internet transfers. All traffic is routed through existing VPC networking and security controls, including Transit Gateway and centralized firewalls to help meet data security mandates.

SageMaker AI Projects Adds Custom ML Templates from S3

🛠️ Amazon Web Services announced that SageMaker AI Projects can now provision custom ML project templates stored in Amazon S3. Administrators can define and manage standardized end-to-end project templates in SageMaker AI Studio so data scientists can create projects that follow organizational patterns and automated workflows. The feature is available in all AWS Regions where SageMaker AI Projects is offered.

Crimson Collective Targets AWS Cloud Instances for Theft

🔒 Researchers report the 'Crimson Collective' has been targeting long-term AWS credentials and IAM accounts to steal data and extort companies. Using open-source tools like TruffleHog, the attackers locate exposed AWS keys, create new IAM users and access keys, then escalate privileges by attaching AdministratorAccess. They snapshot RDS and EBS volumes, export data to S3, and send extortion notices via AWS SES. Rapid7 urges organisations to audit keys, enforce least privilege, and scan for exposed secrets.

SageMaker Unified Studio adds SSO for Spark sessions

🔐 Amazon SageMaker Unified Studio now supports corporate identities for interactive Apache Spark sessions using AWS Identity Center trusted identity propagation. Data engineers and scientists can sign on to JupyterLab Spark sessions with organizational credentials while administrators apply fine-grained access controls and maintain end-to-end data access traceability. The integration leverages AWS Lake Formation, Amazon S3 Access Grants, and Amazon Redshift Data APIs, and includes comprehensive AWS CloudTrail logging for interactive and background sessions to streamline compliance.

Mass Exposure of Indian Bank NACH Transfer PDFs Repository

🔓 UpGuard discovered a publicly accessible Amazon S3 bucket containing roughly 273,160 PDF documents formatted as NACH MANDATE records that documented bank transfers in India. The files exposed unredacted bank account numbers, transaction amounts and, in many cases, individuals’ names, phone numbers and email addresses. A 55K-file sample (~42 GB) showed 38 financial institutions represented, with AyeFin appearing in nearly 60% of sampled records. UpGuard notified AyeFin and NPCI, escalated to CERT‑IN when the bucket continued to grow, and verified the repository was secured on September 4.

Preview Amazon S3 Tables Directly in the S3 Console

🔍 You can now preview Amazon S3 Tables directly in the S3 console without writing SQL. The console preview displays table schema, column types, and sample rows so you can quickly inspect structure and key data points without additional setup. Previews are available in all AWS Regions where S3 Tables are offered. You are charged only for the S3 requests used to read the sampled rows; consult S3 pricing and the S3 User Guide for details.

Amazon Route 53 Resolver Query Logging Now in NZ Region

🛰️ Amazon Route 53 Resolver Query Logging is now available in Asia Pacific (New Zealand). You can log DNS queries originating in VPCs to capture queried domain names, the AWS resources that issued the queries (including source IP and instance ID), and the responses received. Logs can be delivered to Amazon S3, CloudWatch Logs, or Amazon Data Firehose, and query logging configurations may be shared across accounts via AWS RAM. There is no additional Route 53 charge for enabling query logging, though storage and ingestion on the chosen destination may incur costs.

Defense-in-Depth: Building an AWS Control Framework

🔒 This post outlines a practical, layered approach to reduce risk in AWS by moving beyond detective-only controls to a comprehensive defense‑in‑depth control framework. It recommends combining preventative, proactive, detective, and responsive controls across the resource lifecycle and illustrates how AWS services such as AWS Control Tower, AWS Organizations, Security Hub, and AWS Config enable that strategy. The guidance covers concrete patterns—from SCPs, RCPs and policy‑as‑code in CI/CD to automated remediation via Lambda and Systems Manager—to scale governance, reduce findings, and shorten remediation time.

Automating Security Hub Exceptions with Business Context

🔒 This post describes an automated approach to validate and document exceptions to AWS Security Hub findings, enabling security teams to enforce governance while developers request and implement compensating controls. The solution leverages EventBridge, SQS, Lambda, and DynamoDB to validate controls, collect evidence, and maintain an immutable audit trail. It preserves segregation of duties, supports multiple validation types, and includes deployment scripts and CloudFormation templates. The authors emphasize the reference architecture is a starting point and must be reviewed and adapted before production use.

Source-of-Truth Authorization for RAG Knowledge Bases

🔒 This post presents an architecture to enforce strong, source-of-truth authorization for Retrieval-Augmented Generation (RAG) knowledge bases using Amazon S3 Access Grants with Amazon Bedrock. It explains why vector DB metadata filtering is insufficient—permission changes can be delayed and complex identity memberships are hard to represent—and recommends validating permissions at the data source before returning chunks to an LLM. The blog includes a practical Python walkthrough for exchanging identity tokens, retrieving caller grant scopes, filtering returned chunks, and logging withheld items to reduce the risk of sensitive data leaking into LLM prompts.

Step Functions: Data Sources and Metrics for Distributed Map

⚙️ AWS Step Functions now expands Distributed Map input sources and adds visibility metrics. Distributed Map can now iterate S3 objects via S3ListObjectsV2, read AWS Athena data manifests and Parquet files directly, and extract arrays from JSON stored in S3 or passed as state input. New observability metrics — Approximate Open Map Runs Count, Open Map Run Limit, and Approximate Map Runs Backlog Size — provide operational insight. These features are available in all commercial AWS Regions; enable Distributed Map mode in the Step Functions console and consult the developer guide for examples.

AWS Transfer Family Now Available in Taipei Region

🚀 AWS announced that AWS Transfer Family is now available in the Asia Pacific (Taipei) Region, supporting SFTP, FTP, FTPS and AS2 for managed file transfers. The service delivers fully managed ingress and egress to Amazon S3 and Amazon EFS, and integrates with event-driven automation to streamline file-processing workflows. This regional availability helps customers modernize and migrate business-to-business file exchanges to AWS while reducing operational overhead.

Amazon S3 Batch Operations: Manage Objects by Bucket

📦 Amazon S3 Batch Operations now allows users to target all objects within an S3 bucket, or refine selection by prefix, suffix, creation date, or storage class directly from the AWS Management Console. Instead of providing a manifest, customers can specify these filters when creating a job and S3 will apply the chosen operation to every matching object and produce a detailed completion report. Typical use cases include copying between buckets, restoring archived data from Glacier classes, and computing checksums for datasets. The capability is available in all AWS Regions and can also be accessed via the AWS CLI or SDK.

Amazon GuardDuty Protection Plans and Threat Detection

🔐 Amazon GuardDuty centralizes continuous threat detection across AWS using AI/ML and integrated threat intelligence. It offers optional protection plans—S3, EKS, Runtime Monitoring, Malware Protection for EC2 and S3, RDS, and Lambda—that extend detections to service-specific telemetry and runtime behaviors. Built-in Extended Threat Detection correlates signals into high-confidence attack sequences and maps findings to MITRE ATT&CK, providing prioritized remediation guidance.

AWS GuardDuty S3 Malware Scanning Now Handles Larger Files

🛡️ AWS has expanded GuardDuty Malware Protection for S3 scanning limits, raising the maximum file size from 5 GB to 100 GB and increasing archive processing to 10,000 files per archive (previously 1,000). These enhancements are automatically enabled in all supported AWS Regions. Customers gain broader coverage for large objects and dense archives stored in S3, improving pre-ingestion threat detection. This update strengthens protection for workloads and downstream processes.

KillSec Ransomware Disrupts Brazilian Healthcare IT

🔒 A ransomware incident attributed to KillSec has disrupted MedicSolution, a Brazilian healthcare IT vendor, after attackers claimed to exfiltrate more than 34 GB comprising 94,818 files. Resecurity reports the haul includes medical evaluations, lab results, X‑rays and unredacted patient photos, and says data was exposed via misconfigured AWS cloud buckets. MedicSolution has not publicly responded; regulators and affected providers face notification and remediation challenges.

CloudWatch Flow Monitors Extend Cross-Region Visibility

🔍 With this update, Amazon CloudWatch Network Monitoring flow monitors can observe traffic between AWS Regions over the AWS global network. Flow monitors deliver near real-time metrics for compute instances such as Amazon EC2 and Amazon EKS, and for services like Amazon S3 and Amazon DynamoDB, to help detect and attribute network-driven impairments. The network health indicator now captures cross-Region path health including visibility into remote public IPs and private traffic over VPC and Transit Gateway peering.